15 maaliskuuta 2023

Studies show that only 1% of the top global companies meet the standard for socially responsible conduct. This means taking adequate action against issues such as corruption, bribery, anti-competitive behaviour, and human rights violations across the value chain.

As a global business, Purmo Group has a huge responsibility to take Environmental Social Governance (ESG) seriously. We need to embed ethical behaviours into the business by informing, training and equipping our employees, and engaging all stakeholders, especially our leadership, with the risks and issues.

Cultivating an ethical culture

We will develop policies for responsible tax payments, data privacy and security, ethical conduct, ethical supplier conduct, competitive behaviour and whistleblowing, and we will invest in training around bribery and corruption.

A particular challenge is consistency; as we work across numerous markets and regions, the risks will vary in line with different cultures and accepted standards. ESG will need to be audited closely, and whistleblowing channels will be put in place.

Embedding ESG in our governance

We are setting up an ESG group and governance structure to report on and monitor sustainability objectives, and we will incentivise the workforce by setting ESG targets for senior managers.

The buy-in of senior management is critical to ensure that ESG is considered in all decision-making. Purmo Group has the advantage of a Board that understands the value creation of embedding a sustainability culture in products and people.

ESG communications and transparency

We are already ensuring that sustainability data is verifiable and audited, and we include an ESG section in our annual report, detailing our sustainability strategy.

Becoming publicly listed will lead to increased scrutiny, so our disclosures must be transparent, and meet the relevant frameworks and regulations. We risk being scored lower in ESG ratings and rankings if the information investors or analysts are looking for is not accessible

In the future, we aim to develop processes to identify climate change risks, in a way that integrates Task Force on Climate-Related Financial Disclosures (TCFD) recommendations.

Key actions for ensuring data privacy and security

Purmo Group’s ICT Information Security function is responsible for implementing technical and organisational security measures for protecting personal data, and this is addressed in the Group Information Security Policy.

Group ICT actively monitors systems for incidents or anomalies, and investigates these. They also investigate potential security incidents notified by personnel or external sources. Any confirmed or likely incidents regarding personal data are immediately reported to the local Data Protection Manager / DPO and the Group Head of Legal.


Although there is Central ICT control at all locations, local Data Protection Managers are also responsible for compliance with the global programme. Some risk management activities are still to be carried out, and implementation of the data protection programme is ongoing.