MAN Truck & Bus
The MAN Governance, Risk & Compliance Organisation (GRC) is managed by the Head of GRC / Chief Compliance Officer at MAN Truck & Bus SE, who reports directly to the CEO of MAN Truck & Bus SE and the Head of GRC / Chief Compliance Officer at TRATON.
GRC is responsible for the areas of Compliance and Integrity as well as Risk Management and Data Protection on a Group-wide basis. This involves GRC being firmly established at two Group levels: at the Corporate GRC Office in the TRATON GROUP and at the GRC organisation within MAN.
GRC advises MAN on topics relating to compliance, introduces compliance and Risk Management processes and is responsible for operational implementation, as well as for adapting the requirements from the TRATON Corporate GRC Office to its own systems.
These include for instance the creation of company-wide policies and guidelines as well as brand-specific customisation of training for employees. The MAN Compliance & Integrity Programme is moreover constantly updated in alignment with the identified risks. This involves the responsible Risk Management function regularly conducting risk analyses and then implementing and monitoring Risk Management processes.
In order to meet national and international data protection legal requirements, MAN has set up a comprehensive data protection program that is continuously updated and further developed by Group Data Protection. The four core areas of this program are the written data protection strategy, the Group-wide data protection guideline derived from it, the global network of employees explicitly entrusted with data protection tasks, and the IT-supported data protection management system. In addition, regular training measures and quality controls are carried out.
The Head of GRC / Chief Compliance Officer at MAN Truck & Bus manages the three divisions Compliance, Risk Management and Data Protection.
The Compliance division has Compliance Officers in the various business units and sales regions who act as links between GRC and the operational business activities. They generally support the organisation in implementing the Compliance Management System. There are also Compliance Champions who assume a special responsibility for Compliance and Integrity in addition to their duties as managers. This is particularly relevant in the case of entities that do not have their own local Compliance Officer on site.
Risk Managers also work closely with ICS Coordinators to ensure the implementation of Risk Management processes within MAN companies.
Data Protection Officers and/or Data Protection Managers in the Group Data Protection division also ensure company-wide support.