BUSINESS: 437 PRACTICES
Founded in 1998, HELLENiQ ENERGY (https://www.helleniqenergy.gr/en) is one of the leading energy groups in South East Europe, with presence in 6 countries and activities spanning across the energy value chain, namely: oil refining and fuel marketing, exploration and production, renewable energy sources, petrochemicals, power and gas.
The initiative involves the creation, implementation, and continuous development of a comprehensive, modern, and technology-driven Regulatory Compliance and Corporate Governance framework for the HELLENiQ ENERGY Group in Greece and abroad.
The project has now evolved into a broad Compliance Ecosystem, which combines:
• modern corporate governance,
• regulatory compliance,
• digital tools and automation,
• management of regulatory obligations,
• due diligence and risk assessment,
• whistleblowing mechanisms,
• training programs,
• AI governance,
• accessibility compliance,
• and fostering a culture of integrity and transparency.
At HELLENiQ ENERGY, compliance is not viewed as a mere legal or regulatory obligation, but as a strategic pillar of sustainable development, responsible operations, and building trust among employees, partners, investors, and society.
The initiative was designed with the following objectives:
• to enhance transparency and accountability,
• to create a unified and modern governance framework,
• to shield the Group against regulatory and operational risks,
• incorporating new European and international regulatory requirements,
• and leveraging technology and automation for more effective compliance implementation.
More specifically, the initiative includes:
• A fully updated Code of Conduct and Business Ethics.
• A modern Reporting Policy and a new whistleblowing platform.
• Regulatory Compliance Manager – an innovative digital platform for consolidating and managing regulatory obligations.
• Creation of new compliance policies and procedures.
• Digital transformation of the Compliance function.
• Extensive training and e-learning program.
• Integration of AI Act and Accessibility Act requirements.
• Implementation of due diligence and risk assessment mechanisms.
• Utilization of automated tools and compliance platforms.
• Creation of a comprehensive compliance website and intranet environment.
This initiative is aimed at:
• all Group employees,
• management and executives,
• suppliers, partners, and contractors,
• regulatory and supervisory authorities,
• investors and other stakeholders.
Start: January 2026
Completion: January 2027 (full operation).
The program will then continue to evolve as the systems are tested and optimized.
1. Code of Conduct and Business Ethics
The Group has undertaken a comprehensive review and update of its Code of Conduct, in line with international best practices and current ESG requirements.
The new Code:
• incorporates principles of business ethics and integrity,
• addresses issues of human rights, equal opportunity, and zero tolerance for violence and harassment,
• includes principles of responsible communication and social media use,
• and reinforces the Group’s commitment to sustainable and responsible operations.
At the same time, a new mandatory e-training course on the Code of Conduct was created, featuring practical examples, scenarios, and case studies.
In-person training sessions are also being conducted for specialized teams as well as for those who do not have access to an account.
2. Reporting Policy & Whistleblowing Platform
A modern whistleblowing platform has been created and is now operational, which:
• allows for both anonymous and named reports,
• strengthens whistleblower protection,
• ensures confidentiality and security,
• and promotes transparency and accountability.
• incorporates principles of responsible communication and social media use,
• and reinforces the Group’s commitment to sustainable and responsible operations.
At the same time, a new mandatory e-training course on the Code of Conduct was created, featuring practical examples, scenarios, and case studies.
In-person training sessions are also being conducted for specialized teams as well as for those who do not have access to an account.
3. Regulatory Compliance Manager – Digital Compliance Platform
A central component of the initiative is the development of the Regulatory Compliance Manager platform, an innovative digital platform that serves as a “single point of truth” for:
• legislation,
• regulatory obligations,
• corporate policies,
• compliance controls,
• and departmental responsibilities.
The platform:
• provides real-time access to regulatory obligations,
• incorporates traceability and accountability mechanisms,
• includes automated workflows and notifications,
• supports monitoring and follow-up,
• and enhances continuous updating and compliance monitoring.
4. New Policies and Regulatory Frameworks
As part of the initiative, a total of 12 policies and procedures were created and/or revised.
Among others:
• AI Governance Framework and preparation for AI Act compliance,
• Accessibility Compliance Framework in accordance with the Accessibility Act,
• Know Your Customer (KYC) Policy,
• due diligence and risk assessment procedures,
• GDPR and personal data protection policies,
• and new governance procedures.
The initiative was not limited to the creation of policies, but also included:
• risk assessments,
• assignment of control owners,
• monitoring procedures,
• and governance oversight mechanisms.
5. Training and Fostering a Compliance Culture
A comprehensive training and awareness program has been developed, combining e-learning modules, interactive training sessions, scenario-based training, workshops, live seminars, and targeted management sessions.
The training covers:
• Code of Conduct,
• Anti-Bribery & Corruption,
• Whistleblowing,
• Violence & Harassment,
• GDPR & Data Protection,
• Sanctions,
• KYC,
• AI Governance,
• Accessibility,
• and general Regulatory Compliance issues.
A total of ………… employees were trained.
6. Digital Transformation and Automation
The initiative was accompanied by a significant digital transformation of the Compliance function through:
• automated compliance tools,
• digital monitoring systems,
• due diligence platforms,
• sanctions screening tools,
• and compliance reporting mechanisms.
The use of technology and automation enables:
• more effective monitoring,
• better risk management,
• increased transparency,
• faster response to regulatory changes,
• and enhanced operational efficiency.
7. Compliance Website & Accessibility
A comprehensive compliance environment has been established on both the Group’s intranet and corporate website.
The compliance website includes:
• policies,
• whistleblowing channels,
• compliance guidance,
• training materials,
• awareness materials,
• updates,
• and compliance tools.
Particular emphasis was placed on accessibility, usability, and transparency in accessing compliance information.
• Complete revision and implementation of a new Code of Conduct.
• Launch of a new whistleblowing platform.
• Development and implementation of a Regulatory Compliance Manager.
• Creation and/or revision of 12 policies/procedures.
• Training of … employees.
• Creation of a compliance website and intranet environment.
• Integration of AI governance and accessibility compliance.
• Digitization and automation of compliance functions.
• Enhancement of transparency, accountability, and compliance culture.
HELLENiQ ENERGY Group – implementation across all facilities and subsidiaries in Greece and abroad.
The framework was developed in collaboration with specialized legal and regulatory advisors, and by drawing on international standards (UN Global Compact, OECD Guidelines, GRI Standards).
The success of the framework depends on the active participation of all employees.
• They participate in e-learning courses and in-person training programs.
• They stay informed through the Compliance page.
• They help implement policies in their daily work.
• They collaborate in interdisciplinary teams (Environment, IT, Legal Department, Regulatory Compliance, DPO) to implement and improve the new framework.
• Protection against regulatory and operational risks.
• Strengthening corporate governance.
• Fostering a culture of integrity and accountability.
• Building trust among employees and stakeholders.
• Reducing the risk of penalties and fines.
• Digital modernization of compliance operations.
• Strategic alignment with ESG principles and international standards.
• Creating a modern, scalable, and technology-enabled compliance framework.
