Employee

Code of Conduct

Policy Version: V2 Approver: Manish Wadhwa Published On: Jul 2021

 Table of Contents

1. Introduction
2. Scope
3. Decoding the Code
4. Responsibility of a Leader
5. Pillars of Code of Conduct
6. Disciplinary Action
7. Raising Concern
 1 Introduction
1 Our Code of Conduct sets forth our core values, shared responsibilities, commitments, and
promises. It provides general guidance about the Company’s expectations, highlights
situations that may require particular attention, and references additional resources and
channels of communication available to us. It is also the first step for you to get clarity on
any questions relating to ethical conduct.

Our Code, however, cannot possibly address every situation we face at work. Therefore,
the Code is by no means a substitute for our good judgment, upon which our organization
depends. We must remember that each of us are responsible for our own actions and that
the ethical choice is always the best choice.
2
2 Scope

Our Code applies equally to all Girnar leaders and employees, across our subsidiaries. The
Scop
Code also applies to our partners, suppliers, agents or others acting on the Company’s
behalf. As employees, it is important that we know and follow the Code as a guideline for
e
decision making that is paired with integrity.

3 Decoding the Code

1 The Code of Conduct expresses Girnar’s commitment to conducting business ethically. It
explains what it means to act with integrity and transparency in everything we do and in
accordance with our unique culture and values.

As members of the Girnar family, let us follow not only the letter of the Code, but its intent
and spirit as well. This means we should:

• Understand the areas covered by the Code, Company policies and procedures, and laws
that apply to our job.
• Follow the legal requirements of all locations where we do business.
• Conduct ourselves in ways that are consistent with the Code, Company policies and
procedures, and laws.
• Speak up if we have concerns or suspected violations of the Code, Company policies
and procedures, or laws.
• When requested, certify that we have reviewed, understand and agree to follow the
Code.
• Understand that following the Code is a mandatory part of our job

2
 The Code cannot address every situation that may occur. We are expected to exercise good
judgment and ask questions when we need guidance or clarification. Many resources are
available to assist us. These include our managers, Human Resources, Legal Department
and other resources. In addition to the Code, we should also be aware of all Company
1 policies and procedures applicable to our work. You may refer to the Careline which is a
repository of all our policies.

4 Responsibility of a Leader
No matter what our role is, each one of us is expected to lead when it is a question of
ethics and be accountable for our actions. We act with responsibility and integrity in tune
with our values.

Most often, a manager is the first person to be contacted about a concern in our work
environment. Managers have some specific responsibilities:

• Be a role model of ethical behavior.

2 •
•
Encourage your team to raise issues and speak up.
Communicate a positive message about your commitment to ethics and compliance.
• Promote our values, the Code of Conduct and compliance with policies and the law.
• Actively support ethics and compliance awareness and training programs.
• Have open avenues for communication
•
•
Scop
Listen and respond fairly to employee concerns.
Find satisfactory and complete resolutions to ethical issues.
•
e
Escalate concerns when additional assistance is needed.

5 Pillars of Code of Conduct

1 Girnar family has the following 4 basic pillars of code of conduct.

Ethics in Equal Opportunity Protecting Administering the

Business Activity and Respect Company Asset Code

5.1 Ethics in Business Activity

GirnarSoft enjoys a hard-won reputation for honesty, integrity and fair dealing. Without
question, this reputation for integrity is an invaluable part of our success. There are certain
regulations that GirnarSoft is subject to and we should ensure that we comply both
in letter and in spirit with these as is applicable.
We should never accept directly or indirectly, any form of gift, entertainment or anything of
value more than INR 2,000 from our business partners including customers or their
representatives to: 2
 • Obtain or retain business;
• Influence business decisions; or
• Secure an unfair advantage
1 This includes bribes, kickbacks and facilitation payments.

We may give away gifts to our business partners, however this should be part of corporate
gifting from the company and no personal gifting/favor to our business partners including
customers or their representatives .

What is a bribe?
A bribe is anything of value that may be seen as an attempt to influence an action or a
decision in order to obtain or retain business or acquire an improper advantage. This could
include money, gifts, favors, use of company resources, entertainment or other items of
value

Defining things of value:

Cash payments, gifts, entertainment, covering or reimbursing expenses, promise of future
employment, similar items of value more that INR 2,000/-.
2
5.2 Equal Opportunity and Respect

5.2.1 Equal opportunity workplace free of discrimination or harassment

Scop
• At Girnar, we strive to provide a work environment free of discrimination and
harassment. We are an equal opportunity employer and employment decisions are
e
based on merit and business needs.
• We are committed to following fair employment practices that provide equal
opportunities to all employees. We do not discriminate or allow harassment on the basis
of race, color, religion, disability, gender, national origin, sexual orientation, gender
identity, gender expression, age, genetic information, military status, or any other legally
protected status. At Girnar, we value diversity and believe that a diverse workplace builds
1 a competitive advantage.
• To put these values in practice, all of us must ensure that decisions affecting employees
are based on business factors only. For instance, decisions regarding hiring, promotion,
termination, transfer, leave of absence or compensation should only be based on
relevant business factors.
• We must also ensure that we never verbally or physically mistreat others or engage in
offensive behavior, and we should not tolerate those who do.
• This includes harassing, bullying, abusive or intimidating treatment, inappropriate
language or gestures, disorderly conduct, violence and any other conduct that interferes
with a co-worker’s ability to do his or her job
• We must not possess, distribute, sell, use or consume illegal liquor or drugs in the
workplace. Such conduct constitutes serious misconduct & it may also constitute a
criminal offence.

2
 5.2.2 Consumption of Alcohol at Workplace

1. The Company recognizes that at some of the Company’s social events/ parties,
1 responsible consumption of Alcohol is allowed. In these circumstances, the
following restrictions apply at all such events:

• Employees must consume Alcohol responsibly

• Employees must recognise that performance of duties could be affected by Alcohol
• Employees must ensure a safe means of transport from such social events. Employees
must not drive any vehicle if they are over the legal blood Alcohol limit. Employees who
do not find safe means of transport should inform Management so that such transport
may be arranged at Employees cost.
• Employees must uphold an appropriate standard of behaviour at all times, consistent
with the Company’s codes of conduct and workplace policies including without limitation
Sexual Harassment Policy;
• Employees must immediately notify Management if they are aware of any breach of this
policy by another Employee. Subject to any disclosures required by law, any notifications
received by Management shall be treated confidentially. Failure to report any breach of
this policy by another Employee who is aware of this breach may itself constitute a
2 breach of this policy

2. If an Employee is required to return to work, or continue working after the event, and
the consumption of Alcohol could adversely affect their ability to perform work
effectively and safely, consumption of Alcohol by those Employees is not permitted.
3. Scop
If an Employee breaches this policy at such events and acts inappropriately, the
Employee may be subject to disciplinary action.
4. e
The Company will not be liable for any damage to a Company’s property, an injury to
such Employee or another person/Employee, or damage to others property caused
by an Employee while intoxicated from Alcohol. The Employee will be personally
liable in such circumstances.

Except as set out in this Policy, Employees must not:

1 • Attend work, commence work, continue work or return to work having consumed
Alcohol;
• Must not possess, distribute, sell, use or consume illegal liquor or drugs in the
workplace. Such conduct constitutes serious misconduct. It may also constitute a
criminal offence, in which case the Company may notify the police, or other appropriate
government authority.
• Consume Alcohol at workplace.

2
 5.3 Protecting Company Assets
1 For the Company, its confidential information is a valuable asset and every leader, employee
and agent of the Company must protect it. Confidential information includes all non-public
information. It also includes personal information (regardless of its source) that we obtain
in the course of business. We must take care that all confidential information is used for
Company business purposes only and in case of personal information, in addition, it must
be processed on instructions from the Company in accordance with laid out policies,
procedures and guidelines and as per applicable privacy laws and regulations.
Upon joining Girnar, all employees sign a Confidentiality and Nondisclosure Agreement
which details their confidentiality obligations to the Company.
As employees, we have access to significant amounts of company information that may
not be available to the public, and we should preserve the confidentiality of information
obtained in the Company’s service.
Information of a confidential, private and sensitive nature must be used responsibly and
controlled and protected to prevent its prohibited, arbitrary or careless disclosure.
Unless the Company has provided its specific consent, which should preferably be in
writing, or there is a legal or professional right or duty to disclose, we are prohibited from
2 disclosing confidential Company information. Confidential or proprietary information about
clients, our organization, or other parties, which has been gained through employment or
affiliation with GirnarSoft, may not be used for personal advantage or for the benefit of third
parties.
In addition to the above, no company asset is to be operated or used by anyone who is
Scop
under the influence of Alcohol. Employees shall remain responsible for safety of
Company’s assets allotted to them. The Company will not accept liability for any damage to
e
a Company machinery caused by an Employee’s use of a Company machinery while
intoxicated from Alcohol or illegal drugs/liquor. The Employee will be personally liable in
such circumstances.

Improper opportunities
When we receive information as part of our job, we should not trade with it for our personal
1 benefit. Neither should we pass on the information to our friends and family members or
indirectly compete with the Company. Information obtained as part of our job should not be
taken advantage of even after we leave the organization.

5.4 Administering our Code

It is the responsibility of each of us to follow the Code of conduct and Company policies
consistently and appropriately and help others to do so. Acts, acting in influence or
missions which run contrary to the above-stated principles and thereby result in the
breach of the company’s trust and confidence shall deemed unacceptable and shall be
subject to corrective actions.
When non-compliance with our Code of conduct is reported or otherwise suspected, steps
will be taken to investigate and, if appropriate, remedy the situation. Investigations will be
conducted in confidence and will be respectful and fair. If an allegation is substantiated by
an investigation, the appropriate management committee comprising of minimum 3
2
members will review the findings and determine the final outcome with 30 days from
reporting.
 Should you report a potential violation in good faith, you are assured of all support by the
Company. This support is extended to any person who is assisting in any investigation or
process with respect to such a violation as well. You can report any potential violation
1 in good faith without ever worrying, for instance if it will affect you professionally. Any such
retaliation may be immediately reported to the committee . If you are the subject of an
external investigation, you should immediately report this to your manager unless it is
prohibited by law.

6 Disciplinary Action
• Those who violate the Code or Company policies and procedures will be subject to
disciplinary action, up to and including dismissal.
• Disciplinary measures will also apply to anyone who directs or approves infractions or
has knowledge of them and does not promptly move to correct them.
• In case of Dismissal, all current and future component of variable nature such as
company bonuses/ex-gratia, variable pay-outs, ESOP or any other benefit entitled and
2 notice period pay to the employee are forfeited.
• All evidence collected and details of disciplinary actions are recorded in the employee’s
personnel file.
• All procedure are followed in accordance with employment equal opportunity /
anti-discrimination legislation.
Scop
• In all such cases ‘procedural fairness’ guidelines will apply. This means the warning and
dismissal process will allow the employee to offer their view of the events concerned.
e
The employee will be given every chance to defend himself/herself.
• For some offenses the Company retains the right to report the matter to the police where
charges may be laid. The police will be notified with regard to any criminal act against
the Company or another employee.

17 Raising Concern
• Acting with integrity and transparency means that we should be ethical, sincere and
open in all our transactions.
• We speak up when we are uncomfortable or uncertain, especially when it comes to
actions, conditions and behaviors that contradict our values and culture.
• Know what resources are available to help and support employees who, in good faith,
ask questions, raise concerns, or cooperate with investigations.
• Raise any integrity concerns immediately.
• Problems caused by violations of the Code, Company policies or applicable laws seldom
get better with the passage of time — they frequently get worse.
• You may reach out to your line manager or HR for support
• You may also raise your concern by writing to us on our official email ID for raising CoC
concerns ombudsman@girnarsoft.com
2
 Annexure
1 ACKNOWLEDGMENT

Employees and our leaders are required to acknowledge that they have read and
understood the Code. You must remember that under no circumstances does your failure to
read our Code, sign an acknowledgement or certify online exempt you from your obligation
to comply with our Code.

FORM OF ACKNOWLEDGMENT OF RECEIPT OF CODE OF CONDUCT AND

2 ETHICS

I have received and read the Company’s Code of Conduct and Ethics. I understand the
standards and policies contained in the Company Code of Conduct and Ethics and

Scop
understand that there may be additional policies or laws specific to my job and/or the
location of my posting. I further agree to follow the values of the Company in all that I do
and comply with the Company Code of Conduct and Ethics. If I have questions concerning
e
the meaning or application of the Company Code of Conduct and Ethics, any Company
policies, or the legal and regulatory requirements applicable to my job, I know I can consult
my manager, the Human Resources Department or the Legal Department, knowing that my
questions or reports to these sources will be maintained in confidence.

1 Employee Signature:

Employee Name:

Employee ID:

Date:

2
 Prevention of Sexual
Harassment (POSH)
Policy

Policy Version: V1.5 Approver: Manish Wadhwa Published On: Jul 2021
 Table of Contents

1. Objective
2. Scope
3. Definition
4. Internal Complaints Committee
5. Reporting and redressal process
6. Enquiry Process
7. Endnotes
1 1 Objective
Girnar Software Private Limited (“GSPL” or “Company”) is an equal employment opportunity
company and is committed to creating a healthy working environment that enables
employees to work without fear of prejudice, gender bias and a harassment free workplace
to all employees without regard to race, caste, religion, colour, ancestry, marital status,
gender, sexual orientation, age, nationality, ethnic origin or disability. The Company also
believes that all employees of the Company have the right to be treated with dignity. Sexual
harassment at the workplace or other than workplace if involve an employee or employees
2 is a grave offence and is therefore, punishable.

The Supreme Court has also directed companies to lay down guidelines and a forum for
Scope
Redressal of grievances related to sexual harassment. This policy takes complete
cognizance of the latest legislation by the Government of India “The Sexual Harassment at
Workplace (Prevention, Prohibition and Redressal) Act 2013 and its rules notification
published on December 09, 2013. This Act is to provide protection against sexual
harassment of women at workplace and for the prevention and Redressal of complaints of
sexual harassment and for the matters connected herewith or incidental thereto.

At GSPL, all employees are expected to uphold the highest standards of ethical conduct at
the workplace and in all their interactions with business stakeholders. This means that
1 employees have a responsibility to

• Treat each other with dignity and respect;

• Follow the letter and spirit of law
• Refrain from any unwelcome behaviour that has sexual connotation
• Refrain from creating hostile atmosphere at workplace via sexual harassment;
• Report sexual harassment experienced and/or witnessed to appropriate
authorities and abide by the compliant handling procedure of the company

2 Scope
This Policy extends to all employees of the GSPL and its subsidiaries (Refer to Annexures
from group Entities) and is deemed to be incorporated in the service conditions of all
employees of the Company and its subsidiaries in India. Local country laws will take
precedence over this policy, in other geographies, if applicable.

2
Sexual Harassment would mean and include any of the following but not limited to:

• Unwelcome sexual advances involving verbal, non-verbal, or physical conduct, implicit or

explicit;
• Physical contact and advances;
• Demand or request for sexual favour;
• Sexually coloured remarks, including but not limited to vulgar/indecent jokes, letters, phone
calls, text messages, e-mails, gestures etc,
• Showing pornography or the likes;
• Any other unwelcome physical, verbal or nonverbal conduct of sexual nature;
• Physical contact and advancessuch astouching,stalking,sounds which have explicit and/or
implicit sexual connotation/overtones, molestation
• Display of pictures, sign etc. with sexual nature/connotation/overtones in workarea and
work related areas
• Verbal or non-verbal communications which offends the individuals’ sensibilitiesand affect
her/his performance and has sexual connotation/overtone/nature.
• Teasing, Voyeurism, innuendos and taunts, physical confinement and/or touching against
one’s will and likely to intrude upon one’s privacy

The following circumstances, among other circumstances, if it occurs or is present in relation

to or connected with any act or behaviour of sexual harassment may amount to sexual
harassment.

• Implied or explicit promise of preferential treatment in the employment;

• Implied or explicit threat or detrimental treatment in the employment;
• Implied or explicit threat about the present or future employment status
• Interference with the work or creating an intimidating or offensive or hostile work
environment
• Humiliating treatment likely to affect health or safety

An alleged act of Sexual Harassment committed during or outside of office hours falls under
the purview of this policy.
3 Definitions
Aggrieved Individual:
An Aggrieved Individual, in relation to a workplace, is a person, of any age, whether an
employee or not, who alleges to have been subjected to any act of Sexual Harassment.

Complainant:
A Complainant is any Aggrieved Individual (if the Aggrieved Individual is unable to make a
compliant on account of his/her physical or mental incapacity or death or otherwise) who
makes a complaint alleging Sexual Harassment under this policy.

Competent Authority:
Competent Authority’ shall be the senior-most member of the Management Team or such
person as appointed by the Chief Executive Officer of the Company, to act as such from time to
time.

Employee:
An employee means a person employed with the Company for any work on permanent,
deputation, temporary, consultants, part time, ad hoc or daily wage basis, either directly or
through an agent, including a contractor, with or without the knowledge of the principal
employer, whether for remuneration or not, or working on a voluntary basis or otherwise,
whether the terms of employment are express or implied and includes a co-worker, a contract
worker, probationer, trainee, apprentice or called by any other such name.

Respondent:
A Respondent means the person against whom the complainant has made a complaint.

Workplace:
• Premises, locations, establishments, enterprises, offices, branches or units established,
owned and controlled by the Company.
• Places visited by the Employee arising out of or during the course of employment including
official events, transportation, and accommodation provided by the employer for
undertaking such journey
4 Internal Complaints Committee

As per the guidelines given by the law, Internal Complaints Committee (ICC) have been
appointed for all administrative offices of GSPL as follows:

Internal Complaints Committee - Jaipur

Name of the Member Designation Email ID Contact No

Ms. Charu Kishnani Presiding Officer charu@girnarsoft.com 9001599555

Mr. Ajay Kumar Member ajay@girnarsoft.com 9982341142

Ms. Urvashi Singh Member urvashi@girnarsoft.com 8560000590

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Gurgaon

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Artee Puri Member artee.puri@girnarsoft.com 9958871297

Mr. Anshu Kumar anshu.chakravoarty@insuranc

Member 9899196366
Chakravoarty edekho.com
Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Ahmedabad

Name of the Member Designation Email ID Contact No

Ms. Nazia Abidi Presiding Officer nazia.abidi@girnarsoft.co.in 9971771258

Ms. Richa Awasthi Member richa.awasthi@girnarsoft.com 9783764777

Mr. Rajdeep Dutta Member rajdeep.dutta@girnarsoft.com 7073777230

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Internal Complaints Committee - Bangalore

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Smriti Yadav Member smriti.yadav@gaadi.com 7676208189

Mr. Arvind Yadav Member arvind.yadav@girnarsoft.com 8860085088

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Chennai

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Smriti Yadav Member smriti.yadav@gaadi.com 7676208189

Mr. Arvind Yadav Member arvind.yadav@girnarsoft.com 8860085088

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Hyderabad

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Smriti Yadav Member smriti.yadav@gaadi.com 7676208189

amalendu.debbarma@girnars
Mr. Amalendu Debbarma Member 8478018777
oft.com
Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Internal Complaints Committee - Kolkata

Name of the Member Designation Email ID Contact No

Ms. Nazia Abidi Presiding Officer nazia.abidi@girnarsoft.co.in 9971771258

Ms. Artee Puri Member artee.puri@girnarsoft.com 9958871297

Mr. Nishant Bana Member nishant.bana@girnarsoft.com 8860625312

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Mumbai

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Richa Awasthi Member richa.awasthi@girnarsoft.com 9783764777

Mr. Rajneesh Raj

Member rajneesh.goel@girnarsoft.com 9820298594
Goel
Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Pune

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Richa Awasthi Member richa.awasthi@girnarsoft.com 9783764777

Mr. Ajit Member ajit.menon@girnarsoft.com 9823375677

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
The Internal Complaints Committee (ICC) for all other group entities are mentioned in the annexures.
 • A Quorum of two members is required to be present for the proceedings to be
conducted in the Committee.

• No person who is complainant, witness or defendant in the complaint of sexual

harassment shall be a member of Committee.

• Any Committee member charged with sexual harassment in a written complaint must
step down as a member during the enquiry into that complaint.

• In the Committee, not less than half of the number of members shall be women.

• Changes in the members of the ICC committee, whenever necessary, shall be made as
expeditiously as possible by the Competent Authority.

5 Reporting and redressal process

• A Complainant can make, in writing, a complaint of Sexual Harassment to the Internal
Complaints Committee (ICC), Within a period of three months from the date of incident
and in case of a series of incidents, within a period of three months from the date of last
incident. The ICC may, for the reasons to be recorded in writing, extend the time limit not
exceeding three months, if it is satisfied that the circumstances were such which
prevented the Complainant from filing a complaint within the said period.

• If the Aggrieved Individual is unable to make a complaint on account of his/her physical

incapacity, a complaint may be filed by:
o his/her relative or friend; or
o his/her co-worker; or
o an officer of the National Commission for Women or State Women's
o Commission
o any person who has knowledge of the incident, with the written consent of the
Aggrieved
o Individual

• If the Aggrieved Individual is unable to make a complaint on account of his/her mental

incapacity, a complaint may be filed by:
o his/her relative or friend; or
o a special educator; or
 o a qualified psychiatrist or psychologist; or
o the guardian or authority under whose care he/she is receivingtreatment or care; or
o any person who has knowledge of the incident jointly with the Aggrieved Individual’s
o relative or friend or a special educator or qualified psychiatrist or psychologist, or
o guardian or authority under whose care he/she is receiving treatment or care

• If the Aggrieved Individual for any other reason is unable to make a complaint, a
complaint may be filed by any person who has knowledge of the incident, with his/her
written consent.

• If the Aggrieved Individual is deceased, a complaint may be filed by any person who has
knowledge of the incident, with the written consent of his/her legal heir.

• The complaint can be submitted to the ICC electronically at icc@girnarsoft.com or may

be physically submitted to any ICC member. The ICC may, but shall not be bound to,
accept oral complaints under this Policy

• The Complainant shall submit four copies of the complaint along with supporting
documents and relevant details concerning the alleged incident(s), the name and details
of the Respondent and names and addresses of the witnesses.

• The Committee will maintain a record of the complaints received by it and keep the
contents confidential, if it is so desired, except to use the same for discreet investigation.

• The Committee will hold a meeting with the Complainant within five days of receipt of the
complaint, but no later than a week in any case.

• At the first meeting, the Committee members shall hear the Complainant and record / her
allegations. The Complainant can also submit any corroborative material with a
documentary proof, oral or written material, etc., to substantiate her complaint. If the
Complainant does not wish to depose personally due to embarrassment of narration of
event, a lady Officer involved and a male officer for male employees, involved shall meet
and record the statement.

• Thereafter, the person against whom complaint is made may be called for a deposition
before the Committee and an opportunity will be given to him/ her to give an explanation,
where after, an "Enquiry" shall be conducted and concluded.
 • In the event, the complaint does not fall under the purview of Sexual Harassment or the
complaint does not mean an offence of Sexual Harassment, the same would be dropped
after recording the reasons thereof.

• In case the complaint is found to be false, the Complainant shall, if deemed fit, be liable
for appropriate disciplinary action by the Management.

6 Enquiry Process
• The Committee shall immediately proceed with the Enquiry and Communicate the same
to the Complainant and person against whom Complaint is made.

• The Committee shall prepare and hand over the Statement of Allegation to the person
against whom complaint is made and give him / her an opportunity to submit awritten
explanation if she / he so desires within 7days of receipt of the same.

• The Complainant shall be provided with a copy of the written explanation submitted by
the person against whom complaint is made.

• If the Complainant or the person against whom complaint is made desires any
witness/es to be called, they shall communicate in writing to the Committee the names of
witness/es that they propose to call.

• If the Complainant desires to tender any documents by way of evidence before the
Committee, she / he shall supply original copies of such documents. Similarly, if the
person against whom complaint is made desires to tender any documents in evidence
before the Committee he /she shall supply original copies of such documents. Both shall
affix his/her signature on the respective documents to certify these to be original copies.

• The Committee shall call upon all witnesses mentioned by both the parties.

• The Committee shall provide every reasonable opportunity to the Complainant and to the
person against whom complaint is made, for putting forward and defending their
respective case.

• The Committee shall complete the "Enquiry" within reasonable period but not beyond
three months and communicate its findings and its recommendations for action to the
 Competent Authority of GSPL within a period of ten days from the date of completion of
the inquiry and such report should be made available to the concerned parties. There port
of the committee shall be treated as an enquiry report on the basis of which an erring
Employee can be awarded appropriate punishment straightaway.

• The Competent Authority will direct appropriate action in accordance with the
recommendation proposed by the Committee

• The range of Corrective measures / disciplinary and such suitable measures and action
which the Competent Authority may consider to impose, may include but not limited to:
o A communication / letter of warning be sent to the employee and a copy of which
shall be placed in the personal file of that employee by Human Resources
Department.
o Immediate transfer or any other appropriate disciplinary action.
o Stoppage of increment with or without cumulative effect.
o Reduction in rank;
o Termination/dismissal from the services of the Company by the Competent
Authority;
o Any other action that the Competent Authority may deem fit and proper; and
o Filing of a complaint before the relevant statutory / police authorities / court of law;

• The Committee shall be governed by such rules as may be framed by the Supreme Court
orders or any other legislation enacted later on.

7 Endnotes
• GSPL Management shall provide all necessary assistance for the purpose of ensuring
full, effective and speedy implementation of this policy.

• Where sexual harassment occurs as a result of an act or omission by any third party or
outsider, GSPL shall take all steps necessary and reasonable to assist the affected
person in terms of support and preventive action.

• The Committee shall analyse and put up report on all complaints of this nature at the end
of the year for submission to Competent Authority.

• In case the Committee finds the degree of offence coverable under the lndian Penal Code,
then this fact shall be mentioned in its report and appropriate action shall be initiated by
the Management, for making a Police Complaint.
 Penal Consequences of Sexual Harassment

• In addition to action which the Management may initiate under the Sexual Harassment of
Woman at Workplace (Prevention, Prohibition & Redressal) Act 2013, the following
liability may arise under the Indian Penal Code.
• Under the Indian Penal Code, (IPC), the newly introduced. Section (S. 354A) which deals
with Sexual Harassment has made this a 'cognizable offense' i.e. a person charged with
Sexual Harassment may be arrested without a warrant.

• A man committing any of the following acts

o Physical contact and advances involving unwelcome and explicit sexual overtures or
o A demand or request for sexual favours or
o Showing pornography against the will of a woman or
o Making sexually coloured remarks

shall be guilty of the offence of sexual harassment.

• Any man who commits the offence specified in clause (i) or clause (ii) or clause (iii)
above, shall be punished with rigorous. 'imprisonment for a term which may extend to
three years, or with fine, or with both,

• Any man who commits the offence specified in clause (iv) above shall be punished with
imprisonment of either description for a term which may extend to one year, or with fine,
or with both.

• In addition, acts of Sexual Harassment may also constitute other offenses under IPC
including Section 354 (assault or criminal force to woman with intent to outrage her
modesty), Section 354C (Voyeurism), Section 354D (Stalking), Section 375 and 376
(Rape) and Section 509 (word, gesture or act intended to insult the modesty of a woman)
of the IPC.
 Annexure I (1/3)
Complaint Redressal Committee/ Internal Complaints Committee : GAPL

Internal Complaints Committee - Gurgaon

Name of the Member Designation Email ID Contact No

Ms. Nazia Abidi Presiding Officer nazia.abidi@girnarsoft.co.in 9971771258

Mr.Debojit Sen Member debojit.sen@girnarsoft.com 9711162175

Ms. Palakh Bedi Member palakh.bedi@gaadi.com 9953877991

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Bengaluru

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Smriti Yadav Member smriti.yadav@gaadi.com 7676208189

Mr. Vincent Joseph

Member sumanth.vj@gaadi.com 7995365779
Sumanth
Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Delhi

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Palakh Bedi Member palakh.bedi@gaadi.com 9953877991

Mr. Nishant Bana Member nishant.bana@girnarsoft.com 8860625312

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Annexure I (2/3)
Complaint Redressal Committee/ Internal Complaints Committee : GAPL

Internal Complaints Committee - Jaipur

Name of the Member Designation Email ID Contact No

Ms. Charu Kishnani Presiding Officer charu@girnarsoft.com 9001599555

Ms. Palakh Bedi Member palakh.bedi@gaadi.com 9953877991

Ms. Urvashi Singh Member urvashi@girnarsoft.com 8560000590

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Lucknow

Name of the Member Designation Email ID Contact No

Ms. Nazia Abidi Presiding Officer nazia.abidi@girnarsoft.co.in 9971771258

Ms. Palakh Bedi Member palakh.bedi@gaadi.com 9953877991

Mr. Nabeel Akhtar Member nabeel.akhtar@girnarsoft.com 9000825385

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Pune

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Richa Awasthi Member richa.awasthi@girnarsoft.com 9783764777

Mr. Ajit Member ajit.menon@girnarsoft.com 9823375677

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Annexure I (3/3)
Complaint Redressal Committee/ Internal Complaints Committee : GAPL

Internal Complaints Committee - Hyderabad

Name of the Member Designation Email ID Contact No

Ms. Sakshi Singh Presiding Officer sakshi.singh@girnarsoft.com 9654750164

Ms. Smriti Yadav Member smriti.yadav@gaadi.com 7676208189

amalendu.debbarma@girnars
Mr. Amalendu Debbarma Member 8478018777
oft.com
Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Ahmedabad

Name of the Member Designation Email ID Contact No

Ms. Nazia Abidi Presiding Officer nazia.abidi@girnarsoft.co.in 9971771258

Ms. Richa Awasthi Member richa.awasthi@girnarsoft.com 9783764777

Mr. Rajdeep Dutta Member rajdeep.dutta@girnarsoft.com 7073777230

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Annexure II
Complaint Redressal Committee/ Internal Complaints Committee : GIBPL

Internal Complaints Committee - Jaipur

Name of the Member Designation Email ID Contact No

manisha.bisht@insurancedekho.
Ms. Manisha Bisht Presiding Officer 9582369993
com
Mr. Anshu Kumar anshu.chakravoarty@insuranced
Member 9899196366
Chakravoarty ekho.com
Ms.Sangeeta sangeeta.sangam@insurancede
Member 9599956412
Sangam kho.com
Member aakruti.sureka@insurancedekho.
Ms. Aakruti Lalit Surekha 9096086959
com
Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Annexure III
Complaint Redressal Committee/ Internal Complaints Committee : GSSPL

Name of the Member Designation Email ID Contact No

Ms. Charu Kishnani Presiding Officer charu@girnarsoft.com 9001599555

Mr. Neeraj Jain Member Neeraj.jain@girnarsoft.com 8560999111

Ms. Shukla Ghosh Member shukla@girnarsoft.com 8820006666

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
 Annexure IV
Complaint Redressal Committee/ Internal Complaints Committee : GWPL

Internal Complaints Committee - Jaipur

Name of the Member Designation Email ID Contact No

Ms. Charu Kishnani Presiding Officer charu@girnarsoft.com 9001599555

Mr. Lokesh Sharma Member lokesh@girnarsoft.com 9001990013

Ms. Urvashi Singh Member urvashi@girnarsoft.com 8560000590

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)

Internal Complaints Committee - Gurgaon

Name of the Member Designation Email ID Contact No

Ms. Nazia Abidi Presiding Officer nazia.abidi@girnarsoft.co.in 9971771258

Srikanth.Mahadevan@cardekh
Mr. Srikanth Mahadevan Member 9619330729
o.com

Ms. Swati Singhal Member swati.singhal@girnarsoft.co.in 9910684927

Member (external
Mr. Manish Gaurav gaurav.manish@gmail.com 9958201822
advocate in practice)
Anti-Bribery/Anti-Corruption
(“ABC”) Policy and
Procedure Manual
Girnar Software Private Limited
 Sr. No Particulars Page No.
1 Introduction 1
2 Additional Guidance 1
3 Definitions 1
4 Sanctionable Practices 2
5 Bribery 3
6 Gifts, Travel, Meals and Entertainment 5
7 Reporting Gifts 7
8 Conflict of Interest 8
9 Charitable Donations 8
10 Political Contributions 9
11 Facilitation Payments 9
12 Use of Business Partners 9
13 Contractual Requirements for Business Partners 11
14 Monitoring Business Partner Conduct 12
15 Role of CO/MLRO 12
16 Embezzlement and Misuse of Company assets 13
17 Financial Controls 13
18 Responsibility of Team Members 13
19 Disciplinary Actions 14
20 Communication and Compliance Training 14
21 Document Retention 14
22 Monitoring and Review 14
23 Right to Amendment 14
Annexure I: Frequently Asked Questions 19
1. INTRODUCTION

1.1. ABC responsibility and oversight

1.1.1. Girnar Software Private Limited (the “Company”) has zero tolerance for bribery and corruption. This
Anti-Bribery/Anti-Corruption Policy and Procedure Manual (“ABC Manual”) reflects our commitment
to conduct business with honesty and integrity at all points of time. This ABC Manual also provides a
secure mechanism for all persons associated with the Company to report any instances of misconduct,
or actual or potential violations of applicable laws or internal regulations without fear of reprisal. The
Company has appointed a Compliance Officer/Money Laundering Reporting Officer (“CO/MLRO”)
who is a member of the Company’s senior management and is responsible for overseeing the
Company’s compliance with various anti-bribery and anti-corruption laws.

1.2. Scope of ABC Manual

1.2.1. As a matter of policy and in addition to the requirements of law in the countries in which it operates,
this ABC Manual takes into account compliance with various anti-bribery and anti-corruption laws and
principles of other countries which relate to the Company’s international activities. The Company also
strives to promote adherence to the standards set out in this ABC Manual by all individuals and entities
it does business with and will not knowingly engage with a business that operates in violation of
international anti-bribery or anti-corruption norms.

1.2.2. This ABC Manual applies to our directors, officers and employees, the directors, officers and
employees of the Company’s subsidiaries and Affiliates and, insofar as they are acting on the
Company’s behalf, Business Partners as defined in this policy (collectively referred to as “Team
Member”). Furthermore, the ABC Manual extends to all business dealings of the Company in all
jurisdictions that we operate in.

2. ADDITIONAL GUIDANCE

2.1. No manual, however detailed, can cover every corruption issue that can arise. If you have questions
about what you should do in a particular situation, please talk with your manager or supervisor. If
you reasonably suspect bribery or other corrupt practices taking place, you should report your
concerns directly to the CO/MLRO.
The bedrock rule in the event of uncertainty is simple:

Ask first and act after you have obtained authoritative guidance.

3 DEFINITIONS

3.1. "Affiliate(s)” means any entity that controls, is controlled by, or is under common control of the
Company. “Control” means the direct or indirect ownership of more than fifty percent of the voting
securities of an entity or the power to control the composition of the board of directors of such
entity.

1|P a g e
3.2. “Anything of Value” includes but is not limited to gifts, entertainment, covering or reimbursing
expenses, investment opportunities, shares, securities, loans or contractual rights, promise of future
employment, payments under consulting agreements, subcontracts, stock options, and similar items
of value.

3.3. “Business Partner” refers to an individual or entity that has acted or is acting for or on behalf of the
Company but only when such individual or entity has or is acting in that capacity.

3.4. “Family Member” refers to an individual’s spouse or partner, son(s) and daughter(s), son(s)-in-law
and daughter(s)-in-law, brother(s) and sister(s), step-brother(s) and step-sister(s), brother(s)-in-law
and sister(s)-in law, parents, parent(s)-in-law and step-parent(s). The foregoing definition is not
restricted to cis-gendered individuals but applies to gender queer individuals as well.

3.5. “Public Official” refers to:

(i) An officer or employee of any government or component of a government;

(ii) A director, officer or employee of any entity in which a government or component of a

government possesses a majority or controlling interest;

(iii) A candidate for public office;

(iv) Any individual who is empowered to discharge any adjudicatory functions;

(v) An official of a political party;

(vi) An officer or employee of a public international organization (e.g., the World Bank or United
Nations);

(vii) An individual who is acting in an official capacity for or on behalf of a government or component
of a government, an entity in which a government or component of a government possesses a
majority or controlling interest, a political party or a public international organization, even if
the individual is acting in such capacity temporarily and without compensation;

(viii) A member of a royal family (meaning a reigning monarch, including her/his Family Members);
and

(ix) Any other individual that discharges duties that are essentially public in nature.

3.6. “Third Party” refers to any individual or organization which transacts with the Company and also
includes actual and potential clients, vendors, consultants, retainers, agents, advisors, distributors,
contractors, suppliers or service providers.

4. SANCTIONABLE PRACTICES

4.1. Standards of Conduct

2|P a g e
4.1.1. No Team Member may engage in (or authorize or permit any other affiliate or person or entity acting
on her/his behalf to engage in) any corrupt, fraudulent, coercive, collusive or obstructive practice
(collectively “Sanctionable Practices”) with respect to any transaction related to the business or
operations of the Company.

4.2. Definitions of Sanctionable Practices:

4.2.1 A (“Corrupt Practice”) is the offering, giving, receiving or soliciting, directly or indirectly, of Anything
of Value to influence improperly the actions of another party.

4.2.2 A (“Fraudulent Practice”) is any action or omission, including misrepresentation that knowingly or
recklessly misleads, or attempts to mislead, a party to obtain a financial or other benefit or to avoid
an obligation.

4.2.3 A (“Coercive Practice”) is impairing or harming, or threatening to impair or harm, directly or

indirectly, any party or the property of the party to influence improperly the actions of a party.

4.2.4 A (“Collusive Practice”) is an arrangement between two or more parties designed to achieve an
improper purpose, including to influence improperly the actions of another party.

4.2.5 An (“Obstructive Practice”) is (i) deliberately destroying, falsifying, altering or concealing evidence
material to the investigation or making of false statements to investigators, in order to materially
impede a Company investigation into allegations of a corrupt, fraudulent, coercive or collusive
practice, and/or threatening, harassing or intimidating any party to prevent it from disclosing its
knowledge of matters relevant to the investigation or from pursuing the investigation, or (ii) acts
intended to materially impede the Company’s access to required information in connection with an
investigation into allegations of a corrupt, fraudulent, coercive or collusive practice.

5. BRIBERY

5.1. Standards of conduct

5.1.1. Bribery is a subset of and one of the most common forms of Corrupt Practices. While this ABC Manual
prohibits all forms of bribery, including bribes or offers of bribes to individuals in their own capacity
or those employed by private sector companies, the bribery of Public Officials especially presents
grave risks.

5.1.2. Team Members are strictly prohibited from (directly or indirectly) indulging in bribery which includes:

(a) offering, promising, giving or authorizing Anything of Value for the benefit of any other
person in order to obtain any improper advantage for the Company or any of its Affiliates,
for themselves, or for any Family Member, friends, associates or acquaintances;

(b) soliciting, accepting or receiving Anything of Value from any other person in return for
providing any improper advantage to such other person;

(c) otherwise using illegal or improper means (such as utilizing Anything of Value, blackmail or

3|P a g e
 secret commissions) to influence the action of any other person;

(d) acting as an intermediary for a Third Party in any of the above activities; or

(e) using an intermediary or Business Partner to engage in any of the above activities. Please
see paragraph 12 for further guidance on dealing with Business Partners.

5.1.3. Team Members shall never induce or reward any person for the performance of any job or task with
either cash or non-cash benefits (e.g. gifts, travel or entertainment), where the purpose of the reward
is to induce that person to:

(a) act in violation of their legal duties (e.g. breach of client confidentiality);

(b) grant any inappropriate or improper advantage (e.g. granting access to otherwise
unavailable information in a competitive bid scenario); or

(c) use their influence inappropriately (e.g. to persuade the board of a company to vote in a
certain manner).

5.1.4. When dealing with Public Officials, every Team Member must also approach with equal care,
payments and the giving of Anything of Value to the Family Members of Public Officials as well,
largely because benefits given to Family Members of Public Officials can be construed as having been
intended to affect the conduct of the Public Official to whom the recipient is related.

5.1.5. Team Members shall consider whether any benefit offered by or to a Third Party is for an improper
purpose (e.g. seeking to influence business decisions) and, if so, decline it.

5.1.6. Team Members will perform risk-based due diligence on the exposure of target companies to
applicable laws governing bribery and corruption.

5.1.7. The Company requires each of its Affiliates to have an ABC Manual in place which satisfies all
applicable legal and regulatory requirements and to educate their employees on the ABC Manual and
such requirements.

5.1.8. No Team Member may facilitate or otherwise sanction any violation of an ABC Manual or any
unlawful conduct relating to bribery or corruption by an Affiliate or the employees/persons
associated with such Affiliate.

5.1.9. The act of giving or receiving certain gifts is acceptable under this ABC Manual:

 Gifts presented to authorities based on statutory requirements. For example, gift deeds
executed in favour of the Government for conveyance of a certain portion of land towards open
space reservation as required under law. However, even in such cases, the proposal should be
duly approved by the CO/MLRO.

 Gifts or rewards received or given in recognition for exceptional performance during the
recipient’s assignment. Such gifts shall not fall within the purview of this ABC Manual.

 Prizes or medals won by Team Members or given to Third Parties in any corporate tournament,
or in an event sponsored by a Third Party or otherwise.

5.1.10. If any Team Member is ever in doubt as to whether any arrangement (including any arrangement

4|P a g e
 entered into or proposed by a subsidiary company or an Affiliate or employees of such subsidiary or
Affiliate) may be construed as a bribe or other improper or illegal behavior, then such Team Member
should contact the CO/MLRO immediately.

5.1.11. Payments and the giving of Anything of Value by our Business Partners can pose the same risk to the
Company and Team Members as direct payments and other value transfers by the Company and its
Team Members. We must not permit the Company’s Business Partners to do anything that we should
not do ourselves. If any Team Member suspects that any Business Partner may be about to engage
in misconduct to benefit the Company, prompt action must be taken. That includes immediately
notifying the CO/MLRO.

Example:

Mukesh, a Company employee, offers Anil, the representative of a potential partner, tickets to an IPL
match but only if Anil’s organization agrees to do business with the Company on an exclusive basis.
That would be illegal because Mukesh is making an offer to gain a commercial advantage. Anil’s
acceptance of the offer also may be illegal.

Example:

Srinivas works in the Company’s procurement department. The Company’s regular supplier offers a
job to Srinivas’ cousin but makes it clear that in return the supplier expects Srinivas to use his influence
to ensure that the Company will continue to do business with the supplier. Srinivas must notify the
CO/MLRO immediately of the supplier’s conduct. The supplier has committed an illegal act even if
Srinivas’s cousin rejects the offer of a job and the Company terminates its relationship with the
supplier.

6. GIFTS, TRAVEL, MEALS AND ENTERTAINMENT

6.1. Guidelines for gifts, meals and entertainment:

6.1.1. The bribery laws and regulations that govern the Company’s operations permit certain expenditures
to be made by or on behalf of the Company that are not intended to affect decision making of the
recipient. These are expenditures for which no “quid pro quo” (something that is done in return for
something that is offered or given) is intended or expected. This paragraph 6 applies to gifts which
are given or received by a Team Member in connection with that Team Members’ role, to or from
any Public Official or Third Party.

6.1.2. Gifts (whether given or received) should never be in cash or cash equivalents (such as cheques or gift
cards). Gifts, meals, or entertainment should never be given or received with the intention of
influencing a person to perform or decline to perform an act, or make a particular decision, or reward
such person for an act that the person has already performed or decision that was already made.
Bear in mind that ‘entertainment’ is a very broad term and could include a number of activities such
as attendance at the theatre, sporting events, dinners or golfing trips. While this is, by no means, an
exhaustive list, it is meant to give Team Members a broader understanding of the variety of events

5|P a g e
 that could qualify as ‘entertainment.’ Furthermore, any gift, meal or entertainment that a Team
Member offers a Public Official must comply with all applicable laws and regulations, including
government ethics rules, even if (i) the Team Member uses her/his personal funds to pay for the gift,
or (ii) if the Public Official is legally responsible for any violations of the applicable law or regulations
that occur.

6.1.3. When offering or providing gifts, meals or entertainment to Third Parties or Public Officials, the
following points must be kept in mind:

 The gift/meal/entertainment must be modest in value (i.e., no more than INR 5,000, if prior
approval of the CO/MLRO is not obtained);
1. The gift/meal/entertainment must be infrequently provided to the same individual (not
exceeding, absent prior approval from the CO/MLRO, two times per year);
 The gift/meal/entertainment must be appropriate for the occasion;
 The gift/meal/entertainment must not be given secretly in a manner that hints at impropriety;
and
 The gift/meal/entertainment must not be of a nature that would embarrass the Company if
publicly disclosed.

6.1.4. Furthermore, the laws, regulations and rules in many countries limit the meal and entertainment
expenses that the Company is permitted to incur vis-à-vis Public Officials in those countries. Although
offering or paying for a meal for a Public Official generally is permitted (particularly if the meal is
provided on Company premises), greater restrictions have been placed upon our ability to entertain
Public Officials. Every Team Member is required to verify such additional limitations in the country
that they are dealing with, in order to ensure that the offering of such meal or entertainment is in
compliance with local law.

6.1.5. When dealing with Public Officials and Third Parties, the prior approval of the CO/MLRO is required
before giving or offering gifts/meals/entertainment that exceeds INR 5,000 in value. For seeking the
CO/MLRO’s approval, Team Members may submit application form for such approval, the format of
which can be found in Annexure A.

6.1.6. Any gifts, meal, or entertainment that a Team Member receives that is above INR 5,000 also requires
the prior approval of the CO/MLRO. If it is not possible to seek prior approval from the CO/MLRO for
the receipt of such item that is above this threshold (for example, because there was no opportunity
to seek prior approval and it would cause offence to the offeror to decline), then the Team Member
must report the incident to the CO/MLRO within one (1) business day of its receipt. Such declaration
must be made using the declaration form in Annexure B. The CO/MLRO may require a gift accepted
without prior approval to be returned or handed over to the Company or its Affiliates.

Example:

Suresh, a Company employee, has set up a meeting with a potential customer from Japan. Upon the
potential customer’s arrival, he brings Suresh a gift, in accordance with Japanese customs. The gift is
above INR 5,000 but if Suresh refused it, it would cause embarrassment and perhaps even be

6|P a g e
 offensive. In such a situation, Suresh may accept the gift without prior approval of the CO/MLRO, but
he must report the incident to the CO/MLRO within one (1) business day.

6.2. Guidelines for Travel, lodging and related expenses:

6.2.1. The Company, from time to time, may be asked to pay for a Third Party or Public Official’s travel,
lodging and related expenses. Such expenses must be covered in accordance with applicable law.
The prior approval of the CO/MLRO is required regardless of the value of the travel, lodging, or
related expenses for Public Officials. For Third Parties who are not Public Officials, the prior approval
of the CO/MLRO is required for expenses above INR 5,000. Team Members can seek the prior
approval of the CO/MLRO.

6.2.2. When offering to cover travel, lodging and related expenses of Third Parties and Public Officials, the
following must always be observed:

 The expenses must relate to the promotion or demonstration of the Company’s goods, services
or facilities or the performance of a contract;

 The expenses must be reasonable;

 Only those individuals whose presence is required may receive such payments from the
Company or the Company’s Business Partners;

 The travel related expenses of Family Members and other non-essential companions of the Third
Party or the Public Official must not be included;

 Payments must not be made for stopovers that are not directly connected to the legitimate
business purpose of the travel unless the stopovers are at the expense of the Third Party or
Public Official and result in no additional cost to the Company or the Company’s Business
Partners;

 If direct payment to the travel service provider cannot be arranged, reimbursement should not
be made until original receipts are provided to the Company confirming the expenses incurred
for the trip;

 When dealing with Public Officials, the making of per diem payments is prohibited.

6.2.3. Team Members must also be mindful when they themselves are the recipient of any travel, lodging,
or related expenses that are borne by a Third Party. Any such expense that is above INR 5,000, or is
estimated to be above such value, requires the prior approval of the CO/MLRO before the Team
Member can accept. If it is not possible to seek prior approval from the CO/MLRO for the receipt of
such item that is above this threshold (for example, because there was no opportunity to seek prior
approval), then the Team Member must report the incident to the CO/MLRO within one (1) business
day of its receipt.

Example:

Rajesh, a Company employee, is the relationship manager for Customer A. Customer A explains that
he needs to meet with Rajesh urgently to discuss some last-minute changes to the contract he has

7|P a g e
 with the Company before he leaves for a vacation. As Rajesh does not have any vehicle of his own,
Customer A assures Rajesh that he will arrange for a cab. Rajesh has reason to believe that the cab
ride would cost more than INR 5,000. Given the urgency of this situation, Rajesh may accept the cab
arranged for him by Customer A without the CO/MLRO’s prior approval, but he must report the
incident to the CO/MLRO within one (1) business day.

7. REPORTING REQUIREMENTS

7.1. Aside from approval requirements from the CO/MLRO (wherever applicable), Team Members are
also required to report any gifts, meals, travel, or entertainment that are offered or received by them
that exceeds INR 5,000. The Company maintains a register for this purpose. Where the exact value
of a gift is not known, Team Members must estimate the value of the gift, travel, meal or
entertainment in good faith and register such item if the estimate is reasonably close to INR 5,000.
Reporting of such items can be done through the declaration form..

7.2. Your travel or entertainment expenses which are paid for by t h e Company (e.g. travel to a
board meeting) do not need to be recorded in the register, irrespective of whether their value
exceeds INR 5,000.

7.3. Financial Assistance

7.3.1. Company employees must report immediately any financial assistance that she/he has provided to
or received from another Company employee if such financial assistance exceeds INR 50,000. Prior
to a Company employee providing or receiving any financial assistance above INR 25,000 from any
Third Party associated with the Company, the Company employee must seek prior approval from the
CO/MLRO.

8. CONFLICT OF INTEREST

8.1. If a Team Member discovers that she/he is involved in a situation which leaves her/him with a conflict
of interest, or may develop into a conflict of interest, such Team Member should declare this and ask
their manager to arrange for another Team Member to manage the situation.

8.2. A “conflict of interest” occurs when a Team Member’s private interest interferes in any way—or even
appears to interfere—with the interests of the Company or any of its Affiliates. This includes
relationships with suppliers, customers or other persons doing or seeking to do business with the
Company. A conflict of interest can arise when a Team Member takes actions or has interests that
may make it difficult to perform their work objectively and effectively.

8.3. A conflict of interest may also arise when relatives of Team Members receive improper personal
benefits as a result of the Team Member’s position in the Company. Accordingly, relatives of Team
Members may be eligible for employment with the Company only if the individuals involved do not
work in direct supervisory relationships, or in job positions in which a conflict of interest could arise.
Bear in mind that situations giving rise to conflicts of interest may not always be readily apparent or
easy to identify. If you have a question on whether a particular situation could give rise to a conflict

8|P a g e
 of interest, you should consult with the CO/MLRO immediately.

8.4. The Company also expects all employees, officers and directors to advance its legitimate interests
when the opportunity to do so arises. Team Members must not use corporate property, company
information or her/his position in the Company for personal gain or to compete with the Company
or any of its Affiliates.

9. CHARITABLE DONATIONS

9.1. Team Members and Business Partners are prohibited from making any charitable contributions on
behalf of the Company or the Company’s current/prospective clients unless specifically approved by
the appropriate Company representative, in compliance with applicable laws and regulations.

9.2. Before the Company makes an authorized charitable donation, the following steps must be followed:

 A brief report describing the charity, including the name of the person who contacted the
Company to request the donation, must be prepared.

 All requests for charitable donations must be in writing.

 A background check on the particular charity must be completed, confirming among other things
that the proposed recipient is a bona fide charity.

9.3. Charitable donations that are requested by a Public Official or Family Member of a Public Official
(“Government related donations”) must be approached with special caution. In addition to
complying with the procedures set forth above, Government related donations even to a bona fide
charity, must not be made unless the following limitations are observed and procedures are
followed:

 Government related donations must never be made to obtain a tangible benefit for the Company
or avoid an act or decision disadvantaging the Company.

 If a Public Official has promised a benefit or issued a threat in connection with the donation
request, the request must be denied.

 Government related donations may be made only by cheque or wire transfer, never in cash.

 We must obtain a receipt for each donation that the Company makes.

 Finally, all charitable donations by or linked in any way to the Company, whether or not requested
by a Public Official or Family Member of a Public Official, must be approved in advance by our
CO/MLRO.

Any charitable donations made on behalf of the Company without obtaining the requisite prior
approval, will be met with disciplinary action, up to and including termination of employment or
severance of the relationship with the Company. Team Members are free, however, to make
charitable contributions in their personal capacity.

9|P a g e
10. POLITICAL CONTRIBUTIONS

10.1. Political contributions – whether to a particular candidate or political party – must never be made by
the Company or on the Company’s behalf. However, Team Members are allowed to make political
contributions in their personal capacity.

11. FACILITATION PAYMENTS

11.1. The Company does not permit facilitation payments, such payments being the payment of small sums
to expedite or secure performance of certain routine, non-discretionary government functions.

Example:

Mukesh, a Company employee, is tasked with obtaining a registration under the relevant shops and
establishments statute so that the Company may open a new office in another city. While such
registrations are fairly routine, the labour department official responsible for processing such
applications is unduly holding up the paperwork. When Mukesh meets with the labour department
official, he tells Mukesh that he can “help speed up the application” for a fee of INR 500. This qualifies
as a facilitation payment and a bribe, and Mukesh is barred from indulging in such conduct.

12. USE OF BUSINESS PARTNERS

12.1. Guidelines

12.1.1. Team Members must ensure that improper payments and advantages are not offered or made, or
solicited or received, on their behalf (or on behalf of the Company) by Business Partners.
12.1.2. Due diligence must be completed on all proposed Business Partners unless the CO/MLRO concludes
that the proposed Business Partner does not present a legal risk to the Company. Further, Team
Members may insert a clause in the agreements executed with Business Partners to the effect that if
the due diligence conducted on the Business Partner fails, then such agreement shall be terminated.
12.1.3. Do note that Business Partners which are well-known and reputable, and which are domiciled and
regulated in a low-risk jurisdiction (such as the UK, Singapore or the USA) represent a lower risk,
however, unless the CO/MLRO specifically makes an exemption, due diligence on such Business
Partner must also be conducted.
12.1.4. When conducting due diligence on the proposed Business Partner, Team Members must obtain as
much information as possible. This includes the role of the Business Partner, their interactions with
others on behalf of the Company (especially with respect to Public Officials or where payments are
required) and the prevailing business environment in which the Business Partner will be operating.
Further information regarding the Business Partner’s line of business, geographic scope of operations,
ownership structure, or how the Company came to be aware of the proposed Business Partner may
also be included. In particular, Team Members should ensure that all fees are commercially sensible
and expenses are appropriate and clearly evidenced.

10 | P a g e
12.1.5. Certain types of Business Partners (regardless of geography and sector) may present a higher risk. In
particular, you should always consider whether any increased risk mitigation measures need to be put
in place for:

(a) Business Partners who communicate or offer to communicate with Public Officials for a
feeor commission in relation to:

(i) providing assistance for obtaining a license, authorization or permission for the
Company or any of its Affiliates; or

(ii) a transaction, business opportunity or public sector contract;

(b) Business Partners which have been specifically requested by a Public Official, where it is
possible that there may be a link between the Public Official and the Business Partner;

(c) Business Partners who are incentivized by reference to the success of the relevant
transaction or application;

(d) Business Partners who make unusual payment requests for (i) an above market rate of
compensation; (ii) a substantial up-front payment; (iii) payment in a country other than the
country in which the goods or services are expected to be provided; (iv) payment in cash
for all or a portion of the goods or services that the Company requires;

(e) Business Partners that provide documents that are incomplete or inaccurate;

(f) Business Partners who refuse to agree to robust anti-bribery and anti-corruption
provisions in the proposed Business Partner’s agreement with the Company; or

(g) Business Partners that indulge in other suspicious conduct that would prompt suspicion by
a prudent person.

12.1.6. In relation to such higher risk Business Partners as outlined above, Team Members, along with the
advice of the CO/MLRO should consider whether the following risk mitigation steps may be
appropriate:

- carrying out diligence on the Business Partner’s internal compliance policies;

- assessing the reputability of the Business Partner, and whether they are audited by a reputable
auditor; and
- determining whether a face-to-face interview of the owners, directors, officers and/or employees
of the Business Partner would be required.

13. CONTRACTUAL REQUIREMENTS FOR BUSINESS PARTNERS

13.1. No individual or entity should be permitted to interact on the Company’s behalf with external persons
or entities – including Public Officials – without first having executed a written agreement containing
robust anti-bribery and anti-corruption provisions. Such provisions should generally include the
following:

 Affirmation that the Business Partner understands the prohibitions that exist concerning public
and private sector bribery. Furthermore, a clause must be inserted in agreements executed with

11 | P a g e
 Business Partners stating that they have read and understood and will adhere to, abide by, and
comply with the provisions contained in this ABC Manual for the duration of their relationship
with the Company.

 A promise not to pay, offer or promise to pay, or authorize the payment of, directly or indirectly,
any money or the giving of Anything of Value to a Public Official or Family Member of a Public
Official to obtain or retain business or secure some other business advantage for the Company.

 A promise not to pay, offer or promise to pay, or authorize the payment of, directly or indirectly,
any money or the giving of Anything of Value to a person employed by another company in the
private sector with the intent of causing the recipient to violate his or her duty of loyalty to his or
her employer.

 Unless already disclosed to us, affirmation that the Business Partner has not violated in the past
any statute or regulation prohibiting public or private sector bribery.

 Affirmation that none of the Business Partner’s owners (in the case of a company not listed on a
stock exchange), directors, officers or employees expected to be involved in providing goods or
services to the Company is a current Public Official.

 Affirmation that none of the Business Partner’s owners (in the case of a company not listed on a
stock exchange), directors, officers or employees expected to be involved in providing goods or
services to the Company will be permitted to become a Public Official without prior disclosure to
us.

 Acceptance of a continuing duty (in the case of a company not listed on a stock exchange) to
disclose promptly to us any ownership interest obtained in the Business Partner by a Public
Official or Family Member of a Public Official.

 Agreement to cooperate in any review undertaken by us or our authorized representatives of the

Business Partner’s continuing compliance with the laws and regulations prohibiting public and
private sector bribery, including by giving us and/or our authorized representative(s) access to
pertinent books and records and facilitating interviews of the Business Partner’s owners,
directors, officers and employees.

 Acceptance of the Company’s right to terminate its relationship with the Business Partner if we
develop a reasonable basis for believing that the Business Partner has violated one or more laws
or regulations prohibiting public or private sector bribery.

14. MONITORING BUSINESS PARTNER CONDUCT

14.1. The conduct of Business Partners must be monitored at all times to ensure their continuing
compliance with the laws and regulations prohibiting public and private sector bribery.

14.2. To facilitate appropriate monitoring of the conduct of the Company’s Business Partners, a Team
Member should be assigned special responsibility for supervising the work being done by each
Business Partner.

14.3. If a Team Member discovers any evidence or notices any ‘red flags’ suggesting that a Business Partner

12 | P a g e
 has violated or may violate any law or regulation prohibiting public or private sector bribery, the
Team Member should report that promptly to the CO/MLRO.

15. ROLE OF THE CO/MLRO

15.1. CO/MLRO responsibilities

15.1.1. The CO/MLRO is responsible for:

(a) conducting anti-bribery and anti-corruption training and education of Team Members;

(b) reviewing the retention of Business Partners who are engaged to perform services for or on
behalf of the Company;

(c) overseeing anti-bribery and anti-corruption due diligence on Business Partners; and

(d) monitoring any anti-bribery and anti-corruption issues that arise regarding the Company or
any of its Affiliates.

15.2. Reporting of non-compliance

15.2.1. If you suspect any unlawful conduct relating to bribery and corruption laws or that another Team
Member may be violating t h e Company’s ABC Manual, you should report the basis for such
suspicion to the CO/MLRO immediately over the phone (insert number) or by email
speakup@girnarsoft.com. Upon receipt of the complaint, the CO/MLRO will forward the same to the
Complaints Management Committee for further action. You may also raise a complaint through the
Company’s Vigil Mechanism. For further information on how to raise a complaint through the Vigil
Mechanism, please see
https://careline.girnarsoft.com/upload/commonpolicy/Vigil%20Mechanism%20Policy_1077892144
.pdf .

15.2.2. You are encouraged to report any suspicion of malpractice or non-compliance with this ABC Manual.
The Company takes matters of non-compliance seriously and will not tolerate retaliation.

15.2.3. Any concerns raised will remain confidential.

16. EMBEZZLEMENT AND OTHER MISUSE OF COMPANY ASSETS

16.1. We expect all of Team Members to act as faithful stewards of the Company’s financial and other
assets, using them only for legal and otherwise authorized purposes. The Company reserves the right
to utilize any and all legal means available to recover any funds and other assets that have been
embezzled or otherwise misused, including by initiating legal proceedings, reporting to appropriate
prosecuting authorities the misconduct that has occurred and terminating the Company’s
relationship with any director, officer, employee, Third Party or Business Partner who has embezzled
or otherwise misused the Company’s finances or other assets.

17. FINANCIAL CONTROLS

13 | P a g e
17.1. Every Team Member must comply with all procedures that the Company has adopted to ensure that
the Company’s funds are utilized only in accordance with general management instructions.

18. RESPONSIBILITY OF TEAM MEMBERS

 Each Team Member shall ensure that he/she reads, understands and complies with this ABC
Manual. They should at all times, avoid any activity that might lead to, or suggest, a breach of
this policy.

 The prevention, detection and reporting of any form of bribery and corruption are the
responsibility of all Team Members. Each Team Member shall inform the CO/MLRO or raise a
complaint through the Vigil Mechanism if they are offered a bribe, are asked to give one,
suspect that this may happen in future, or believe that they are a victim of any other form of
unlawful activity or are aware of any bribe paid or received by any colleague or Business
Partner.
 Each Team Member must cooperate fully in any internal investigation that the Company
decides to undertake or direct for possible violations of the laws or regulations prohibiting
bribery and other forms of corruption. The Company reserves the right to discipline anyone
who does not cooperate with an internal investigation as the same shall be treated as
misconduct.
 All Team Members should accurately record payments or any other type of compensation
made to a Business Partner, as required under this ABC Manual. The Team Member should
not:
i. Establish or use any undisclosed or unrecorded Company funds, such as ‘off-book’
accounts, for any purpose; and
ii. Make false, misleading, incomplete, inaccurate, or artificial entries in the Company’s
books and records.
 Team Members should only deal with representatives that they believe are from legitimate
businesses and that have a reputation for integrity. Red flags that a representative is unethical
or could be paying a bribe should not be overlooked.
 Every Team Member should make sure that contracts accurately reflect the economics of the
agreement. Unusual arrangements such as side agreements and prepayments may be used
to cover up improper payments. If payment terms are confusing, they should be questioned.

19. DISCIPLINARY ACTIONS

19.1. In addition to the civil and criminal penalties that can be imposed upon individuals for having violated
applicable anti-bribery and anti-corruption laws and regulations, the Company reserves the right to
sever its relationship with any director or party that it has engaged or transacts with and to terminate
the employment of any officer or employee who violates such laws and regulations, or the anti-bribery
and anti-corruption policy and procedures summarized in this ABC Manual. Disciplinary action may
also be taken against persons who make false or frivolous complaints. Please refer to the Employee
Code of Conduct for further information on disciplinary actions that may be taken against a Team
Member for violation of this ABC Manual. A copy of the Employee Code of Conduct is available at

14 | P a g e
 https://careline.girnarsoft.com/upload/common-
policy/Employee%20Code%20of%20Conduct_124364640.pdf.

20. COMMUNICATION AND COMPLIANCE TRAINING

20.1. It is our commitment to ensure that the Company has adequate procedures to combat bribery and
corruption risks and threats. To meet this objective, regular training on the anti-bribery and anti-
corruption laws and regulations governing the Company’s operations and the anti-bribery and anti-
corruption policy and procedures summarized in this ABC Manual will be provided as directed by the
CO/MLRO. Every Team Member must participate in the anti-bribery and anti-corruption training that
is provided.

20.2. The Company’s ABC Manual and zero-tolerance attitude will be clearly communicated to all the
Business Partners at the outset of business relations, and as appropriate thereafter.

21. DOCUMENT RETENTION

21.1. All documents generated in compliance with this Manual will be retained as per statutory
requirements and/or internal requirements of the Company.

22. MONITORING AND REVIEW

22.1. The Company will monitor and review, through periodic (at least annual) risk assessments, business
expenditures, records of employees and Business Partners who have discretionary authority over
Company assets, who are likely to come into contact with Public Official(s), or who submit financial
data that affects the Company’s financial statements or reports.

23. RIGHT TO AMENDMENT

23.1. The Company retains the right to amend or modify this ABC Manual in whole or in part at any time
without assigning any reason whatsoever. Any such amendment will be made only after obtaining
the requisite approvals.

15 | P a g e
 ANNEXURE A

APPLICATION FORM FOR OFFERING OR RECEIVING GIFTS/MEALS/TRAVEL/ENTERTAINMENT

Particulars Requirement

Request Date:

Requester Name and ID number:

Requester Vertical:

Cost/Estimated Cost:

Details of item offered or received:

Intended recipient of item (if

applicable):

Person/entity from whom item was

received (if applicable):

Reason for offering/receiving item:

*The following portion is to be filled out only for requests to offer travel:

Particulars Requirement

Dates of Travel:

Number of persons expected to travel:

Budget per person:

Mode of transport and preference (if

any):

Meal preferences:

16 | P a g e
 Details of hotel bookings required:

Request approved/denied:

Request approved/denied by:

Reason for decision:

Date of decision:

__________________

Signature

17 | P a g e
 ANNEXURE B

DECLARATION FORM FOR ACCEPTANCE OF GIFT/MEAL/TRAVEL/ENTERTAINMENT WITHOUT OBTAINING

PRIOR APPROVAL

Particulars Requirement

Dates:

Employee name:

Details of gift / travel/ meal/

entertainment received:

Estimated value of item received:

Details of person/entity from whom

item was received:

Date received:

Reason for not obtaining prior

approval:

Further action to be taken:

Date of decision:

__________________

Signature

18 | P a g e
 Annexure I – Frequently Asked Questions

Question 1: Does the ABC Manual apply to me if I am acting on behalf of the Company, located in a
jurisdiction other than India?

Answer: The ABC Manual applies to all ‘Team Members’ which includes directors, officers, employees of the
Company and its subsidiaries. It also applies to all other individuals or entities that are acting for or on behalf
of the Company. Furthermore, the ABC Manual does not limit itself to the territory of India. Consequently,
since you are acting on behalf of the Company, even if you are located in a foreign jurisdiction outside of India,
this ABC Manual will be applicable to you. You could also be subject to the anti-bribery and anti-corruption
laws of the foreign jurisdiction you are located in.
Question 2: I am an independent contractor, and I was hired for a fixed term of around 10 months. Am I
required to be aware of and abide by the contents of the ABC Manual?

Answer: Yes, even independent contractors who are hired to act for or on behalf of the Company are governed
by the ABC Manual, regardless of the duration of the contract.

Question 3: If anti-bribery or anti-corruption laws in some countries permit facilitation payments, why does
the Company prohibit them?

Answer: The rationale behind this is that offering money or Anything of Value to secure performance of
routine, non-discretionary Government functions is not ethical and is a poor business practice, in the
Company’s view. Such behaviour does not align with the Company’s commitment to conduct business ethically
and with integrity.
Question 4: Can the Company still do business with government-owned entities?

Answer: Yes. Anti-corruption laws do not prevent the Company from conducting legitimate business with
government entities or Public Officials (as defined in Section 3.5 of the ABC Manual). However, since bribing a
Public Official is a very serious offence, you should always be aware of any potential red flags or indicators of
corruption and bribery (including in relation to any Third Parties who deal with government entities and Public
Officials on our behalf). If you suspect or become aware of corruption or bribery, you must contact the
CO/MLRO immediately

Question 5: Do I need to be aware of any other requirements when interacting with Public Officials?

Answer: Yes, there are several rules that apply to interactions with Public Officials including those relating to
the provision of gifts, meals and/or entertainment to Public Officials. Please also keep in mind that prior
approval of the CO/MLRO is required regardless of the value of the travel, lodging or related expenses for
Public Officials. Furthermore, the expenses must be related to the promotion or demonstration of the
Company’s goods, services or facilities or for the performance of a contract. The expenses must also be
reasonable in nature. Per diem payments are also specifically prohibited. For more restrictions that are

19 | P a g e
applicable when bearing travel/lodging/related expenses of a Public Official, please read Section 6.2 of the
ABC Manual.

Question 6: What do I have to bear in mind when dealing with Family Members of Public Officials?

Answer: At the very outset, do note that the definition of ‘Family Member’ is quite vast and you must read
the policy in detail to understand the definition holistically. If a Team Member is interacting with a Family
Member of a Public Official, then the same level of care must be afforded to such interactions as if the Team
Member is dealing with the Public Official directly. This is because any benefits given to Family Members of
a Public Official can be construed as having been intended to affect the conduct of the Public Official to whom
the recipient is related.
Question 7: What happens if a Team Member offers a bribe to a Public Official but does not end up paying
the bribe? Can this still be a violation of applicable anti-bribery or anti-corruption laws?

Answer: Yes. The offer to provide something to a Public Official in exchange for that person using her or his
position to influence decisions even if no payment is actually made, is likely to violate the applicable anti-
bribery or anti-corruption laws and will certainly violate the Company’s policies.

Question 8: I noticed some payments that seemed odd last month, but after briefly discussing the payments
with other members of my team, I decided to not ask additional questions. Have I done anything wrong?

Answer: Yes! If you become aware of questionable payments or other red flags or suspicious activity, you
must immediately contact your manager, supervisor or the CO/MLRO. Looking the other way, turning a blind
eye or otherwise failing to raise troubling information or red flags for further review is not acceptable under
this Policy, and could result in Disciplinary Action being taken against you.

Question 9: Am I obligated to report receipt of every gift that I have received as a Team Member of the
Company?

Answer: Team Members are required to report any gifts, meals, travel, or entertainment that are offered or
received by them that exceeds INR 5,000. Reporting of such items can be done through the Employee Level
Filing System. If the exact value of the gift received is unknown, then Team Members are expected to estimate
the value of the item and report it accordingly.

Question 10: How can I avoid a conflict of interest or mitigate potentially damaging consequences of being
in a conflict-of-interest situation?

Answer: Team Members must maintain a high degree of integrity and concern for the Company’s interests.
Team Members should disclose the conflict-of-interest situation immediately and in writing to her/his
immediate manager or supervisor in writing. Another option is to divest personal assets or financial/business
interests that put you in a situation of conflict of interest. Furthermore, if you are aware that your situation
(such as family connections, business interests, knowledge of non-public information) puts you in a position
to improperly influence a process, abstain from being part of that process.
A good rule of thumb is for all Team Members to avoid even the appearance of impropriety when dealing with
situations involving a conflict of interest.

20 | P a g e
Question 11: Do I need to disclose a scenario wherein my department is vetting vendors and my spouse is
a director in an entity that is bidding for a Company contract?

Answer: This is a classic example of a situation involving a conflict of interest. Yes, you must declare this
potential conflict of interest to your manager or immediate supervisor and abstain from any involvement in
the bidding process of the project.

Question 12: Can I make charitable donations in personal capacity? If yes, are there any limitations under
this ABC Manual for the same?

Answer: Yes, you are free to make charitable donations in your personal capacity. The ABC Manual only
restricts making any charitable contributions on behalf of Company or Company’s current/prospective clients
unless specifically approved by the appropriate Company representative.

Question 13: What are some ‘red flags’ I should look out for that suggest that a Business Partner has violated
or may violate any law or regulation prohibiting public or private sector bribery?

Answer: The following is an indicative list of ‘red flags’ that may suggest that a Business Partner is acting
improperly, and the same should be promptly reported to CO/MLRO:
(i) If you learn that a Business Partner engages in, has engaged in, or has been accused of or
convicted of engaging in, improper conduct such as bribery or fraud;
(ii) the Business Partner demands the payment of a significant portion of a commission before
commencing or continuing contractual negotiations or the provision of services, or offers you
unusually generous gifts or lavish hospitality;
(iii) the Business Partner refuses to provide (or provides insufficient, false, or inconsistent)
information in response to due diligence questions;
(iv) the Business Partner requests that any payments be made to an individual or company that is
not a party to the contract;
(v) there are signs that a Business Partner is not acting on its own behalf, but is trying to conceal
the true beneficial owner’s identity;

Question 14: Do I have an obligation to report violations of the ABC Manual?

Answer: Yes, every Team Member has a duty and obligation to report any suspicions of malpractice or non-
compliance with this ABC Manual. Please refer to Company’s Vigil Mechanism Policy for further information
on how to raise a complaint. A copy of the Vigil Mechanism Policy is available at below link:
https://careline.girnarsoft.com/upload/common-policy/Anti-
Money%20Laundering%20(AML)%20Policy_480609523.pdf

Question 15: Can my employment be terminated if I am found guilty of violating the ABC Manual?

Answer: Yes, in addition to civil and criminal penalties that can be imposed upon individuals for having violated
applicable anti-bribery and anti-corruption laws and regulations, the Company reserves the right to sever its
relationship with any individual associated with the Company in any capacity.

21 | P a g e
Know Your Customer (KYC)
Guidelines & Anti-Money
Laundering Standards (AML)
Policy

Page 1 of 18
 TABLE OF CONTENTS

Sr. No Particulars Page No.

3
1 Introduction
3
2 Background
4
3 Definitions

4 Key elements of the Policy 5

5 Responsibility of the Policy 10

6 Miscellaneous 10

Annexure A – Indicative list of ‘high-risk Partner(s)’ 12

Annexure B- Indicative list of documents for Partner Due Diligence

13
Annexure I: Frequently Asked Questions 16

Page 2 of 18
1. INTRODUCTION

1.1 Girnar Software Private Limited (“Company”) is committed to transparency and fairness in dealing
with all stakeholders and in ensuring adherence to all laws and regulations. The Company is
committed to deterring, to the best of its ability, money laundering and related activities, such as
terrorist financing. In view of the above, the Company has framed this policy on Know Your
Customer (“KYC”) Guidelines & Anti-Money Laundering (“AML”) Standards (“Policy”). This Policy
is applicable to the Company and all of its affiliated entities, except where such affiliated entity is
governed by sector-specific AML regulations. This Policy outlines the minimum standards of
internal KYC/AML controls which shall be adhered to by the Company in order to mitigate any
perceived legal, regulatory, reputational, operational, and financial risks.

1.2 The Company shall appoint an individual to act as the Compliance Officer/Money Laundering
Reporting Officer (“CO/MLRO”) who would be able to act independently and report directly to the
senior management or to the Board of Directors. The CO/MLRO shall also have the overall
responsibility of ensuring compliance with this Policy.

1.3 This Policy has been framed by the Company to achieve the following objectives:

 To lay down a detailed AML framework and to ensure that the Company is not used as a
conduit for money laundering and/or terrorist financing.
 To put in place an effective system and procedure for Partner (defined below) identification
and verification of the Partner’s identity and address.
 To ensure that the concerned staff are adequately trained in KYC/AML procedures.

2. BACKGROUND

2.1 Money laundering refers to the act of concealing or disguising the origin and ownership of
proceeds of criminal activity, including drug trafficking, corruption, terrorism, fraud, and organized
crime activities. Generally, the money laundering process involves three (3) stages: placement,
layering and integration. As illegal funds move from the placement stage through the integration
stage, they become increasingly harder to detect and trace back to the illegal source.

a. Placement: Placement is the point where illegal funds first enter the financial system.

b. Layering: After illegal funds have entered the financial system, layers are created by closing
and opening accounts, purchasing, and selling various financial products, transferring funds
among financial institutions and across national borders. The intent behind this is to create
layers of transactions to make it difficult to trace the illegal origin of the funds.

Page 3 of 18
 c. Integration: Integration occurs when there are a sufficient number of layers hiding the
origin of the illegal funds to safely invest such illegal funds or apply them towards
purchasing valuable property in the legitimate economy.

2.2 Money Laundering Risks

The risks that the Company may be exposed to if the KYC/AML framework is not strictly adhered
to are as follows:

a. Reputational Harm- Any failure to comply with this Policy could lead to various authorities,
Partners, creditors and the general marketplace losing confidence in the Company.

b. Legal penalties- Failure to comply with applicable laws or regulations may result in a
negative legal impact on the Company. The specific types of negative legal impacts which
could arise are fines, confiscation of illegal proceeds, suspension/termination of licenses by
any regulators, criminal liability, etc.

c. Financial losses- Risk of loss due to any of the above risks or a combination thereof resulting
in a negative financial impact on the Company.

The Company wishes to make it abundantly clear that non-compliance with this Policy by any of
the Company’s employees may be grounds for disciplinary action, including dismissal from
employment, in addition to formal legal proceedings.

3. DEFINITIONS

3.1 Partner(s) shall include:

(i) A person or entity that has a business relationship with the Company, including but not
limited to business partners, vendors, suppliers, dealers, and customers.
(ii) A person who is engaged in a financial transaction or activity with the Company and includes
any other individual acting on such person’s behalf.
(iii) Any other person or entity connected with a financial transaction which can pose significant
reputational, legal, financial or other risks to the Company. For example, an individual who
issues a high value demand draft as a single transaction.

3.2 Transaction

"Transaction" means a purchase, sale, loan, pledge, gift, transfer, delivery or the arrangement
thereof and includes:
(i) Deposits (including security deposits), leases, withdrawals, exchanges or transfers of funds
in whatever currency, whether in cash or by cheque, payment order or other instruments
or by electronic or other non-physical means.
(ii) Entering into any fiduciary relationship; and

Page 4 of 18
 (iii) Any payment made or received in whole or in part of any contractual or other legal
obligation.

3.3 Officially Valid Document (“OVD”)

OVD means and includes:

(i) Passport,
(ii) Driver’s License,
(iii) Proof of possession of Aadhaar number,
(iv) Voter's Identity Card issued by the Election Commission of India
(v) Any other valid State or Central Government issued form of identification.

3.4 Politically Exposed Persons (“PEPs”)

Politically exposed persons are individuals who are or have been entrusted with prominent public
functions in a country, e.g., Heads of States or of Governments, politicians,
Government/judicial/military officers, police officers, executives of state-owned corporations,
important political party officials, etc.

Do note that the foregoing is only an indicative list of individuals who could qualify as Politically
Exposed Persons, and the examples set forth are not meant to be exhaustive.

4. KEY ELEMENTS OF THE POLICY

4.1 The KYC and AML Policy guidelines are applicable to all functions of the organization that deal with
Partners. These functions should adhere to the guidelines mentioned in this Policy while
formulating their internal policies, procedures, and processes. Adherence to KYC guidelines is
imperative as these guidelines prevent the Company from being utilized by criminal elements for
money laundering activities, including the financing of terrorism.

4.2 What is KYC?

4.2.1 KYC is the means of identifying and verifying the identity of individuals/entities that the Company
has business relationships with through independent and reliable sources of documents, data or
information. KYC procedures will have to be conducted on all Partners, in accordance with the
terms of this Policy.

4.3 When should KYC be conducted?

4.3.1 As a general rule of thumb, KYC must be conducted before the Company enters into a business
relationship with a Partner. However, it should also be conducted in certain other situations, as
discussed in paragraph 4.6.1 below.

4.4 As part of the KYC/AML guidelines, this Policy sets out the following key elements:
a) Partner Acceptance Policy (“PA Policy”)

Page 5 of 18
 b) Partner Identification Procedures (“PIP”)
c) Ongoing Monitoring

4.5 Partner Acceptance Policy

The Company’s PA Policy lays down the criteria for acceptance of Partners. While deciding whether
to enter in a business relationship with Partners, as well as for the continuance of such business
relationship, the following norms and procedures must be followed by the Company.

a) Partners shall be accepted only after verifying their identity, as laid down in applicable Partner
Identification Procedures (discussed below). No transaction shall be undertaken without
strictly adhering to the Partner Due Diligence (“PDD”) procedure. In instances of non-
cooperation of the Partner or unreliability of the documents/information furnished by the
Partner, then such transaction shall not be undertaken by the Company.

b) The CO/MLRO shall categorize certain Partners as ‘high-risk Partners’ based on factors
including but not limited to nature of business activity, location of Partner, mode of
payments, volume of turnover and social and financial status. (Refer Annexure A for list of
‘High-Risk Partners’). The CO/MLRO may periodically review the list of high-risk Partners and
make modifications to the list as necessary.

c) Documents and other information should be collected in respect of Partners in general, while
High Risk Partners may require further due diligence.

d) The Company should seek only such information from the Partner which is deemed relevant
and is not intrusive.

e) Necessary checks should be conducted so as to ensure that the identity of the Partner does
not match with any person with known criminal background or with banned entities such as
individual terrorists or terrorist organizations. The Company will not enter into any
transaction with, or do business with or for the benefit of any persons, group or entities
(including any successor in interest or ultimate beneficial owner thereof), and must use all
reasonable efforts to exit any business relationship in any entity that:

i. is sanctioned by, or related to any activity from time to time prohibited or under
embargo by the United Nations (“UN”) Security Council pursuant to any resolution
issued under Chapter VII of the United Nations Charter (see the United Nations
Security Council Consolidated List at https://scsanctions.un.org/v5179en-
all.html#alqaedaent ); or

ii. is debarred by the World Bank Group (see the World Bank Listing of Ineligible Firms
and Individuals at www.worldbank.org/debarr or any successor website or
location);

f) Partner profiles are confidential documents and details contained therein shall not be
divulged for cross selling or any other purposes within the Company without the express
permission of the Partner.

Page 6 of 18
 g) For sharing Partner information obtained from Unique Identification Authority of India
(“UIDAI”) with other entities, specific permission from UIDAI should be obtained.

h) While conducting verification checks on dealers, if any of them are blacklisted, the Company
will compile a list of such blacklisted individuals/entities. The Company will be at liberty to
share this list of blacklisted dealers with its competitors.

4.6 Partner Identification Procedures:

4.6.1 The Company should identify the Partner and verify her/his identity by using reliable independent
sources of documents, data, or information to ensure that the Partner is not a fictitious
person/entity.

a) The first requirement of PIP is to be satisfied that a prospective Partner is the person/entity
they claim to be.

b) The second requirement of PIP is to ensure that sufficient information is obtained on the
nature of the business that the Partner expects to undertake.

c) The Partner Identification Procedures are to be carried out at the following stages:
 while establishing a new business relationship; or
 when the Company has a doubt about the authenticity/veracity or the adequacy of the
previously obtained Partner identification data; or

 inadequacy of the previously obtained Partner identification data, if any.

d) For Partners that are natural persons, the Company shall obtain sufficient identification to
verify:

 Address/location details;
 Identity Proof and
 Recent photograph

e) For Partners that are legal entities (“LE”), the Company shall:

 Verify the legal status of the LE through proper and relevant documents;
 Verify that any person purporting to act on behalf of the LE is so authorized.
f) The nature of information/documents required would also depend on the type of Partner
(individual, corporate etc.). An indicative list of the nature and type of
documents/information that may be relied upon for Partner identification is given in
Annexure B.

4.6.2 Partner due diligence

a) A risk-based approach is to be applied when carrying out PDD on a Partner i.e. higher due
diligence measures may be taken by the Company for high-risk Partner(s), as compared
to other Partner(s)

b) When dealing with:

Page 7 of 18
  High Risk Partners, enhanced PDD must be applied.

 Other Partners, varying levels of PDD must be applied depending on the nature
and value of the transaction involved.

c) Simplified PDD: In carrying out simplified PDD for transactions that are below INR
10,00,000 (Rupees Ten Lakh), the necessary information required to identify the Partner
and verify such identity must be collected as set out in Annexure B. However, for Partners
conducting single transactions below INR 2,00,000 (Rupees Two Lakh) or aggregate
transactions in one calendar year below INR 10,00,000 (Rupees Ten Lakh), simplified PDD
may be exempted, as per the decision of the CO/MLRO. This exception does not apply to
Partners who are involved in the sale of cars.

d) Standard PDD: In carrying out standard PDD for transactions (single or in the aggregate in
one calendar year) between INR 10,00,000 (Rupees Ten Lakh) and INR 50,00,000 (Rupees
Fifty Lakh) the necessary information required is set out below:

i. Simplified PDD of the Partner;

ii. Simplified PDD of the founders/directors of the Partner (if applicable);

iii. Simplified PDD of the person signing the agreement; and

iv. Authorization letter to enter into the transaction (if applicable).

e) Moderate PDD: In carrying out moderate PDD for transactions (single or in the aggregate
in one calendar year) between INR 50,00,000 (Rupees Fifty Lakh) and INR 2,00,00,000
(Rupees Two Crore), the necessary information required is set out below:

i. Simplified PDD of the Partner;

ii. Simplified PDD of the founders/directors of the Partner (if applicable);

iii. Simplified PDD of the person signing the agreement;

iv. Authorization letter to enter into the transaction (if applicable); and

v. Personal inspection of the office of the Partner by authorized senior

manager of the Company or above.

f) Enhanced PDD: When dealing with a high-risk Partner or for transactions (single or in the
aggregate in one calendar year) above INR 2,00,00,000 (Rupees Two Crore), the necessary
information required is set out below:

i. Simplified PDD of the Partner;

ii. Simplified PDD of the founders/directors of the Partner (if applicable);

iii. Simplified PDD of the person signing the agreement;

iv. Authorization letter to enter into the transaction (if applicable);

v. Personal inspection of the office of the Partner by authorized Company director

and above; and

vi. Third party background check.

Page 8 of 18
 g. In addition to performing the enhanced PDD measures, the Company must also

 obtain approval from the CO/MLRO before engaging in any such transaction with the
Partner; and

 conduct enhanced diligence and monitoring of business relations with the high-risk
Partner on an ongoing basis.

4.7 Ongoing Monitoring

4.7.1 As already stated, the CO/MLRO may periodically review the list of high-risk Partners and make
modifications to the list as necessary.

4.7.2 Repeat KYC and PDD procedures must be performed:

 For transactions warranting simplified PDD and standard PDD, once in 2 years; and
 For transactions warranting moderate PDD and enhanced PDD, or for transactions
involving high-risk Partners, every year.

4.7.3 Repeat KYC and PDD procedures may be performed if:

 a Partner is looking to enter into a transaction that is significant (in terms of size or
volume) in relation to that Partner’s usual transactions; or
 there is a material change in the way that the Company conducts business with the
Partner; or
 a review of the Partner’s account reveals that there is a lack of adequate
identification information in relation to that Partner.

5. RESPONSIBILITY OF THE POLICY

5.1 The CO/MLRO will be responsible for effective implementation of this Policy. All employees of the
Company shall ensure complete compliance with this Policy and all extant procedures.

5.2 Compliance Officer/Money Laundering Reporting Officer

5.2.1 The role and responsibilities of the CO/MLRO include, but is not limited to:
 Overall monitoring of the implementation of this Policy;
 Review adequacy of KYC/AML systems and controls; and
 Ensuring that all Company employees receive the appropriate level of ongoing
KYC/AML training.

6. MISCELLANEOUS

Page 9 of 18
6.1 Maintenance and Preservation of Records

6.1.1 The Company shall preserve the records pertaining to the identification of the Partners and their
addresses (e.g., copies of documents like passports, identity cards, driving licenses, PAN, utility bills
etc.) obtained during the course of business relationship, for at least five years after the business
relationship is ended.

a) Information collected from Partners shall not be divulged for the purpose of cross selling,
or for any other purpose without the express permission of the Partner. Exceptions to the
confidentiality of Partner information shall be as under:
 Where disclosure is under compulsion of law.
 Where there is a duty to the public to disclose.
 The interest of the Company requires disclosure.
 Where the disclosure is made with express or implied consent of the Partner.

b) The Company shall take appropriate steps to evolve a system for proper maintenance and
preservation of account information in a manner that allows data to be retrieved easily
and quickly whenever required or when requested by the competent authorities.

c) Such records must be sufficiently reliable to permit reconstruction of individual

transactions and to satisfy within a reasonable time any enquiries or orders from the
relevant regulatory authorities as to disclosure of information.

6.2 Training program

The Company shall conduct periodic employee training programs, at least once a year, so that
members of staff are adequately trained in KYC/AML procedures.

6.3 Review of the Policy

The Company reserves the right to amend or modify this KYC/AML Policy in whole or in part at any
time without assigning any reason whatsoever. Any such amendment will be made only after
obtaining the requisite approvals.

Page 10 of 18
 ANNEXURE A
Categorization of High-Risk Partners:

High Risk:

High risk Partners typically include:

a) Non – resident Partners;

b) High net worth individuals without an occupation track record of more than 3 years;
c) Trust, charitable organizations, non govt. organization (NGO), organizations receiving
donations;
d) Companies having close family shareholding or beneficial ownership;
e) Firms with sleeping partners;
f) Politically exposed persons (PEPs) of Indian/ foreign origin;
g) Relatives of PEPs of Indian/foreign origin;
h) Non face to face to Partners;
i) Person with dubious reputation as per public information available;
j) Client with cheque return history & low credit score; and
k) Clients with dubious reputation as per public information available.

Page 11 of 18
 Annexure – B
SIMPLIFIED PDD
Sr. Partner type Documents required
No and summary
of information
required

1 Individuals Permanent Account Number (Mandatory)

AND
Any one of the OVD (Proof of Identity and Address)
AND
Bank account information
AND
One recent photograph
AND
GST registration (if available)

List of OVD:
i. Passport,
ii. Driver’s license,
iii. Proof of possession of Aadhaar number,
iv. Voter's Identity Card issued by the Election Commission of
India, or
v. Any other valid Government issued form of identification.
Where the OVD presented by a foreign national does not contain the
details of address, in such case the documents issued by the
Government departments of foreign jurisdictions and a letter issued
by the Foreign Embassy or Mission in India shall be accepted as proof
of address.

Where the OVD furnished by the Partner does not have an updated
address, the following documents or the equivalent e-documents
thereof shall be deemed to be OVDs for the limited purpose of proof
of address:-
i. Utility bill which is not more than two months old of any
service provider (electricity, telephone, post-paid mobile
phone, piped gas, water bill);
ii. Property or municipal tax receipt;
iii. Pension or family pension payment orders (PPOs) issued to
retired employees by Government Departments or Public
Sector Undertakings, if they contain the address;
iv. Letter of allotment of accommodation from employer issued
by State Government or Central Government Departments,

Page 12 of 18
 statutory or regulatory bodies, public sector undertakings,
scheduled commercial banks, financial institutions and listed
companies and leave and license agreements with such
employers allotting official accommodation.
The Partner shall submit OVD with current address within a period of
three months of submitting the documents specified above
2 Proprietorship The following documents must be obtained from the proprietorship
Concerns concern:
a) Bank account information
AND
b) Permanent Account Number
AND
c) GST certificate (provisional / final, if available)

In addition, at least one of the following types of documents must be

obtained as proof of business/activity for the proprietary firm:

a) Certificate/license issued by the municipal authorities under

the relevant Shops and Establishments Act.
b) Sales and income tax returns.
c) GST certificate (provisional / final)
d) Certificate/registration document issued by Sales
Tax/Professional Tax authorities.
e) IEC (Importer Exporter Code) issued to the proprietary
concern by the office of the Directorate General of Foreign
Trade or license/certificate of practice issued in the name of
the proprietary concern by any professional body
incorporated under a statute.
f) Complete Income Tax Return (not just the acknowledgement)
in the name of the sole proprietor where the firm’s income is
reflected, duly authenticated/acknowledged by the Income
Tax authorities.
g) Utility bills such as electricity, water, landline telephone bills,
etc.

3 Company Copies of following documents or equivalent e-documents should be

obtained:
Name of the a) Bank account information
company AND
Principal place b) Permanent Account Number
of business AND
Mailing Address c) GST certificate (provisional / final, if available)
Telephone No.

Page 13 of 18
 In addition, at least one of the following types of documents must be
obtained:

a) Certificate of incorporation
b) Memorandum and Articles of Association
c) Any other information/document as may be required to
collectively establish the legal existence of the company.

4 Partnership Copies of the following documents or equivalent e-documents should

Firms be obtained:
a) Bank account information
Legal Name AND
Address Names b) Permanent Account Number
of all partners AND
and their c) GST certificate (provisional / final, if available)
address
Telephone No. In addition, at least one of the following types of documents must be
obtained:

a) Registration certificate
b) Partnership deed
c) Any other information/document as may be required to
collectively establish the legal existence of the partnership.
If these documents are not available, then a declaration to this effect
must be obtained from the Partner.
5 Trust Copies of the following documents or equivalent e-documents should
be obtained:
Name of Trust / a) Bank account information
Trustees / AND
Settlors / b) Permanent Account Number or Form No. 60 of the trust
beneficiaries / AND
Signatories / c) GST certificate (provisional / final, if available)
founders
Telephone No. In addition, at least one of the following types of documents must be
obtained:

a) Registration certificate
b) Trust deed
c) Any other information/document as may be required to
collectively establish the legal existence of the trust.

If these documents are not available then a declaration to this effect

must be obtained from the Partner.
6 Unincorporated Copies of the following documents or equivalent e-documents should
Association / be obtained:

Page 14 of 18
 Body of a) Bank account information
Individuals AND
b) Permanent Account Number or Form No. 60 of the
(Includes unincorporated association or a body of individuals
Unregistered AND
Trusts / c) GST certificate (provisional / final, if available)
Partnership
Firms / In addition, at least one of the following types of documents must be
Societies) obtained:

a) Resolution of the managing body of such association or body

of individuals
b) Any other information/document as may be required to
collectively establish the legal existence of such an association
or body of individuals.
7 Others For juridical persons not specifically covered in the earlier part, such as
societies, universities and local bodies like village panchayats, copies of
the following documents or equivalent e-documents shall be obtained:
a) Bank account information
AND
b) Permanent Account Number
AND
c) GST certificate (provisional / final, if available)

In addition, the Company must obtain any other

information/document to establish the legal existence of such an
entity/juridical person.

Page 15 of 18
 Annexure I – Frequently Asked Questions

Question 1: Why is it important for the Company to have an AML Policy in place?
Answer: Although transactions between the Company and its Partners can seem inherently innocent, it is
possible that the Company could be used as a conduit to utilize and hide ill-gotten funds. Not only would
the Company be facilitating such illegal transactions without an AML Policy in place, but Company assets
could also be liable to searches and seizures by appropriate authorities.

Question 2: How exactly does the AML Policy help prevent money laundering?
Answer: Simply put, the AML Policy has three key elements: (i) Partner Acceptance Policy; (ii) Partner
Identification Procedures; and (iii) Ongoing Monitoring. The first two key elements go hand-in-hand,
meaning that once the Partner’s identity is verified (through KYC), certain checks must be conducted to
ensure that the Company can accept the individual/entity as a Partner and commence a business/financial
relationship with them. Once the relationship has commenced, the third key element of the AML Policy
mandates that periodic monitoring takes place in order to ensure that no suspicious or illegal transactions
take place.

Question 3: What kind of individuals/entities qualify as ‘Partners’?

Answer: A Partner is anyone (whether it is an individual, corporation, trust, society, etc.) who has a business
or financial relationship with the Company. The nature of the business relationship is irrelevant, meaning
that a Partner could be a vendor, supplier, dealer, customer, etc.

Question 4: What does KYC mean?

Answer: ‘KYC’ refers to the procedures involved in identifying and verifying the identity of Partners through
independent and reliable sources of documents, data or information. KYC helps the Company conduct basic
due diligence and ensures that all its Partners are who they say they are.

Question 5: When do KYC procedures have to be conducted?

Answer: As a rule of thumb, KYC procedures must be conducted prior to the Company entering into the
transaction with the Partner. However, KYC procedures must also be carried out (i) if the Company has a
doubt about the authenticity/veracity of the preciously obtained Partner identification data, and (ii) if there
is any inadequacy in the previously obtained Partner identification data. Additionally, depending on the
nature and value of the transaction, KYC and Partner due diligence procedures may have to be repeated
periodically.

Question 6: How do I verify the identity of a Partner? What documents are required for the identification
process?
Answer: The documents required depend on the Partner involved in the transaction (individual,
corporation, partnership, etc). For example, if the Partner is an individual, then the Company would require
her/his Permanent Account Number (PAN Card), bank account information, GST registration (if applicable),
recent photograph, as well as any one form of Officially Valid Document (such as passport, driver’s license,
etc). If the Partner is a trust, then the Company would require the trust’s bank account information,

Page 16 of 18
Personal Account Number, GST certificate, as well as one other document to ascertain the existence of the
trust (such as its registration certificate, trust deed, etc.). For an extensive list of what documents are
required, please refer to Annexure B of the AML Policy.

Question 7: Is verification of documents the only process to be conducted?

Answer: No! Depending on the value of the transaction involved, further steps may be required for the
Company to adequately conduct due diligence on the Partner. Additionally, if the Partner in question is a
‘high-risk’ Partner, then other processes are to be followed. Please refer to the table below to see if any
further steps may be required before onboarding a Partner.

Category of Nature of Transaction Steps to be taken

Partner Due (whether in a single
Diligence (PDD) transaction or in the
aggregate for one
calendar year)
Simplified PDD Up to INR 10,00,000 Bank account no + PAN + GST (if applicable) + additional
documents as required to verify the identity of the
Partner in Annexure B of the Policy
Standard PDD INR 10,00,000 to INR Simplified PDD of the Partner + Simplified PDD of the
50,00,000 founders/directors of the Partner + Simplified PDD of
the person signing the Agreement + Authorisation
Letter to enter into the transaction
Moderate PDD INR 50,00,000 – INR Steps mentioned in Standard PDD + Personal
2,00,00,000 inspection of the office of the Partner by authorised
senior manager of the Company or above
Enhanced PDD Above INR 2,00,00,000 Steps mentioned in Standard PDD + Personal
and for high-risk inspection of the office of the Partner by authorized
Partners director of the Company or above + Third Party
background check + approval of CO/MLRO before
engaging in the transaction

Question 8: How do I identify whether a Partner is ‘high-risk?’

Answer: Annexure A of the AML Policy contains an indicative list of Partners that are considered ‘high-risk.’
This list contains a number of individuals/entities such as non-resident Partners, politically exposed persons,
persons with dubious reputation etc. For example, an individual who wishes to enter into a business
relationship with the Company may initially require only ‘simplified PDD’ to be conducted. However, once
the identity of the individual is confirmed, if the information obtained (either through simplified PDD or the
public domain) indicates that the individual is a high-risk Partner, then ‘enhanced PDD’ must be conducted.

Question 9: Who is a politically exposed person, and why are they considered high-risk?
Answer: A politically exposed person is one who has been entrusted with prominent public functions, and
typically includes heads of States or Governments, politicians, police officers, Government/judicial/military
officers etc. Due to their positions, politically exposed persons are assumed to be at greater risk of
corruption/bribery and money laundering, and are thus included in the ‘high-risk’ category.

Page 17 of 18
Question 10: Are there any other background checks that must be conducted once I confirm the identity
of the Partner?
Answer: Yes! Once the identity of the Partner is confirmed, basic background checks must be conducted to
ensure that the identity of the Partner does not match with any person with known criminal background or
with banned entities such as individual terrorists or terrorist organizations.

Question 11: Are there any exemptions provided under the AML Policy?
Answer: Yes. For Partners conducting single transactions below INR 2,00,000 or aggregate transactions in
one calendar year below INR 10,00,000, simplified PDD may be exempted but only if the CO/MLRO grants
the exemption. This exemption does not apply to Partners who are involved in the sale of cars.

Question 12: What if a high-risk Partner conducts a single transaction that is below INR 2,00,000? What
level of PDD would apply?
Answer: Regardless of the value of the transaction, a high-risk Partner always warrants enhanced PDD.
Please refer to the table above to determine what other procedures must be conducted.

Question 13: Do KYC and PDD procedures end once the Partner is onboarded?
Answer: No! For transactions warranting simplified and standard PDD, these procedures need to be
repeated once in 2 years. For transactions warranting moderate and enhanced PDD, or for transactions
involving high-risk Partners, these procedures must be repeated every year.

Question 14: How long are we expected to retain records relating to transactions?
Answer: All records relating to the identification of Partners that are obtained during the business
relationship must be retained for at least five years after the business relationship has ended.
Question 15: Under what circumstances can I divulge Partner documents?
Answer: While Partner documents may be shared internally for the limited purpose of fulfilling the
objectives under the AML Policy, do remember that these documents are treated as confidential. There are
limited exceptions to the confidentiality of Partner information, which are as follows:
 Where disclosure is under compulsion of law.
 Where there is a duty to the public to disclose.
 The interest of the Company requires disclosure.
 Where the disclosure is made with express or implied consent of the Partner.

Page 18 of 18
 Whistleblower
Policy

Policy Version: V1 Approver: Umesh Hora Published On: Apr

 Sr. No Particulars Page No.
1 Introduction 1
2 Definitions 1
3 2
Guiding Principles

4 Protection of Whistle Blower 3

5 Coverage 3
6 Exclusions 4
7 Reporting Mechanism 4
8 Complaints Management Committee 5
9 Investigation 5
10 Role of Investigator 7
11 Maintaining Confidentiality 7
12 Management Decision 8
13 Right to Amendment 8
14 Retention of Documents 8
Annexure I: Reporting Channels 9
Annexure II: The Complaints Management Committee 10
Annexure III: Frequently Asked Questions 11
1. INTRODUCTION

1.1. Girnar Software Private Limited (“Company”) believes in the highest standards of ethics and
transparency. Accordingly, all employees, board members, service providers and other individuals
either currently or previously associated or having interacted with the Company or any of its
Affiliates (defined below) in any capacity whatsoever (collectively “Covered Persons” or “Covered
Person” individually) are expected to conduct themselves in a fair and transparent manner by
adopting the highest standards of professionalism, honesty, integrity and ethical behaviour.

1.2. Any actual or potential violation of any Company policy or applicable law is a matter of serious
concern and all Covered Persons are required to report such violation or potential violation
immediately. This Policy is intended to provide a mechanism for all Covered Persons to report such
concerns and ensures that any deviations from the Company’s policies or applicable law are
addressed in a fair and unbiased manner. If any Covered Person fails to report known or suspected
violations, then they may be subject to Disciplinary Action (defined below), up to and including
termination.

2. DEFINITIONS

2.1. "Affiliate(s)” means any entity that controls, is controlled by, or is under common control of the
Company. “Control” means the direct or indirect ownership of more than fifty percent of the voting
securities of an entity or the power to control the composition of the board of directors of such
entity.

2.2. “Board” means the Board of Directors of the Company and any committee formed by the Board
of Directors in this regard.

2.3. “Company” means Girnar Software Private Limited and its subsidiaries.

2.4. “Complaints Management Committee” or “Committee”: The Complaints Management

Committee is a committee appointed by the Board of Directors of the Company where the
composition of such committee shall be as per the structure set out in Annexure II of this
document.

2.5. “Disciplinary Action” means an action that may be recommended or taken after the completion
of an investigation, including but not limited to a warning, suspension, or dismissal from official
duties or any other action as is deemed to be fit considering the gravity of the matter.

2.6. “Investigator(s)”: Selected employees or third parties charged with conducting

investigations to ascertain the credibility of a Protected Disclosure.

2.7. “Nominated Director” means a Director nominated by the Board of the Company for the
purpose of this Vigil Mechanism.

1|P a g e
2.8. “Protected disclosure”: Any communication made in good faith that discloses or
demonstrates evidence of any fraud or unethical activity or illegal conduct within the Company. A
Covered Person shall be deemed to be communicating in good faith if there is an honest intent to
act without taking an unfair advantage over another person and there is a reasonable basis for
communication of the actual or potential violation (“Good Faith”). A disclosure will not be deemed
to be in Good Faith if the Covered Person does not have personal knowledge of the actual or
potential violation or where the Covered Person knew or reasonably should have known that the
communication of the actual or potential violation was malicious, false or frivolous.

2.9. “Subject”: means a person or a group of persons against whom, or in relation to whom a Protected
Disclosure is made or evidence has been provided or gathered during the investigation. The Subject
may be an employee of the Company or otherwise associated with the Company.

2.10. “Vigil Mechanism” refers to the mechanism developed by the Company to facilitate the reporting
of any criminal act, misconduct, unethical activity or any other malpractice(s) committed by
Covered Persons.

2.11. “Whistle Blower”: A Covered Person who makes a Protected Disclosure under this Vigil
Mechanism.

3. GUIDING PRINCIPLES

3.1. To ensure effective implementation of the Vigil Mechanism, the Company shall:

• Ensure protection of the Whistle Blower against victimization or retaliation for the disclosures
made by her/him.
• Ensure complete confidentiality of the Whistle Blower’s identity and the information
provided by her/him
• Ensure that the Protected Disclosure is acted upon within specified timeframes and no evidence
is concealed or destroyed.
• Ensure that the investigation is conducted honestly, fairly and in an unbiased and
objective manner.
• Ensure that the Whistle Blower does not conduct any investigative activities of her/his own
other than as instructed or requested by the Committee.
• Ensure that the Subject or other involved persons in relation with the Protected Disclosure be
given an opportunity to be heard.
• Ensure Disciplinary Actions are taken against anyone who conceals or destroys evidence related
to Protected Disclosures.

4. PROTECTION OF WHISTLE BLOWER

4.1. Whistle Blowers have the option to keep their identity anonymous while reporting incidents to the
Committee. The Committee will make no attempt to discover the identity of an anonymous Whistle
Blower. If the Whistle Blower’s identity becomes known during the course of the investigation,

2|P a g e
 the Committee will ensure that the identity of the Whistle Blower is kept anonymous and
confidential to the extent possible, unless required by law or in legal proceedings. The identity of
the Whistle Blower may also be disclosed by the Committee if it is necessary to do so to allow the
Committee to investigate the Protected Disclosure further or if the Protected Disclosure is
identified to be false and submitted with a mala fide intent.

4.2. Any other employee serving as witness or assisting in the said investigation would also be
protected to the same extent as the Whistle Blower.

4.3. The Complaints Management Committee will safeguard the Whistle Blower from any adverse
action, even if the Protected Disclosure does not lead to an investigation or if the subsequent
investigation does not confirm any allegation, provided that the Protected Disclosure is made in
Good Faith. ‘Adverse action’ includes discrimination, victimization, retaliation, demotion or
adoption of any unfair employment practices.

4.4. Protection under this Vigil Mechanism does not mean protection from Disciplinary Action arising
out of false allegations made by a Whistle Blower.

4.5. A Whistle Blower may not be granted protection under the Vigil Mechanism if she/he is the subject
of a separate complaint or allegations related to any other misconduct.

4.6. If a Whistle Blower believes that she/he has been treated adversely as a consequence of their
use of the Vigil Mechanism, she/he may approach the Chairman of the Complaints
Management Committee in confidence. The contact information for the Chairman of the
Committee is provided in Annexure I to this document.

5. COVERAGE

5.1. All Covered Persons can raise concerns regarding malpractices and/or events which may negatively
impact the Company. Examples of such conduct are as follows:

• Inaccuracy in maintaining the Company’s books of account and financial records

• Financial misappropriation and fraud
• Procurement fraud
• Conflict of interest
• False expense reimbursements
• Misuse of Company assets & resources
• Inappropriate sharing of Company’s sensitive or confidential information
• Misuse or breach of intellectual property rights or licenses
• Corruption & bribery
• Unfair trade practices & anti-competitive behaviour
• Non-adherence to safety guidelines
• Breach of Company policies and procedures
• Any conduct which is against the legitimate interests and /or reputation of the Company.

Do note that the foregoing is only an indicative list. Other concerns and violations may also be reported.

3|P a g e
6. EXCLUSIONS

6.1. This Vigil Mechanism should NOT be used for raising malicious or mala fide allegations.

6.2. This Vigil Mechanism should NOT be used for reporting of routine or operational matters like:
a) Recruitment or job openings
b) Issues related to career progression, reassignment of duties or compensation, attendance
records, overtime, performance evaluations, increments etc.
c) Inappropriate administration facilities
d) IT assets not working properly.
e) Matters of a personal nature e.g. matrimonial disputes

6.3. This Vigil Mechanism should NOT be used for raising complaints of Sexual Harassment (these
complaints may be reported to the Internal Complaints Committee constituted as per the
Prevention of Sexual Harassment Policy. For more information on how to file a sexual harassment
complaint, please refer to https://careline.girnarsoft.com/upload/common-
policy/POSH_787733039.pdf )

7. REPORTING MECHANISM

7.1. This Vigil Mechanism is not meant to substitute regular communication protocols within the
Company, and hence as a first step, the Covered Person may choose to inform her/his immediate
supervisor or the Legal department about the suspicion/violation, if possible. Upon receipt of the
complaint, the Covered Person’s immediate supervisor or the Legal Department (as the case may
be) will forward the same to the Complaints Management Team (discussed below) for further
action. If the Covered Person perceives the issue to be important enough and the Covered Person
is not comfortable with sharing her/his concern with her/his immediate supervisor or the Legal
department, then she/he is encouraged to directly make a Protected Disclosure under this Policy.
The Company has made available certain reporting channels for this purpose which can be utilized
by the Covered Person. Details of such reporting channels can be found in Annexure I.

7.2. A team will be assigned to handle the reporting channels and to decide which Protected
Disclosures involve a prima facie case of violation of applicable law or Company policies
(“Complaints Team”). In the event that a Protected Disclosure contains prima facie evidence of
fraudulent, illegal or unethical conduct, then only those Protected Disclosures will be forwarded
to the Committee. In such instances, the Complaints Team will prepare an incident report based
on the Protected Disclosure provided by the Whistle Blower and will share the incident report with
the Committee within 3 business days. In case any member of the Committee is the subject of the
Protected Disclosure or has an actual or perceived conflict of interest with respect to the Protected
Disclosure, then the incident report will be sent only to the remaining members of the Committee.

7.3. Once the report is received by the Committee, if any member thereafter becomes aware of any
actual or perceived conflict of interest with respect to the Protected Disclosure, then such
member(s) of the Committee shall recuse themselves from further discussions or meetings on the
subject.

4|P a g e
8. COMPLAINTS MANAGEMENT COMMITTEE

8.1. In addition, under exceptional circumstances where a Whistle Blower wants to complain directly
to the Chairman of the Committee, she/he may do so at the details provided in Annexure I.

8.2. The current composition of the Committee is provided in Annexure II of this Policy.

8.3. The Committee is required to act in an unbiased manner in relation to the incident reports received
from the team handling the reporting channels.

8.4. The Committee shall take necessary actions to maintain confidentiality within the Company on
issues reported.

8.5. The Committee will be responsible for recommending disciplinary or corrective action to the Board
of Directors against the Subject if the investigation proves to be in favor of the allegations raised
by the Whistle Blower.

9. INVESTIGATION

9.1. The Complaints Team, or the Chairman of the Committee in instances where Protected Disclosures
are submitted directly to her/him, shall determine which Protected Disclosures warrant further
investigation. If, upon preliminary review of the Protection Disclosure, the Complaints Team (or
the Chairman of the Committee) determines that there aren’t sufficient facts available to pursue
the Protected Disclosure, they may consider responding to the Whistle Blower with requests for
further information. If the Whistle Blower does not respond within ten (10) business days, then
the Complaints Team (or the Chairman of the Committee) may decide to either close the matter
after documenting the reasons or nevertheless initiate an investigation.

9.2. Upon the preliminary review of the Protected Disclosure, if the Complaints Team or the Chairman
of the Committee is of the opinion that the Protected Disclosure is baseless or made with mala
fide intention, then they may decide to close the matter after documenting the reasons. However,
the Complaints Team must also present these Protected Disclosures that do not contain prima
facie evidence of fraudulent, unethical or illegal conduct before the Committee along with reasons
for why further action or investigation was not warranted, within 3 business days of the receipt of
the Protected Disclosure. In such instances, the Committee has the power to overrule the decision
of the Complaints Team and order an investigation into such Protected Disclosures, if it sees fit to
do so.

9.3. In cases where the Protected Disclosure contains prima facie evidence of wrongdoing, an
investigation must be carried out to determine the authenticity of the allegations. If the Complaints
Team/Chairman has received a complaint and is of the opinion that further investigation into the
Protected Disclosure is warranted, then the incident report will be prepared and forwarded to the
Complaints Management Committee for further action and investigation.

5|P a g e
9.4. Upon receipt of a Protected Disclosure, the Committee may choose to re-route the complaint to
the HR department of the Company, if the contents therein relate to minor employment/HR issues.

9.5. The Committee (or the Chairman) will identify and appoint the individuals who will conduct the
investigation based on the nature of the issue(s) reported (“Investigators”). The Committee (or the
Chairman) may also decide, at their sole discretion, to appoint a third party (e.g., law firm,
investigator, consulting firm) to conduct an investigation in its entirety and provide the Committee
with a report of its findings and conclusions.

9.6. The investigation team should not consist of any Investigators with possible involvement in the
said allegation.

9.7. During the course of the investigation:

(a) The Investigators will be given authority to take decisions related to the investigation. All
Covered Persons are required to co-operate with the Investigators in this regard.
(b) Any required information related to the scope of the allegation would be made available to
the Investigators.

9.8. The findings of the investigation should be submitted to the Complaints Management Committee
by the Investigators with all supporting documents.

9.9. Subjects will normally be informed of the allegations at an appropriate time during the
investigation.

9.10. The Subject shall have the right to be heard and shall have adequate time and opportunity to
communicate her/his explanation on the matter.

9.11. Subjects also have a responsibility to refrain from interfering with the investigation. Evidence shall
not be withheld, destroyed, or tampered with, and witnesses shall not be influenced, coached,
threatened, or intimidated by the Subject or any other Covered Person. Any contravention of the
foregoing may lead to strict action being taken against the concerned person, including
termination of employment or formal legal proceedings.

9.12. Where the Investigators decide to conduct interviews, they may choose to record such interviews.
The person being interviewed, however, cannot record the interview.

9.13. Persons being interviewed by Investigators are not allowed to involve the services of an advocate
or a third party in the investigation process or have such persons be present in the interview room.

9.14. Best efforts shall be made for the investigation to be concluded within ninety (90) business days
of the receipt of the Protected Disclosure. If, for any reason, the investigation cannot be concluded
within 90 business days, then an extension may be granted by the Chairman of the Committee and
the reasons for the failure to conclude such investigation within the stipulated timeline shall be
recorded in writing.

6|P a g e
9.15. The result of the investigation may be communicated to the Whistle Blower, at the Committee’s
sole discretion, and a copy of the report shall be tabled before the Board of the Company by the
Committee.

10. ROLE OF INVESTIGATORS

10.1. A structured approach should be followed to ascertain the credibility of the charge. Furthermore,
Investigators must:

• Ensure that confidentiality and secrecy are maintained with respect to the issue reported and
the Subject.
• Provide timely updates to the Committee on the progress of the investigation.
• Ensure that the investigation is carried out in an independent and unbiased manner.
• Document the entire approach of the investigation.
• Ensure that a comprehensive investigation report, which includes the approach of
investigation, is submitted to the Committee with all the documents in support of the
observations.

11. MAINTAINING CONFIDENTIALITY

11.1. The Company expects individuals involved in the processing, review or investigation of Protected
Disclosures to maintain complete confidentiality with respect to the contents therein. Accordingly,
all such individuals are expected to:

• Maintain complete confidentiality and secrecy of the matter.

• Refrain from discussing Protected Disclosures in social gatherings or with individuals who are
not involved in the review or investigation of the matter.
• Only discuss the Protected Disclosure with persons authorized to investigate the Protected
Disclosure if required for the purpose of completing the investigation.
• Ensure confidentiality of documents reviewed during the investigation.

12. MANAGEMENT DECISION

12.1. The Board will decide on the disciplinary or corrective action against the Subject as per the
Company’s disciplinary procedures and can also take legal action, if required.

12.2. The decision of the Board should be considered as final and no challenge against the decision
would be entertained unless additional information becomes available.

12.3. In case of frivolous or false complaints, action may be taken against the Whistle blower.

13. RIGHT TO AMENDMENT

7|P a g e
13.1. The Company retains the right to amend or modify this Policy in whole or in part at
any time without assigning any reason whatsoever. Any such amendment will be made by the
Committee members only after obtaining the requisite internal approvals.

14. RETENTION OF DOCUMENTS

14.1. Any information or documents received or provided in relation to the Protected Disclosure will be
retained as per statutory requirements and/or internal requirements of the Company.

8|P a g e
 Annexure - I

Reporting Channels

S.No Reporting Channel Contact Information Availability

1 Email speakup@girnarsoft.com 24 hours a day

Emaar Digital Greens 11th Floor, Tower B 24 hours a day

2 Post
Sohna Road, Baharampur Naya, Sector
61, Ghata, Haryana
122102

The contact information for the Chairman of the Complaints Management Committee is: - Mr.

Amit Jain,

Chairman of Complaints Management Committee

Emaar Digital Greens 11th Floor, Tower B Sohna Road,

Baharampur Naya, Sector 61, Ghata, Haryana 122102

9|P a g e
The Complaints Management Committee

The current Complaints Management Committee of the Company comprises the following members:

S.No Individual Designation

1 Amit Jain Chairman

2 Chief Human Resources Officer Member

3 Chief Financial Officer Member

4 General Counsel Member

5 Abhinav Mishra Secretary

10 | P a g e
 Annexure III – Frequently Asked Questions

Question 1: I have come across some wrongdoing in the Company. What should I do?
Answer: Once you are aware of an actual or potential violation of applicable law or Company policy, you may use any of the
following channels to report the complaint:
 Report it to your immediate superior or the Legal department, if possible.
 If you are of the opinion that the suspicion or violation is of enough significance to make a Protected Disclosure,
you may do so (as mentioned in Section 7 of this Policy).
 Under exceptional circumstances, you can complain directly to the Chairman of the Committee, using details as
provided in Annexure I.
Question 2: I’ve heard from a few sources that a particular individual has committed an illegal act in relation to the
Company, but I have no personal knowledge of it and neither do I have evidence regarding the alleged
misconduct/wrongdoing. Should I still report the incident using the Vigil Mechanism?
Answer: While reporting incidents using the Vigil Mechanism, it is important to keep the following in mind:
 All Protected Disclosure(s) should have a reasonable basis for communication of the actual or potential violation.
 Protected Disclosure(s) should be based on personal knowledge of the actual or potential violation and not based
on rumours.

In this instance, since you do not have personal knowledge or are privy to any evidence of wrongdoing, you should not report
the rumours using the Vigil Mechanism.

Question 3: Will there be any disciplinary action taken against me if the allegations made in the Protected Disclosure are
not proved subsequently?
Answer: Whistle Blowers are safeguarded under this Policy from any adverse action, even if the Protected Disclosure does not
lead to an investigation or if the subsequent investigation does not confirm any allegation, provided it is made in Good Faith. A
Protected Disclosure is not made in Good Faith when the Whistle Blower does not have personal knowledge of the actual or
potential violation or where the Whistle Blower knows or reasonably should have known that the communication of the actual
or potential violation was malicious, false or frivolous.

Question 4: How can I report a complaint under this Policy?

Answer: Whistle Blowers can make a Protected Disclosure either via
(i) Email: Speakup@girnarsoft.com; or
(ii) Post: Emaar Digital Greens 11th Floor, Tower B Sohna Road, Baharampur Naya, Sector 61, Ghata, Haryana
122102

In exceptional circumstances, the Whistle Blower can submit a Protected Disclosure directly to the Chairman of the Committee.

Question 5: What are the exceptional circumstances under which a Protected Disclosure can be submitted directly to the
Chairman of the Committee?
Answer: While it is impossible to outline all such instances, a few examples include where the Protected Disclosure involves
one or more members of the Complaints Management Committee or where one or more of the Complaints Management
Committee members have an actual or perceived conflict of interest with the contents of the Protected Disclosure.

Question 6: Can I report incidents anonymously?

Answer: Yes, you have the option to keep your identity anonymous while reporting the incident.

11 | P a g e
Question 7: Will I be called in for questioning or for a face-to-face interview if I make a Protected Disclosure?
Answer: As Whistle Blowers have the right under this Policy to make Protected Disclosures anonymously, they can deny any
requests for a face-to-face interview or discussion. However, Whistle Blowers may be asked to provide further documents or
evidence relating to a Protected Disclosure, which may be submitted anonymously.

Question 8: Is there any time limit for reporting an incident?

Answer: There is no time limit for reporting incidents. However, you are encouraged to report the incident as soon as you
become aware of the actual or potential violation. Bear in mind that it is the duty of every Covered Person to report all actual or
potential violations of applicable law or Company policies and failure to do so may result in Disciplinary Action (as defined in
Section 2.5 of the Policy).

Question 9: Can I assist in the investigation or gathering of evidence after I have made a Protected Disclosure under this
Policy?
Answer: You are prohibited from conducting any investigative activities of your own unless instructed or requested by the
Committee.

Question 10: What are examples of issues that cannot be reported using the Vigil Mechanism?
Answer: The following list contains examples of issues that cannot be reported using the Vigil Mechanism:
 Issues with increments, promotions, bonus entitlements, performance evaluations overtime compensation
amounts, attendance records, etc.

 Petty disputes with co-workers or other employees;

 Matters of a personal nature;

 Inappropriate administration facilities;

 IT assets not functioning properly;

 Matters pertaining to sexual harassment.

Question 11: What protections are available to me as a Whistle Blower?

Answer: Whistle Blowers are entitled to the following protections:
 Whistle Blowers are ensured protection against victimisation or retaliation for any Protected Disclosures made
under this Policy.
 The identity of the Whistle Blower will also be kept anonymous and confidential and disclosed only in certain
exceptional circumstances which have been set out in detail in the Policy.

Question 12: How long will it take to complete the investigation into the incident reported?
Answer: The Complaints Management Committee shall try its best to conclude the investigation within 30 business days of the
receipt of the Protected Disclosure. Where this is not possible, an extension may be granted by the Chairman of the Committee.

Question 13: Will I be informed of the result of the investigation?

Answer: The Whistle Blower does not have the right to be informed of the result of the investigation. However, the Committee
may choose to do so, at its sole discretion.

Question 14: Am I obligated to report an incident under this Policy if I am aware of a suspected violation?
Answer: This Vigil Mechanism Policy applies to all Covered Persons (as defined in Section 1 of this Policy) and the Company
expects each Covered Person to conduct themselves in a fair and transparent manner by adopting the highest standards of
professionalism, honesty, integrity and ethical behaviour. Accordingly, this Policy mandates that all Covered Persons report any
12 | P a g e
actual or potential violation of applicable law or code as soon as they are aware of the same. If any Covered Person fails to report
known or suspected violations, then they may be subject to Disciplinary Action (as defined in Section 2.5 of the Policy), up to
and including termination.

Question 15: Will I get any reward for reporting an incident?

Answer: No, the Whistle Blower will not receive a reward for submitting a Protected Disclosure. Please remember that it is your
duty to report any actual or potential violations of applicable law or Company policies.

13 | P a g e