Business ethics and governance

TF Bank is committed to high standards of business ethics, integrity and responsible conduct across all operations. TF Bank governance practices are designed to support regulatory compliance, effective risk management and long-term value creation, while maintaining trust among customers, employees, suppliers and other stakeholders.

TF Bank corporate culture is founded on its Code of Conduct, which applies to all employees, management and members of the Board. The Code sets clear expectations regarding ethical behaviour, compliance with laws and regulations, prevention of conflicts of interest, equal treatment and respect for human rights.

Based on the DMA, business ethics, anti-corruption, prevention of money laundering and terrorist financing, and information security have been identified as material governance topics. TF Bank applies a zero-tolerance approach to corruption and bribery. Anti-corruption, anti-bribery and anti-financial crime measures are embedded in TF Bank governance and risk management systems and include:

• Risk-based anti-money laundering (AML) and counter-terrorist financing (CTF) controls
• Strict Know Your Customer (KYC) procedures during onboarding and throughout the customer relationship
• Continuous transaction monitoring and reporting of suspicious activities to relevant authorities
• Mandatory and regularly updated training for employees in relevant roles

These measures aim to prevent, detect and address financial crime risks and are continuously enhanced to reflect regulatory changes and emerging risks.

TF Bank has an independent whistleblower function available to employees and external stakeholders. Suspected breaches of the Code of Conduct, violations of internal or external regulations, or concerns related to corruption, money laundering or terrorist financing can be reported anonymously. Reports are handled confidentially and in accordance with applicable whistleblower protection legislation.

TF Bank expects suppliers and business partners to comply with high ethical, legal and sustainability standards. These expectations are set out in the Code of Conduct for Suppliers, covering areas such as anti-corruption, AML, data protection, human rights and environmental responsibility. Suppliers are expected to adhere to TF Bank’s Code of Conduct or demonstrate that they apply equivalent standards.

Information security and data protection are critical to TF Bank’s digital business model. The Board of Directors has approved IT, information security and privacy policies aligned with GDPR, DORA and other applicable regulations. Controls include access management, encryption, incident response procedures, business continuity and disaster recovery planning, and mandatory employee training. Compliance is monitored through internal controls and independent internal audit.

Governance oversight is exercised through the Bank’s three-lines-of-defence model, internal controls and independent internal audit. During the reporting period, TF Bank did not record incidents of corruption, bribery or serious breaches of business conduct that had a significant impact on TF Bank or its stakeholders.

The table below reflects that the operational governance indicators remained stable within reporting period, with an increase in customer complaints and reported GDPR breaches compared to 2024, no whistleblowing reports, and a higher amount of taxes paid, reflecting TF Bank’s expanding operations. These developments should also be understood in the context of growing business volumes, an increasing customer base and TF Bank’s broader international footprint.