Whistleblower 'Speak Up' Policy

Applicability: This Policy applies to all employees, contractors, agents, subsidiaries, and any other
individuals or entities acting on behalf of Kpler. It covers all business activities conducted by Kpler,
including interactions with government officials, customers, suppliers, competitors, and any other
third parties.


Adherence: Kpler’s position on global Whistleblower ‘Speak Up’ Policy (the ‘Policy’) is mandatory.
This Policy is to help You make informed decisions as to when and how to speak up.


1. Overview and Introduction


1.1 Kpler is committed to promoting ethical and responsible behaviour, whilst maintaining a culture
of transparency and accountability. This Policy sets out the procedure for reporting concerns about
wrongdoing, and the protection that will be provided to whistleblowers under European legislation
and other relevant laws and regulations. In addition, this Policy provides guidance to Kpler
employees as well as other interested third parties (customers, vendors, contractors, etc.) who wish
to report known or suspected breaches of law, regulation and/or Kpler policy.


2. Policy Statement

2.1 This Policy aims to enable and encourage You to raise concerns within Kpler. It recognises a
worker’s legal rights to make a protected disclosure to certain prescribed persons or bodies under
the applicable laws and regulations, including the Directive (EU) 2019/1937.


2.2 It is important to Kpler that any fraud, misconduct or wrongdoing within its organisation is
reported and properly dealt with. Kpler is committed to tackle malpractice and wrongdoing.
Everyone should be aware of the importance of preventing and eliminating wrongdoing at work.

2.3 Kpler encourages staff to use internal mechanisms for reporting malpractice or illegal acts or
omissions by employees, ex-employees and third parties. Employees will be listened to and serious
concerns will be investigated.

2.4 Kpler will ensure that all new employees, supervisors and managers will receive induction on the
Policy and will provide training to all members of staff so that they are aware of whistleblowing laws
and regulations and know how to use this policy. In addition, Kpler will provide training to all
managers enabling them to deal with concerns that are raised and is committed to treating all
disclosures consistently and fairly.

2.5 Adequate resources will be made available to fulfil the aims of this Policy. The Policy will be
widely promoted, and displayed through the staff intranet.

2.6 The Policy allows You to take the matter further if You are dissatisfied with the management
response and aims to reassure that You will be protected from harassment or victimisation from
co-workers and/or from Kpler employees for raising concerns.


2.7 At Kpler, we are committed to maintaining the highest standards of ethical behaviour,
transparency and accountability in all aspects of our operations. We value Your role in helping us

identify and address any misconduct, unethical practices, violations of laws or regulations, and/or
any other concerns that could adversely affect Kpler and our stakeholders. The present Policy
outlines the mechanisms and protections we provide to encourage and support individuals who wish
to report such wrongdoing in good faith.


3. Definitions and Scope

3.1 This Policy applies to all employees, contractors, consultants, agents, and stakeholders of Kpler
worldwide.


3.2 For the purpose of this Policy, Kpler recognises that ‘Whistleblowing’ is the term used for
confidential disclosure of information about wrongdoing in and outside work. The whistleblower
must reasonably believe that they are acting in the public interest.

3.3 The statutory categories for wrongdoing are:

  • Criminal offences (such as insurance fraud or illegal tax evasion)
  • Breaches of any legal obligations
  • Miscarriages of justice
  • Endangering an individual’s health and safety
  • Damage to the environment
  • Deliberate concealment of information about any of the above.


3.4 Examples of wrongdoing might include (but are not restricted to):

  • Gross misconduct
  • A criminal offence that has been, is being, or is likely to be committed
  • General malpractice such as immoral or unethical conduct
  • A danger to the health and safety of an individual
  • Discrimination of any kind
  • Bribery and Corruption
  • Misuse and Misappropriation of Company Property
  • Fraudulent Acts
  • Theft and Embezzlement
  • Abuse of Power
  • Conflicts of Interest
  • Non-Compliance of Company Procedures and Policies
  • Any other wrongdoing which will, or may, impact the activities or reputation of Kpler.


3.5 It is not necessary for the member of staff to have proof that wrongdoing is being, has been, or is
likely to be committed. A reasonable belief is sufficient to disclose the concern. The member of staff
has no responsibility for investigating the wrongdoing. It is Kpler’s responsibility to ensure that an
investigation takes place.


3.6 A member of staff who makes such a protected disclosure has the right not to be dismissed,
subjected to any other detriment, or victimised, because they have made a disclosure.


3.7 This Policy will be reviewed annually from the date of issue in conjunction with the senior
management team. Where review is necessary due to legislative change, this will happen
immediately and will be carried out by the Legal, Risk and Compliance department.

4. Roles and Responsibilities


4.1 Kpler’s senior management team is responsible and accountable for this Policy and procedure
and will:

  • Demonstrate commitment to developing an open culture within the organisation, through
    actions and strategy
  • Receive and review annual reports on whistleblowing activity


4.2 You have a duty to report wrongdoing (whistleblow) under the circumstances set out in Section 3
of this Policy.


4.3 Direct managers and/or VP stakeholders of the relevant department are responsible for:

  • Ensuring all staff are aware of this Policy, procedure and their responsibilities
  • Encouraging staff to report concerns to their direct manager in the first instance
  • Investigating issues raised promptly and thoroughly where such matters are raised and
    reported to them at first instance
  • Fostering an open culture within their teams
  • Ensuring any whistleblower is not subject to detriment where managers are aware of the
    report
  • Escalating issues and engaging the support of senior managers or to the HR department, as
    necessary.


4.4 The Legal, Risk and Compliance Team leads responsibility for the whistleblowing Policy and
related procedure and for dealing with issues raised:

  • Oversee and review the Policy and procedure
  • Provide advice and support to managers and employees
  • Ensure learning from whistleblowing cases is fed back to the wider organisation
  • Ensure managers are trained in dealing with issues
  • Investigate issues raised with them directly promptly and thoroughly
  • Inform all reported disclosures to the senior management team and the actions being taken
  • Ensure the process is monitored and improved where required
  • Provide reports on whistleblowing activity on an annual basis to the senior management
    team.

5. How to raise a concern


5.1 In many circumstances, the easiest way a member of staff can get their concern resolved will be
to raise it formally or informally with their direct manager and/or the VP stakeholders of the relevant
department, who should report it to the designated officer, a senior member of the People Team
and/or LRC department.


5.2 If this is not appropriate as the concern relates to the direct manager and/or the VP stakeholders
of the relevant department, or if the member of staff does not feel able to raise it with them or if
raising it with their direct manager and/or the VP stakeholders of the relevant department do not
resolve matters, the member of staff can approach a designated officer directly. The designated
officer will then confirm how the matter will be investigated.


5.3 Concerns are encouraged to be raised in writing. The email should set out the background and
history of the concerns, giving names, dates and places where possible, and the reason why the
member of staff is making the disclosure. If the individual does not feel able to make the disclosure
in writing, a face to face meeting can be arranged instead. Please refer to the next section ‘Reporting
Mechanisms’.


6. Reporting Mechanisms


6.1 Whistleblowers are encouraged to report concerns related to misconduct, unethical behaviour,
illegal activities, or violations of company policies internally or externally through established
channels. Internally, whistleblowers can use one of the following reporting mechanisms:

  • Direct Manager and/or the VP stakeholders of the relevant department
  • People team
  • Legal, Risk & Compliance Department: legal-compliance@kpler.com
  • CEO


6.2 Concerns may be raised to the above departments, however, where the report concerns one of
the above individuals, it will be initially reviewed by another member of the Kpler Executive
Leadership Team (ELT).


6.3 Whistleblowers are encouraged to report in writing or verbally via telephone, voice message,
email, and/or physical meeting.


6.4 On the rare occasion that internal reporting channels are unavailable, do not function properly,
there is no appropriate follow-up after an internal report has been submitted and/or the
whistleblower has valid reasons to believe that they will suffer from retaliation in contravention of
this Policy, an employee can resort to an external reporting mechanism to national or EU authorities.


7. What happens to reports?


7.1 Whistleblow reports will be acknowledged within 7 days by the LRC Team. Kpler has a duty to
perform a quick, adequate and factual investigation and provide feedback within 3 months. Reports
received will be promptly reviewed, investigated, and addressed by the appropriate department
within Kpler.


7.2. Individuals who may be the subject of the report are immediately recused from any further
involvement in any investigation. Where appropriate, the LRC department will lead the investigation
and further information may be required. If the LRC department is directly or indirectly the subject of
the report, an independent lead investigator from the People team and/or designated senior
stakeholder appointed by ELT.


7.3 Whistleblowers will be kept informed about the progress of their reports to the extent possible
and within the limits of confidentiality, privacy laws, and protection of involved parties.


7.4 The investigator will determine what, if any, corrective action is required (including where
necessary, reporting to regulatory authorities). Appropriate corrective action may include
disciplinary action, training, process improvement, or legal remedies. The whistleblower will be
informed of the conclusion of the investigation.

8. Confidentiality and Non-Retaliation


8.1 The investigating team will keep the identity of the whistleblower confidential unless disclosure
is required by law or regulators.


8.2 Whistleblowers who report concerns in good faith will be protected against any form of
retaliation, harassment, discrimination, or adverse employment consequences. Kpler does not
tolerate or condone acts of retaliation against those who report issues or concerns and will consider
any such actions to be a disciplinary matter. Here is a non-exhaustive list of lines on protection:

  • Protecting your identity, protecting you from detriment (discrimination, harassment, physical
    or psychological harm, damaging property, change in your role and/or duties)
  • Monitoring and managing the behaviour of other employees
  • Relocating employees (which may include the people alleged to have been involved in the
    Potential Misconduct) to a different division, group or office
  • Offering you a leave of absence or flexible working arrangements whilst the matter is being
    investigated
  • Any other measure(s) Kpler deems appropriate


8.3 Good Faith Reporting: Whistleblower reports must be made in good faith, meaning the individual
genuinely believes the information provided is accurate and based on reasonable grounds. Reports
that are knowingly false, malicious, or made with the intent to harm someone's reputation or for
personal gain may result in disciplinary action, including potential termination of employment.


8.4 Anonymous Reporting: Whistleblowers have the option to submit reports anonymously, using
designated channels provided by Kpler as further described under Section 6 above. While
anonymous reports will be accepted and investigated to the fullest extent possible, it may limit Kpler
s ability to thoroughly investigate and address the concern. Therefore, providing contact information
is encouraged.


9. Awareness and Training


9.1 Kpler will provide regular training and awareness programs to employees and stakeholders to
ensure they understand the importance of this Policy and the procedures for reporting concerns.

10. Compliance and Review


10.1 This Policy shall comply with all applicable laws and regulations related to whistleblowing and
will be reviewed periodically to ensure its effectiveness and alignment with best practices. Whilst
specific requirements may vary, depending on the countries in which you operate, the EU
Whistleblower Protection Directive and UK Public Disclosure Act 1998 safeguarding whistleblowers
against retaliatory action and unfair treatment and/or dismissal when they disclose wrongdoing in
the workplace have been widely and extensively incorporated into this Policy.


10.2 Kpler is committed to upholding the principles of integrity, transparency, and accountability. This
Global Whistleblower ‘See Something, Say Something’ Policy provides clear guidelines for reporting
concerns and protects whistleblowers who act in good faith. By promoting a culture that encourages
open communication and ethical behaviour, we aim to maintain the trust and confidence of our
employees, stakeholders, and the global community.


10.3 On an annual basis, the LRC department will review all whistleblowing reports (anonymity will
be applied where reasonable or possible).

11. Further Document Details


Version: v.01
Approval Date: September 2023

Date for Next Review: September 2024
Risk category: High Risk
Accountable Policy Owner: LRC Team