Skip to main content
Contact
Submit RFP

      Highlights from the 2024 financial year

      EcoVadis Gold Medal

       
      in the sustainability ranking and thus among the top 5 per cent of the companies assessed

      Anti-corruption training

       
      mandatory for all our employees

      Certified management systems


      since about 15 years according to ISO/IEC 27001, ISO 9001 and ISO 14001

      Values week

       

      Over 5,000 employees take part in the Values Week

      Our aim is to be the leading auditor and consultant in quality. It is therefore essential for us to always apply the highest standards to our services. Through clear processes, structures and responsibilities, we want to ensure that we always act in a responsible, sustainable and future-orientated manner and that our services meet the highest quality standards.

      The most important basis for this is the integrity and independence of our employees. We are committed to our values of Integrity, Excellence, Courage, Together and For Better, which are anchored in the global KPMG network, and regard them as a non-negotiable guideline that shapes our personal and professional behaviour.

      As a multidisciplinary auditing and consulting firm, it is of central importance for us to comply with legal and professional regulations. We also see it as one of our main tasks to further develop the common quality approach of all global KPMG member firms. We achieve this with our structured quality and risk management system. It regulates the organisation of our business practice as well as the execution and processing of our assignments and thus forms the framework with which our services can reliably meet our quality standards. At KPMG, there are clear responsibilities and programmes for the alignment and implementation of risk management, compliance and quality assurance as well as for monitoring compliance and quality. Further information on this can be found in the current KPMG Transparency Report.

      More: "Governance" chapter in the "Our Impact Report 2024" by KPMG

      Our values are the backbone of our corporate culture

      Our values - Integrity, Excellence, Courage, Together and For Better - which are anchored in the global KPMG network, are our foundation at both national and international level and are at the centre of our daily actions. This set of values is the basis for KPMG's inclusive and diverse culture and guides our personal and professional behaviour.

      Our values are also the basis for trusting relationships with our clients and the key to our business success. They characterise our corporate culture and guide us in our decision-making and cooperation. In this way, our values are put into practice in our daily work and make a significant contribution to making KPMG a Home for Talents.

      Compliance with laws, regulations and standards is at the centre of the work of all KPMG employees. Through mandatory and regular independence and compliance training, we strengthen our employees' awareness of our corporate culture and ethical behaviour in their daily work processes.

      KPMG's CARE (Consider, Assess, Respond, Evolve) framework for ethical decision-making is designed to build and strengthen trust and contributes to our values and our Code of Conduct.

      CARE is a global, company-wide model that helps our employees make ethical decisions, especially when faced with a difficult situation or ethical dilemma, and reminds them that they do not have to make these decisions alone. In addition, our corporate values become tangible in concrete measures and actions. We regularly sensitise our employees to consciously living our corporate values - both in their day-to-day work and in special situations:

      Establishment of a company-wide network that places the topic of values at the centre of its activities - the Values Champion Community.

      Annual organisation of a Values Week in Germany. In the 2024 financial year, we reached more than 5,000 employees at around 75 different face-to-face and online events and workshops.

      Annual organisation of an international values week - Global Values Week - in which employees from all over the world come together virtually to focus on corporate culture and values globally. In 2024, we recorded more than 117,000 views in 115 different countries during five global broadcasts of speaker events with renowned guests.

      Detailed information on our corporate culture can be found in the latest KPMG Transparency Report.

      What I particularly appreciate about KPMG's corporate culture is that we are living the values that form this culture more than ever and measuring our actions and ourselves as people against them.

      Harald König

      Werte-Champion Frankfurt

      Integrity and quality

      In providing our services, we focus on the highest standards of quality and integrity. This is how we gain and retain the trust of our customers, our employees and society.

      With our commitment to integrity, the prevention and avoidance of corruption and compliance with our professional standards, we not only want to maintain our high quality standards, but also continuously develop them. In this way, we aim to achieve our goal of always being the first choice for our clients and building and maintaining trusting relationships with them.

      How we set the highest standards for the quality of our work

      In addition to professional and legal regulations, company-specific guidelines and global co-operation agreements form the basis of our daily activities. These include the following standards:

      KPMG has an international code of conduct, the Global Code of Conduct. This forms the basis for our national code of conduct, the Code of Conduct. The two codes complement our corporate values and provide essential guidelines and principles for our actions and behaviour in our day-to-day work. All KPMG employees are obliged to act in accordance with the codes of conduct and to take responsibility for compliance with legal, statutory and ethical standards in line with their respective area of responsibility and position. Regular reviews are carried out to ensure that the Code of Conduct is always up to date and relevant.

      The KPMG quality management system also provides a reliable framework for our daily activities in a highly complex working environment characterised by extensive legal regulations. By effectively implementing quality and risk management processes, we aim to avoid violations of the (professional) law applicable to us, liability issues, economic risks and the loss of our independence.

      We have introduced a System of Quality Management (SoQM) in accordance with the international quality management standard "International System of Quality Management Standard 1" (ISQM 1). By implementing ISQM 1, we have been able to improve the robustness of our quality management system and are thus pursuing a standardised approach with regard to quality assurance guidelines, responsibilities and reporting lines. Minimum requirements have been defined for each component of ISQM 1 that relate to the respective objectives, risks and measures. In addition, KPMG International has implemented a risk assessment process that identifies specific quality objectives and relevant risks. This enables us to take the necessary steps to continuously review and evaluate our quality management system.

      Through regular, mandatory training on independence and compliance, we raise our employees' awareness of compliance with laws, regulations and standards and support them in avoiding conflicts of interest and anti-competitive practices. In addition, our employees regularly submit a declaration of independence.

      KPMG has established an internal system-based approval process and control mechanism that is binding for all our donations, sponsorships, collaborations and memberships. In order to avoid bribery or the appearance of bribery, all employees are subject to clear rules on accepting and offering benefits from or to third parties, particularly in the case of invitations and gifts. The principles set out in these rules are integrated into our internal processes and form part of the mandatory training for all employees.

      Our management systems are certified in accordance with international and industry-specific standards and therefore fulfil the key requirements of our business partners and customers. Our certified management systems include our quality management system in accordance with DIN EN ISO 9001, our information security management system in accordance with ISO/IEC 27001, our environmental management system in accordance with DIN EN ISO 14001 and our occupational health and safety management system in accordance with ISO 45001.

      Suspected cases of illegal or unethical behaviour can be reported anonymously via our whistleblowing hotline. It is available to employees, customers, subcontractors, suppliers and external third parties. Every report is processed in accordance with the legal requirements (in particular Section 17 HGSchG and Sections 8, 9 LkSG). Further information can be found on our external website: Whistleblowing hotline/reporting centres for whistleblowers - KPMG Germany.

      In order to comply with legal requirements relating to corruption and bribery and to prevent cases of corruption by third parties with whom we work, we have implemented established processes that are anchored in our due diligence checks of third-party companies (including customers and suppliers).

      Our training courses focus on the following areas and are mandatory for all new employees and then repeated annually by all employees:

      • Data protection/information security
      • Independence
      • Combating money laundering and terrorist financing
      • Acting with integrity
      • Occupational health and safety

      What we achieved in 2024

      • There were no known cases of corruption or bribery at KPMG in the 2024 financial year.

      • Mandatory participation of all employees in anti-corruption training in the 2024 financial year as well. This includes training on acting with integrity and combating money laundering and terrorist financing. Participation in these training courses is documented and monitored by the system.

      • Based on the annual assessment of the quality management system by KPMG as at 30 September 2024, this ensures with reasonable assurance that the objectives of the quality management system are met.

      The measures we implement are continuously reviewed and further developed. Further information on our governance issues can be found in the KPMG Transparency Report, which also contains a detailed description of our quality management system.

      United Nations Global Compact

      Since 2002, KPMG International has been a member of the United Nations Global Compact, the world's largest initiative for responsible corporate governance. This initiative defines ten principles for a sustainable global economy. As part of the global KPMG organisation, KPMG is also committed to the standards of this alliance. Further information and the current progress report of the United Nations Global Compact can be found at the following link: KPMG International - Our Impact Plan.

      Integrity and compliance with professional quality standards are our top priority and a justified requirement of our clients, regulators and the public. As a company, we are measured by the fact that each and every one of us does the right thing every day, and it is our joint responsibility to always fulfil this requirement to the best of our knowledge and belief. This also includes acting with integrity in our training culture. Our training courses convey the principles of professional law and our values and serve to provide us with comprehensive qualifications. The expectation of our integrity is regularly communicated and demanded across all hierarchical levels and areas of the company - as are the comprehensive opportunities to report any violations and misconduct.

      Axel Thümler

      Head of Quality & Risk Management bei KPMG

      Data protection and information security

      The security of information and the data protection of our stakeholders are our top priority.

      Protecting client and personal data is of central relevance to us, especially in our auditing activities. In addition to data protection regulations - in particular the EU General Data Protection Regulation (GDPR) - KPMG as an auditing firm is subject to mandatory legal obligations under criminal and professional law to maintain confidentiality as well as professional supervision. Possible errors in the handling or auditing of data, for example due to data leaks or the loss of sensitive client data, could have a significant negative impact on our company. These include reputational damage and a long-term loss of trust in society, which would be difficult to remedy in the long term and would therefore have a lasting negative impact on our business activities.

      The protection of client and personal data of third parties, including our clients, service providers and cooperation partners as well as our own employees, is therefore an important goal for KPMG. Particularly in light of the rapid pace of technological progress, we endeavour to continuously adapt our systems and processes to future technical and regulatory requirements in order to ensure that we handle our stakeholders' data responsibly now and in the future.

      How data protection and information security are integrated at KPMG

      The responsible handling of personal data is an elementary component of our quality and risk management. The basis for this is formed by mandatory requirements, such as our internal information security brochure. We implement and continuously develop measures as part of our information security management system in accordance with ISO/IEC 27001. These include

      Our Group Data Protection Officer acts as an independent body in accordance with the EU GDPR and reports directly to the Executive Board. Together with his team, he is the central point of contact for all data protection matters at KPMG. The Data Protection Officer also plays an active role in cross-departmental processes with data protection relevance, such as supplier onboarding. All KPMG employees are instructed to report (suspected) cases of data breaches directly to the KPMG Group Data Protection Officer.

      All new employees and subsequently all employees every year are required to complete our data protection training. Employees in particularly sensitive areas receive additional specific training and information.

      All KPMG employees are contractually obliged to comply with professional secrecy and data protection requirements and with KPMG's information security guidelines (information security brochure).

      When integrating service providers into KPMG's data processing processes, KPMG's high data protection standards are contractually transferred to the service providers. In the case of commissioned data processing relationships in accordance with Art. 28 EU GDPR, legally standardised data protection contracts are agreed and the service providers are subjected to a corresponding IT security assessment in advance.

      When integrating service providers into KPMG's data processing processes, KPMG's high data protection standards are contractually transferred to the service providers. In the case of commissioned data processing relationships in accordance with Art. 28 EU GDPR, legally standardised data protection contracts are agreed and the service providers are subjected to a corresponding IT security assessment in advance.

      Our information security management system is certified in accordance with ISO/IEC 27001.

      What we achieved in 2024

      • KPMG continued to comply with data protection laws in the 2024 financial year. Incidents relevant to data protection were clarified with the involvement of our data protection officer; there were no breaches reportable to the competent authorities in the reporting period.

      • All employees were required to take part in data protection training. Participation in this training is documented and monitored by the system.

      Supplier management

      A key aspect of our environmental and social responsibility is compliance with environmental and social standards - not only in our company, but throughout our entire supply chain.

      Our suppliers are an important part of our value chain. By obliging our suppliers to comply with environmental and social standards and promoting sustainable procurement practices, we aim to continuously reduce the environmental impact of our supply chain. By working in partnership, we can analyse both short-term and long-term effects on the environment and society, jointly define potential improvements and tackle them together. In doing so, we rely on long-term partnerships with whom we share common development goals.

      How we implement sustainable supplier management

      Our supply chain accounts for a large proportion of our carbon footprint and therefore plays an important role in our sustainability strategy and in achieving our climate targets (see Planet chapter). For this reason, we are not only committed to strict compliance with environmental and social standards ourselves, but also expect the same from our suppliers. The binding minimum standards for business relationships with KPMG are set out in the Supplier Code of Conduct (SCoC). Our internal purchasing guidelines also summarise binding rules for the procurement of all goods and services.

      We also base our business activities on the internationally recognised United Nations Guiding Principles on Business and Human Rights and fulfil the requirements of the Supply Chain Due Diligence Act (LkSG), which has also applied to KPMG since January 2023. Further information on this can be found in the Declaration of Principles on Respect for Human Rights and the Environment, which has been mandatory for KPMG since 2023.

      In order to avoid social and ecological risks, we regularly review our existing and future contractual partners based on a supplier self-assessment as well as database queries and internet searches. This comprehensive review covers three main components:

      • The supplier's management systems for avoiding human rights and environmental risks.
      • Possible anomalies with regard to human rights or environmental violations Together with information on the supplier's financial and reputational risks, this forms the basis for the supplier selection process. The careful, transparent and, above all, independent selection of suppliers is particularly important in strategic purchasing, which is why strict monitoring and evaluation mechanisms apply to the commissioning of suppliers.

      As part of the LkSG requirements, we regularly carry out abstract risk analyses of country, sector and volume risk, measured against the supplier's annual turnover. This has resulted in suppliers being categorised as having a low to medium abstract overall risk. No classifications with a high overall risk have been identified to date. In a second step, suppliers with an abstract medium risk classification are checked to see whether sufficient preventive measures are being taken to control the risks. Based on these results, we have implemented further suitable preventive measures, including revising our Supplier Code of Conduct (SCoC), repeatedly qualifying suppliers and requesting self-declarations from new contractual partners. We have also introduced regular training for our employees in Purchasing, which has been supplemented by the requirements of the LkSG.

      The Carbon Disclosure Project (CDP) is an international non-profit organisation that provides a system for the disclosure of environmental impacts for the private and public sectors, thereby helping to increase the transparency of companies with regard to their environmental impact. In this context, KPMG is working with the CDP to continuously improve the data on the CO₂ emissions of our largest suppliers.

      What we achieved in 2024

      • Our risk analysis as part of the LkSG has shown that none of our direct or immediate suppliers have a high risk rating. We analyse all direct contractual partners in the LkSG risk analysis. Indirect suppliers are analysed more closely in the event of anomalies.

      • All of our employees in Purchasing receive training on human rights and environmental risks every financial year as part of LkSG management.

      • As part of the CDP, KPMG was once again able to persuade the majority of suppliers contacted in the 2024 financial year to provide information on their CO₂ emissions

      • The updated Supplier Code of Conduct has been an integral part of our contract templates since March 2024 and therefore forms the basis for newly concluded and updated procurement contracts.

      • There were no known violations of our Code of Conduct in the 2024 financial year.

      Respect for human rights

       
      The KPMG organisation worldwide is committed to the United Nations Guiding Principles on Business and Human Rights. This commitment is documented transparently and publicly in the Business and Human Rights Statement. Our commitment builds on our long-standing support of the UN Global Compact, which we signed back in 2002.

      As a German KPMG member company, we are also committed to respecting internationally recognised human rights and upholding them in our business activities and along our value chain. Our commitment to respecting human rights and the environment is reflected in already established corporate guidelines and quality management systems, such as

      • Our Code of Conduct: The mandatory Code of Conduct sets out guidelines for behaviour in everyday working life and in the corporate culture at international and national level.
      • Our Supplier Code of Conduct: This code defines the requirements for suppliers in terms of social, ethical and environmental sustainability.
      • Our quality assurance system: This creates the framework for our daily professional behaviour in accordance with applicable laws and professional regulations, ethically justifiable and in the public interest.

      We also expect our suppliers and other business partners to commit to complying with the principles set out here and to implement appropriate processes to respect human rights. Further information on this can be found in the Supplier Management section.

      An effective complaints and reporting procedure is also an important part of our due diligence processes. With our whistleblowing hotline, we have set up a company complaints management system that is available to anyone inside or outside our company. It serves as an important point of contact for raising concerns and issues relating to human rights. 4

      Since 1 January 2023, KPMG has been subject to the provisions of the German Supply Chain Due Diligence Act (LkSG), which aims to improve compliance with human rights and environmental due diligence obligations in global supply chains. To this end, we have implemented the required measures to fulfil our due diligence obligations both in our own business area and with our direct suppliers, as well as in relation to our whistleblower system (see Declaration of Principles on Respect for Human Rights and the Environment).

      Your contacts