Whistleblowing Policy and Procedure

Compliance & Regulatory Conduct & Ethics Last reviewed: 2025-11-20 Owner: Legal & Compliance

1. Purpose

This policy (Ref: COMP-CE-002) establishes the Bank's whistleblowing framework in compliance with the EU Whistleblower Protection Directive (Directive (EU) 2019/1937), the UK Public Interest Disclosure Act 1998 (PIDA), and equivalent legislation in all jurisdictions where the Bank operates. It provides employees and other stakeholders with safe, accessible, and confidential channels for reporting concerns about wrongdoing.

2. Scope

This policy applies to all employees (permanent, temporary, and contract), officers, directors, interns, volunteers, former employees, job applicants, and third parties (including suppliers, consultants, and business partners) who become aware of reportable concerns in connection with the Bank's activities.

3. What Can Be Reported

The following types of concerns fall within the scope of this policy:

  • Fraud, theft, or financial irregularity.
  • Bribery, corruption, or facilitation payments.
  • Money laundering or terrorist financing.
  • Breaches of regulatory requirements (e.g., AML, data protection, market conduct rules).
  • Breaches of the Bank's Code of Conduct or internal policies.
  • Health and safety violations.
  • Environmental damage.
  • Discrimination, harassment, or bullying (where not resolved through HR channels).
  • Attempts to conceal any of the above.

4. Reporting Channels

The Bank provides the following channels for reporting concerns:

ChannelDetailsAvailability
Confidential Whistleblowing HotlineOperated by an independent third-party provider; available by telephone and online portal24/7, 365 days
Emailwhistleblowing@bank.com — received directly by the Whistleblowing OfficerBusiness hours; acknowledged within 2 business days
Written ReportSealed letter marked "Confidential — Whistleblowing Officer" sent to the Compliance DepartmentN/A
In PersonDirect meeting with the Whistleblowing Officer or a member of the Compliance DepartmentBy appointment

Reports may be made anonymously. Anonymous reports will be investigated to the extent possible, although the Bank encourages reporters to identify themselves to facilitate effective investigation.

5. Procedure

Step 1 — Receipt and Acknowledgement

All reports are received by the Whistleblowing Officer (or the independent hotline provider). The reporter will receive an acknowledgement within seven (7) calendar days of receipt.

Step 2 — Initial Assessment

The Whistleblowing Officer conducts an initial assessment within fourteen (14) calendar days to determine whether the report falls within scope and whether an investigation is warranted. Reports that fall outside the scope of this policy (e.g., individual grievances) will be redirected to the appropriate channel (e.g., HR).

Step 3 — Investigation

If an investigation is warranted, the Whistleblowing Officer appoints an independent investigator (internal or external, depending on the nature and seniority of the subject). The investigation must be conducted impartially, thoroughly, and with due regard to the confidentiality of both the reporter and the subject of the report.

Step 4 — Outcome and Feedback

The reporter will be informed of the outcome of the investigation within three (3) months of the date of acknowledgement, in accordance with the EU Whistleblower Protection Directive. Where the investigation is ongoing at the three-month mark, the reporter will receive an interim update.

Step 5 — Remediation

Where the investigation identifies wrongdoing, the Whistleblowing Officer will recommend appropriate remedial action, which may include disciplinary proceedings, process improvements, regulatory notifications, or referral to law enforcement.

6. Protection Against Retaliation

The Bank strictly prohibits any form of retaliation against individuals who make a report in good faith. Retaliation includes, but is not limited to, dismissal, demotion, suspension, threats, intimidation, and adverse changes to terms of employment. Any employee found to have engaged in retaliation will be subject to disciplinary action up to and including termination.

7. Confidentiality

The identity of the reporter will be kept confidential to the greatest extent possible and will not be disclosed without the reporter's consent, except where required by law or in the context of judicial proceedings.

8. Governance

The Whistleblowing Officer reports to the Board Audit and Risk Committee on a quarterly basis, providing anonymised statistics on reports received, investigations conducted, and outcomes.

9. Review

This policy is reviewed annually by Legal & Compliance. Next review: Q1 2027.

Related Articles

Code of Conduct

The Bank's Code of Conduct sets out the fundamental principles and standards of behaviour expected of all employees, officers, and directors in the conduct of the Bank's business.

Updated 2026-01-15

Conflicts of Interest Policy

Defines the Bank's framework for identifying, disclosing, managing, and mitigating conflicts of interest to ensure that client interests are protected and regulatory requirements are met.

Updated 2025-08-01

Gifts and Entertainment Policy

Sets out the Bank's rules for the giving and receiving of gifts, hospitality, and entertainment, including monetary thresholds, pre-approval requirements, and prohibited categories.

Updated 2025-06-01