Terms & Privacy

PLEASE READ THE FOLLOWING TERMS AND CONDITIONS RELATING TO YOUR USE OF THIS WEBSITE CAREFULLY. BY USING THIS WEBSITE, YOU ARE DEEMED TO HAVE AGREED TO THESE TERMS AND CONDITIONS AND OUR PRIVACY POLICY, WHICH IS INCORPORATED HEREIN BY REFERENCE. WE RESERVE THE RIGHT TO CHANGE THESE TERMS AND CONDITIONS AND THE PRIVACY POLICY AT ANY TIME. YOU SHOULD CHECK THESE TERMS AND CONDITIONS PERIODICALLY FOR CHANGES. BY USING THIS WEBSITE AFTER WE POST ANY CHANGES TO THESE TERMS AND CONDITIONS, YOU AGREE TO ACCEPT THOSE CHANGES, WHETHER OR NOT YOU HAVE REVIEWED THEM. IF AT ANY TIME YOU CHOOSE NOT TO ACCEPT THESE TERMS AND CONDITIONS PLEASE DO NOT USE THIS WEBSITE.

Ciklum requires that all visitors to this World Wide Website owned, operated, licensed, and controlled by Ciklum (the “Website”) adhere to the following Terms And Conditions of Use. Ciklum may change, suspend or discontinue any aspect of the Website at any time, including the availability of any feature, database or content. Ciklum may also impose limits on certain features and services and/or restrict your access to parts or all of the Website without notice or liability of any kind. To the extent that you and Ciklum have entered into a client’s service/license agreement (“Client Agreement”) for any portion of the Website, the terms and conditions of the Client Agreement will control in the event that of any provisions that may conflict with these Terms and Conditions of Use.

This Website provides authorized users with access to a collection of resources, including access to certain service deliverables, articles, and insights for general informational purposes. The Content (as such term is defined below) is to be used solely as a research tool and not as specific guides for action. YOU UNDERSTAND AND AGREE THAT THIS WEBSITE AND THE CONTENT IS PROVIDED “AS-IS” AND YOU ASSUME FULL RISK FOR ANY AND ALL USE OF THIS WEBSITE AND FOR ANALYSIS OF THE CONTENT. You may not use this Website or the Content for any illegal purpose or in any manner inconsistent with these Terms and Conditions of Use. We make every effort to ensure that the Content on this Website is accurate and up to date, however accuracy cannot be guaranteed.

You are responsible for obtaining access to the Service and that access may involve third party fees (such as Internet service provider or airtime charges). In addition, you must provide and are responsible for all equipment necessary to access the Website. No installation, implementation, customization, consultation, support or similar services are included within the scope of these Terms and Conditions of Use.

To the extent that your use of this Website is in connection with services received through a Client Agreement, we will request that you select a Password and Screen Name in connection with the operation of this Website. You alone are responsible for maintaining the confidentiality of your Password and Screen Name. You are responsible for all uses of our services with your Password and Screen Name, with or without your consent, by yourself and others.

You may access certain “forums” or “blogs” through the Website. You may not post on any forum/blog any material that is libelous, defamatory, obscene, abusive, invades a person’s privacy, violates any intellectual property rights, or that would otherwise violate any law. You acknowledge that you are responsible for whatever material you submit, and you, not Ciklum, have full responsibility for the message, including its legality, reliability, appropriateness, originality, and copyright. You may not post material that solicits funds, or that advertises or solicits goods or services. You may not post material known to be false. You may not post or transmit any information, software or other material that contains a virus or other harmful component. We also reserve the right to remove any such violative material. All remarks, suggestions, ideas, graphics or other information communicated through the Website will become, once posted, the property of Ciklum (“Posting”). Ciklum will not be required to treat any Posting as confidential. Ciklum will be entitled to use the Postings for any commercial or other purpose whatsoever, without compensation to you or any other person. You agree to indemnify, defend and hold Ciklum harmless from any liability arising due to the use or distribution of your Postings. You further grant Ciklum the right to use your name in connection with the reproduction or distribution of your Postings.

We reserve the right at any time to modify or discontinue, temporarily or permanently, this Website (or any part thereof) with or without notice. You agree that we shall not be liable to you or to any third party for any modification, suspension or discontinuance of this Website.

The content, including but not limited to the written materials, images, audio, video and all other materials and information on this Website (“Content”) is the intellectual property of Ciklum or republished by Ciklum under limited exceptions to the copyright laws. All rights of Ciklum or other copyright holders are reserved. Content from this Website may only be used, copied, and/or reproduced for internal business informational purposes. In no event may it be used for the commercialization of any product, service or entity, or released to the general public. You agree that if you download any Content that you will assure that the Content is used only as permitted by these Terms and Conditions of Use. You also agree that you will not change any Content or create your own derivative work from any Content. Any other use of or link to the Content on this Website, including reproduction for purposes other than those noted above, without the prior written permission of Ciklum is strictly prohibited. You may seek our permission by writing to Ciklum, Attention: Data Controller, Østerbrogade 125, 3rd floor DK 2100 Copenhagen Ø Cvr: 26768624. If permission is granted by us (or by other entities with an interest in the relevant intellectual property), you may not change or delete any author attribution, trademark, legend or copyright notice. In the event that you are given authority to use any Content, your use of any Content should be attributed to Ciklum or the author if specified.

Where copyright for any Content is not owned by Ciklum, the source of this Content is provided (“Third Party Content”). Any copying, republication or redistribution of Third Party Content whatsoever is expressly prohibited. Thus, should you wish to use any Third Party Content you are responsible for seeking appropriate approvals from the copyright owner.

If you use Content from this Website in violation of these Terms and Conditions of Use you may be in violation of your Client Agreement and may be subject to termination of your Client Agreement and damages for the copyright violation under federal statutes.

This Website contains many valuable trademarks, names, titles, logos and other proprietary materials owned and registered by Ciklum and its affiliates (“Trademarks”). Nothing contained on this Website should be construed as granting any license or right to use any Trademark displayed on this Website. All other trademarks appearing on the Website are trademarks of their respective owners and nothing contained on this Website should be construed as granting any license to use the trademark owned by any other third party. Our reference to any third party trademarks does not imply or indicate any approval or endorsement by their owners, or Ciklum’s approval or endorsement of the owners or their products or services.

This Website may include links to other sites which are not maintained by Ciklum. Ciklum is not responsible for the content of those sites and makes no representations whatsoever concerning the content or accuracy of, opinions expressed in or other links provided by, such other sites. The inclusion of any link to such sites does not imply endorsement by Ciklum of the sites or any products or services referred to therein. Ciklum may terminate a link at any time. The terms of use and privacy policies applicable to such sites may be different from those applicable to the Website. If you decide to access any third party site linked to the Website, you do so entirely at your own risk and Ciklum shall have no liability for any loss or damage arising from your use of any such site.

In order to promptly address claims of alleged infringement of intellectual property rights, we have established the following procedures. If you are the owner of copyright or other Intellectual Property Rights, or have been authorized to act on behalf of the owner of such rights, and you believe your rights have been or are being infringed, please notify us immediately. Notice should be in writing and should be sent by fax or regular mail (not by email) to the following address: Data Controller, Østerbrogade 125, 3rd floor DK 2100 Copenhagen Ø Cvr: 26768624 Notices should include the information set forth below. Please note that you will be liable for damages (including costs and attorneys’ fees) if you materially misrepresent that an activity is infringing your copyrights or other Intellectual Property Rights. Accordingly, if you are not sure whether certain material of yours is protected by copyright laws, we suggest that you first contact an attorney. To expedite our ability to process your request, please use the following format (including section numbers): (i) Identify in sufficient detail the copyrighted work that you believe has been infringed. For example, “The copyrighted work at issue is the text that appears on http://www.legal.com/legal_page.html”; (ii) Identify the material that you claim is infringing the copyrighted work listed in item #1 above. Identify each page that allegedly contains infringing material by providing its URL; (iii) Provide information reasonably sufficient to permit us to contact you (email address is preferred); (iv) Include the following statement: “I have a good faith belief that use of the copyrighted materials as described above is not authorized by the copyright owner, its agent, or the law.”; (v) Include the following statement: “I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.” ; (vi) Sign the paper; and (vii) Send the written communication to our designated contact, Data Controller. Failure to include all of the above information may result in a delay of the processing the notification.

If you believe in good faith that any unlawful activity is taking place on or through this Website or that any unlawful information has been submitted or uploaded on or to this Website, please promptly report the same to us by sending written notice by fax or regular mail (not by email) to the following address: Data Controller, Østerbrogade 125, 3rd floor DK 2100 Copenhagen Ø Cvr: 26768624 Please include the following information in your Notice of Unlawful Activity: (i) your full name, address, telephone number and email address; (ii) full details of the location on this Website of the material or information in question (including the URL of the link shown on the Website where such material or information may be found); and (iii) full details of the unlawful nature of the activity or material or information in question.

If we receive full and proper notification of an alleged infringement of Intellectual Property Rights or of any unlawful activity occurring on or through this Website or of any unlawful information being submitted or uploaded on or to this Website, we will take such action which we believe to be appropriate in the circumstances. Without limiting the foregoing, we will make an attempt to secure the voluntary take down of the Content which is the subject of any Notice of Infringement or Notice of Unlawful Activity. In any event, we reserve the right, in our sole discretion and without notice to any User, to: (i) delete, move, edit and/or disable access to any Content which is the subject of any Notice of Infringement or Notice of Unlawful Activity; or (ii) terminate access of any User whose Content is the subject of any Notice of Infringement or Notice of Unlawful Activity.

Use of portions of this Website may be subject to the terms of a Client Agreement. Subject to the terms of the Client Agreement, we grant to you a limited, nonexclusive, nontransferable, nonsublicensable license to use this Website, solely for your internal business purposes. The Client Agreement may limit the number of users who are allowed access to this Website. You are required to take reasonable measures to protect access information and to assure that you do not permit unauthorized use of or access to this Website. We may audit your use of this Website to assure compliance with access restrictions and will pursue all available remedies for a breach of these access rules. You may not sell, rent, lease, lend, or transfer any services provided on this Website and you may not assign or sublicense your license to this Website. To the extent that you are not subject to a Client Agreement, we grant to you a limited, nonexclusive, nontransferable, nonsublicensable license to use those non-password protected portions of this Website, solely for your personal or business use. The licenses set forth herein may be terminated in the event you breach the terms of these Terms and Conditions of Use. RIGHTS NOT EXPRESSLY GRANTED HEREIN ARE RESERVED BY CIKLUM.

You understand that we may in our sole discretion terminate your ability to use this Website if you violate these Terms and Conditions of Use. You may terminate these Terms and Conditions of Use by destroying all materials obtained from this Website and all related documentation and all copies and installations. Ciklum may terminate these Terms and Conditions of Use immediately without notice if, in its sole judgment, you breach any of these Terms and Conditions of Use. Upon termination, you must destroy all materials obtained from this site and all related documentation and all copies and installations. You may not access this site after termination of these Terms and Conditions of Use without the written approval of Ciklum, provided, however, that Ciklum shall retain all rights, including all copyright rights and the right to use Postings as provided herein, and the limitations on use and treatment of the Contents shall remain in full force.

YOU EXPRESSLY UNDERSTAND AND AGREE THAT:

1.YOUR USE OF THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. WE EXPRESSLY DISCLAIM ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

2. WE MAKE NO WARRANTY THAT (i) THE SERVICE WILL MEET YOUR REQUIREMENTS, (ii) THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, (iii) THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE WILL BE ACCURATE OR RELIABLE, (iv) THE QUALITY OF THE CONTENT OBTAINED BY YOU THROUGH THE SERVICE WILL MEET YOUR EXPECTATIONS, (v) ANY ERRORS IN THE SOFTWARE WILL BE CORRECTED, (vi) OR THAT THIS WEB WEBSITE, ITS CONTENT, AND THE SERVERS ON WHICH THE WEB WEBSITE AND CONTENT ARE AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.

3. ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE SERVICE IS DONE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF ANY SUCH MATERIAL.

4. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM US OR THROUGH OR FROM THE SERVICE SHALL CREATE ANY WARRANTY.

5. THIS WEBSITE MAY CONTAIN VARIOUS COMBINATIONS OF TEXT, IMAGES, AUDIOVISUAL PRODUCTIONS, OPINIONS, STATEMENTS, FACTS, ARTICLES, MARKET DATA, STOCK QUOTES OR OTHER INFORMATION CREATED BY US OR BY THIRD-PARTIES. DUE TO THE NUMBER OF SOURCES FROM WHICH CONTENT IN THIS WEBSITE IS OBTAINED, AND THE INHERENT HAZARDS OF ELECTRONIC DISTRIBUTION, THERE MAY BE DELAYS, OMISSIONS OR INACCURACIES IN SUCH CONTENT. ACCORDINGLY, SUCH CONTENT, INCLUDING THE MARKET DATA, IS FOR YOUR REFERENCE ONLY AND SHOULD NOT BE RELIED UPON BY YOU FOR ANY PURPOSE.

6. INFORMATION CREATED BY THIRD PARTIES THAT YOU MAY ACCESS ON THE WEBSITE OR THROUGH LINKS IS NOT ADOPTED OR ENDORSED BY CIKLUM AND REMAINS THE RESPONSIBILITY OF SUCH THIRD PARTIES.

YOU EXPRESSLY UNDERSTAND AND AGREE THAT CIKLUM SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, (EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES) WHATSOEVER.

Our failure to exercise or enforce any right or provision of hereunder shall not constitute a waiver of such right or provision. If any provision hereunder is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should attempt to give effect to the parties’ intentions as reflected in the provision, and the other provisions hereof shall remain in full force and effect. You agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Website or these Terms and Conditions of Use must be filed within one (1) year after such claim or cause of action arose or be forever barred.

You agree to indemnify, and hold Ciklum and its affiliates and each of their directors, officer, employees and agents (“Ciklum Indemnities”) harmless from and against any and all claims, actions or demands brought against Ciklum Indemnities arising out of or relating to your use of the Website or your breach of these Terms and Conditions of Use. The indemnification set forth in this Paragraph shall include all expenses and costs (including reasonable attorney fees) resulting from or arising out of the above claims.

By using the Website, you are deemed to agree to these Terms and Conditions of Use.

Integrity is one of the core values in which we, Ciklum, operate. The Code of Conduct is company-wide and describes how we put Ciklum values in the way we work every day. It also explains our commitments and, more importantly, expectations towards everyone. Commitments I make to you and, likewise, commitments you make to me and everyone we deal with both internally and externally.

We run our business ethically and responsibly. We are committed to complying with the highest standards of integrity. We commit to prevent corruption, fraud and anti-competitive ways of working. We are respectful and follow the laws of the land where we operate.

A document can never cover one hundred percent of every situation you may face on a day-to-day basis. The Code of Conduct is your map. It illustrates the values and provides the tools that will help you, that will guide you in making the right decisions consistently and ethically. Also, it is important to raise your hand, speak out if you become aware or suspect a violation of the Code. We introduced Ciklum “Speak Up” to help you with this notification so you may do it with one hundred percent confidentiality and privacy.

Our Code of Conduct is important, critical and imperative. We are all responsible for the reputation of Ciklum and it is an important commitment for us to make and to honor.

As a multi-national group of companies with an identifiable brand the actions of one Ciklumer 1 has the potential to impact upon the entire group. Furthermore, with the diverse range of jurisdictions in which Ciklum operates there is a wide range of laws, rules, regulations, customs and approaches to conducting business. The continued success of Ciklum depends on the actions of every Ciklumer being transparent, lawful and ethical. As such, the primary function of this Code is to provide a unified set of principles and behaviours which are designed to act as a guide to help you make the right decisions for yourself and for Ciklum.

At the same time, the Code of Conduct cannot describe every law, policy or process that may apply to us or every situation that we may face within our everyday role. As a general rule, we are responsible for understanding and complying with the laws, regulations and policies that relate to our business activities.

Detailed guidance on how to deal with important ethical and compliance issues will be described in Ciklum’s corporate policies and other relevant documents. These will be available on the MyCiklum portal. However, being aware, understanding and following the principles described in this Code will help to protect the reputation of Ciklum and Ciklumers.

This Code applies to and is mandatory to be followed by all Ciklumers. Each of us, wherever we work, must behave in accordance with these standards when dealing with fellow Ciklumers, clients, suppliers, stakeholders, governmental
authorities and competitors. We also should require our suppliers or vendors to adhere to this Code or adopt similar ethical standards.

Ciklumers
The primary responsibility for maintaining an environment of ethical behaviour rests with Ciklumers through a demonstrated commitment to compliance with the Code of Conduct and with legal and regulatory requirements relevant to Ciklum’s business. To carry out this responsibility, Ciklumers will:

• Read, understand, and abide by the Code of Conduct.
• Exercise appropriate behaviour and maintain the highest standards of ethical conduct when representing Ciklum. This includes when travelling on the company business and attending functions hosted by Ciklum or third parties (e.g., conferences, trade shows, events). Seek advice from a supervisor² if uncertain about the meaning or application of the Code of Conduct or when in doubt about the best course of action in a particular situation.
• Learn and contribute to a workplace environment that is conducive to and encourages compliance with the Code of Conduct and with laws and regulations.
• Maintain sensitivity to alleged, actual, or suspected illegal, unethical, or improper conduct by a supplier, client, consultant, or other person or organization with whom Ciklum has a relationship, and to report such conduct to the Compliance Director.

Leadership Team
In addition to their professional responsibilities in Ciklum, Senior Management (Leadership team & Invited Members³) must maintain a workplace environment that stresses commitment to compliance with the Code of Conduct and with laws and regulations. Ciklum’s Leadership Team will:

• Exhibit the highest standards of ethical conduct at all times and avoid the perception of unethical behaviour.
• Ensure that Ciklumers understand their duty to report actual or suspected Code of Conduct violations and that there are procedures and mechanisms available to facilitate reporting.
• Ensure that Ciklumers receive appropriate training in the meaning and application of Ciklum’s compliance documents.
• Ensure that all policies and references are in place and in the laws and regulations related to Ciklum.
• Maintain a workplace environment that prevents reprisals against a Ciklumers who in good faith reports actual or suspected Code of Conduct violations.

Board of Directors
The Board of Directors⁴ is accountable for ensuring overall compliance with the Code of Conduct and the legal and regulatory requirements relevant to the Ciklum’s business. The Board has the overall responsibility and authority to:

• Approve and/or make modifications to the Code of Conduct as needed.
• Review current and proposed corporate policies, processes, and procedures for consistency with the Code of Conduct.
• Establish and maintain the means, methods, and procedures for investigating violations of the Code of Conduct.
• Monitor disciplinary measures taken for violations of the Code of Conduct.
• Provide training and educational programs to enhance Ciklumers awareness of and compliance with the Code of Conduct.

The Code cannot cover every situation that we may face. We may find ourselves faced with a dilemma that we are not sure how to resolve. If in doubt, ask yourself these questions:

• Does it comply with the Ciklum’s Code of Conduct?
• Does it comply with policy, regulation and law?
• Would I be setting a good example?
• Would I be comfortable explaining what I did to my colleagues, family and friends without shame or embarrassment?
• Would I or Ciklum be comfortable if the action was written about in a newspaper?
• Have I consulted others who have knowledge of the topic and sought advice to help me make an informed decision?

If the answer is ‘No’ to any of these questions, or if you are not sure, stop and seek further advice.
If you become aware or suspect a violation of this Code, we expect you to report promptly to your Line Manager / Project Manager, HR Business Partner / People Partner or Compliance Department. If you are uncomfortable making such a notification, you may do so anonymously using Ciklum SpeakUp.

There are a number of ways that you can seek advice and support, including through any of the following:

1. Discussing with your Project Manager, People Partner or anyone in management;
2. Discussing with the Compliance Department; and
3. Writing to Ciklum following the Whistleblower Policy 

Never hesitate to ask questions, raise concerns, or seek the guidance you need. Ciklum will not tolerate any discrimination against anyone who has reported a concern in good faith.

Ciklum will investigate any report of a violation with the principles of the Code of Conduct. You must cooperate fully with any investigation, but should not investigate independently as alleged violations may involve complex legal issues, and you may risk compromising the integrity of a formal investigation.

Conduct that violates the law and/or company policies is ground for disciplinary or remedial action. In addition, failure to report a known violation of law or company policy by someone else may result in disciplinary action for Ciklumers and/or termination of employment/your relationship with Ciklum. The disciplinary action taken will be decided on a case by case basis. The action will be conducted in accordance with Ciklum’s HR procedures and corresponding legal requirements. Where laws have been violated, we will cooperate fully with the appropriate authorities.

Bribery is the offering, giving, receiving or soliciting of any item of value in order to wrongfully influence someone’s actions, or to secure an improper advantage⁵.

Guidance

Ciklum has a zero-tolerance policy toward bribery and corrupt conduct in any form. Improper inducements involving government officials, clients, suppliers, business partners, and all other counterparties are strictly prohibited. We must all act with the utmost honesty, integrity and transparency in all dealings with clients, suppliers, business partners and government officials. Ciklum does not allow Ciklumers or others to make facilitation payments on its behalf.

We are committed to complying with all anti-corruption/anti-bribery laws, everywhere in the world such as the US Foreign Corrupt Practices Act, the UK Bribery Act and EU Directives. Bribery can have very serious consequences, for the individuals involved and for Ciklum. Any third-party, agent or intermediary acting on Ciklum’s behalf is also prohibited from offering, giving or accepting bribes and improper inducements, including acts of favouritism to influence a business decision.

Guidance
Ciklum policy and practice requires moderation and the use of good judgement when giving or accepting gifts or entertainment in the course of business. Extending or receiving common courtesies such as business meals in connection with legitimate business activities generally is acceptable. However, in any such dealings, Ciklumers should not request, accept, offer to give or give anything of value that would give the appearance of impropriety or suggest that the gift or entertainment was intended in any way to influence a business decision or to obtain an improper advantage.

A gift can be an item, but it also can include event tickets or the provision of services when the gift provider is not otherwise involved in the event or service (e.g. the giver provided the tickets but does not accompany the recipient to the event). Entertainment is distinguished from a gift as it typically involves meals, events or other forms of entertainment (e.g. sporting events, concerts, shows) where the provider participates in the meal, event or other form of entertainment.

Permissible gifts and entertainment include those that⁶ :

• Are given openly and directly;
• Come with no strings attached;
• Are NOT solicited;
• Are NOT in the form of cash or a cash equivalent, such as a cash or gift card;
• Are NOT significant in value;
• Are NOT accepted as part of or during a business negotiation;
• Comply with all applicable laws and with all policies of both the giver and recipient; and
• Would NOT reflect poorly on Ciklum.

Gift limits and Prohibitions

Permissible gifts, entertainment and hospitality

• It is acceptable to extend or receive occasional gifts having a maximum retail value of USD 200 in total over the course of any one calendar year to or from the same person as a gesture of goodwill.
• Extending or receiving certain business entertainment (e.g. attending a local cultural or sporting event or a celebratory meal with a business partner) can be appropriate. Provided that the entertainment is reasonable and customary and in the furtherance of a business relationship; the cost of the entertainment is not excessive; and it won’t inappropriately bias future decision-making about working or create an appearance of impropriety.
• Gifts in the form of tickets to sporting events and other forms of entertainment that exceed a USD 200 value may be acceptable under certain circumstances but require the pre-approval of your manager with the notification of Compliance Department.

Non-permissible

• Gifts in the form of cash payments are not allowed. It is prohibited to provide or receive cash as well as any cash equivalents (e.g. gift cards or loans) in any circumstances, regardless of amount.
• You should not actively solicit gifts or entertainment from a current or potential client or business partner to gain an unfair advantage.
• It is prohibited to offer or give anything of value to a government official in order to get or keep business or gain an improper advantage.

For details, please refer to the corporate Gifts, Entertainment and Hospitality policy that will be available on the MyCiklum portal.

Money Laundering
People who are involved in criminal activity such as bribery, fraud or trafficking narcotics may attempt to launder money through apparently legitimate businesses in order to use the funds from their criminal activity and reduce suspicion⁷.

Ciklum will not accept or process money gained through criminal activity; we will only deal with reputable clients who are involved in legitimate business activities and whose funds are derived from legitimate sources. If you become suspicious, you should raise your concern immediately to the Compliance Department and document all steps that are taken in relation to the transaction.

Sanctions
Sanctions are a foreign policy tool used by Governments to restrict the ability of designated countries, individuals or entities access to particular products, services and markets⁸.

Ciklum has a zero tolerance approach to engaging with entities or individuals that are subject to sanctions restrictions implemented by the UN, EU, USA or other Governments as well as to those implemented by any local government at any of Ciklum’s locations. If you have any doubts about dealing with an entity which may be subject to sanctions, you should raise the question with the Compliance Department.

Guidance
Generally, antitrust and competition laws prohibit any activity that may improperly reduce or inhibit competition. Most countries where Ciklum does business also have laws restricting attempts to monopolise markets or otherwise restrict or control competition.

It is CIklum’s obligation to comply with these laws where they are applicable. Because of the complexity of antitrust and competition laws, it is imperative that Ciklumers seek advice from the Compliance Department on any question regarding these issues. The penalties for violating antitrust laws and trade regulations can be extremely severe for both Ciklum and the individuals involved.

Ciklum takes its obligations under applicable data protection and privacy laws very seriously in all countries where Ciklum does business¹⁰. We all have a responsibility to safeguard the privacy, confidentiality and security of personally identifiable information and other private information of Ciklumers, clients, partners and other third parties in Ciklum’s possession. We have in place effective systems to only allow access to our personal information to those who have a valid business reason for accessing it, reducing the risk of our personal data being compromised. While creating documents in cloud environment we need to provide access only to those people, who are authorised to see it.

You should never provide the information without the individual’s permission. If in doubt you should refer your enquiry to Compliance Department.

We must help to ensure that Ciklum’s books and records, which include virtually all forms of business documentation, electronic or otherwise, accurately and fairly reflect, in reasonable detail, all transactions and dispositions of assets. It is of critical importance that Ciklum’s financial reporting, including its reports to investors and lenders, be accurate and timely. Depending on type of services they provide, Ciklumers may be called upon to give information necessary to assure that Ciklum’s financial reports are complete, fair and understandable.

Confidential information includes all non-public information that might be useful to competitors or that could be harmful to Ciklum if disclosed11.
Ciklum has a duty to its clients, suppliers and personnel to respect all information it holds about them and to protect and handle such information responsibility.
Ciklum’s legal obligations and its competitive position require that confidential information remain confidential and that we are diligent in our efforts to protect our intellectual assets. Information that is proprietary to our clients, suppliers and others should be treated as confidential and used for the purpose for which it was obtained and disclosed only as permitted between Ciklum and the other party. Confidential information should be properly and securely stored, transmitted and disposed of, and Ciklumers must be mindful of the risk of discussing confidential information in public places. This means that Ciklumers should not disclose or share information regarding internal Ciklum matters with anyone outside Ciklum, except as required in the performance of their employment duties.

It is never acceptable to discuss confidential information in a public place even if there are no classified documents in use. The security and confidentiality of the information could be compromised if someone overhears the conversation.

‘Conflict of interest’ arises where a person’s position or responsibilities within their business unit presents an opportunity for personal gain above the normal rewards of cooperation12. In other words, a conflict of interest exists when your personal interests interfere with the best interests of Ciklum. Ciklumers should attempt to avoid actual or apparent conflicts of interest.

Any personal interests (or the interests of a member of immediate family) in relation to Ciklum’s business must be disclosed to your manager and the Compliance Department immediately. Disclosure is mandatory, failing to disclose a conflict or a perceived conflict is a violation of the Code.

In situation that appears to present a conflict of interest we expect you to “refrain and report”.If it is not possible to avoid participating in the event or activity creating the conflict, promptly disclose the potential conflict to your supervisor and the Compliance Department, and avoid participating in decisions that might raise the appearance of a conflict until you receive appropriate guidance.

We are each responsible for protecting any equipment and property to which we have access to or have been entrusted to safeguard, whether that equipment belongs to Ciklum company, our clients or other third parties. We need to make sure that these assets are not compromised, lost, damaged, misused or wasted. We use these assets exclusively for Ciklum’s business purposes.

Ciklum recognises the role that social media plays in communications and society today. However, sometimes it gets difficult to make clear division between one’s private voice on social media and the role as a Ciklumer. We all need to be responsible in our engagement on social media and exercise judgement when communicating in public forums. While engaging on social media, you should:

• Be transparent and make it clear that you are speaking for yourself in your private capacity;
• Recognise that anything you say can be viewed as Ciklum’s own statement;
• Protect confidential information;
• Be honest, accurate and ethical at all times;
• Not announce things which you are not authorised to announce; and
• Understand the potential consequences of your actions.

In our relationships with each other, we strive to be open, honest, and respectful in sharing our ideas and thoughts, and in receiving input. We value the free flow of thoughts, ideas, questions and concerns. We encourage CIklumers to raise work related issues or concerns through our established processes as soon as issues or concerns arise.

Ciklum promotes a cooperative and productive work environment by supporting the cultural and ethnic diversity of its workforce. Our collective challenge is to enhance the company’s performance through valuing and understanding differences. Ciklum is committed to a policy of providing equal employment opportunity to all qualified individuals and applicants. This commitment is reflected in all aspects of our daily operations.

We do not discriminate on the basis of race, color, descent, sex, sexual orientation, gender reassignment, political views, confession or religious beliefs, nationality, ethnicity, marital or civil partnership status, family / career responsibilities, pregnancy and maternity / paternity status, age, disability or impairment, profession or occupation, veteran status, physical peculiarity or genetic information in any personnel practice, including recruitment, hiring, employment, compensation and benefits / remuneration, facilities and services, promotion, training and professional development, termination and references, discipline and grievance.

At Ciklum, we are committed to creating a safe, healthy and non-threatening work environment. We integrate sound safety and health practices within our operations and comply with applicable workplace safety and health regulations. We foster an environment where everyone feels safe and is treated with courtesy and professionalism. Any act of violence or threatening behavior or possession of weapons will not be tolerated.

Under all circumstances, all Ciklumers must take due care of their health and safety and ensure that they do not endanger others by any acts or omissions. Activities that are not conducive to a good work environment are not permitted; this includes the storage, consumption, distribution, or being under the influence of alcohol or any controlled substances other than substances as prescribed by a physician on company-owned or leased property, during working hours, while on company business, or while using company property.

Moderate alcohol use at company-sponsored events after working hours can be allowed with prior functional head or director sign off. A dedicated manager must be responsible for the event. Under no circumstance can alcohol be offered to individuals under the legal drinking age attending the event.

Guidance
Ciklum strives to comply with all national, federal, state, and local laws and regulations. Respecting the responsibilities of government agencies and cooperating with them in good faith as they execute established guidelines and policies is essential.

Ciklumers shall not provide anything of value to any local, state, or national or federal elected or appointed official or government employee unless the Ciklumer’s supervisor has confirmed that the item of value complies with all laws or regulations that limit or prohibit such gifts or require the gifts to be reported.

Ciklumers are encouraged to participate in the electoral process through voting, contributing time or other appropriate means. You may not contribute funds, assets or services for, or on behalf of, Ciklum to any political candidates, political party, charity or similar organisations unless such contribution is expressly permitted by law and authorised by Ciklum.

We will make a positive social and economic contribution through our activities to the communities in which we work, and we will support, sponsor and contribute to the activities of other organisations, where they are aligned with our own business objectives, our values and will enhance the reputation of Ciklum13.

We contribute to charities and good causes through sponsorship and donations and by providing materials. We encourage our employees to give their time as volunteers to these causes. When making sponsorship commitments, charitable donations or promises of ‘in-kind’ support such as company materials or resources, prior approval is required and the activity must be recorded. All requests for sponsorship and charitable donations received must be approved by Compliance Director to ensure that they meet our sponsorship and charitable giving criteria.

Who are Ciklumers?

Ciklumers is used in this Code as the collective reference for employees (permanent or temporary, full or part time) of any Ciklum legal entity, or any of its affiliates or subsidiaries, as well as for others performing work for, or on behalf of, Ciklum.

What is bribery?

Broadly, bribery is defined as giving or receiving a financial or other advantage in connection with the “improper performance” of a position of trust, or a function that is expected to be performed impartially or in good faith.

Bribery does not have to involve cash or an actual payment exchanging hands and can take many forms such as a gift, lavish treatment during a business trip or tickets to an event. The types of bribery that take place in the commercial sector are numerous. Some simple examples are:

• bribery in order to secure or keep a contract;
• bribery to secure an order;
• bribery to gain any advantage over a competitor;
• bribery of a local, national or foreign official to secure a contract;
• bribery to turn a blind eye to a health safety issue or poor performance or substitution of materials or false labour charges; and
• bribery to falsify an inspection report or obtain a certificate.

Ciklum’s definition of bribery also includes making “facilitation payments”. A “facilitation payment” is a payment or gift given (usually to a government official) to speed up a procedure or to encourage one to be performed. It does not include fees required to be made by law such as the payment of a filing fee for a legal document. The acceptance of a facilitation payment by a government official is an example of corrupt activity.

Ciklum defines “corrupt conduct” or “corruption” as the abuse of entrusted power for private gain.

What is money laundering and sanctions?

Money laundering
‘Money laundering’ is the process of hiding illegal sources of money. For example, under the UK Proceeds of Crime Act 2002 (POCA) money laundering offences are committed when a person:

• conceals criminal property
• enters into an arrangement regarding criminal property
• acquires, uses or possesses criminal property.

This process is of critical importance, as it enables the criminal to enjoy these profits without jeopardising their source. Illegal arms sales, smuggling, and the activities of organised crime can generate huge amounts of proceeds. Embezzlement, insider trading, bribery and computer fraud schemes can also produce large profits and create the incentive to “legitimise” the ill-gotten gains through money laundering. When a criminal activity generates substantial profits, the individual or group involved must find a way to control the funds without attracting attention to the underlying activity or the persons involved. Criminals do this by disguising the sources, changing the form, or moving the funds to a place where they are less likely to attract attention.

Sanctions
Sanctions are a foreign policy tool used by Governments to restrict the ability of designated countries, individuals or entities access to particular products, services and markets. The jurisdictions, individuals and entities who are the target of sanctions are those who particular governments view as engaging activity which is either considered abhorrent (e.g. suppression of civil rights) or would threaten international peace and security (e.g. development of a nuclear weapon). These restrictive measures are most commonly enforced by the UN, EU and USA.

What is fair competition and anti-trust?

Generally, antitrust and competition laws prohibit any activity that may improperly reduce or inhibit competition. Most competition laws and trade regulations apply to the sale and marketing of services as well as products. It is expected that each of us compete vigorously and fairly in the conduct of business matters but always in compliance with the local and other countries’ laws.

What is personal information?

Personal information is any information that can be used, alone or in combination with other information, to identify a specific individual. It includes such information as a person’s name, address, email address, date of birth, driving licence number, financial account numbers, passport, Social Security/Tax ID number or other government identification number and other identifiers.

What is confidential and proprietary information?

Confidential information includes all non-public information that might be useful to competitors or that could be harmful to Ciklum if disclosed. Proprietary information, i.e. intellectual property, includes data such as trade secrets, patents, trademarks and copyrights, and business information, research and new product plans, objectives and strategies, records, databases, salary and benefits data, employee personal and medical information, client, employee and supplier lists and any unpublished financial or pricing information.

What is conflict of interest?

‘Conflict of interest’ arises where a person’s position or responsibilities within their business unit presents an opportunity for personal gain above the normal rewards of cooperation. A conflict of interest can arise in many situations, including:

• Family and relationships among Ciklumers or with the employees of our suppliers, partners, or clients;
• Giving or receiving gifts, hospitality, or travel;
• Outside work activities;
• Dealing with family members employed by a vendor or partner;
• Dealing with a vendor or partner who employs family members; and
• Dealing with a vendor or partner in which you or a family member have a financial interest.

1 Please refer to Definitions section

2 Supervisor is a Ciklumer you report to

3 Leadership Team and Invited Members is the group of Ciklum top managers that contains from C-level officers (CEO, Global CFO, COO, CTO, CDO, CHRO, CRO and VP C&C) and directors – Legal D., Compliance D., Finance D., Delivery D. and Commercial D.

4 Board of Directors of the Ciklum Group Holdings Limited Holding Company, BVI

5 For more information, please refer to Definitions and Examples sections

6 For more information, please refer to Examples section

7 For more information, please refer to Definitions and Examples sections

8 For more information, please refer to Definitions and Examples sections

9 For more information, please refer to Definitions and Examples sections

10 For more information, please refer to Definitions and Examples sections

11 For more information, please refer to Definitions and Examples sections

12 For more information, please refer to Definitions and Examples sections

13 For more information, please refer to Examples section

At Ciklum we are committed to doing business in accordance with our core principles – transparency and integrity, which in particular means avoiding bribery and corruption of all kinds and in wider sense this relates to not facilitating or engaging in any Financial Crime. This includes bribery and corruption, money laundering and sanctions. 

Ciklum defines these areas of financial crime as: 

• Bribery and Corruption: The act of offering, promising or giving a financial or other advantage to another person with the intent to induce improper performance of a business or public function. Corruption is the abuse of entrusted power for private gain. It can be classified as grand, petty and political, depending on the amounts of money lost and the sector where it occurs. 
• Money Laundering: Money Laundering involves taking criminal proceeds and disguising their illegal source in anticipation of ultimately using the criminal proceeds to perform legal and illegal activities. 
• Sanctions: Sanctions are restrictive measures applied by a country, or group of countries, to enforce change. Sanctions can be split into two distinct areas, financial and trade sanctions. Financial sanctions are restrictions on providing economic resource to certain entities or individuals. Trade sanctions limit the ability to trade in particular items to certain territories, entities or individuals. Trade sanctions can also apply to any ancillary services related to the goods/services which are restricted. 

Detailed definitions can be found in Sections 4, 5 and 6 of this Policy. 

The purpose of this Policy is to guide Ciklumers and to ensure that Ciklum’s core values of transparency and integrity are maintained at all levels of Ciklum. This policy is also designed to manage Ciklum’s compliance risk, and to protect Ciklum, our shareholders, and customers. 

Managing compliance risk in the context of this policy refers to the risks presented by national and international financial crime laws and regulations. It is essential that Ciklum has in place processes, systems and controls to manage this compliance risk as without it Ciklum’s integrity, profitability and future growth ambitions could be comprised. To manage this compliance risk Ciklum will: 

• Ensure there is regular identification and assessment of compliance risk across Ciklum; 
• Monitor any legal and regulatory changes to assess their impact on Ciklum; 
• Put in place processes, systems and controls to support the identification and mitigation of compliance risk; and 
• Provide Ciklumers with support and guidance. 

This Policy applies to all Ciklumers, including officers and directors. In addition, Ciklum will require third parties who represent it (such as agents, consultants, and contractors) to conduct themselves where applicable in a manner consistent with this Policy. 

Ciklum will seek to comply with all applicable laws, rules and regulations in the jurisdictions in which it operates including those relating to anti-bribery and corruption (ABC), anti-money laundering (AML) and sanctions. For the purpose of combatting financial crime the decision has been taken to use the regulations imposed by the European Union (EU), United Nations (UN) and United States (US) as a benchmark. 

This decision has been made as these regulations are directly applicable to certain Ciklumers and they are also seen as being the highest global standards to combat financial crime. In each jurisdiction Ciklum operates in there are laws and regulations relating to bribery and corruption, money laundering and sanctions. Where these conflict with the requirements outlined by the EU, UN and US Ciklum will take a decision on the appropriate course of action on a case by case basis. 

Core Anti- Bribery and Corruption regulations – U.S. Foreign Corrupt Practices Act (“FCPA”) and the U.K. Bribery Act prohibit bribery of foreign government officials (broadly defined later in this policy), and with regard to the FCPA in particular, mandate that companies establish and maintain accurate books and records and sufficient internal controls. The UKBA also prohibits private sector (commercial) bribery. 

A violation of financial crime regulations can lead to severe civil and criminal penalties and is cause for disciplinary action (up to and including termination of employment or contract with Ciklum1); it is vital that every Ciklumer2 not only understands and appreciates the importance of these policies and procedures, but also complies with them in daily assignments. 

Compliance risk (also referred as Financial Crime risk) is an indispensable part of Ciklum’s overall risk. It is a risk Ciklum may suffer in failure to comply with applicable laws, rules and standards including FCPA, UKBA, Anti-Money Laundering regulations, sanctions and embargo programs, and the Code of Conduct applicable to Ciklum’s activities. 

Compliance risk is also an integrity risk, because Ciklum’s reputation is closely connected with its adherence to principles of transparency, integrity and fair dealing. 

Compliance risk must be identified, assessed, advised on, monitored and reported timely to protect Ciklum from any damage or losses such as legal or regulatory enforcement or sanctions, material financial losses, reputational losses, financial crime and corruption (destroying shareholders’ value). 

Ciklumers, at all levels, are required to strictly abide with the principles outlined below while performing their duties in the Ciklum. Abiding by these principles will help to manage the risk that Ciklum, and/or Ciklumers, are found to breach local laws, international laws and Ciklum’s own compliance controls.

1.4.1. Compliance with Laws, Rules & Regulations 

Ciklumers have to act according to Ciklum’s written policies and procedures in order to ensure full compliance with laws, rules and standards helping to maintain Ciklum’s reputation, and meet the expectations of its customers, the relevant regulatory bodies, the markets and society as a whole; treating customers fairly, and ensuring suitability of customer advice. 

1.4.2. Promote and Engage in Ethical Conduct 

Ciklumers, at all levels, are required to carry out their duties acting professionally and honestly, in good faith and with integrity respecting Ciklum’s Code of Conduct; perform duties as described by their contracts or job descriptions; avoid misuse of authorities; properly use accessible information; not engage in any unethical/ illegal activities that may damage Ciklum’s reputation; act with full transparency and in a bona fide; and report any illegal activities/ unethical behaviour/ suspicion of any illegal act, as per applicable policies and procedures. 

1.4.3. Avoid any Conflict of Interest

Ciklumers should act in the best interests of Ciklum without giving any preference to any third party on the basis of personal considerations ensuring their private matters do not interfere with the interests of Ciklum. 

1.4.4. Protect Confidentiality 

Ciklumers have to maintain the confidentiality of information which may be related to Ciklum and its clients (and entrusted to them) except when disclosure is authorised or required by law; even when they leave Ciklum. 

1.4.5. Protect Ciklum’s Assets 

Ciklumers should protect and use Ciklum’s property and assets for legitimate business purposes.

1.4.6. Act in the Customer’s Best Interest 

Ciklumers should provide services to Ciklum’s customers with care, honesty and fairness; they should strictly avoid manipulation, or any unfair dealings. Accordingly, Ciklum will ensure careful review of customers’ complaints, process them in a timely manner and document replies. 

1.4.7. Raise any issues or concerns 

Ciklumers are encouraged to report any violation of Ciklum’s policies, Code of Conduct, potential violations of applicable laws and regulations, as well as other types of misconduct. Ciklum pledges to protect all Ciklumers against any kind of harassment from any other employee for reporting a potential violation in good faith. 

2.1. Involvement of the Senior Management 

Ciklum’s Senior Management are integral in developing and ensuring the continued effectiveness of Ciklum’s compliance framework. Ciklum’s Senior Management (Leadership team & Invited Members) support the compliance process by: 

1. Actively communicating the importance of compliance down through the ranks across the Ciklum network; 
2. Regularly monitoring the implementation of the financial crime compliance program; and 
3. Providing oversight to the compliance framework including involvement in any breaches of requirements. 

Ciklum’s operational management includes branch, line and function managers. The principal role of Operational Management in the compliance framework is to support the identification, assessment and management of compliance risks by supporting risk mitigation activities and implementing including internal controls. 

Operational line managers are the owners of business processes in Ciklum. It is for this reason that they are responsible for ensuring compliance with laws, rules and regulations within the areas they oversee. The specific responsibilities of operational management include: 

• Managing overall compliance culture and performance within their business areas; 
• Ensuring open communication channels with the Compliance Function (2nd line of defence); 
• Implementing the Group compliance initiatives (such as the Code of Conduct); and 
• Participating in incident response/investigation. 

Operational management will have easy access to the Compliance Function which deals with any concerns quickly and effectively, escalating whenever necessary. Operational Management is encouraged to highlight good practice, share examples of near misses and help Ciklumers to learn from them.

Ciklum’s Compliance Function includes both the Compliance Director and the Compliance Department. Compliance operates as the second line of defence in Ciklum’s compliance risk framework. 

The principle role of the Compliance Function is to facilitate and monitor the implementation of compliance risk management practices by Operational Management (first line of defence), analyse and report on compliance performance, provide valuable insight and advice. The mission of the Compliance Function is to provide expert advice in relation to compliance risk management, understand Ciklum’s financial crime risks and lead risk mitigation activities to help support the businesses. 

Compliance Function responsibilities include: 

• Defining and updating compliance strategy and initiatives; 
• Establishing the overall Ciklum Compliance Reinforcement Programme5 ; 
• Overseeing Compliance Risk Assessments; 
• Leading and coordinating Compliance Champions Programme6; 
• Establishing and maintaining policies, procedures and governance; 
• Creating the Ciklum Group compliance communication and training plan; 
• Maintaining and coordinating incident reporting and incident management procedures; and Reporting to the Risk Management Committee and senior management identified compliance risks, weaknesses and deficiencies, and breaches from the applicable policies and procedures. 

Ciklum’s RMC is a formal sub-Committee of the Board of Directors. The Committee has been established to assist the Board in the discharge of its duties and responsibilities relating to financial crime Compliance. The RMC will facilitate the establishment and oversight of Ciklum’s financial crime controls by setting the top level rules that dictate the formation and approval of key financial crime Policies. The roles and responsibilities of the RMC are set out in its Terms of Reference but will include: 

• Providing oversight of financial crime compliance risk management across the Ciklum Group; 
• Review and challenge reports and MI regarding financial crime compliance across the Ciklum Group; and 
• Oversee the development and delivery of compliance strategy and initiatives. 

The RMC should be seen to be, and acts as, independent from both the first and second line functions in its role as providing oversight and assurance on the robustness and application of Ciklum’s compliance risk framework. The members of the RMC and Terms of Reference dictating the operation of the function will seek to ensure that this occurs.

Ciklumers are key to ensuring that Ciklum does not breach any laws or regulations. Compliance with all applicable laws, rules and regulations as well as with Ciklum’s policies and principles is therefore the responsibility of every Ciklumer. 

As a Ciklumer, you must: 

• Read, understand, abide and confirm acknowledgement of our Code of Conduct, comply with this Policy (in particular with the principles listed in Section 1.3) and all related Procedures; 
• Report concerns to your local management, where possible, or through the Compliance Function or through the SpeakUp email; 
• Be vigilant to any “red flags” (set out below in the Section 2.6) or issues of potential risk which indicate where further examination of a particular transaction or relationship is necessary; and 
• Complete prescribed training in accordance with Section 10 of this Policy. 

As a Ciklumer, you must not: 

• Offer, promise or give a bribe or utilise a third party to do so, as the Company can be prosecuted for breaches of anti-bribery laws by third parties acting on its behalf; and Request, agree to receive or actually receive a bribe intended for your benefit or the benefit of your family, friends or acquaintances. 

There are a number of signals that warrant Ciklumers’ special attention, and/or call for the examination of a particular transaction or relationship for a potential bribery issue. Those signals or “red flags” that call for further attention include, but may not be limited to: 

• Payments of unusually high fees or commissions; 
• Requests for cash payments; 
• Requests for payments to different companies or through different countries; 
• Requests for payments to offshore centres / tax havens without sufficient justification; 
• Undefined or unreported payments to third parties made on the Company’s behalf; 
• No written agreements; 
• Unusually close relationships with government officials; and 
• A refusal to certify compliance with this policy. 

The foundation of Ciklum’s compliance framework is the Code of Conduct. The primary function of the Code of Conduct is to provide a unified set of principles and behaviours, which are designed to act as a guide for Ciklumers to help them make the right business and behavioural decisions. It is the responsibility of all Ciklumers to ensure they read, understand and act in accordance with the Code of Conduct and that all policies, procedures and processes do not conflict with requirements outlined in the Code. We should also require our suppliers and vendors to adhere to our Code or adopt similar ethical standards.

This section provides further information on the role and purpose of Ciklum’s Compliance Function. This section should be read in conjunction with Section 2.3 of this Policy. 

Compliance with all applicable laws, rules and regulations as well as with Ciklum’s policies and principles is the responsibility of every Ciklumer. Nevertheless, a Compliance Function has been implemented and operates to ensure effective management of the compliance risk and maintain Ciklum’s reputation with its shareholders, customers, contractors and employees, the relevant regulatory bodies, and the markets. 

Ciklum’s Compliance Function is represented by the Group Compliance Director and by the Compliance Department that in its turn, comprises the Compliance Manager and Compliance Experts. 

The Compliance Function performs its responsibilities which consist primarily of monitoring the business and providing advice when needed on a proactive basis or upon request. 

The Function has an independent status, sufficient resources and authority to perform its duties and responsibilities and access all information which may be necessary for the proper exercise of its duties.

2.8.1. Objectives and Purpose of the Compliance Function 

Ciklum’s Compliance Function as been established to: 

• Implement and manage compliance risk. This includes measures to mitigate risk to Ciklum of internal and external fraud, engaging in bribery or corruption, facilitating money laundering, facilitating a breach of sanctions legislation and engaging in activities which may lead to reputational damage; 
• Provide support and guidance to ensure that Ciklum acts with high ethical standards including transparency and integrity to meet the expectations of customers, shareholders’ and third parties; and 
• Ensure that the Ciklum continues working ethically. 

2.8.2. Responsibilities and Duties of the Compliance Function 

The responsibilities of the Compliance Function include, but are not limited to: 

• Advising and keeping Senior Management appraised of compliance requirements with relevant laws, rules and standards;. 
• Providing analysis and early warning of regulatory change that may affect the business to ensure that such change is communicated to the Leadership Team and Board of Directors; 
• Identifying and assessing the compliance risks associated with Ciklum’s business activities. This will be reviewed periodically or when Ciklum engages in new business activities, including the development of new products and business practices, and expansion of business; 
• Establishing written guidance to Ciklumers on the principles outlined in this policy and other relevant compliance documents or other publications; 
• Providing advice and assistance to the Board of Directors, Senior Management, committees and Ciklumers to help them meet their compliance responsibilities; 
• Educating Ciklumers on compliance risk and the controls that Ciklum has in place to mitigate these risks; 
• Monitoring and, on regular basis, assessing the adequacy and effectiveness of Ciklum’s compliance controls; 
• Ensuring proper handling of both internal and customer complaints; 
• Regularly reporting to the Board of Directors, and relevant committees, on compliance risks, weaknesses, deficiencies, and any legal or policy breaches identified; 
• Reporting, where necessary, to external agencies; 
• Keeping records of good and bad practice to provide feedback on failures in controls and compliance with recommendations provided for improvements and remedial action; and 
• Building an open relationship with relevant regulators, and where relevant, respond and coordinate responses to proposed legislation or regulations. 

2.8.3. Preconditions of the Compliance Function 

To ensure that Ciklum’s Compliance function can operate effectively the Ciklum Board of Directors are committed to ensure the Compliance function are able to operate in accordance with the key principles of authority and independence. 

• Authority: The Compliance Function will have access to all of the Ciklum’s offices, departments as well as static data records and property in the custody or under the control of Ciklum for the purpose of discharging its responsibilities. 
• Independence: To avoid conflict of interest, the Compliance Function has been established as a function that is independent of line and operational departments which will have full and free access to the Board of Directors, as needed. 

2.8.4. Compliance Programme 

The responsibilities of the Compliance Function are carried under the Compliance Programme (also referred as Ciklum Compliance Reinforcement Programme or “CCRP”). 

The Compliance Programme is Ciklum’s compliance roadmap which details the Function’s planned activities (for example the implementation and review of specific policies and procedures). 

The Compliance program is risk based and will be subject to the oversight by the Group Compliance Director to ensure appropriate coverage across businesses and coordination among risk management functions. On at least an annual basis the CCRP will be shared with Senior Management/ the RMC for independent review and challenge.

Ciklum has zero tolerance for financial crime, wherever and in whatever form that may be encountered. Ciklum performs assessment of financial crime risks that will inform the development of controls.

On an annual basis Ciklum will conduct a firm-wide financial crime and ethics risk assessment. As part of this risk assessment Ciklum will consider, among other criteria, the inherent risk of Ciklum’s services, operations and Third Parties as well as the risks present in jurisdictions where Ciklum has operations. 

In addition to the firm-wide risk assessment performed at least an annual basis, other events which might drive the need to revisit the risk assessment more frequently include: 

• New financial crime legislation; 
• Regulatory censure involving the IT sector; and 
• A change in Ciklum’s operational structure. 

Ciklum may suffer reputational damage or face legal liability if associated with business partners and intermediaries that engage in unethical or illegal conduct. We therefore need to ensure that our business relationships are transparent and ethical. Ciklum applies a risk based approach to inform decision making before engaging with third parties (customers, agents, contracts, vendors etc.). The depth of subsequent due diligence procedures is based on an assessment of the risk profile of the engagement, including the following risk factors: 

• Geographic location; 
• Industry; 
• Background and identity of the third party; 
• Connection with government officials or entities; 
• Amount and Compensation structure of the proposed arrangement; 
• Additional factors related to the scope of the services to be rendered; and 
• Selection of the third party 

Throughout the risk assessment and further due-diligence procedures, a comprehensive record of relevant documents and decisions is maintained to ensure we can demonstrate proper application of the Policy and prove that decisions to engage with partners or third parties were made in good faith.

As a multi-national corporation Ciklum has numerous legal requirements relating to anti-bribery and corruption. For the purpose of this Policy, Ciklum will use the standards set forth in the UK Bribery Act 2010 (“the Bribery Act”) and in the US Foreign Corrupt Practices Act (“FCPA”) as a basis for its compliance efforts. The reason for using these regulations as a base is that not only will these regulations be directly applicable to certain Ciklumers but they are also seen as being the highest global ABC standard. In each jurisdiction in which Ciklum operates there are laws and regulations outlawing bribery and corruption. Where these conflict Ciklum will take a decision on the appropriate course of action on a case by case basis.

4.1.1. What is a bribe? 

Ciklum defines a bribe as an inducement, payment or reward, offered or received to gain an improper business advantage. Improper business advantage includes: 

• Winning business, contracts, tenders; 
• Preventing or diminishing some governmental action, such as the imposition of a large tax or fine, or the cancellation of an existing government contract or contractual obligation; 
• Obtaining a licence or other authorisation from a government where the issuance involves the foreign official’s or his/her government’s discretion; 
• Obtaining confidential information about business opportunities, bids or the activities of competitors; and 
• Obtaining the right to open an office, or to influence the award of a government contract etc. 

In addition, the bribe is any payment to: 

• Influence the rate of taxes that would be levied on the company’s business; 
• Obtain relief from government controls, foreign regulations, or the application of regulatory provisions; 
• Resolve governmental disputes, for example the resolution of tax deficiencies or a dispute over duties payable; and 
• Resolve commercial litigation in foreign courts. 
• Bribery of public officials (directly or indirectly, and in order to obtain or retain business or an advantage in doing business) as well as companies and private individuals are all equally prohibited under the laws of many countries and under this policy and our Code of Conduct. 

4.1.2. What is the Risk? 

Potential penalties for the Company include unlimited fines, costly litigation and adverse publicity. For individuals, penalties can include very large fines. Additionally, in the UK, US and some other countries, long terms of imprisonment are also possible: 

Ciklumers must not provide or accept gifts, hospitality or entertainment that seeks to influence or reward any business activity, including the anticipation of further business. It is important to remember that excessive or otherwise inappropriate gifts and/or hospitality can lead to the appearance of improper influence (including bribery) or conflicts of interest. 

This is not to say the provision of hospitality and reasonable gifts is prohibited, however there must be a legitimate business reason for the provision of entertainment or receipt of a gift. All gifts and entertainment given or received must be recorded in accordance with the requirements detailed below as well as Ciklum’s Gifts, Entertainment and Hospitality Procedure.

4.2.1. What is gift? 

A gift can be an item, but it can also include event tickets or the provision of services when the gift provider is not otherwise involved in the event or service (e.g. the giver provided the tickets but does not accompany the recipient to the event). 

4.2.2. What is entertainment and hospitality? 

Entertainment or hospitality is distinguished from a gift as it typically involves meals, events or other forms of entertainment (e.g. sporting events, concerts, shows) where the provider participates in the meal, event or other form of entertainment or hospitality. 

4.2.3. Ciklum’s approach to giving and receiving Gifts, Entertainment and Hospitality 

Gifts, entertainment and hospitality in Ciklum should always be clearly separate from the business decision-making process. Any business decisions must not be influenced (or seen to be influenced) by the giving or receiving of gifts, entertainment or hospitality. As a Ciklumer you have to avoid putting yourself and Ciklum into a position where gifts, entertainment or hospitality affect your business judgment or could be perceived to affect the outcome of any business transaction. 

The following key principles apply to all Ciklumers relating to gifts, entertainment and hospitality: 

• Certain gifts and hospitality will need to be approved and recorded in the gifts and hospitality register, which is maintained by Finance; 
• Ciklumers must not accept gifts or hospitality which could be perceived as seeking to support or reward any business act or which are provided in consideration of any potential further business; 
• Ciklumers must ensure that the offer or acceptance of a gift or instance of hospitality does not create or appear to create a conflict of interest for those involved; 
• Gifts or hospitality given or received must not be repetitive in nature, lavish in cumulative value or associated with pending business or regulatory decisions; 
• Any gift or hospitality given or received must be in compliance with local law and not of a nature that would be likely to damage the reputation of Ciklum if publicly disclosed; 
• Hospitality given or received must be in the presence of a host; 
• Travel expenses must only be incurred for legitimate business purposes; and 
• Cash or cash equivalent gifts (of any amount) may not be given or received. 

4.2.4. Recording of Gifts, Entertainment and Hospitality 

Ciklum will maintain a register of gifts, entertainment and hospitality provided by or to company staff in accordance with the principles outlined above. This register will be subject to regular quality assurance and will be maintained by Compliance. For further detail regarding permissible gifts, entertainment and hospitality please refer to the Gifts, Entertainment and Hospitality Procedure listed in section 4.7.

Political contributions or donations in cash or kind on behalf of Ciklum are not permitted without Board approval. 

In considering whether or not a donation should be approved, the Board will need to be assured that there is no potential conflict of interest affecting a material transaction in connection with the contribution and to protect the Company’s reputation. Furthermore, any Ciklumers who obtain or are looking to obtain appointment to a public office must obtain approval of the Board before doing so.

Charitable donations and sponsorship may only be provided to recognized non-profit charitable organisations with the prior approval of Compliance Function. Any charitable donations will not be made in recognition or anticipation of a business relationship with Ciklum. 

All charitable donations have to be: 

• Approved in accordance with applicable procedures; 
• Transparent and properly recorded in our books and records; and 
• Receipted or have a letter of acknowledgement from the charity to ensure that the donations receive the proper tax treatment 

Charitable donations should not: 

• Be made to individuals or in cash; and 
• Be made at the request of a public official as an inducement to or reward for acting improperly. 

It should be ensured that there is no potential conflict of interest, see Section 4.4, affecting a material transaction in connection with a charitable contribution made or commercial sponsorship entered into. Charitable contributions and commercial sponsorships must not be made where there is a risk that a commercial transaction may be influenced or where the contribution/sponsorship could be regarded as a subsequent ‘reward’ for the awarding of a contract.

A ‘Conflict of interest’ arises where a person’s position or responsibilities within their business unit presents an opportunity for personal gain above the normal rewards of cooperation. In other words, a conflict of interest exists when your personal interests interfere with the best interests of Ciklum. Ciklumers should attempt to avoid actual or apparent conflicts of interest. 

Any personal interests (or the interests of a member of immediate family) in relation to Ciklum’s business must be disclosed to your manager and the Compliance Function immediately. Disclosure is mandatory, failing to disclose a conflict or a perceived conflict is a violation of this policy and of our Code of Conduct. 

In situation that appears to present a conflict of interest we expect you to “refrain and report”. If it is not possible to avoid participating in the event or activity creating the conflict, promptly disclose the potential conflict to your supervisor and the Compliance Function, and avoid participating in decisions that might raise the appearance of a conflict until you receive appropriate guidance.

Facilitation payments are unofficial payments to public officials to ensure or speed up performance of routine and non-discretionary governmental actions such as processing a visa application, securing a mail service, or connecting utilities. These will be seen as bribes under UKBA, regardless of whether they may be a part of the “way of doing business” in a particular country. As a Ciklum’s representative, Ciklumer have not make any facilitation payment. 

The prohibition on facilitation payments may not apply to situations in which a Ciklumer is faced with a serious medical or safety emergency. A Ciklumer faced with such an emergency must either seek prior approval from the Group Compliance Director or, in circumstances where seeking prior approval is deemed impossible, record the details of any such payment or submit that information in writing to the Compliance Function within 48 hours of the payment being made. Any such payments should be accurately recorded as facilitation payments in Ciklum’s books and records.

Exchanging gifts and entertainment as well as provision of hospitality can create goodwill and establish trust in relationships with counterparties and business partners. It is important, however, that the guidelines set out below are followed in all cases. 

In line with the policy statements contained within section 4.2 of this document detailed below is an overview of the procedural requirements to guide staff in relation to Gifts, Entertainment and Hospitality. This section should be read and considered in-line with the earlier policy statements and requirements. 

4.7.1. Gift, Entertainment and Hospitality Limits 

Permissible gifts, entertainment and hospitality 

• It is acceptable to extend or receive occasional gifts, entertainment and hospitality having a maximum retail value of USD 200 per meeting as a gesture of goodwill or in furthering a legitimate business relationship. 
• The provision or receiving of gifts, entertainment or hospitality (including in the form of tickets to sporting event) that exceed a value of USD 200 may be acceptable under certain circumstances but require pre-approval of your manager with the notification of the Compliance Department 
• The total value of gifts, entertainment or hospitality given to or from the same organization over the course of any one calendar year must not exceed USD 1000 unless pre-approved by your manager with the notification of Compliance Department. 

4.7.2. Non-permissible gifts, entertainment and hospitality 

• Gifts in the form of cash payments are not allowed. It is prohibited to provide or receive cash as well as any cash equivalents (e.g. gift cards or loans) in any circumstances, regardless of amount. 
• You should not solicit gifts or entertainment from a current or potential client or business partner to gain an unfair advantage. 

It is prohibited to offer or give anything of value to a government official in order to win or keep business or gain an improper advantage 

4.7.3. Declaration of gifts, hospitality or entertainment 

Ciklumers must report, and where required, seek approval for each case when gifts, hospitality or entertainment provided by or to Ciklumers are in accordance with rules described below. 

The exception is that small and modest entertainment or hospitality such as a coffee, fruit, light alcohol or working lunches. These do not need to be declared. 

4.7.4. When dealing with clients 

The paragraph below is applicable for client-facing Ciklumers: developers, sales, SDMs, Branch Managers, People Partners and PPMC as they have access to the Salesforce application. Rules for Ciklumers who have no access to Salesforce are disclosed in paragraph 4.7.5. 

If you wish to make a gift to a customer or partner of any value, you are required to obtain approval for the gift in advance by submitting a gift approval request using the Gift Register on Salesforce. 

When planning, and providing, entertainment or hospitality and it is anticipate that the value of the entertainment and hospitality will exceed USD 200 approval should be sought from line managers and the Compliance Department notified. 

To do this you have to log into Salesforce, select the relevant account and click on the Gift Register field. If the gift is referred as an opportunity, you should select the relevant opportunity name as well. 

When dealing with third parties (other than clients) 

The paragraph below is applicable for administrative personnel and all other Ciklumers who have no access to the Salesforce application. Rules for Ciklumers who have access to Salesforce are disclosed in the paragraph 4.7.4. 

If you wish to make a gift to a third-party (vendor, partner or customer) of any value, you are required to obtain approval for the gift in advance by submitting a gift approval request using the Jira system. 

To do this you have to log into Jira, select project type “FD Request”, Issue type “Task”, FD Request type “Gift Register”. Gift details and approval 

You will be required to fill in several details about the gift, hospitality or entertainment you plan to make. This will include a brief rationale, recipient name and value of the gift, hospitality or entertainment. Then you have to submit your request. The request will then be subject to approval. If approved you will receive a gift approval reference code which you can use to reimburse your expenses. 

Expenses submitted for gifts made to customers or partners that have no gift approval reference code would be treated as unapproved and may not be reimbursed. 

4.7.4. Receiving of a gift, hospitality or entertainment 

If you are offered or receive a gift from a third party you should declare it before the gift is accepted (wherever possible) using the same means and approaches as described above in chapters 4.7.4 and 4.7.5 – Gift Register in Jira/Salesforce. 

There is no approval requirement for gifts, hospitality or entertainment received, but the declaration is subject for review. You will only be informed if it is not allowed to accept the gift. 

If acceptance is not permissible, you will be required to return what was received with the comment that Ciklum policy does not allow the acceptance of such a gift, hospitality or entertainment. 

If you receive a gift, hospitality or entertainment that is not permissible according to Ciklum policy and it is impossible to return it, you have to make sure you declare this using the Gift Register.

People and organisations that are involved in criminal activity such as bribery, fraud or trafficking narcotics may attempt to launder money through apparently legitimate businesses in order to use the funds from their criminal activity and reduce suspicion. Ciklum will not accept or process money gained through criminal activity; we will only deal with reputable clients who are involved in legitimate business activities and whose funds are derived from legitimate sources. 

The details of Ciklum’s anti-money laundering, countering terrorist Financing (“AML/CTF”) measures including documentation rules and application of online tools and reports of risk intelligence screening provider are disclosed in the TPDD Procedure.

Ciklum will establish and maintain a process for suspicious activity reporting. All Ciklumers have a personal responsibility to raise any suspicion of any potential illegality whether internal or external that may impact Ciklum to the Compliance Director as soon as possible. Ciklum must not take any action or encourage any actions by Company Staff that could constitute tipping off. Tipping off is a criminal offence. 

In certain jurisdictions (i.e. the UK) there is a requirement to report any suspicious activity to relevant authorities. Any external reporting requirements will be handled on a case by cases basis through collaboration between Ciklum Legal, Compliance and the Risk Management Committee.

Situations which may cause a suspicion of illegality include, but are not limited to: 

• A client whose identity or ultimate beneficial ownership cannot be verified easily; 
• The source of a payment which is difficult to identify, or a payment which is received from a third party with no obvious connection to a customer client; 
• A customer wanting to pay for services in cash; 

Payments made from (or a request for a refund to) a foreign bank account or branch (particularly if the client does not have an obvious reason for conducting business within that country); 

• Any transaction involving an undisclosed third party; 
• Early cancellation of services in circumstances which seem unusual or for no apparent reason; and Extensive use of corporate structures and trusts in circumstances where the customer’s needs are inconsistent with the use of these structures and trusts. 

In line with the third party due diligence requirements there will be a consideration of a range of risk factors prior to engaging with any third parties. This will include a consideration of a number of factors that may increase the potential of money laundering exposure to Ciklum. Ciklum’s AML/CTF checks are structured to address the controls needed based on the risks posed by the products and services offered, customers served, and their geographic locations.

As a multi-national corporation Ciklum has numerous legal requirements relating to sanctions. For the purpose of this Policy Ciklum will use the sanctions imposed by the EU, UN and USA as a benchmark. The reason for using these regulations as a base is that not only will these regulations be directly applicable to certain Ciklumers but they are also seen as presenting the highest risk of enforcement action. In each jurisdiction Ciklum operates, there are laws and regulations restriction trading with certain individuals and entities. Where these conflict arises, Ciklum will take a decision on the appropriate course of action.

Prior to entering into a contractual relationship with any third party, the identity of the third party, its beneficial owners (if applicable), and the nature of the transaction itself should be screened against any applicable U.S. and E.U. sanctions, as well as any applicable export/import control regulations. Services to new customer will not be provided until such a customer and the transaction have been screened against U.S. and E.U. sanctions and applicable export/import control laws. 

Third Parties that are registered in countries having high levels of trade and commercial sanctions, such as but not limited to, Iran, Sudan and North Korea, are subject to particularly high levels of scrutiny and decisions on whether to engage with a third party registered or located in (or whose beneficial owners are citizens or residents of) such a jurisdiction. These decisions should be taken on a case-by-case basis, with consultation and approval of Group Compliance Director where necessary. 

The Country Manager should take all due care to protect the reputation of the Ciklum Group in connection with any such transaction and shall obtain beneficial ownership information for such third parties in order to perform a sanctions check, even before entering into preliminary agreements.

Ciklum conducts business in the US and as such must be aware that US Sanctions apply to US persons (including individuals and entities) irrespective of their location. Consequently, US persons must not be asked to opine or be involved in any business relationship that would be prohibited, under US sanctions, if performed, by a US person, even in circumstances where the activity would be permitted by the Sanctions Policy and legal in other jurisdictions. These restrictions also apply to any transaction conducted in US Dollars.

Where any existing or potential customer, employee, third party or payment is identified as having a sanctions related restriction, or a potential restriction, this must be escalated to the Compliance Function for review and approval before any transaction can proceed. 

Compliance Function will review the screening results and if they agree with the screening results will liaise with the Compliance Director and other parties, as required, to decide on the appropriate course of action. 

If after screening, and subsequent investigation, the decision is made that there is a confirmed ‘positive’ hit against a relevant sanctions list then appropriate action must be taken by the Compliance Director. Appropriate action may include, but is not limited to, notifications to relevant legislation, licence applications and/or ceasing relationships with the relevant third party.

A third party is an entity, regardless of form and ownership, or an individual (e.g. private entrepreneur) with whom Ciklum has a business relationship. This includes, but is not limited to: 

• Suppliers; 
• Agents / Intermediaries; and 
• Customers. 

Ciklum will only establish business relationships with reputable third parties who derive their income, wealth, funds, and assets from legitimate sources. Ciklum must not knowingly establish business relationships with individuals or entities who are subject to legal restrictions (including sanctions).

7.3.1. Minimum Standards 

To ensure that Ciklum does not enter into any prohibited relationships and to ensure compliance with all legal and regulatory requirements, Ciklum will implement a risk-based Third Party Due Diligence Procedure (“TPDD Procedure”). Third Party Due Diligence (“TPDD”) will be completed before the initiation of any business relationship and will seek to verify the true identity of potential third parties, the expected nature of their relationships and transactions with Ciklum, and their reputation. 

The requirements of this Policy are mandatory and have to be followed for all third parties. They support the Ciklum Compliance Programme and apply to all Ciklumers in all Ciklum locations. 

In all instances the following steps must be followed as a minimum: 

1. Initial Screening: Using a screening solution to ascertain any red flags before continuing with the remaining due diligence. 
2. Risk Assessment: Using a range of factors to assess the level of financial crime and integrity risk associated with individual third parties. 
3. Due Diligence Checks: Conducting risk-based due diligence on higher risk third parties.
4. Approval: Approval for working with new third parties will always be required. However, the approver(s) will be determined by the risk rating and due diligence conducted. 

Where an increased risk of financial crime is identified with a third party, additional requirements may be required in line with the TPDD. Ciklum will not establish any business relationship, or initiate or commit to any transaction with a third party for which TPDD has not been completed and approved as required by this Policy or related procedures. 

7.3.2. Responsibility for conducting Third Party Due Diligence 

For each third party there should be an individual (the “Proposer”) who is assigned with overall responsibility for ensuring that the requirements of this Policy are followed. This should be a Ciklumer involved with the management of the relationship with the third party (for example, the Service Delivery Manager). Branch and Operational Managers are responsible for allocation of sufficient resources that are necessary to ensure that this Policy is fully implemented within their areas of responsibility.

Any dealings with government agencies and government officials present an increased risk of bribery and corruption. As part of Third Party Due Diligence the identification and appropriate risk mitigation of relationships involving Politically Exposed Persons (PEPs) is essential. Ciklum will ensure that any risk assessment and associated due diligence considers the risks presented by PEPs.

When dealing with third parties, employees must make it clear that Ciklum has a zero tolerance approach to financial crime. Where contracts exist, these must contain relevant ABC clauses. Where appropriate, this Policy should also be communicated to third parties. Where any suspicion exists that a third party may be behaving unethically this should be reported to Compliance.

Ciklum will monitor third party relationships on an ongoing basis. The frequency and extent of ongoing monitoring will be determined by the third party’s risk rating. The results of Ciklum’s monitoring will be used to determine whether the Third Party Due Diligence conducted remains adequate. Where monitoring indicates a material change to a third party’s risk profile, Ciklum must update the Due Diligence information and reassess the financial crime risk associated with the business relationship.

The following financial and accounting directives have been implemented to help ensure Ciklum’s compliance with international ABC regulations, including the FCPA: 

• All cash, bank accounts, investments and other assets of Ciklum must always be recorded accurately on the official books of the Company. 
• The Risk Management Committee will periodically initiate internal review the Company’s books, records, and controls to ensure their compliance with the requirements of the FCPA. 
• No Ciklumer shall falsify any accounting or other business record, and all Ciklumers shall respond truthfully and fully to any questions from the Ciklum’s internal or independent auditors. 
• Bank accounts should be opened or closed only upon the prior written approval of the Group Compliance Director and Finance Director (not country controller). In the absence of either of those, the Group CFO and Finance Controller would approve. Anonymous (“numbered”) accounts will not be maintained. 
• Payments will not be made into anonymous bank accounts or other accounts not in the name of the payee or of any entity known to be controlled by the payee. 
• No cash payments shall be made, except for regular, approved payroll payments or normal disbursements from petty cash supported by signed receipts or other appropriate documentation. Checks will not be drawn to the order of “cash,” “bearer” or similar designations. 
• Fictitious invoices, over-invoices or other misleading documentation will not be used. 
• Fictitious entities, sales, purchases, services, loans or financial arrangements will not be used. 
• Check requests will be in writing and contain a complete explanation of the purpose and authority for the payment. The explanation will accompany all documents submitted in the course of the issuing process and will be kept on file. 
• All expenses relating to foreign business must be supported by reasonable written documentation. 
• Payments to Third Parties will only be made in the country where a substantial portion of the related services are performed or the country from which the Third Party performing such services normally conducts business. 
• Payments for any services rendered to Ciklum by a government official (including an officer of a foreign government-owned or controlled commercial enterprise), including honorarium payments and reimbursement of expenses, will be made solely to the government agency or instrumentality employing the individual. Such payments will be made by check directly to the respective government agency or instrumentality, or by wire to its named bank account within the respective government agency’s or instrumentality’s country, or by wire through its duly authorized correspondent bank. 
• Receipts, whether in cash or checks, will be deposited promptly in a bank account of Ciklum. Any Ciklumer who suspects the possibility that a bribe, kickback or over-invoice is associated with a particular receipt or that an understanding exists that all or a portion of a receipt will be rebated, refunded or otherwise paid in contravention of the laws of any jurisdiction, will immediately report that suspicion in accordance with the reporting procedures addressed below under “Reporting Violations” Section.
• Personal funds must not be used to accomplish what is otherwise prohibited by this policy.

Any Ciklumer who suspects a violation of this policy must immediately report such suspected violation to respective Line Manager / Project Manager, HR Business Partner / People Partner or Compliance Function. If you are uncomfortable doing so, you may report by anonymously using Ciklum SpeakUp mailbox: SpeakUp@ciklum.com 

Never hesitate to ask questions, raise concerns, or seek the guidance you need. Ciklum will not tolerate any discrimination against anyone who has reported a concern in good faith.

Ciklum will investigate any report of a violation with the principles of the Code of Conduct and this Policy. You must cooperate fully with any investigation, but should not investigate independently as alleged violations may involve complex legal issues, and you may risk compromising the integrity of a formal investigation.

The Compliance Director is responsible for owning and maintaining this Policy. The Policy must be reviewed and updated on as-needed basis by the Compliance Director. New operational, legal and regulatory developments and emerging risks may trigger review and update of the Policy. 

All changes must be notified to and approved by the Risk Management Committee before the revised Policy is released and communicated to Ciklumers. A version control log – outlining the date of change, a description of change made and who has made the change – must be maintained up-to-date in order to ensure formal control over adjustments made to the Policy. As a result, management will take appropriate corrective action in the scope of laws, policies and procedures when breaches of laws, rules and standards are identified that might include disciplinary actions up to termination of a contract or employment, and if necessary taking legal action against the Ciklumer.

All breaches of this Policy or related standards and procedures must be immediately reported to the Compliance Director. The Compliance Director is responsible for determining whether the breach is material and requires further escalation. 

Conduct that violates the law and/or company policies is ground for disciplinary or remedial action. In addition, failure to report a known violation of law or company policy by someone else may result in disciplinary action for Ciklumers and/or termination of employment/your relationship with Ciklum. The disciplinary action taken will be decided on a case by case basis. The action will be conducted in accordance with Ciklum’s HR procedures and corresponding legal requirements. 

Where laws have been violated, we will cooperate fully with the appropriate authorities.

These cookies are necessary to allow us to operate our Sites and remember your choices with respect to cookies enabled.

These cookies are used by Ciklum to analyse how our websites are used and their performance. For example, they track the most visited pages, and where the visitors come from. Such cookies also help us to remember your choices and preferences for future visits. They allow us to remember your device in-between visits.

These cookies collect information about your activities, provide us with analytical statistics and you with targeted advertising. We may also use our third-party service providers for this purpose. Such third-party providers (Google or Linkedin in particular) may collect information about your online activities over time and across different websites. Third-party service providers that generate these cookies have their own privacy policies and may use their cookies to target advertising to you on other websites, based on your visits to Ciklum Sites.

Ciklum does not sell your information to third parties.