Riskonnect Code of Supplier Conduct

This Code of Supplier Responsibility is for all suppliers. It defines what we expect from you in terms of responsible business, sustainability practice and behavior.

Supplier definition: We define a supplier as any third-party organization that provides goods or services to Riskonnect. This definition does not include individual contractors, agents, or intermediaries.

Introduction

Riskonnect aims to be the best risk management technology provider for customers and shareholders, while living our core value of #Community. To meet our objectives and purpose, it is crucial that we act in a responsible, sustainable, and inclusive manner. This includes the way in which we source goods and services from our suppliers. Riskonnect’s aim is to be a leader in supporting a more sustainable, low-carbon economy. We recognize both the importance of understanding and mitigating climate risks, as well as the moral and commercial imperative for organizations to reduce their environmental impact.

What You Need to Do:

  • Confirm your agreement to comply with this code (and any future revisions) when you agree to the contract terms.
  • Explain the principles of this code to your employees and key subcontractors that support Riskonnect or work on our projects.
  • Ensure fair and honest business with all your stakeholders, including employees, subcontractors, and other third parties.
  • Inform us if anything changes and you are unable to comply with the code. You are encouraged to speak up if you are concerned about any actions or decisions that contravene the standards set out in this code. Let us know if you would like to collaborate on any specific areas relating to responsible business or sustainability.

How to Speak Up:

Suppliers are required to promptly report to Riskonnect legal violations or violations of the code or other Riskonnect policy. Suppliers must promptly forward to Riskonnect, if permitted by law, any subpoenas, regulatory requests, media inquiries, or other third-party requests concerning Riskonnect.
Email supplier@riskonnect.com

What We Expect of You

Our expectations for our suppliers in terms of responsible business, sustainability practice, and behavior are grouped into six key areas:

  • Ethics and Integrity
  • Human Rights
  • Health and Safety
  • Data Privacy and Security
  • Supply Chain
  • Inclusion and Diversity
  • Doing Business Responsibly
  • Doing Business Sustainably

In each case, we describe our minimum expectations using the term “we expect.” In some areas, we aspire to meet certain standards, and in these cases, we use the term “we encourage.”

Ethics and Integrity

We expect all our suppliers to operate with ethics and integrity, both within your own operations but also those in your supply chain. We expect you to:

  • Comply with requirements of all applicable bribery and anticorruption laws (e.g., U.S. Foreign Corrupt Practices Act, UK Bribery Act).
  • Not to offer or accept any gift to obtain improper advantages or influence for the supplier, Riskonnect (such as Riskonnect’s employees and their family members and associates), or any third party. Gifts include a benefit, fees, commissions, dividends, cash, gratuity, services, or any inducements.
  • Have a policy and process for reporting workplace concerns. The policy and process should be transparent and understandable and should protect reporting and participating individuals from retaliation.
Human Rights

We expect all suppliers to respect human rights, both of your own workforce and those in your supply chain. We expect you to:

  • Respect the human rights of your employees and comply with all relevant legislation, regulations, and directives – including the Modern Slavery Act and its reporting obligations – in the countries and communities in which you operate.
  • Prohibit forced labor (slavery) and human trafficking in your supply chain and give all employees the right and ability to leave employment if they choose.
  • Prohibit child labor.
  • Ensure that wages meet legally mandated minima without unauthorized deductions.
  • Allow your employees to legally organize and join associations (such as labor unions).
  • Provide clear and uniformly applied disciplinary and grievance procedures, including prohibiting mental, physical, or verbal abuse.
  • Ensure working hours are in accordance with local regulation and industry practice, and voluntary overtime is at a manageable level.
Health and Safety

We expect all suppliers to operate in a manner which is safe. We expect you to:

  • Provide a safe work environment abiding by local laws and regulations, respecting the health and well-being of your employees and any subcontractors.
  • Have a written health and safety policy.
Data Privacy and Security

We expect all suppliers to operate in a manner which protects Riskonnect and Riskonnect employee and client information. We expect you to:

  • Protect Riskonnect and its clients’ confidential assets and information.
  • Protect personal information in compliance with all applicable local laws. Personal information provided by or on behalf of Riskonnect should only be used, accessed, and disclosed as permitted by the supplier agreement.
  • Design and maintain processes to provide appropriate protections for this information.
Supply Chain

We expect all suppliers to manage their own suppliers in a responsible and sustainable manner. We expect you to:

  • Manage your own suppliers appropriately to mitigate supply-chain risks.
  • Consider the ethical and sustainable practices of your supply chain and proactively work with suppliers that represent a material risk on such issues.

We encourage you to:

  • Have your own code of supplier responsibility that your suppliers are required to comply with.
  • Strive for a supply base that is inclusive and diverse (namely supporting SMEs, social enterprises, as well as under-represented groups).
  • Understand the ethical and sustainability-related practices of your supply chain so you can either collaborate on best practice or offer support on improvements where appropriate.
Inclusion and Diversity

We expect all suppliers to understand our vision in relation to inclusion and diversity. We expect you to:

  • Treat all employees fairly and not discriminate against any group in your employment practices based on gender, race, age, sexual orientation, gender identity, disability, faith, or family circumstances.
  • Proactively support the development of an inclusive and diverse workforce, including fair representation of women, disabled, LGBT* and BAME employees.

We encourage you to:

  • Have a documented inclusion and diversity statement or set of statements within your policy framework.
  • Encourage positive mental health at work and have a documented mental health and well-being strategy.
Doing Business Responsibly

We expect all suppliers to act with honesty and integrity, managing their business ethically and responsibly. We expect you to have identified and understand the risks in your business and to:

  • Have a written responsible business strategy which sets out your approach, governance, and the steps you take to ensure you are doing business responsibly.
  • Adopt your own code of supplier responsibility or a similar policy or statement that covers adherence to local laws, bribery and corruption, and business integrity (including improper payments, conflicts of interest, fraud, competition, gifts and hospitality, and brand and intellectual property protection).

We encourage you to:

  • Support and improve the communities where you operate from an environmental, social, and/or economic perspective.
Doing Business Sustainably

All businesses have a responsibility to proactively manage – and reduce – their environmental impact. We expect you to understand these impacts and to:

  • Abide by all legislation and regulations related to environmental protection.
  • Have a written environmental policy which is appropriate and relevant for your operations.
  • Have a sustainability strategy which sets out how your organization is working to reduce your environmental impacts and support the transition to a low-carbon economy.

We encourage you to:

  • Ensure that climate change is embedded within the strategy and governance of the organization so that related risks and opportunities are managed appropriately.
  • Collaborate with us to help reduce our environmental impacts (which include carbon reduction, energy consumption, travel, water consumption, and operational waste).
  • Measure your organization’s environmental impact and put in place plans to reduce these impacts.
  • Understand and mitigate the risks that climate change poses to your business.
Riskonnect’s Rights

Riskonnect reserves the following rights to ensure and enforce suppliers’ compliance with the code. Riskonnect will evaluate suppliers’ compliance with the code during the suppliers’ evaluation and selection process or upon Riskonnect’s request. Suppliers may be periodically asked to reaffirm compliance with the code. The code is not meant to, and does not, supersede any applicable law or any term in an agreement between Riskonnect and a supplier. To the extent there is any conflict between this code and any applicable law or provision of any agreement, the applicable law or agreement controls. Riskonnect reserves the right to update or change the code requirements upon notice.