A strong corporate governance framework and responsible
business operations lie at the core of GEK TERNA
Group’s business model, extending beyond mere
regulatory compliance. Driven by a consistent commitment
to transparency, accountability, and integrity, the Group
applies a comprehensive governance framework that
strengthens trust with all stakeholders — including
investors, employees, partners, and society. This approach
is aligned with internationally recognized corporate
governance standards and is supported by an integrated
system of internal controls, structured risk management
processes, and rigorous adherence to the applicable
regulatory framework.
Amid rapidly evolving business and societal conditions,
the Group continuously enhances its internal systems,
policies, and procedures, guided by the principles of
independence, accountability, and operational efficiency
across all organizational levels. Transparency in
decision-making remains a key priority, while business
choices are fully aligned with the principles of
sustainable development and social responsibility.
Hellenic Corporate Governance Code (HCGC) & Internal Rules of Operation
GEK TERNA Group has embedded the Principles of
Corporate Governance into its operations and
decision-making processes, applying them consistently
and in full compliance with the requirements of Greek
legislation and the Hellenic Corporate Governance Code
(HCGC), as issued by the Hellenic Corporate Governance
Council. At the same time, it adopts internationally
recognized best practices, enhancing accountability,
transparency and effectiveness across all areas of its
business activity.
In this context, the Group applies Internal Rules of
Operation (“IRO”), fully aligned with the
provisions of Law 4706/2020 on corporate governance,
as well as with the guidelines and decisions of the
Hellenic Capital Market Commission. The IRO sets the
operating framework of the governing bodies, defines
decision-making processes and control mechanisms, and
contributes to ensuring the orderly, efficient, and
transparent operation of the Group.
Corporate Governance Structure
The Group’s corporate governance structure is
based on a clearly defined system of administrative,
supervisory and management bodies, which ensures
effective decision-making, management oversight and
compliance with the principles of transparency and
proper business conduct.
GEK TERNA Group Organization Chart
Tap to zoom
Drag to pan · Pinch to zoom
The Board of Directors of the Group’s parent
company constitutes the highest collective
decision-making body, entrusted with defining the
strategic direction and overseeing its implementation,
in a manner that enhances the Group’s credibility
both within the financial and business community and
in the wider society.
With regard to its composition, the Board of Directors
comprises fourteen (14) members: six (6) executive and
eight (8) non-executive. Female representation on the
Board stands at 35.7%, while the age profile of its
members is predominantly concentrated in the over-50
category.
The Chair of the Board of Directors also serves as the
Group’s Chief Executive Officer, ensuring a
direct link between strategic planning at Board level
and day-to-day executive management. Potential
conflicts of interest are effectively mitigated through
a robust governance framework, which includes the
presence of independent Board members, the operation
of specialized audit committees, and the implementation
of transparent decision-making processes.
Board Members
14
6 executive · 8 non-executive
Female participation
35.7%
female representation on the BoD
Term duration
4years
BoD members term
Independent member participation
42.9%
independent BoD members
Board of Directors Committees
The activities of the Board of Directors is supported
by seven (7) Committees, established to strengthen the
implementation of a responsible business model and
contribute substantively to the decision-making
process. The Committees have an advisory and
consultive role, operating as specialized supporting
bodies to the BoD. In particular, the following
Committees operate:
Executive Committee
6members
5 men
1 woman
16.7%women
Audit Committee
4members
4 men
0 women
0%women
Nominations and Remuneration Committee
4members
2 men
2 women
50%women
Strategic Planning Committee
5members
5 men
0 women
0%women
Regulatory Compliance Committee
4members
3 men
1 woman
25%women
Investment Committee
5members
4 men
1 woman
20%women
ESG Committee Environment, Society and Governance
5members
0 men
5 women
100%women
GRI3-3ESRSG1-1
Business Ethics
Business ethics form a cornerstone of GEK TERNA
Group’s corporate culture and are embedded
across all aspects of its operations. The Group
remains firmly committed to acting with integrity
and transparency, incorporating the ethical
principles that characterize its corporate
identity into all business decisions and
activities. Through clearly defined rules of
conduct, comprehensive policies and effective
compliance mechanisms, a culture of trust and
respect is fostered across all stakeholder groups.
At the same time, the Group systematically
invests in the training and awareness-raising of
its employees, ensuring that day-to-day practice
is aligned with the values it upholds.
Indicatively, in 2025, 20% of the Group’s
workforce, namely a total of 1,230 employees,
participated in ethics and integrity training.
The Code of Conduct serves as a central reference point
for all Group employees and partners (including
suppliers, contractors, and subcontractors),
establishing the core principles and values expected
to guide their professional behavior. The Code reflects
the Group’s corporate culture, fundamental
beliefs, business ethics, and voluntary commitments,
placing the prevention of corruption and bribery at
its core. Its content is fully aligned with the
principles of international regulations and conventions,
as well as with internationally recognized standards,
including ISO 9001, ISO 14001, ISO 45001, ISO 37001,
ISO 37301, ISO 50001, and SA 8000.
The Code is applied universally: it covers all
companies and subsidiaries of the Group at national and
international level, extends to every area of activity
and is taken into account in partnerships and joint
ventures in which the Group participates.
The Code is complemented by a set of specialized
policies, which form the Group’s transparent and
agreed operating framework:
Regulatory Compliance, Corruption and Bribery Control Policy
Policy for Addressing Unhealthy Competition
Travel and Hospitality Expenses Policy
Gift Policy
Sanctions Policy
Conflict of Interest Policy
Policy of Compliance of Violence and Harassment at Work
Whistleblowing Policy
Sponsorship and Donations Policy
Remuneration Policy
Training Policy for Board members and Directors
Business Continuity Policy
The Group adopts a zero-tolerance policy toward any
form of irregular or inappropriate conduct that
contravenes the values and principles of the
Code of Conduct.
Through the Code, as well as all relevant policies,
the prevention of conduct that conflicts with the
Group’s fundamental business principles is
ensured, while the expectations and responsibilities
of employees are clearly defined. In this context, a
comprehensive training program is implemented with the
aim of raising awareness on compliance with the Code
of Conduct, as well as preventing bribery and
corruption at all levels of the Group’s
operations.
The fight against corruption and bribery is not only a
central pillar of the Code but also an integral
element of the Group’s business strategy.
Following systematic risk assessment, targeted control
measures are developed covering all activities. The
Group implements a certified Anti-Corruption and
Anti-Bribery Management System, in accordance with
the requirements of ISO 37001, with the corresponding
anti-corruption and anti-bribery policy communicated
to both external and internal stakeholders.
2025 Insights
Regulatory Compliance training through the
e-learning platform in the following
thematic areas:
Conflict of InterestCorruption and BriberyWorkplace bullying, moral harassment, and workplace violenceInternet and Social Media
Internal audits in the following Departments:
General Division of Business Development and Investments,
General Division of Financial Services,
Division of Property Development and Management,
Division of Financial Services,
Division of Health, Safety, Environment, and Energy,
Division of Strategic Communication,
Press Office,
Division of CSR & Sustainable Development,
Division of Human Resources,
Division of Quality,
Division of Tenders,
Data Protection Officer.
Internal audits at the Group’s and
its subsidiaries’ construction sites.
Maintenance of international ISO standards:
ISO 9001 — Quality Management SystemISO 37001 — Anti-Bribery Management SystemsISO 37301 — Compliance Management Systems
Reevaluation of relevant policies/procedures
based on the update plan set.
In addition, the Code of Conduct makes clear that
every employee has the responsibility to report any
action or situation that violates or may violate its
principles, strengthening the culture of integrity
and accountability across the organization. At the
same time, it provides clear, transparent and
accessible procedures for the submission and
management of relevant reports, both by employees and
by other stakeholders, ensuring their timely and
responsible handling.
The Code of Conduct constitutes the Group’s core
framework of principles, addressing matters related to
labour and human rights while guiding conduct across
the full spectrum of its business operations. To
strengthen this framework, the Group has implemented a
dedicated Whistleblowing Policy, developed in full
compliance with the European and national legislative
framework, as well as internationally recognized
standards ISO 37001 and ISO 37301.
Through this Policy and the associated procedures, the
Group has established clear and reliable reporting and
grievance mechanisms available to employees as well as
partners and suppliers. Stakeholders are given the
opportunity to report or raise concerns regarding the
implementation of the Code of Conduct to the appointed
Regulatory Compliance Officer, who also serves as the
designated Receiving and Monitoring of Reports Officer,
either on a named or anonymous basis, through the
following communication channels:
Letter through post to: “GEK TERNA S.A.”, 85 Mesogeion Ave, 115 26 Athens, in attention of the “Regulatory Compliance Unit” with the indication “Confidential”.
Verbal communication by meeting with the Regulatory Compliance Officer appointed for Receiving and Monitoring of Reports (RMR).
All reports are recorded, evaluated and addressed
consistently, transparently and objectively, while
ensuring confidentiality and the protection of the
personal data of the individuals involved. The
available communication channels, as well as the
Whistleblowing Policy, are also available on the
Company’s official website. In 2025, 13 reports
were submitted through the reporting mechanism, all
of which were handled in accordance with the
procedure established under the policy.
confirmed incident of corruption, either
through reports or through the audits carried
out by the Group as part of its corruption
prevention and mitigation efforts.
No
financial losses incurred as a result of
violations of business ethics.
GRI2-15
Conflict of Interest
The Group remains firmly committed to safeguarding the
trust it has built with stakeholders and local
communities in the areas where it operates. As part of
its responsible corporate governance practices, it
implements a Conflict of Interest Policy, as well as
related procedures, aiming at the timely identification,
assessment and effective management of potential
conflicts of interest.
The Group ensures that business decisions are made
with objectivity and independence, free from personal
or external interests, and always in the best
interests of the organization and its stakeholders.
In this context, employees are actively encouraged to
seek guidance in cases of potential conflict of
interest, to ensure proper assessment and oversight of
such situations. At the same time, roles with high
level of responsibility are subject to regular reviews
by the Regulatory Compliance Unit, with the aim of
preventing and managing related risks.
In cases where the Group or its subsidiaries engage
in transactions involving members of the Board of
Directors, senior executives, significant shareholders,
or their affiliates, strict internal procedures are
applied to safeguard transparency, accountability, and
integrity.
GRI2-10aGRI2-17GRI2-18
Selection, Training and Evaluation of Senior Management
The effective composition of the Board of Directors,
aligned with the Group’s strategy and long-term
business objectives, is supported through the
implementation of the Suitability Policy. The Policy
sets specific individual and collective suitability
criteria that all BoD members must meet.
In addition, the Training Policy for BoD members and
Senior Executives ensures their continuous training
and awareness-raising on Environmental, Social and
Governance (ESG) matters. The main thematic areas of
the annual training sessions include:
Introduction to the Group
Corporate Governance System
Cybersecurity
Business Continuity Planning
Environment, Society, and Governance (ESG)
Transparency and trust in the operations of Senior
Management are reinforced through an annual performance
evaluation process, which covers the following levels:
Evaluation of the Chief Executive Officer (CEO)
Evaluation of the BoD members (excluding the CEO)
Evaluation of Senior Executives
GRI2-19
Remuneration Policy and Transparency Principles
The Group has established and implements a Remuneration
Policy that sets out the framework of principles and
rules relating to the remuneration of the members of
the Board of Directors, as well as of General Managers
and Senior Executive Officers. The Policy ensures
transparency, integrity and consistency in the
application of remuneration, as well as its alignment
with the Group’s strategy, business objectives
and values.
The Remuneration Policy is founded on the following
guiding principles:
Transparency: Clear and comprehensible communication with all stakeholders.
Compliance: Adherence to applicable legal and regulatory frameworks.
Competitiveness: Ensuring attractive and fair compensation compared to market standards.
Alignment with Group’s and Shareholder Interests: Linking remuneration to the achievement of strategic objectives and the creation of long-term value.
Meritocracy: Rewarding performance, capabilities, and individual contribution.
The Remuneration Policy is reviewed regularly to remain current and aligned with the evolving needs of the Group and best governance practices.
GRI418-1ATHEX ESGC-G6ATHEX ESGSS-S5
Protection and Security of Personal Data
The Group’s business activities entail the
processing of personal data relating to individuals
for whom identifiable data is obtained, including,
indicatively, customers, suppliers, shareholders,
investors and users of the corporate website. Such
processing is carried out in full compliance with
European legislation, in particular the General Data
Protection Regulation (GDPR – Regulation (EU)
2016/679), as well as Law 4624/2019.
To further strengthen information protection, the
Group has developed and implemented an Information
Security Management System (ISMS), certified in
accordance with the international standard ISO/IEC
27001. To ensure the integrity and confidentiality of
the data managed, a designated Information Security
Management System Officer has been appointed, working
in close cooperation with the Group’s Chief
Information Security Officer (CISO).
The Board of Directors is regularly informed on data
security matters in the context of its meetings. In
2025, one personal data breach incident was recorded,
which was promptly investigated and addressed, in full
compliance with the applicable regulatory framework
and the Group’s internal policies.
GRI2-27SASBIF-EN-160a.2
Regulatory Compliance
Compliance with legislation and the principles
of corporate governance constitutes a
non-negotiable and fundamental value for
GEK TERNA Group. Business activities in
each country of operation are governed by the
Code of Conduct and the Regulatory Compliance
and Corruption and Bribery Control Policy,
ensuring responsible and transparent practices.
The identification, assessment and mitigation
of potential non-compliance risks are supported
by an integrated risk management and internal
control system. Oversight of the implementation
of relevant Policies and Procedures is exercised
by the Regulatory Compliance Committee and the
corresponding Unit, under the oversight of the
Board of Directors. In addition, regular audits
are conducted and a structured internal audit
program is implemented by the Regulatory
Compliance Unit. As part of efforts for the
continuous training of human resources,
targeted training was carried out in 2025 for
executives in positions of responsibility, with
emphasis on compliance procedures and the
requirements of the regulatory framework.
The Group’s commitment also extends to
its business partners, through clearly defined
contractual terms and the systematic
communication of its expectations. In this way,
the culture of compliance is strengthened
across the supply chain and throughout all its
partnerships. As a result of all these actions,
no confirmed incidents of non-compliance with
laws or regulations were recorded in 2025.
ATHEX ESGSS-G2ATHEX ESGSS-G3
Business Continuity
The effective management of emergency situations
and the uninterrupted continuity of business
operations are among the highest priorities of
GEK TERNA Group, as they are directly
linked to its sustainability and long-term
success. To this end, the Business Continuity
Policy is applied, setting the fundamental
conditions for ensuring the seamless operation
of its activities, identifying the relevant
risks and providing for the allocation of all
required resources for the implementation of
the Business Continuity Management System.
The Business Continuity System (BCS) has been
designed to ensure the timely, effective and
controlled recovery of the Group’s
activities in cases of disruption of critical
services, such as due to extreme weather
events, natural disasters, cyberattacks,
pandemics, or loss of buildings, human
resources and information systems, while also
including the relevant preventive measures.
Procedures for coordinating resources,
identifying risks and identifying those
business operations considered absolutely
critical play a central role. The regular
update of the Risk Register is a key
prerequisite for the reassessment of the risk
management plan.
In the context of certification according to ISO 22301
and in alignment with the approved Business Continuity
Policy, the Group’s parent company applies the
following procedures:
01Business Impact Analysis Procedure
02System Activation Procedures
03Disruptive Incident Response Procedure
04Audit Procedure
05Review Procedure
To ensure the availability of information systems and
data, an active cloud services agreement is in place
for an IT Disaster Recovery Plan, which forms an
integral part of the Business Continuity System, to
provide the necessary support for the operation of
critical applications. In this context, an alternative
information systems recovery site has been developed,
while DR tests are conducted annually to confirm
compliance with the recovery times identified during
the Business Impact Analysis.
The familiarization of personnel with the Group’s
preventive measures and the strengthening of the
System’s readiness are supported by a
comprehensive continuous training programme, which
includes on an annual basis:
E-learning on Business Continuity Plan procedures
Specialized training for Incident Response Team members
Cybersecurity awareness and training for all employees
Emergency Response Plan and Preparedness Enhancement
The creation of a safe and resilient working environment
requires immediate and effective management of
emergency situations, with the aim of protecting the
Group’s employees, associates and infrastructure.
Response Plan
Before the commencement of any project or the
operation of a new facility, a detailed
Emergency Response Plan is developed,
which includes:
Identification of potential risks and crisis scenarios
Definition of response actions and assignment of roles
Allocation of necessary resources and tools for effective management
Simulation Drills
To further strengthen operational readiness, the
Group conducts regular simulation
drills (e.g., accidents, fires,
earthquakes), which serve to:
Assess the adequacy of plans and procedures
Test coordination among departments, authorities, and personnel
Identify gaps in roles and responsibilities
Confirm the availability of critical resources
Systematic Training
To enhance employees’ preparation and timely
response capability, the Group invests in
systematic training, aiming at:
Enhancing preparedness and technical competence
Promoting understanding of accident root causes
Leveraging lessons learned from real incidents
Continuously improving response procedures
Through this cohesive approach, the Group’s
overall resilience is strengthened, ensuring a timely
and coordinated response to any potential scenario.
In 2025, at Group level, the annual Disaster Recovery
Test was carried out, confirming the operational
readiness of critical systems and the effectiveness of
recovery procedures.
In total, 78 emergency preparedness
exercises were carried out during 2025,
including the simulation of various emergency scenarios
and the assessment of the Group’s response.
Concessions Segment
43
preparedness drills at Nea Odos,
Central Greece Motorway and Nea Attiki Odos
Scenarios for evacuation of administrative
facilities, winter preparedness and snow removal,
simulations of operational disruptions, such as
loss of control centres, malfunction of toll
systems or disruption of information and
communication infrastructure.
At Group level, two specialized
exercises were also conducted focusing on
cyberattack scenarios and system recovery procedures,
further strengthening digital security and the
ability for rapid restoration of critical systems.
Overall, these exercises made a significant
contribution to validating the adequacy of business
continuity plans across all areas of operation,
strengthening compliance with regulatory requirements
and ensuring the uninterrupted operation of the Group.