Whistle blower policy

Copyright © 2021, Guaranty Trust Holding Company plc.

This Whistleblowing Policy is the property of Guaranty Trust Holding Company plc (“the Company”), Plot 635, Akin Adesola Street, Victoria Island, Lagos, Nigeria and is for the sole use of individuals working for the Company, its subsidiaries, and related entities (“the Group”).

The aim of the policy is to set out the guidelines and principles for reporting, receiving and addressing concerns brought forward by whistleblowers across the Group as well as the protective measures in place for whistleblowers. Whistleblowing refers to concerns raised around behaviours that do not align with internal policies, laws, regulations and our core values. These behaviours include, but are not limited to, corrupt or illegal activity, contraventions to anti-money laundering laws, fraud, negligence and deception.

The objective of this policy is to raise awareness among employees, customers, shareholders and other stakeholders to drive adherence to the applicable laws and regulations relating to Whistleblowing and Disclosure requirements, particularly those issued by the apex regulators of each of the industries in which the Group entities operate.

The information and guidance contained in this Policy is confidential and may not be disclosed to any third party unless the prior consent of the Company has been obtained.

The information and guidance given in this Policy shall be reviewed every three years or where the need arises based on new developments in relevant laws and regulations. The review shall be carried out by the Risk and Compliance Group.

Employees are reminded that compliance with this Policy forms an essential part of their contract of employment. While most issues can be addressed, one-off scenarios may arise, and such cases should be referred to the Risk Management and Compliance Group of the Company.

The Company is committed to the highest possible standards of openness, probity, and accountability. In line with this commitment, we expect employees, and others who have serious concerns about any aspect of the Company's operations and activities to come forward and voice those concerns.

To foster a healthy Corporate Governance environment within any institution, it is important that there are robust policies around Ethics, Professional Conduct and

Corporate Governance which are well documented and communicated.

This Whistle Blowing Policy (hereinafter referred to as “the Policy”) was developed in accordance with the Central Bank of Nigeria (CBN) Guidelines for Whistle blowing for Banks and Other Financial institutions in Nigeria, Whistle blowing guidelines for Pensions, National Pension Commission (hereinafter referred to as “the Guidelines”), Securities and Exchange Commission (hereinafter referred to as “the Guidelines”)

Whistleblowing in the workplace involves disclosure about unauthorized, unlawful, and unethical activities, concerns relating to health and safety law, financial mismanagement or corruption, environmental matters, and any breach of the corporate governance code that might affect people, employees and the Company. The information is received through dedicated internet and intranet links.

Whistle blower is any person or entity making a protected disclosure about improper or illegal activities in the Company or externally that involves the Company’s employee and could mar public perception of the Company.

A whistle blower can be any of the following:

• Employees
• Stakeholders of the Company and the Group
• Third parties such as vendors and other interested parties
• Relatives of any of the above categories

• To encourage and facilitate exposure of activities that are illegal, unethical, unauthorized, and harmful to the Company, employees, stakeholders, the Group and general public.
• To ensure that disclosures by whistleblowers are properly assessed, investigated and actioned.
• To offer protection to whistleblowers from reprisals (victimization and dismissals) taken against them as a result of their having made the disclosure in good faith backed by true and reasonable facts and/or evidence.
• Take appropriate action against any person who engages in retaliatory conduct prohibited by the Policy.

The objective of the policy is to set guidelines against unprofessional misconducts, breach of ethics and other activities that have harmful effects. The policy also aims at ensuring adherence to the applicable laws and regulations relating to Whistleblowing and Disclosure requirements, particularly the Central Bank of Nigeria Guidelines for Whistle Blowing for Banks and other Financial Institutions.

Whistleblowing reports are not limited to fraud, theft, or corruption, but may also include possible misconduct and malpractices including behaviour that contravenes the Company’s policies, and procedures. These malpractices may include past, present, or continued events.

Whistleblowing procedures are designed to encourage employees to voice concerns internally and promptly, to prevent or remedy acts of misconduct. This Policy does not replace or alter the Company’s policies and procedures for individual employee grievances or complaints relating to job performance, terms, and conditions of employment, which will continue to be administered and reviewed by the Company’s Human Resources Department.

Other key objectives of the policy include:

• To provide avenues for employees to raise concerns and define ways to handle these concerns.
• To enable Management to be informed at an early stage about acts of misconduct, unethical conduct and illegal activities.
• To obtain feedback from stakeholders on observed procedural/ethical misconducts and also implement an effective resolution system.
• To reassure employees that they will be protected from punishment or unfair treatment for disclosing concerns in good faith in accordance with this procedure.
• To help develop a culture of openness, accountability and integrity.
• Adherence to regulatory guidelines and best practices on corporate governance.
• Avert sanctions from regulatory authorities.
• Avert negative publicity.

The policy applies to all employees, (including those designated as casual workers, temporary and agency workers), contractors and suppliers of the Company. It also includes any employee of any entity under the Group.

Internal Whistleblowing platform: Located on the Company’s intranet platform and accessible to only employees.

External Whistleblowing Platform: Located on the Company’s website and accessible to all concerned parties.

The scope of this policy in requires the reporting of these type of incidents:

• All forms of financial malpractice or impropriety fraud;
• Conduct which is an offence or a breach of law;
• Failure to comply with a legal or regulatory obligation;
• Disclosures related to miscarriages of justice;
• Health, Safety and Environmental risks, including risks to the public as well as other employees;
• Breach of the Company’s Policies and Operational Guidelines;
• Acts of bullying or undue harassment;
• Damage to the environment
• Cases of theft, frauds, forgeries, or the unauthorized use of funds;
• Improper conduct or unethical behaviour;
• Acts of discrimination;
• Leaking of confidential or proprietary information;
• Activities involving corrupt practices;
• Sexual, physical, or other abuse of employees or clients;
• Actions which are unprofessional, unethical, inappropriate or in conflict with a general understanding of what is right and wrong.
• Other forms of Corporate Governance breaches;
• Abuse of expense policy; Concealment of any of the above.

Notwithstanding, the scope above, each subsidiary shall have its own Whistle blowing policy which shall align with their local regulations. The scope may also extend to matters relating to the Group outside its local jurisdiction.

Stakeholders in the Guaranty Trust Pension Managers are guided to identify breaches in line with the categories below:

• Red Scenarios are breaches which are materially significant as they pose significant risk to a contributor’s interest.
• Green Scenarios are breaches which are not materially significant and do not have to be reported but should be recorded.
• Amber Scenarios are less significant, the context of the breach should be taken into account to determine if materially significant and should be reported.

All disclosures will be treated in strict confidence and the identity of the whistleblower will not be revealed except where required for security, regulatory or legal purposes. At such instances, the whistleblower may need to come forward as a witness or to aid ongoing investigation. The disclosure as best as possible should be backed by facts and/or evidence, to avoid victimization or undue embarrassment of innocent employees or third parties wrongly accused or implicated in the disclosure.

The Company will ensure that all whistleblowers found not to be involved in the incidents reported are not exposed to harassment, victimization, or embarrassment (including informal pressures, dismissal, termination, redundancy, undue influence, duress, withholding of benefits and/or entitlements). Appropriate actions will be taken to protect all whistleblowers.

This policy will not prevent any whistleblower from revealing his identity if it is a wilful decision as to do so would allow for additional information to be obtained, if required.

Where the whistleblower is from the Guaranty Trust Pension Fund, the whistle blower is encouraged to put his/her name to his/her allegations. Concerns expressed anonymously shall be much less powerful, but they shall be considered at the discretion of the organization.

The following guidelines should be noted:

• Information provided should be disclosed in good faith backed by true and reasonable facts and/or evidence where possible;
• The whistleblower/reporter should ensure that the disclosure is substantially true;
• Whistleblowing is not to be used for malicious acts, personal vendetta, smear campaigns and for making false allegations;
• The Whistle Blower shall be contacted by any of the recipients of the report where additional information is required.

Any whistleblower who has suffered any detriment or has unjustly been a victim of harassment, victimization or embarrassment as a result of a disclosure made in line with whistle-blowing policy shall be entitled to compensation and/or reinstatement as recommended by the Disciplinary Committee or Committee set up to investigate whistleblowing reports, in line with the respective regulatory guidelines.

Whistleblower

Whistle-blowers may be the Company’s employees, employees of any entity under the Group, applicants for employment, vendors, contractors, or general public.

The whistle-blower’s role is as a reporting party. The whistle blower is not an investigator or finder of fact nor does he or she determine the appropriate corrective or remedial action that may be warranted.

Employees

All employees must familiarize themselves with the contents of this policy. It is the responsibility of employees to blow the whistle on any suspicion of malpractice or unauthorized activities that constitute fraud or other illegality where such allegations are reasonably supported by some proof or evidence.

Recipients of Whistle Blowing Reports

The following recipients shall receive Whistle Blowing Reports in the Group:

• Head, Internal Audit
• Head, Human Resources
• Head, Compliance

The Heads of Internal Audit, Human Resources and Compliance shall have the authority to handle all matters within their purview confidentially and promptly. It is their responsibility to ensure that investigations are kept strictly confidential, and the identity of the whistleblower if discovered is kept secret to prevent victimization. Investigations shall be independent and unbiased both in fact and appearance.

Disciplinary Committee

The Disciplinary Committee will be responsible for examining alleged breaches of discipline and adjudicating on them.

Investigation Participants

Employees who are interviewed or asked to provide information have a duty to fully co-operate with the investigators. Participants should refrain from discussing or disclosing matters concerning the investigations. Appropriate sanctions as determined by the Committee, may be applied for refusal to co-operate with on-going investigation by employees or divulging information on investigation proceedings with other employees or unauthorized persons.

Implicated persons

Implicated persons have a duty to cooperate with investigators. The identity of Implicated persons shall remain confidential. The Committee in conjunction with relevant members of Senior Management may decide to involve law enforcement officers where this becomes necessary during the investigation.

The Head of Internal Audit shall be responsible for monitoring the whistle blowing channels to review reported cases and initiate appropriate action, if necessary at the level of the Board or the Managing Director to redress the situation.

The Head of Internal Audit shall provide the Chairman of the Audit Committee with a summary of reported cases, cases investigated, the process of investigation and the result of the investigation.

The Head of Risk and Compliance in the Company shall ensure quarterly returns to the CBN and NDIC on all whistle-blowing reports which shall include details of all reviews of the whistle blowing policy.

He/She shall also be responsible for the inclusion of a Whistle-blowing Compliance Status report in the Company’s audited financial statement and for rendition of the Company’s corporate governance activities and status to relevant regulatory authorities.

The Whistleblowing method consists of a secure portal (hosted on both the intranet and internet) where the disclosure or whistleblowing information is logged and thereafter a notification email is sent to all recipients of the Whistleblowing Reports and investigation commences.

Whistleblowing information can also be provided by sending an email to whistleblow@gtcoplc.com

The Head of Internal Audit would be responsible for proper handling of all whistleblower investigations and reporting whilst ensuring that investigations are carried out using appropriate channels, resources and expertise in a very discreet and secure way.

The number of reports received would be sent to Management monthly indicating the number of actual leads reported through available Whistleblower media channels.

The Heads of Internal Audit, Human Resources, Risk and Compliance shall have the following powers under the Whistle Blowing Policy:

1. The power to investigate all reports, concerns, allegations and claims within their purview made through the Whistle Blowing platform.
2. They shall make appropriate recommendations based on findings from investigations carried out.
3. They shall escalate identified issues to the relevant stakeholders (strictly on a need-to-know basis, whilst still ensuring safety of the whistleblower) for redress/implementation of corrective measures.
4. They shall have the right to conceal the whistle blower’s identity, where known, if this would aid on-going investigations or for protection of the whistleblower.
5. Where any recipient of the Whistle Blowing report is implicated or identified as the offender by the whistle-blower, the report shall be sent to the MD/Group CEO who shall refer the matter to the Disciplinary Committee or constitute a special committee to investigate the report and make appropriate recommendations.
6. All recommendations and findings of the Disciplinary Committee or the special committee appointed by the MD/Group CEO shall be sent to the MD/Group CEO for approval.

1. A disclosure or whistle blowing report is deemed to have been made or submitted in accordance with this policy if the whistle blower:
   1. Discloses to the Company using the whistle blowing portals created;
   2. Makes a report to any of the recipients the Whistle Blowing reports listed in this document through any medium other than the whistleblowing portal (private email, anonymous message or phone call);
   3. Logs a report with any authorized body or regulator. (CBN, the Company’s External Auditors).
2. All received reports logged on the Whistleblowing platform are classified as sensitive and confidential; details of same should not be revealed to, or discussed with persons who are not recipients of the Whistleblowing Report.
3. Where detailed investigation requires the intervention of non-recipients of the Whistleblowing Report, necessary information may be provided without revealing the identity of the whistleblower, if known.
4. Administrative rights and access to the Whistleblowing platform should be restricted to recipients of the Whistleblowing Report.
5. Information Technology Group shall ensure absolute anonymity and confidentiality of whistle-blowers using platforms available on the intranet and website of the Company.