Built on integrity and accountability
Strong governance is the foundation of everything we do. We are committed to operating with transparency, ethical standards, and responsible decision-making. This page outlines the principles, policies, and practices that ensure we remain accountable to our stakeholders and true to our values.
Integrity, accountability, and transparency.
At Fair Group, we are committed to maintaining transparent, ethical, and responsible governance that ensures long-term value creation for our stakeholders. Our governance is built on the principles of integrity, openness, and accountability, and we continuously work to strengthen our governance structures to meet both regulatory requirements and societal expectations.
We follow best practices in corporate governance and ensure that our decision-making processes are robust, transparent, and aligned with our sustainability goals. Through effective risk management, compliance with laws and regulations, and a strong ethical foundation, we ensure that Fair Group operates in a way that builds trust and supports long-term sustainable development
Internal control and information security.
Internal control is a critical component of Fair Group’s framework for risk management and operational performance. We have established robust internal control systems to ensure that our business processes operate efficiently and comply with applicable laws, regulations, and internal guidelines.
Our newly acquired subsidiary, Maik, holds an ISAE 3402 certification, which demonstrates that the company has effective internal control systems in place to ensure reliability, security, and compliance in its services. This certification is an important strength for the Group, as it confirms that our processes meet high international standards for risk management and operational quality.
In 2025, we aim to achieve ISO 27001 certification across the Group. ISO 27001 is an international standard for information security and provides a clear framework for how organizations can establish, implement, maintain, and continuously improve their Information Security Management System (ISMS).
As part of our journey toward ISO 27001 certification, we are systematically working on:
-
Implementing a new and improved ISMS that complies with ISO 27001 requirements
-
Strengthening access control, data security, and regulatory compliance
-
Conducting regular internal audits and risk assessments to ensure continuous improvement
-
Training and raising awareness among all employees to build a strong security culture
Risk management.
We have established clear and well-defined guidelines for risk management that ensure a comprehensive and structured approach to handling risk. These guidelines define what is considered acceptable risk and what measures must be implemented to reduce unacceptable risk to a manageable level.
Our risk assessment is based on a systematic analysis of both gross risk (the initial risk before mitigation measures) and net risk (the remaining risk after existing security measures have been implemented).
Anti-corruption and AML.
We have implemented a robust anti-corruption framework that ensures we operate with transparency, accountability, and a zero-tolerance approach to corruption. This framework is fully integrated into our overall business strategy and supported by clear procedures, practical guidelines, and ongoing training initiatives across the organization.
Through this structured approach, we ensure compliance with all applicable laws and regulations in the markets in which we operate—an effort that is particularly important as we expand into other Nordic countries. We actively work to prevent, detect, and address corruption-related risks, strengthening our ethical foundation and contributing to a fair and sustainable business environment.
At Fair Group, we also take anti-money laundering (AML) responsibilities very seriously and are committed to combating financial crime at all levels. We adhere to both national and international regulatory frameworks, including the Anti-Money Laundering Act and FATF guidelines, to ensure that all financial activities are conducted in a lawful, transparent, and responsible manner.
To safeguard financial integrity, we have established clear internal controls and governance mechanisms designed to ensure:
-
Accurate and complete recording of all financial transactions
-
Appropriate authorization and oversight of payments to prevent misuse
-
A strict zero-tolerance policy for bribery, corruption, and any form of improper advantage, including offering anything of value to influence decisions by public officials or private parties
Privacy and cybersecurity.
We handle large volumes of personal and financial data and are fully committed to protecting privacy and ensuring strong data security. We comply with GDPR and apply Privacy by Design and Default across our products, services, and processes.
Our approach includes strict procedures for data handling, supported by technical and organizational safeguards such as encryption, access controls, logging, anonymization, and regular security reviews. We also take a risk-based approach, continuously assessing and managing privacy risks through Data Protection Impact Assessments (DPIAs).
Employee training and awareness are a key part of our efforts, ensuring that personal data is handled responsibly at all levels of the organization.
Given the nature of our services, cybersecurity is a top priority. We have implemented a robust and proactive strategy to identify, prevent, and manage cyber threats, helping us protect sensitive information and maintain the trust of our customers and partners.