Skip to main content

Let us know

Reporting misconduct

Upholding the rules of conduct set out in our voestalpine Code of Conduct is a priority for our Group.

Preventing misconduct is in our own interest, as well as that of our employees and business partners. Whistleblowers help us live up to our values, avoid harm to the Group, and thus save jobs.

Employees who report violations of laws, the Code of Conduct, or other internal rules and regulations in good faith will not face reprisals or negative repercussions of any type as a consequence of their actions.

Options for reporting misconduct

Reports can be submitted in a variety of categories, in particular the following


    Agreements and coordinated actions between companies which have the effect of limiting free competition. Examples: price fixing, dividing up markets or customers, collusion with respect to contracts, production quantities or quotes, collusion with respect to tenders, the unpermitted exchange of competitively sensitive information.


    Offering and granting advantages in order to influence others in their decision-making (bribery, active corruption) and soliciting or receiving benefits (corruptibility, passive corruption). Examples: inappropriate gifts to a customer’s employees prior to a contract being awarded; inviting the customer’s employees to a weekend at a spa prior to the customer awarding a contract; non-business-related invitations with the aim of securing a contract; accepting a gift from suppliers and in return not pursuing justifiable claims against the supplier; accepting invitations or gifts in return for approving a higher purchase price or an offer.


    Criminal offenses which damage the company’s assets or those of a third person. Examples: issuing inflated invoices in order to keep the additional amount; withholding company funds or work materials; concluding business agreements which are disadvantageous for the company in order to derive a personal benefit.


    Exploiting insider knowledge (information about confidential matters related to voestalpine or a voestalpine AG financial instrument which can be used to significantly influence the price of the financial instrument should the information become common knowledge). Examples: employees working in an area subject to confidentiality restrictions who buy or sell shares during a blocking period applying to this area.


    A private or personal interest prevents the employee from fulfilling their duties to the company in an objective manner. Conflicts of interest can arise especially where employees are involved in other activities with customers, suppliers, or competitors and/or are economically invested in their success.


    Discriminating against or vilifying groups or individuals based on their gender, religion, or ethnicity, etc. Unsolicited verbal or physical advances by colleagues, superiors, or customers. Bullying, tormenting, injuring or similar by colleagues with the intention of driving an employee out of the company. Examples: discriminating in terms of remuneration on the basis of gender; not appointing or refusing promotion due to an employee’s origins; xenophobia, sexual harassment, humiliation, exclusion, coercion, violence.


    Violations of rights enjoyed by all individuals equally. The subjective rights of every person are violated, or there are instances of child labor, forced labor, or new slavery. New slavery describes an exploitative situation in which a person is unable to refuse or leave due to threats, violence, coercion, deception, or the misuse of power. Examples: the use of forced or child labor; interference in individual freedoms, the freedom of religion, expression, information, and assembly.

  • Serious violations against regulations intended to protect personal data. Examples: the unlawful collection, transfer, or processing of personal data; the use of data for private purposes; publication or transfer of photos of customers or employees on the Internet/Intranet without their express permission; using customer data for marketing purposes without permission; the loss of personal data.


    Compliance with laws, regulations, and standards in production and other technical areas.


    Compliance with guidelines which serve to protect data from falsification, destruction, and unlawful transfer. Examples: Interference with the security of IT systems and networks which strongly endangers the confidentiality, integrity, and/or availability of information or facilities; transfer of user accounts and password details to non-authorized persons; cyberattacks.


    Deliberate or accidental contamination of water, ground, or air. Examples: discharge of environmentally hazardous substances; improper waste disposal; failure to indicate sources of danger; accidents caused by inadequate safety measures.


    A lack of security arrangements, failure to adhere to such arrangements and to instructions. Example: dangerous or unhygienic working conditions.


    Examples: Copyright infringements (use of intellectual property belonging to third parties), sabotage or destruction of working materials; violations of export regulations and controls; violations of duties of care in the supply chain.

Use of the Business Keeper AG (BKMS) whistleblower system for anonymous reporting

If you have reservations about reporting misconduct under your own name you can use the anonymous Business Keeper AG (BKMS) whistleblower system. You can actively help investigation into the misconduct by creating an anonymous mailbox after submitting your report.

When you submit a report using the whistleblower system, you will first be asked to read a text with information about protecting your anonymity before being taken straight to the portal. On the next page you will be asked about the type of report you are making. Here you will formulate the report in your own words and answer questions about the incident by choosing from a preselected range of answers. After submitting your report you will be issued with a reference number as a receipt. You can then set up your personal, protected mailbox. The mailbox will be used to send you responses, answer any questions, and inform you of the progress of investigations into your complaint.

FAQs about the Business Keeper AG (BKMS) whistleblower system

  • You can use the whistleblower system even if you are not sure whether what you have witnessed constitutes misconduct, and to ask for advice. You can submit your questions anonymously.

    Please note that we can only answer your questions if you set up a protected mailbox to which we can send replies.

  • The regular procedure is for submissions to be processed by the Whistleblowing Committee. You may choose which team processes your report only in countries in which it is expressly permitted for the affected company to process complaints internally.

    The Whistleblowing Committee comprises the heads of the Legal, M&A, and Compliance department and the Auditing and Risk Management department of voestalpine AG. These departments may each specify one substitute person and jointly specify a further authorized person to receive the reports submitted via the whistleblower system.

    Where submissions are processed by the affected company itself, the Whistleblowing Committee forwards the report to the person authorized to process reports of misconduct within that company. Efforts will be made to ensure the impartial investigation of the report.

  • Where they do not wish to be named publicly, the whistleblower system protects the anonymity of the informant. The effectiveness with which this anonymity is upheld is certified by an independent body. We are interested in receiving reports in order to avoid damage to the company, rather than you as the informant.

    The Whistleblowing Committee has exclusive access to the content of the report you submit via the system, but not to any other data such as IP addresses which might make it difficult to protect your anonymity.

    Encryption and other security routines ensure that your report remains anonymous. You do not need to submit personal data or to report the misconduct using a device provided by your employer. Whether you use a private device or one provided by your employer (smartphone, PC, etc.), your anonymity remains protected.

    When you set up your protected mailbox, you choose a pseudonym, user name, and password. Only you know these access details. You also remain anonymous during dialogue conducted via the mailbox.

  • The web-based whistleblower system is open to everyone. This means employees can submit their report from home or using another form of Internet access outside the company, at

  • You will find detailed instructions on using the web-based whistleblower system on its starting page. You will need to describe at least the following points in order to provide the investigating team with the information they need:

    • the company and department to which the misconduct relates
    • when the event occurred
    • the type of event that occurred
    • who was involved
  • In addition to German and English, the whistleblower system is available in Bulgarian, Czech, Dutch, French, Italian, Lithuanian, Polish, Portuguese, Romanian, Spanish, Swedish, and Hungarian. If your language is not covered by this selection, you may also submit your report in your national language.

  • Objectively investigating your report involves finding out precisely what happened. Therefore, it is often necessary to ask the informant additional questions. In order to create this communication channel, we ask you to use the option of setting up a mailbox in the whistleblower system, and to log into the system a few days later using the access data you have selected. Your anonymity will naturally remain protected during your use of the mailbox.