Anti Fraud & Whistleblower Policy

Chapter 1. General principles


The Corinthia Group including its subsidiaries and affiliates (the ‘Group’) establishes this Anti-Fraud and Whistleblower Policy (the ‘Anti-Fraud Policy’) as it is committed to the highest possible standards of openness, honesty and accountability in all of its affairs. The Group is determined to maintain a culture of honesty and opposition to fraud and corruption.

Based on this commitment, this Anti-Fraud Policy outlines the principles to which the Group is committed in relation to preventing, reporting and managing fraud and corruption. This Anti-Fraud policy reinforces the approach to business dealings by articulating the core values of the Group and by setting out the ways in which employees or members of the public can voice (Whistleblow) their concerns about suspect fraud or corruption. It also outlines how the Group will deal with such complaints.


The primary objective of this policy is to:

  • Give a clear and unambiguous statement of the Group’s position on theft, fraud and corruption;
  • Minimise the risk of fraud;
  • Enhance the Group’s governance and related internal controls;
  • Standardise business activities;
  • Maintain integrity in the Group’s business dealings;
  • Establish procedures and protections that allow employees of the Group and members of the public to act on suspected fraud or corruption with potentially adverse ramifications and to achieve the legitimate business objectives of the Group for the benefit of its shareholders.

3. Implementation

This Anti-Fraud Policy shall be implemented:

  • Immediately upon its approval and adoption by the Group’s Board of Directors (The Board).
  • Where suspicions of fraud or corruption have been raised.

The policy requires that:

3.1 At all times employees and those charged with governance are to act honestly and with integrity and expected to safeguard all assets for which the Board is responsible. The Group is committed to providing the highest quality of service to all customers. The Board recognises that the services provided need to be cost effective, efficient and fair and that occurrence of theft, fraud and corruption may affect the cost, efficiency and equity of its services.

3.2 Fraud is an ever-present threat to these resources and hence must be a concern to all employees, those charged with governance and persons employed in a similar capacity. Fraud may occur internally or externally and may be perpetrated by staff, consultants, suppliers, contractors and other stakeholders, individually or in collusion with others.

3.3 The Board and each individual employee have the responsibility to counter theft, fraud and corruption and the duty to protect the assets of the Group. Assets include information held by the Board, professional image and goodwill as well as property and funds.

3.4 The Board is committed to maintaining an honest, open and well-intentioned environment in all areas of operation. The Board endeavours to minimise theft, fraud and corruption by:

  • Developing an anti-theft, anti-fraud and anti-corruption culture among staff to deter such acts;
  • Encouraging the reporting of reasonably held suspicions relating to theft, fraud or corruption within all areas of the Group’s operations;
  • Designing and operating systems, procedures and policies which minimise the risk of fraud;
  • Assisting law enforcement agencies in their investigations into theft, fraud and corruption where it is appropriate, lawful and proper to do so, and seek assistance from such organisations when the Board’s own enquiries necessitate such measures.

Chapter 2. Definitions and Categories of Fraud

1. Definition. Fraud in this policy is defined as:

  • The use of deception with the intention of pursuing personal interests and causing loss to the proper interests of the Group;
  • The use of Group interests for personal gain;
  • The intentional distortion of financial statements or other records by persons internal or external to the Group which is carried out to conceal misappropriation of assets or personal gain.

In the context of this policy The Board will make the following considerations:

  • Theft – intentional, dishonest and unlawful borrowing, misappropriation or misuse of the Group’s assets and facilities.
  • Fraud – dishonest act or intent undertaken with a view for personal gain for oneself or another, or to sustain loss to another, which involves the appropriation, misappropriation or misuse of any asset or information held by or on behalf of the Board.
  • Corruption – offering, giving, soliciting or acceptance of an inducement or reward intended to influence the action of any Board member or officer of the Group or contractor employed by, or on behalf of the Group.

2. Examples of Fraud and Fraudulent Behaviour. Some examples of fraud or fraudulent behaviour include:

  • Illegal use of corporate interests for personal gain;
  • Misappropriation of assets, embezzlement and theft;
  • Payment or receipt of bribes, kickbacks or other inappropriate payments;
  • Participation in sham or fraudulent transactions;
  • Deceptive, misleading or false statements about corporate transactions;
  • Forgery or alteration of accounting records or vouchers;
  • Failing to keep confidential trade secrets of the Group;
  • Non-disclosure of material information needed for an informed investment decision, and
  • Other fraudulent behaviours causing loss to the Group interests.

In its broadest sense it also refers to any person who, with intent to make a gain or to cause loss or to expose another to a risk of loss, dishonestly:

  • Makes a false representation, or
  • Fails to disclose information to another person that:
    • He or she is under a legal duty to disclose
    • Is of a kind which the other person trusts him or her to disclose, and is information which in the circumstances it is reasonable to expect him or her to disclose, or
  • Abuses a position in which he or she is expected to safeguard, or not to act against, the interests of another person or of anyone acting on that person’s behalf.
  • Fraudulent use of computer time and resources, including unauthorised personal browsing on the Internet, corruption and destruction of data, manipulation of programs.

Chapter 3. Oversight and Responsibilities

The primary responsibility for the prevention, detection and investigation of fraud and other malpractices monitoring and rectifying fraud and potentially fraudulent behaviour rests with management that also has the responsibility to manage such risks.

1. Main Board is responsible through the Audit Committee for the oversight of:

Corporate policy on fraud and corruption, dealing with the occurrence of fraud and laying down responsibilities and measures to mitigate fraud and corrupt practices;

  • Notify appropriate regulatory authorities of relevant frauds;
  • Ratify policy, mitigation strategy and response plan;
  • Corporate ethos, setting the right ethics and policies;
  • Risk and threat assessment;
  • Adequate and effective internal control;
  • Adequate and effective internal audit.

The Audit Committee shall review arrangements by which staff of the Group may, in confidence raise concerns about possible improprieties in matters of financial reporting, financial control or any other matters. The Audit Committee’s objective should be to ensure that arrangements are in place for the proportionate and independent investigation of such matters and for appropriate follow-up action, and that any matters relevant to its own responsibilities are brought to its attention.

2. Line management is responsible for managing, controlling, reporting and taking action on the risk of fraud, corruption and malpractices including:

  • Having processes in place to deter and detect fraud;
  • Applying adequate controls to prevent fraud;
  • Leading fraud investigations;
  • Overseeing investigations conducted by specialists on their behalf;
  • Dealing effectively with issues raised by staff (including taking appropriate action to deal with reported or suspected fraudulent activity);
  • Involving the police where necessary.

3. Staff is responsible for:

  • Operating procedures to safeguard the organisation’s assets;
  • Alerting management when they believe that the possibility of fraud, corruption and malpractices exists;
  • Reporting immediately to management when they suspect that fraud has been committed.

4. Internal Audit

Internal audit has no legal responsibility for detecting fraud but is required to give independent assurance on the effectiveness of the processes put in place by management to manage risk of fraud. The Internal Audit department shall establish, implement and monitor procedures and controls designed to assess, prevent and remediate fraud and fraudulent behaviour and issue periodic reports on the effectiveness of the implementation of this Policy. Any additional activities carried out by internal audit should be in the context of and not prejudicial to this primary role.

The roles that internal audit should undertake therefore include the following:

  • Investigating the causes of fraud;
  • Reviewing fraud prevention controls and detection processes put in place by management;
  • Making recommendations to improve the processes;
  • Advising the Audit Committee on what, if any, legal advice should be sought if a criminal investigation is to proceed;
  • Bringing in any specialist knowledge and skills to assist in fraud investigations, or leading investigations where appropriate and requested by management;
  • Liaising with the investigation team;
  • Responding to whistleblowers;
  • Considering fraud risk in every audit;
  • Having sufficient knowledge to identify the indications of fraud;
  • Facilitating corporate learning.

Chapter 4. Prevention and Control of Fraud

Managers in each Division (‘Manager’) shall:

  • Advocate and develop a corporate culture of honesty and integrity,
  • Assess the risk of fraud arising in the normal business operations of each Division,
  • Establish controls and procedures designed to eliminate the likelihood of fraud and to receive, investigate, report and recommend course of action in respect to suspected or voiced concerns of fraud or fraudulent behaviour.

Managers shall promote a regular corporate culture of honesty and integrity through the following actions and activities:

  1. Lead by example in complying with this Anti-Fraud Policy;
  2. Regularly communicate the Group’s message of honesty and integrity with employees of the Group through written and verbal presentations of the principles underlying this Anti-Fraud Policy;
  3. Conduct periodic meetings to ensure employees attend training regarding business ethics and the related laws and regulations;
  4. Notify all direct and indirect interest parties, including external parties (customers, suppliers, supervision authorities and shareholders) regarding this Anti-Fraud Policy and the obligation of the employees to comply therewith;
  5. Notify employees and external third parties of the opportunity and procedures for anonymously reporting wrongdoings and dishonest behaviour;
  6. Identify and assess the importance and possibility of fraud risk at entity level, in each business department level and at all significant accounts level.
  7. Establish control procedures to reduce the potential occurrence of fraud through protective approval, authorisation and audit checks, segregation of duties, periodic compliance reviews and similar measures.
  8. Perform customary background checks (education, work experience and criminal records) for individuals being considered for employment or for promotion to positions of trust. Formal written documents for background checks shall be retained and filed in employee’s record.

Chapter 5. Reporting Fraud or Fraudulent Behaviour

  1. The Board shall establish and maintain reliable communications channels (telephone hotlines, e-mail and mail) allowing for the anonymous reporting of actual or suspected instances of fraud or fraudulent behaviour committed by the Group or any of its employees, representatives or advisors. Contact information for the various channels of communication shall be publicised so that actual or suspected cases of fraud or fraudulent behaviour and violation of business ethics can be reported.
  2. Complaints and concerns relating to instances of actual or suspected instances of fraud or fraudulent behaviour or questionable accounting, internal control or auditing matters shall be reportable through the established channels of communications and may be reported on an anonymous basis.
  3. The Board shall promptly investigate alleged and/or reported instances of fraud or fraudulent behaviour. If any member of the Group’s senior management is involved in the alleged and/or reported instances of fraud or fraudulent behaviour, a special investigation team shall be organised to conduct an investigation with the assistance of the Internal Audit Department and shall report directly to the Group’s Board of Directors or a Committee thereof.

Chapter 6. Anti-Fraud Policy Implementation and Execution

The Internal Audit Department appointed as the anti-fraud organisation of the Group, shall implement and execute this Anti-Fraud Policy. Among other things, the Internal Audit Department shall:

  • Organise and assist each of the Managers with an annual fraud risk assessment for each Division;
  • Perform an independent anti-fraud assessment on each Division;
  • Receive, assess, investigate and resolve complaints and/or reports of alleged fraud or fraudulent behaviour;
  • Oversee the operation of the policies and procedures contained in the Anti-Fraud Policy.

Bi-annual reports shall be issued by the Internal Audit Department to respective Audit Committees as may be decided regarding the implementation and effectiveness of this Anti-Fraud Policy. Such reports shall be retained and made available in accordance with the Group’s customary document retention policies.

On a regular basis (at least bi-annually) Audit Committees are to inform their respective Boards of any irregularities that are being investigated.

Chapter 7. Guidance and Supervision for Anti-Fraud

    1. The Board is committing itself that adequate monetary and human resources will be provided in implementing and maintaining the policies and procedures articulated in this Anti-Fraud Plan.
    2. The annual report of the Internal Audit Department to the Audit Committee shall address the following:
      • Measures taken during the preceding year by Managers to implement the policies and procedures in this Policy;
      • The effectiveness of anti-fraud procedures and control policies, including the identification of fraud risk;
      • The possibility of management override of controls, or other inappropriate influences over the financial reporting process;
      • Cases of misappropriation of company assets
      • The status of investigations into alleged fraud and fraudulent behaviour;
      • Review of policies and procedures utilised to detect and eliminate fraud and fraudulent behaviour in financial reporting; and
      • Review significant non-recurring transactions and related party transactions.

Chapter 8. Whistleblower Policy

1. General Policy

The Group recognises that the decision to report a concern about suspected fraud or fraudulent behaviour can be a difficult one to make. Employees are often the first to realise that there is something seriously wrong within the Group. However, they may not express their concerns because they feel that speaking up would be disloyal to their colleagues or to the Group. They may also fear reprisals, harassment or victimisation. In these circumstances, it may be easier to ignore the concern rather than report what may just be a suspicion. The Group encourages and enables employees, staff and external parties, such as agents, advisors and representatives, to raise serious concerns within the Group rather than overlooking a problem or blowing the whistle to the media or other external bodies.

1.1 The aim of this policy is to establish the way the Group will ensure that the receipt and handling of information relating to a suspected improper practice will take place in a timely and appropriate manner.

1.2 This policy, which will form part of the respective Code of Ethics and Conduct of the Corinthia Group and all its subsidiaries and associates is for guidance only and does not form part of the employees’ contract of employment. The Group reserves the right to amend or vary the contents of this policy from time to time in accordance with the exigencies of its business and legal obligations.

1.3 This policy shall apply to all employees of the Group, whether part-time or full-time, including a contractor or subcontractor engaged to perform work or supply a service; an outworker; any former employee; any intern or trainee; any person who is or was seconded to the Group; and any candidate for employment only where the information of a suspected improper practice has been acquired during the recruitment process or at pre-contractual negotiating stage.

1.4 Unless it appears otherwise from the context words importing the masculine gender shall include the feminine gender and vice-versa

1.5 The Group is committed to complying with its requirements under the Protection of the Whistleblower Act (Cap. 527 of the Laws of Malta). Whilst the Group does not encourage frivolous disclosures, the Group encourages its employees to report any suspected improper practice.

1.6 This Policy provides an internal procedure for properly addressing disclosures made in good faith, whilst also ensuring the confidentiality of the employee making the disclosure and the protection from victimisation, harassment or disciplinary proceedings.

2. Confidentiality

The Group in conformity with the provisions of the ‘Protection of the Whistleblower Act 2013’ will do its best to protect an individual’s identity when he or she raises a concern; however, the investigation process may reveal the source of the information and a statement by the individual may be required as part of the evidence.

3. Definition of terms

  1. Whistleblower means any employee who makes a disclosure to a whistleblowing reporting officer (WRO) or a whistleblower reporting unit, as the case may be, whether it qualifies as a protected disclosure or not under the ACT.
  2. Whistleblower reporting officer means such officer within an employer charged with carrying out the functions designated by article 12 of the ACT. Every whistleblowing reporting officer to whom a protected disclosure is made or referred must not disclose information that identifies or may lead to the identification of the whistleblower unless the whistleblower expressly consents in writing to the disclosure of that information.
  3. Protected disclosure means an internal disclosure or an external disclosure of information, made in writing or in any format which may be prescribed.

4. Scope of the Policy

4.1 What issues are addressed by this Policy:

4.1.1 This Policy is designed to deal with disclosures made in relation to specific issues, which have already taken place, which are currently taking place or which are likely to occur in the future and which may include the following (collectively referred to as “Improper Practice”): A person has failed, is failing or is likely to fail to comply with any law and, or legal obligation to which he is subject; or The health or safety of any individual has been, is being or is likely to be endangered; or The environment has been, is being or is likely to be damaged; or A corrupt practice has occurred or is likely to occur or to have occurred; or A criminal offence has been committed, is being committed or is likely to be committed; or A miscarriage of justice that has occurred, is occurring or is likely to occur; or Bribery has occurred or is likely to occur or to have occurred; or A person abuses of his authority; or Information tending to show any matter falling within any one of the preceding paragraphs has been, is being or is likely to be deliberately concealed.

4.1.2 Disclosures made in connection with the specific issues listed in section 4.1.1 above, are only deemed to be protected disclosures for the purpose of this Policy if they are made in accordance with the following criteria: The disclosure is made in good faith; The employee making the disclosure reasonably believes at the time of making the disclosure and based on the information he has at that moment, that: The information disclosed, and any allegation contained in it, are substantially true; The information disclosed tends to show an improper practice being committed by the Group, another employee of the Group or by persons acting in the Group’s name and interests. The disclosure is not made for personal gain.

4.2 What this Policy does not address:

4.2.1 The Whistleblower Policy is not designed to: Question financial or business decisions taken by the Group; Reconsider any matters which have already been investigated under other policies or procedures issued by the Group; Address an employee’s personal complaints such as a grievance with his superior.

5. Procedure for making a disclosure

5.1 An Employee who becomes aware of any real or suspected improper practice, and provided that he does not have any vested or personal interest therein, may make a disclosure in accordance with the following procedures (hereinafter referred to as the “whistleblower”):

5.2 Disclosures must be submitted in writing to the Whistleblower Reporting Officer (WRO) at the dedicated email address provided for, or by hand directly to the respective WRO of the Group.
The Group WRO shall be the person appointed from time to time by the Group.

5.3 The Group recommends that employees use the template disclosure form attached as Annex A to this Policy.

5.4 If the whistleblower reasonably believes that the WRO is or may be involved in the alleged improper practice; or where the WRO is by reasons of any relationship or association with a person who is or may be involved in the alleged improper practice, not a person to whom it is appropriate to make the disclosure, the whistleblower may make a disclosure directly to the CEO of the Board of Directors of CPHCL or to the Chairman of the respective Audit Committee.

6. Disclosure of a Financial or Accounting Nature

6.1 Employees of the Group wishing to disclose information related to a suspected improper practice considered to be one of a financial or accounting nature may:

6.1.1 Make use of the already established reporting channels set up. Employees of the Group may make such disclosures in terms of the Anti-Fraud Prevention Policy (as above). OR

6.1.2 Make such disclosure to the WRO in accordance with the procedure set out above. A disclosure of information of a financial or accounting nature made under this Policy shall be considered to be a protected disclosure. Furthermore, the WRO undertakes that in investigating disclosures of a financial or accounting nature made under this Policy, the identity of the whistleblower shall remain confidential at all times unless the whistleblower expressly instructs otherwise.

6.2 In the event that a disclosure of a financial or accounting nature is made under this Policy, the WRO shall bring the matter to the attention of the respective Audit Committee responsible for the company/subsidiary in question.

6.3 Notwithstanding the procedure set out in this policy, investigations relating to disclosures of information of a financial or accounting nature shall be made in conjunction with the Audit Committees in the Group, the General Secretariat and the Internal Audit Division. The Board of Directors of each individual Company has to be kept informed of any pending investigations on a regular basis.

7. Anonymous Allegations

7.1 The Group acknowledges that disclosures made under this Policy may involve highly confidential and sensitive matters and therefore employees of the Group may prefer to make an anonymous disclosure. So as to avoid situations where an employee of the Group makes a disclosure in bad faith, or a false accusation against another person or the Group, the Group does not encourage its employees to make a disclosure anonymously and believes that the best way to make a disclosure is to do so openly.

7.2 The Group is under no legal obligation to process or consider disclosures made in an anonymous manner. Nevertheless, the WRO will process an anonymous disclosure and may take such disclosure into account in determining whether an improper practice has occurred. However if after taking into account all the relevant circumstances, the WRO considers the anonymous disclosure likely to be defamatory or libellous, said disclosure shall be immediately discarded.

8. Untrue Allegations

If an allegation is made in good faith, no action will be taken against the originator. If, however, individuals make malicious and false allegations, action may be considered against the individual making the allegation.

For issues raised by employees or members of the public, the action taken by the Group will depend on the nature of the concern. The matters raised may be investigated internally or be referred to the appropriate authorities. Within 5 working days of a concern being received, the complainant will receive a letter acknowledging that the concern has been received, indicating that the matter will be addressed, giving an estimate of how long it will take to provide a final response and telling them whether any further investigations will take place.

9. Confidentiality

9.1 The Group shall keep the identity of the whistleblower confidential under all circumstances, and shall not disclose information that identifies or may lead to the identification of the whistleblower unless such whistleblower has expressly authorised in writing the WRO or the Group to disclose his or her identity.

9.2 The identity of the whistleblower may be disclosed if it is reasonably determined that a disclosure was made maliciously or recklessly, or where an employee knowingly discloses information he knows or ought to reasonably know is false.

10. Internal Report

A written report regarding an investigation into an allegation of fraud or fraudulent behaviour shall be produced by the Internal Audit Department.

11. Remedial Action

If after an investigation into the alleged fraud or fraudulent behaviour, it is determined that the allegation have merit or are materially true, the Group reserves the right to take all appropriate actions including terminating the employment of any perpetrators, reporting the fraud or fraudulent activities to the appropriate authorities and pursuing legal actions, both civil and criminal against the perpetrator.

12. External Remedies and Disclosures

12.1 A whistleblower is legally entitled in making a disclosure to a Whistleblowing Reports Unit of an Authority (as provided in Annex C attached to this Policy) if the whistleblower believes on reasonable grounds that:

12.1.1 The competent body of the Group is or may be involved in the improper practice alleged in the disclosure; or

12.1.2 That immediate reference to the authority, is justified by the urgency of the matter to which the disclosure relates, or some other exceptional circumstances; or 12.1.3 At the time the whistleblower makes the external disclosure, that he will be subjected to an occupational detriment by the Group if he makes a disclosure to the WRO; or

12.1.3 That it is likely that evidence relating to the improper practice will be concealed or destroyed if the employee makes a disclosure to the WRO; or

12.1.4 That although a disclosure has previously been made to the WRO, the whistleblower has not been informed on the status of the matter disclosed or it is reasonably evident to the whistleblower that there has been no action or recommended action on the matter to which the disclosure relates within a reasonable time from the making of the disclosure.

13. Guarantee of Protection

13.1 The Group undertakes that a whistleblower who reports, in accordance with the procedure established in this Policy, an improper practice in good faith, shall not be subjected to victimisation, harassment or disciplinary proceedings (the “detrimental action”). Such protection shall be granted irrespective of whether the disclosure of the alleged improper practice turns out to be substantiated or not.

13.2 Any person within the Group, including executives and senior management, who intimidates (through the use of physical or psychological violence or threats) retaliates or subjects the whistleblower to detrimental action, will be subject to disciplinary action which may include dismissal.

13.3 In the event that the whistleblower believes that as a result of his disclosure he is being made subject to detrimental action by any person within the Group, he is to immediately inform his respective WRO. Upon receiving the report, the WRO shall conduct a preliminary investigation and if it results that prima facie there exists reasonable grounds to justify the report of the whistleblower, he shall immediately submit a written report to the Whistleblowing Evaluation Committee (WEC) and request guidance as to how to handle the matter to ensure that appropriate action be taken to protect the whistleblower from any detrimental action. Provided that in the event that in order to protect the whistleblower from detrimental action, it is necessary to disclose his identity, then the WRO shall request the consent of the whistleblower prior to disclosing his identity.

13.4 WEC will on a regular basis (at least every three months) submit a written report to respective Audit Committees within the Group of any investigative procedures being handled under this policy. The report is to include a comprehensive description of the disclosure, action being taken and estimated dates with which the issue will be resolved.

13.5 A whistleblower who makes a disclosure in accordance with sections 4 and 5 above shall not be liable to any civil or criminal proceedings. However should it result from the follow-up procedure that the whistleblower was the perpetrator or an accomplice in the disclosed improper practice, the whistleblower shall not be exempt from the institution of disciplinary proceedings and/or civil or criminal proceedings.

Chapter 9. Applicable Scope

This Anti-Fraud & Whistleblower policy applies to the Group and its affiliates. This Policy is governed by the Protection of the Whistleblower Act 2013 – enacted law in Malta on 15 th September 2013.

Disclosure Report

General Instructions:
Employees of the Group who are reporting an alleged improper practice by the Group or another employee of the Group are to complete the form below and return it by email to the email address provided in this Policy or by hand to the WRO.

Whistleblowing ReportForm No XXXX
Name:Date of Disclosure:
ID no.
Contact Details:
Name of Company:
Reporting to:
Description of AllegedImproper Practice
Attachments(any supporting evidencefor the allegations)
When it occurred
Where it occurred
How it occurred
How it came toyour knowledge
Names of personsresponsible for theimproper practice
Names of any otherpersons in possessionof relevant information
Employees with whomimproper practicewas discussed
Estimate of valueof financial loss/esinvolved
□ I hereby authorize the disclosureof my identity if the WhistleblowingReporting Officer reasonablybelieves it isnecessary or appropriate.____________________
Disclosing Person

*indicate the non-applicable section by indicating N/A

Download report template

CPHCL Group – Follow-up on Disclosure

1. Disclosure Recipient

1.1 Disclosures made in terms of section 3.2 of this Policy are to be sent to the following dedicated email address: [email protected].

2. Acknowledgement

Once the disclosure has been made in accordance with section 5 of the Policy, the Group WRO shall inform the Whistleblowing Evaluation Committee (WEC) and use his best endeavours to acknowledge receipt of the disclosure within five working days and the whistleblower shall be informed as to the next steps to be taken which will be determined by the WEC.

3. Follow-up Procedures

3.1 The Group WRO may, at his discretion, request that a preliminary meeting be held with the whistleblower. If, following said preliminary meeting, the WRO believes that the matter being exposed merits an in-depth follow up, the WRO shall immediately bring the matter to the attention of the WEC who will propose a way forward.

3.2 The purpose of the follow-up to be carried out in conjunction with the WEC is:

3.2.1 To establish whether an improper practice has taken place;

3.2.2 To notify the police authorities in the event that the improper practice constitutes a crime or contravention; and

3.2.3 To minimise the risk of additional improper practices, to prevent loss of assets, damage to the Group’s reputation, and to protect all sources of evidence.

3.3 The Board shall establish the most appropriate and expeditious manner to respond and deal with a disclosure. The Board shall endeavour in handling follow-ups as promptly, expediently and fairly as possible. The Board is unable to commit to a fixed time- frame for the completion of follow-ups in advance however the whistleblower shall be kept informed on the progress of the follow- up procedure, on the outcome thereof and any action to be taken.

3.4 In investigating the disclosures, the Board may enlist employees of the Group and outside counsel, as appropriate. In such cases, the identity of the whistleblower shall remain confidential at all times unless the whistleblower expressly instructs otherwise.

3.5 Disclosures of a suspected improper practice considered to be one other than of a financial or accounting nature shall be reported to the WEC who may seek its assistance as and when it deems fit. The identity of the whistleblower shall remain confidential at all times unless the whistleblower expressly instructs otherwise.

External Disclosures made in terms of section 12 of this Policy are to be made to the following authorities in accordance with the nature of the improper practice.

AuthorityDescription of Matters
Auditor GeneralFailure to observe laws, rules and regulations relating to public finance and misuse of public resources
Commissioner for RevenueIncome tax, corporate tax, capital gains tax, stamp duties, national insurance contributions, value added tax or “revenue acts” as defined in the Commissioner for Revenue Act
Commissioner for Voluntary OrganisationsActivities of a voluntary organisation
Financial Intelligence Analysis UnitMoney Laundering or financing of terrorism in terms of the Prevention of Money Laundering Act
Malta Financial Services AuthorityThe business of credit and financial institutions, the business of insurance and the activities of insurance intermediaries, the provision of investment services and collective investment schemes, pensions and retirement funds, regulated markets, central securities depositors, the carrying out of trustee business either in a professional or a personal capacity and such other areas of activity or services as may be placed from time to time under the supervisory and regulatory competence of the Malta Financial Services Authority.
Ombudsman1. Conduct involving substantial risk to public health or safety or the environment that would if proved, constitute a criminal offence; and
2. All matters which constitute improper practices and which are not designated to be reported to any other authority
Permanent Commission Against CorruptionCorrupt practices



“detrimental action”: detrimental action shall include –

(a) action causing injury, loss or damage; and, or
(b) victimisation, intimidation or harassment; and, or
(c) occupational detriment; and, or
(d) prosecution under article 101 of the Criminal Code relating to calumnious accusations and, or;
(e) civil or criminal proceedings or disciplinary proceedings;

“Employee” unless otherwise defined, shall collectively mean an employee of Corinthia Group and its subsidiaries and associates.

“good faith”: good faith in the case of a disclosure shall mean a disclosure made without a malicious purpose or personal gain

“occupational detriment”: in relation to the working environment of an employee includes:

(a) being subjected to any disciplinary action including for breach of ethics or confidentiality;
(b) being dismissed, suspended or demoted except where administratively or commercially justifiable for organisational reasons;
(c) being transferred against his will or being refused transfer or promotion except where administratively or commercially justifiable for organisational reasons;
(d) being subjected to a term or condition of employment or retirement which is altered or kept altered to his disadvantage;
(e) being refused a reference or being provided with an adverse reference from his employer except where justifiable on the basis of performance;
(f) being denied appointment to any employment, profession or office; or
(g) being otherwise adversely affected in respect of his employment, profession or office, including employment opportunities and work security;

“reasonable grounds”: in connection with section 9.1 of this Policy, in establishing whether there are reasonable grounds , consideration shall be given to the following:

(a) the seriousness of the alleged improper practice;
(b) whether the improper practice is continuing or is likely to occur in the future;
(c) whether the disclosure is made in breach of a duty of confidentiality owed by CPHCL to any other person;
(d) in the case whether an internal report has already been filed, any action which CPHCL has taken or might reasonably be expected to have taken as a result of the previous disclosure; and
(e) whether in making the disclosure to the authority, the employee complied with any procedure whose use by him was authorised by CPHCL in accordance with CPHCL’s internal procedures.

“Whistleblower Reporting Officer (“WRO”)”: unless otherwise defined, shall collectively mean the WRO appointed by the Corinthia Group.

Email: [email protected]