Governance

As a Finnish law firm, we abide by the ethical rules and Code of Conduct of the Finnish Bar Association, and we are bound by the laws and regulations that apply in the Finnish legal sector. To us, however, engaging in responsible business means more than simply following these specific norms. Our core task is to maintain our integrity and to loyally defend the legal interests of our clients, which calls for us to work within the established framework of law while ensuring that we uphold a well-functioning legal system and the rule of law.

Our conflict-of-interest process ensures that the interests of our individual lawyers or firm will not contradict with or adversely affect the interests of our clients or the duties carried out by our lawyers. The law requires that we identify our clients. This means that we collect sufficient data as required by the Finnish Act on Preventing Money Laundering and Financing of Terrorism (444/2017). We have a Know Your Client (KYC) process in place that helps us detect risky or illegal business transactions. During our KYC process, we compare data submitted to us on companies, beneficial owners, and directors against sanction and PEP lists. We are obliged to report all suspicious transactions to the Money Laundering Clearing House of Finland.

Our operations are governed by the Borenius Code of Conduct. We operate a whistleblowing channel for reporting violations related to information security, data protection, and insider information to name a few.

We meet the requirements set by society, and in addition to that, we

give back in the form of pro bono work
engage in national committee work to actively share our knowledge and views to help develop the business environment and society
provide a substantial amount of training opportunities for students, which is our way of contributing to the education of future lawyers

Responsibility in Our Value Chain

The integrity of our vendors, product and service suppliers, and other business partners is critical to our success. As such, all parties doing business with Borenius are expected to commit to our Supplier Code of Conduct. It outlines the minimum standards we require our suppliers to comply with when doing business with us.

Your Data Is Safe with Us

We ensure that your company data is processed lawfully and in a secure manner. In 2021, we became the first law firm in Finland to receive ISO 27001 certification. We successfully renewed the certificate in 2024 (ISO 27001:2022), extending its validity for another three years.

This widely recognised international information security standard, which is also the highest security-related accreditation a law firm can achieve, was granted to us in recognition of the fact that we uphold the best practices and apply the best policies and procedures for information security management when handling client assignments and client data.

Your personal data is processed lawfully and transparently, and we ensure that your personal data is safe, accurate and up to date. We process personal data in accordance with all laws that apply to the protection of personal data, including the European Union’s General Data Protection Regulation 2016/679 (i.e. the GDPR) (“Data Protection Laws”). We process personal data e.g. for the purposes of identifying our client, screening conflicts of interest, handling assignments, managing client relationships, and marketing. In accordance with the Data Protection Laws, the data subjects whose personal data we process are entitled to obtain information on any personal data we process that pertains to them and to exercise their rights based on the GDPR as further described in our Privacy Notice.