Interview with the Compliance-Berater

‍You are not “just” responsible for compliance, but also serve as Governance Officer. What exactly does that mean? Is it simply a broader area of responsibility, or are these functions naturally connected?

It is definitely more than just a broader role. The point is to connect areas that belong together. For us, governance is not simply another framework sitting next to compliance and risk management. It is the overarching structure that ties everything together in a meaningful way.

We believe in clear structures instead of silos because compliance, risk management, and corporate steering only really work when they operate hand in hand. At the same time, governance does not mean one person decides everything alone. We deliberately distributed responsibilities across several members of the management team to create the right balance.

ESG has become much more important in recent years. How do you see the relationship between ESG and compliance?

For me, ESG and compliance are not opposites at all. They belong together. Both are ultimately about building a responsible and sustainable company. The difference is more in the approach.

Compliance focuses mainly on meeting regulatory requirements and minimizing risk. ESG goes one step further. It is about acting sustainably over the long term, including in areas where there may not yet be legal requirements.

Of course, tensions can arise sometimes. Not everything that supports ESG is automatically a legal obligation, and not every compliance requirement perfectly aligns with ESG goals. That is why our approach is to connect both areas very closely. At Unzer, I am responsible for both topics for exactly that reason.

The range of topics covered by compliance keeps growing. How do you avoid overwhelming the function itself?

There is no question that compliance requirements have increased enormously in recent years. But we have invested heavily, not just in processes and tools, but also in our teams. Unzer is in a strong position here.

That said, building a strong compliance culture is never something you simply finish. It is an ongoing management responsibility. In other words, you are never really done.

In August 2022, BaFin imposed sanctions on a Unzer subsidiary due to deficiencies in organizational governance and anti money laundering compliance. How did Unzer respond in order to continue operating successfully in the market?

I joined Unzer in early 2021 and quickly realized there was a lot of work to do when it came to compliance at Unzer E-Com GmbH. So we immediately started implementing major changes. The BaFin special audit happened during exactly that period, so in many ways it confirmed and accelerated the direction we had already taken.

Over the last three years, we have invested significant resources into compliance and fundamentally strengthened our governance framework. We introduced a new management team, a new technology platform, and, most importantly, a consistent compliance management system with clear processes and structures. All of that helped us reach the highest industry standards.

What were the first priorities when you started restructuring the company’s compliance setup? And how important was it to address the root causes of non compliance?

One of the first major steps was introducing a group wide compliance strategy based on the highest industry standards. We created a unified compliance management system with clear processes, strong governance, and resilient structures.

A key focus was building a long term risk culture. We systematically revised internal processes, strengthened controls, and introduced structured monitoring across all business units.

One particularly important area was redesigning the onboarding process for customers, including clear criteria for higher risk industries. We also implemented software that allows continuous monitoring of merchants and their transactions.

Alongside these technological improvements, we significantly expanded our compliance team and worked hard to build a company culture where integrity and transparency truly matter. That also included introducing a whistleblower hotline and regular employee training to make compliance part of everyday business.

From BaFin’s perspective, what were the decisive factors in lifting the special supervision measures and onboarding restrictions?

You would have to ask BaFin that directly, of course. But from our perspective, the decision was a strong confirmation of the work the team has done over the past few years. It was also a huge motivational boost internally.

Beyond improved structures and processes, how important was compliance culture in the company’s transformation?

Honestly, it is hard to overstate the role culture played in this transformation. Structures and processes are essential, but without a real compliance culture behind them, they remain rules on paper.

I have worked in compliance for more than twenty years, and one thing I have learned is that rules alone are never enough. They cannot cover every possible situation. What really matters is that employees do not just do what is technically allowed, but what they genuinely believe is right.

That is exactly why we made compliance culture such a central part of our transformation at Unzer. We introduced clear ethical guidelines that give employees orientation and transparently explain what we stand for and where our boundaries are.

Another important element is our speak up culture. Compliance is not just about controls and processes. It is a mindset that has to be lived across the entire company.

“Tone from the top” and intrinsic employee motivation are often mentioned in discussions about compliance culture. How do you bring both to life inside the company?

For us, it is very simple: compliance starts at the top. If leadership does not lead by example, you can create as many rules as you want and it still will not work.

That is why my colleagues on the management team and I actively try to live these values ourselves. That means making transparent decisions, acting with integrity, and showing that ethical behavior is not optional. It is the foundation of how we operate.

But leadership alone is not enough. A compliance culture only becomes sustainable when employees genuinely support it because they believe it is the right thing to do, not because they are forced to.

That is why it is so important to us that people know their voice matters. Our speak up culture is designed to make sure everyone feels comfortable raising concerns or issues without fear.

And this does not only happen through formal systems like whistleblower hotlines. It mainly comes from creating an open culture of conversation in day to day work. Training and policies matter, of course, but even more important is making integrity part of the company’s DNA. That is what we work on every day through open communication, active listening, and clear values.

Particularly in financial services, at least from the outside, it can sometimes seem difficult to prioritize “soft” values like integrity and responsibility over short term business interests. Do you use incentives to encourage compliant behavior?

We do not believe ethical behavior should depend on rewards. Compliance should not be something people do because there is a bonus attached to it. It should simply be part of the culture.

That is why we focus less on financial incentives and much more on recognition and appreciation.

Employees are often hesitant to report misconduct because they fear negative consequences. At the same time, whistleblower protection laws only go so far, since not every breach of internal compliance rules falls under legal protection. How do you encourage employees to speak openly despite those concerns?

Open and transparent communication is one of the most important success factors for us. We deliberately focus on personal conversations, regular all hands meetings, and company wide communication channels to create a culture of open dialogue.

Our speak up culture means that every opinion matters and nobody should be afraid of negative consequences.

We also introduced a whistleblower system that allows both confidential and anonymous reporting. But honestly, personal interaction matters even more than technical systems. One example is our annual CXO roadshow, where members of the management team visit all our offices and spend time speaking directly with employees.

We see again and again that the more transparency there is, and the more directly topics are addressed, the more comfortable people feel raising concerns or conflicts. Regular anonymous employee surveys also help us understand the overall mood across the company and identify areas where we need to improve.

Some people also worry that whistleblower hotlines and similar systems could encourage a culture of denunciation inside companies. Have you experienced that, and how do you prevent it?

We understand why anonymous whistleblower systems can sometimes be viewed critically, especially if people worry they could be misused for unfair accusations. That is why building a culture of trust and fairness is so important to us.

Our approach is very clear: whistleblowing should never replace direct dialogue. Before employees use a formal reporting channel, we encourage them to first speak with managers or trusted contacts wherever possible. Our communication culture helps resolve many issues early and constructively.

So far, we have not had negative experiences with our whistleblower system at Unzer. The key is finding the right balance between confidentiality, responsibility, and open communication.

Germany, and much of the world, is currently going through major political and economic shifts. That will likely affect compliance priorities as well. In your view, what will be the defining compliance topics in the near future?

I think the most important thing is to stay consistent. Regulation always moves in cycles. Sometimes the rules become stricter, sometimes there is a more pragmatic approach. I have seen that repeatedly over more than twenty years in compliance.

That constant back and forth is probably just part of democratic systems. But companies cannot afford to lose focus because of it. A strong ethical culture is about much more than risk management. In the long run, it creates real value. I firmly believe that.