Introduction
Ensign InfoSecurity Group (the “Group”) is fully committed to conducting business with integrity and professionalism and in accordance with all applicable laws, rules and regulations. Whilst the Group’s internal controls and procedures are intended to detect, prevent or deter fraud or suspected fraudulent practices, the Group recognises that even the best of systems cannot provide absolute safeguards against fraudulent practices and wrongdoings. The objective of this policy is to provide an avenue for board directors, employees, partners and the public to raise, in confidence and without fear of retaliation or victimisation, concerns over fraudulent practices and wrongdoings in the Group so that damage control or remedial action can be taken promptly and decisively. This policy also helps ensure that everything is above board and no one is above the system.
Spirit of the Policy
The Policy is not a route for taking up personal grievances and does not replace the management reporting channel. A board director or employee should normally raise any concerns that he may have through the management reporting channel such as by escalating the matter to, as appropriate, the supervisor, the Head of Department, Head of HumanResources or Chief Executive Office (“CEO”). It is intended that a board director, employee, partner or the public uses the process under this policy to report any concerns over fraudulent practices and wrongdoings in the Group if he has genuine concerns that his report has not been or will not be properly addressed by the management reporting channel.
Reportable Fraudulent Practices and Wrongdoings
Some examples of reportable fraudulent practices and wrongdoings under this policy include:
The above list is not exhaustive and intended to give only an indication of the kind of conduct which might be considered as fraudulent practices or wrongdoings.
Reporting Mechanisms
Concerns under this policy are to be raised in writing to the Whistle Blowing Receiving Officer. Whistleblower must provide their name and contact details in the report.
The contact details of the Whistle Blowing Receiving Officer are as follows:
The Whistle Blowing Receiving Officer
Ensign InfoSecurity Pte. Ltd.
30A Kallang Place
#08-01
Singapore 339213
Email: wbo@ensigninfosecurity.com
Whistleblower should act in good faith and should not make false accusations when reporting. Any employee who knowingly or recklessly makes statements or disclosures that are not in good faith may be subjected to disciplinary procedures, which may include termination of their employment with the Group. Likewise, if investigations reveal that the outside party making the report had done so frivolously, maliciously or for person gain, appropriate action including reporting the matter to the police, may be taken.
The Group will endeavour to keep the Whistleblower’s identity confidential and not disclose the identity of the Whistleblower without his consent. There may however be circumstances in which the concern raised has to be reported to external authorities and it may be necessary for the identity of the Whistleblower to be revealed to the authorities. If such circumstances exist, the Group will inform the Whistleblower that his identity will be disclosed.
Anonymous Report
As there may be little or no corroborated evidence to substantiate the allegations in an anonymous report, it is very difficult to assess whether or not an anonymous report is genuine or malicious. Whilst the Group may consider an anonymous report, it may not start an investigation.
Procedures for Handling Report
The Whistle Blowing Receiving Officer would report any concern or issue raised against anyone including senior management and board directors (except relating to CEO) to CEO. The Whistle Blowing Receiving Officer and CEO shall jointly assess if the matter is minor or frivolous. If the matter is minor or frivolous, CEO shall resolve the matter as he/she deems fit. If however, the matter is not minor or frivolous, CEO shall constitute an investigation committee to investigate.
The constituted investigation committee will carry out the investigation using appropriate resources and expertise and report its findings and recommendations to CEO. Where the concern raised is against the CEO, the Whistle Blowing Receiving Officer shall submit the matter to the ARC Chairman and if the Whistle Blowing Receiving Officer and ARC Chairman assess that the matter is not minor or frivolous, the ARC Chairman shall constitute an investigation committee to investigate.
Where the concern raised is against the ARC Chairman or any board directors, the Whistle Blowing Receiving Officer shall submit the matter to the Board Chairman and if the Blowing Receiving Officer and Board Chairman assess that the matter is not minor or frivolous, the Board Chairman shall constitute an investigation committee to investigate. If the investigation committee during the course of conducting its investigation assesses that there are reasonable grounds to suspect that an offence has been committed and the Group has a duty to make a report to any regulatory or enforcement authority under any law or regulation, the investigation committee shall promptly inform CEO and ARC Chairman/Board Chairman and a report shall be lodged immediately with the authorities.