ESG Reporting 2025
Two men in a modern office and casual attire discussing documents.

Governance, compliance and ethical principles

We act in accordance with all applicable laws, social guidelines and our values.

Read more

Strategy

Reliability, integrity, and transparency form the basis of our actions

Responsible corporate governance is our guiding principle – our governance provides the framework for acting responsibly, sustainably, and in line with our values. Sustainability is firmly anchored in all business areas; guidelines and control mechanisms ensure integrity, reliability, and transparency. They ensure that environmental, social, and compliance standards are systematically integrated into management processes, provide clear guidance for all employees, and establish binding rules.

We act ethically and in accordance with the law. We consistently prevent corruption and unfair business practices, maintain the integrity of the corporate culture at O2 Telefónica, and ensure the implementation of data protection and compliance standards. In doing so, we protect our reputation, the trust of our stakeholders, and the foundation for long-term business success.

Policies

Live with integrity and act in accordance with the rules

Our Responsible Business Principles document the ethical foundations and are the binding code of conduct at O2 Telefónica – also on sustainability issues such as human rights, climate responsibility or responsible use of digital technologies.

With our Guideline Anti-Corruption, which is based on the UN Convention against Corruption, national criminal law, and OECD Guidelines, we clearly commit to zero tolerance for bribery and unfair business practices. At the same time, our Policy Compliance Organisation defines the structure of our compliance management system, including internal structures, roles, and responsibilities to prevent legal violations, claims for damages, and reputational damage. Our antitrust prevention policy provides an overview of legal regulations and prohibited conduct; it is mandatory for all employees. Our policy on gifts and invitations ensures that we minimise conflicts of interest, while our training policy defines the training requirements so that all employees are familiar with and adhere to our standards.

As part of our responsible corporate governance, we rely on a Business Continuity Management (BCM) system certified according to ISO 22301. The BCM policy governs impact and risk analyses as well as emergency planning to ensure that critical business processes remain as resilient as possible, even in the event of disruptions. The BCM system is regularly audited, and external certification was reaffirmed in 2025. In addition, IT Service Continuity Management (ITSCM), based on ISO 27031, ensures the resilience of our IT and network infrastructure. A standardised process for transparency and disaster recovery plans was established in 2025.

To actively cultivate our corporate culture and promote the highest standards regarding human rights, environmental protection, and integrity, we have established a comprehensive whistleblower system. This system allows for the reporting of concerns about human rights and environmental risks in accordance with the Supply Chain Due Diligence Act (LkSG), about corruption or fraud in accordance with the German Whistleblower Protection Act (HinSchG), and about internal regulations. The Whistleblowing Procedure transparently outlines how such reports can be submitted – anonymously or non-anonymously – to an independent ombudsperson. Reports can be submitted in 21 languages and can be made online, by mail, or by telephone. A dedicated human rights mailbox and a compliance mailbox are also available. The Whistleblowing Procedure protects whistleblowers by ensuring they do not suffer any disadvantages. Further information about our due diligence processes can be found in the chapter Human rights.

Targets

We had the following targets by the end of 2025:

  • No cases of corruption within the company.

  • More than 95% of our employees should have successfully completed the training on the business principles.

Performance

We remain true to our commitment

  • In 2025, as in the previous year, we recorded 0 cases of corruption and thus achieved our target.

  • 85.4% (2024: 94.7%) of employees successfully completed the training on the company principles. Thus, despite a continued good completion rate, we are below our target.

Man and woman in business attire talk in an office in front of a laptop; desk with documents and pens.

Key figures

All key indicators and definitions can be found in our interactive KPI tool.

To the KPI tool

Actions

This is how we ensure integrity and ability to act

We are prepared for emergencies and disruptions: Our Business Continuity Management (BCM) and crisis management policy have established contingency plans. All critical data centres and core sites are geographically separated but synchronised and designed to operate autonomously for 48 hours. Mobile backup power systems, pumps, and air conditioning units are available for disaster situations. In addition, emergency offices are in place that maintain a satellite internet connection even during outages.

Knowledge creates security: Training on the Responsible Business Principles and human rights is mandatory for all employees and is repeated every three years, as is training on the German General Equal Treatment Act (AGG). The Responsible Business Principles training also covers corruption prevention, antitrust law, and ESG topics such as sustainable supply chain management, climate responsibility, the circular economy, and the responsible use of digital technologies. In addition, we offer voluntary intensive training on anti-corruption, which teaches the proper handling of gifts and invitations as well as the recognition of and response to bribery attempts.

The Senior Leadership Team confirms compliance with anti-corruption requirements annually as part of the Group-wide certification process. Business partners contractually commit to complying with corresponding anti-corruption clauses.

Promoting a speak-up culture and strengthening compliance awareness: We continuously monitor the legal situation and raise awareness of compliance and ethical conduct – through awareness campaigns, internal communication, and our whistleblowing system. Reports are treated confidentially and processed by a trained team. In this way, we foster the integration of ethical conduct into our corporate culture.

Business value

Legal certainty, digitally conceived

We are digitising legal and compliance processes with legal tech tools, enabling audit-proof documentation for transparency and continuity – across departments and, in the future, cloud-based. This allows us to respond to legal inquiries faster, streamline processes, and improve compliance documentation for greater trust and security. Clear digital workflows reduce risks in data protection and legal processes. Business clients benefit from enhanced data protection, reliable compliance, and accelerated response times.

Next steps

We make compliance smart

We want to further digitise compliance processes – with legal tech and self-service platforms for certificates and audits for our business clients. Training will be supplemented by micro-learning and gamification.