Compliance – responsible corporate policy based on standards

Executives and managers of companies increasingly set up compliance management systems that ensure compliance with legislation and prevent criminal actions by staff members.


In this context, mention has to be made of the International Standards ISO 19600 "Compliance Management Systems" and ISO 37001, the anti-bribery standard.

The foundation for developing ISO 19600 was laid by  ONR 192050, published by Austrian Standards. That was the first normative document specifying concrete requirements for an effective compliance management system.

Both standards are applicable to organizations of all types and sizes and are to help guarantee compliant behaviour based on appropriate structures and processes in organizations/enterprises.

Two examples of companies operating CMSs –  Rosenbauer International AG, one of the global leaders in the manufacture of fire-fighting equipment that is based in Upper Austria, and the Carinthian energy service provider Kelag – are described below.


“We are aware of our responsibility”

Rosenbauer International AG has developed special vehicles and systems for firefighting and disaster protection for more than 145 years. All the products of the Upper Austrian enterprise meet the requirements of Austrian, European and US standards.

Dr. Wolfgang Stroh, who is in charge of compliance with legal requirements and codes, knows: “Growth and rising sales result in more responsibility.”

Within the framework of corporate governance, Rosenbauer also uses compliance to promote good governance.

The Austrian corporation has already been certified under numerous standards. “Not only national ÖNORM standards are relevant for our products. In our business with other European countries as well as Asia and America, we have to comply above all with ISO standards, but also German DIN standards and the fire protection regulations of the National Fire Protection Association (NFPA) in the US,” says Wolfgang Stroh.

The success story of Rosenbauer can also be described as a success of standardization. Building on standards needed for manufacturing first-class products, this solid basis is reinforced by standards governing different areas of management. Rules ensuring good governance and compliance management help safeguard success in business in the long term.


Carinthian Kelag, , one of the leading suppliers of electricity from renewable sources, also has a compliance management system according to ONR 192050.

“Compliance safeguards the enterprise value”

Credit: Kelag Bildarchiv

Kelag is one of the leading energy service providers of Austria and is active in the fields of electricity, district heating and natural gas. The group operates distribution networks for natural gas and electricity in Carinthia, is among the big Austrian hydropower producers and the biggest supplier of district heating based on biomass and industrial waste heat nation-wide.

“The identification and control of legal risks forms part of our risk management system," says Univ.Prof. Dipl.-Ing. Dr. Hermann Egger, Chairman of Kelag’s Board of Directors. For that purpose, the enterprise implemented a group-wide compliance management system (CMS) in co-operation with an international law firm to minimize the likelihood of unlawful acts by employees of the KELAG group. This system was subsequently certified according to ONR 192050 by Austrian Standards.

"Our compliance management system protects the group as well as each and every employee, and it makes a major contribution to permanently safeguarding the enterprise value," believes Dr. Oskar Sobej, Chief Compliance Officer of Kelag.

“The certified compliance management system focuses on the risk areas relevant for us, i.e. anti-corruption law, data protection law, anti-trust law, competition law and procurement law,” explains Compliance Officer Mag. Markus Minarik.

The certification process covered Kelag AG and its subsidiaries Kelag Wärme GmbH and KNG-Kärnten Netz GmbH

“For us, CMS certification was an important and necessary step towards transparency and building trust among our stakeholders. The professional and highly competent way in which the audits and the entire certification process were performed by the experts of Austrian Standards also provided invaluable support to us,” summarizes Oskar Sobej.


ONR 192050 Compliance management systems (CMS) - Requirements and guidance for use