Anti Fraud Policy

Chapter 1. General principles

1.Overview

The Corinthia Group including its subsidiaries and affiliates (the ‘Group’) establishes this Anti-Fraud Policy (the ‘Anti-Fraud Policy’) as it is committed to the highest possible standards of openness, honesty and accountability in all of its affairs. The Group is determined to maintain a culture of honesty and opposition to fraud and corruption.

Based on this commitment, this Anti-Fraud Policy outlines the principles to which the Group is committed in relation to preventing, reporting and managing fraud and corruption. This Anti-Fraud policy reinforces the approach to business dealings by articulating the core values of the Group and by setting out the ways in which employees or members of the public can voice (Whistleblow) their concerns about suspect fraud or corruption. It also outlines how the Group will deal with such complaints.

2.Objectives

The primary objective of this policy is to:

  • Give a clear and unambiguous statement of the Group’s position on theft, fraud and corruption;
  • Minimise the risk of fraud;
  • Enhance the Group’s governance and related internal controls;
  • Standardise business activities;
  • Maintain integrity in the Group’s business dealings;
  • Establish procedures and protections that allow employees of the Group and members of the public to act on suspected fraud or corruption with potentially adverse ramifications and to achieve the legitimate business objectives of the Group for the benefit of its shareholders.

3. Implementation

This Anti-Fraud Policy shall be implemented:

  • Immediately upon its approval and adoption by the Group’s Board of Directors (The Board).
  • Where suspicions of fraud or corruption have been raised.

The policy requires that:

3.1 At all times employees and those charged with governance are to act honestly and with integrity and expected to safeguard all assets for which the Board is responsible. The Group is committed to providing the highest quality of service to all customers. The Board recognises that the services provided need to be cost effective, efficient and fair and that occurrence of theft, fraud and corruption may affect the cost, efficiency and equity of its services.

3.2 Fraud is an ever-present threat to these resources and hence must be a concern to all employees, those charged with governance and persons employed in a similar capacity. Fraud may occur internally or externally and may be perpetrated by staff, consultants, suppliers, contractors and other stakeholders, individually or in collusion with others.

3.3 The Board and each individual employee have the responsibility to counter theft, fraud and corruption and the duty to protect the assets of the Group. Assets include information held by the Board, professional image and goodwill as well as property and funds.

3.4 The Board is committed to maintaining an honest, open and well-intentioned environment in all areas of operation. The Board endeavours to minimise theft, fraud and corruption by:

  • Developing an anti-theft, anti-fraud and anti-corruption culture among staff to deter such acts;
  • Encouraging the reporting of reasonably held suspicions relating to theft, fraud or corruption within all areas of the Group’s operations;
  • Designing and operating systems, procedures and policies which minimise the risk of fraud;
  • Assisting law enforcement agencies in their investigations into theft, fraud and corruption where it is appropriate, lawful and proper to do so, and seek assistance from such organisations when the Board’s own enquiries necessitate such measures.

Chapter 2. Definitions and Categories of Fraud

1. Definition. Fraud in this policy is defined as:

  • The use of deception with the intention of pursuing personal interests and causing loss to the proper interests of the Group;
  • The use of Group interests for personal gain;
  • The intentional distortion of financial statements or other records by persons internal or external to the Group which is carried out to conceal misappropriation of assets or personal gain.

In the context of this policy The Board will make the following considerations:

  • Theft – intentional, dishonest and unlawful borrowing, misappropriation or misuse of the Group’s assets and facilities.
  • Fraud – dishonest act or intent undertaken with a view for personal gain for oneself or another, or to sustain loss to another, which involves the appropriation, misappropriation or misuse of any asset or information held by or on behalf of the Board.
  • Corruption – offering, giving, soliciting or acceptance of an inducement or reward intended to influence the action of any Board member or officer of the Group or contractor employed by, or on behalf of the Group.

2. Examples of Fraud and Fraudulent Behaviour. Some examples of fraud or fraudulent behaviour include:

  • Illegal use of corporate interests for personal gain;
  • Misappropriation of assets, embezzlement and theft;
  • Payment or receipt of bribes, kickbacks or other inappropriate payments;
  • Participation in sham or fraudulent transactions;
  • Deceptive, misleading or false statements about corporate transactions;
  • Forgery or alteration of accounting records or vouchers;
  • Failing to keep confidential trade secrets of the Group;
  • Non-disclosure of material information needed for an informed investment decision, and
  • Other fraudulent behaviours causing loss to the Group interests.

In its broadest sense it also refers to any person who, with intent to make a gain or to cause loss or to expose another to a risk of loss, dishonestly:

  • Makes a false representation, or
  • Fails to disclose information to another person that:
    • He or she is under a legal duty to disclose
    • Is of a kind which the other person trusts him or her to disclose, and is information which in the circumstances it is reasonable to expect him or her to disclose, or
  • Abuses a position in which he or she is expected to safeguard, or not to act against, the interests of another person or of anyone acting on that person’s behalf.
  • Fraudulent use of computer time and resources, including unauthorised personal browsing on the Internet, corruption and destruction of data, manipulation of programs.

Chapter 3. Oversight and Responsibilities

The primary responsibility for the prevention, detection and investigation of fraud and other malpractices monitoring and rectifying fraud and potentially fraudulent behaviour rests with management that also has the responsibility to manage such risks.

1. Main Board is responsible through the Audit Committee for the oversight of:

Corporate policy on fraud and corruption, dealing with the occurrence of fraud and laying down responsibilities and measures to mitigate fraud and corrupt practices;

  • Notify appropriate regulatory authorities of relevant frauds;
  • Ratify policy, mitigation strategy and response plan;
  • Corporate ethos, setting the right ethics and policies;
  • Risk and threat assessment;
  • Adequate and effective internal control;
  • Adequate and effective internal audit.

The Audit Committee shall review arrangements by which staff of the Group may, in confidence raise concerns about possible improprieties in matters of financial reporting, financial control or any other matters. The Audit Committee’s objective should be to ensure that arrangements are in place for the proportionate and independent investigation of such matters and for appropriate follow-up action, and that any matters relevant to its own responsibilities are brought to its attention.

2. Line management is responsible for managing, controlling, reporting and taking action on the risk of fraud, corruption and malpractices including:

  • Having processes in place to deter and detect fraud;
  • Applying adequate controls to prevent fraud;
  • Leading fraud investigations;
  • Overseeing investigations conducted by specialists on their behalf;
  • Dealing effectively with issues raised by staff (including taking appropriate action to deal with reported or suspected fraudulent activity);
  • Involving the police where necessary.

3. Staff is responsible for:

  • Operating procedures to safeguard the organisation’s assets;
  • Alerting management when they believe that the possibility of fraud, corruption and malpractices exists;
  • Reporting immediately to management when they suspect that fraud has been committed.

4. Internal Audit

Internal audit has no legal responsibility for detecting fraud but is required to give independent assurance on the effectiveness of the processes put in place by management to manage risk of fraud. The Internal Audit department shall establish, implement and monitor procedures and controls designed to assess, prevent and remediate fraud and fraudulent behaviour and issue periodic reports on the effectiveness of the implementation of this Policy. Any additional activities carried out by internal audit should be in the context of and not prejudicial to this primary role.

The roles that internal audit should undertake therefore include the following:

  • Investigating the causes of fraud;
  • Reviewing fraud prevention controls and detection processes put in place by management;
  • Making recommendations to improve the processes;
  • Advising the Audit Committee on what, if any, legal advice should be sought if a criminal investigation is to proceed;
  • Bringing in any specialist knowledge and skills to assist in fraud investigations, or leading investigations where appropriate and requested by management;
  • Liaising with the investigation team;
  • Responding to whistleblowers;
  • Considering fraud risk in every audit;
  • Having sufficient knowledge to identify the indications of fraud;
  • Facilitating corporate learning.

Chapter 4. Prevention and Control of Fraud

Managers in each Division (‘Manager’) shall:

  • Advocate and develop a corporate culture of honesty and integrity,
  • Assess the risk of fraud arising in the normal business operations of each Division,
  • Establish controls and procedures designed to eliminate the likelihood of fraud and to receive, investigate, report and recommend course of action in respect to suspected or voiced concerns of fraud or fraudulent behaviour.

Managers shall promote a regular corporate culture of honesty and integrity through the following actions and activities:

  1. Lead by example in complying with this Anti-Fraud Policy;
  2. Regularly communicate the Group’s message of honesty and integrity with employees of the Group through written and verbal presentations of the principles underlying this Anti-Fraud Policy;
  3. Conduct periodic meetings to ensure employees attend training regarding business ethics and the related laws and regulations;
  4. Notify all direct and indirect interest parties, including external parties (customers, suppliers, supervision authorities and shareholders) regarding this Anti-Fraud Policy and the obligation of the employees to comply therewith;
  5. Notify employees and external third parties of the opportunity and procedures for anonymously reporting wrongdoings and dishonest behaviour;
  6. Identify and assess the importance and possibility of fraud risk at entity level, in each business department level and at all significant accounts level.
  7. Establish control procedures to reduce the potential occurrence of fraud through protective approval, authorisation and audit checks, segregation of duties, periodic compliance reviews and similar measures.
  8. Perform customary background checks (education, work experience and criminal records) for individuals being considered for employment or for promotion to positions of trust. Formal written documents for background checks shall be retained and filed in employee’s record.

Chapter 5. Reporting Fraud or Fraudulent Behaviour

  1. The Board shall establish and maintain reliable communications channels (telephone hotlines, e-mail and mail) allowing for the anonymous reporting of actual or suspected instances of fraud or fraudulent behaviour committed by the Group or any of its employees, representatives or advisors. Contact information for the various channels of communication shall be publicised so that actual or suspected cases of fraud or fraudulent behaviour and violation of business ethics can be reported.
  2. Complaints and concerns relating to instances of actual or suspected instances of fraud or fraudulent behaviour or questionable accounting, internal control or auditing matters shall be reportable through the established channels of communications and may be reported on an anonymous basis.
  3. The Board shall promptly investigate alleged and/or reported instances of fraud or fraudulent behaviour. If any member of the Group’s senior management is involved in the alleged and/or reported instances of fraud or fraudulent behaviour, a special investigation team shall be organised to conduct an investigation with the assistance of the Internal Audit Department and shall report directly to the Group’s Board of Directors or a Committee thereof.

Chapter 6. Anti-Fraud Policy Implementation and Execution

The Internal Audit Department appointed as the anti-fraud organisation of the Group, shall implement and execute this Anti-Fraud Policy. Among other things, the Internal Audit Department shall:

  • Organise and assist each of the Managers with an annual fraud risk assessment for each Division;
  • Perform an independent anti-fraud assessment on each Division;
  • Receive, assess, investigate and resolve complaints and/or reports of alleged fraud or fraudulent behaviour;
  • Oversee the operation of the policies and procedures contained in the Anti-Fraud Policy.

Bi-annual reports shall be issued by the Internal Audit Department to respective Audit Committees as may be decided regarding the implementation and effectiveness of this Anti-Fraud Policy. Such reports shall be retained and made available in accordance with the Group’s customary document retention policies.

On a regular basis (at least bi-annually) Audit Committees are to inform their respective Boards of any irregularities that are being investigated.

Chapter 7. Guidance and Supervision for Anti-Fraud

    1. The Board is committing itself that adequate monetary and human resources will be provided in implementing and maintaining the policies and procedures articulated in this Anti-Fraud Plan.
    2. The annual report of the Internal Audit Department to the Audit Committee shall address the following:
      • Measures taken during the preceding year by Managers to implement the policies and procedures in this Policy;
      • The effectiveness of anti-fraud procedures and control policies, including the identification of fraud risk;
      • The possibility of management override of controls, or other inappropriate influences over the financial reporting process;
      • Cases of misappropriation of company assets
      • The status of investigations into alleged fraud and fraudulent behaviour;
      • Review of policies and procedures utilised to detect and eliminate fraud and fraudulent behaviour in financial reporting; and
      • Review significant non-recurring transactions and related party transactions.

Chapter 8. Applicable Scope

This Anti-Fraud  policy applies to the Group and its affiliates.