Welcome !

SIGN IN REGISTER

GUIDELINES FOR ENGAGING THIRD PARTY INTERMEDIARIES

A TPI Intermediary (‘TPI’) is a service provider, consultant, distributor, contractor, vendor, supplier, or other vendor, whether an individual or an entity, engaged or retained to assist the Company in any function or business that requires or involves interaction with any government entity or official on behalf of the Company. The following shall be considered TPI for the purposes of this section:

1. Scope of TPI Intermediaries:

  1. Joint venture partner: An individual or organization which has entered into a business agreement with USPL (and possibly other parties) to establish a new business entity and to manage its assets.
  2. Consortium partner: An individual or organization which is pooling its resources with USPL (and possibly other parties) for achieving a common goal. In a consortium, each participant retains its separate legal status.
  3. Agent: An individual or organization authorized to act for or on behalf of, or to otherwise represent, USPL in furtherance of its business interests.
  4. Adviser and other intermediary (e.g. legal, tax, financial adviser or consultant, lobbyist): An individual or organization providing service and advice by representing USPL towards another person, business and/or government official.
  5. Contractor and sub-contractor: A contractor is a non-controlled individual or organization that provides goods or services to USPL under a contract. A subcontractor is an individual or organization that is hired by a contractor to perform a specific task as part of the overall project.
  6. Supplier/vendor: An individual or organization that supplies parts or services to USPL.
  7. Service provider: An individual or organization that provides USPL with functional support (e.g. communications, logistics, storage, processing services).
  8. Distributor: An individual or organization that buys products from USPL, warehouses them and resells them to retailers or directly to end-users.

2. Initial Screening of Third Parties

To perform an initial screening to determine the scope third parties, t he following shall be taken into consideration:

Is the TPI in an industry or geographic location perceived to have higher corruption risks?

Will the TPI perform services on behalf of USPL, or be authorized to represent USPL vis-à-vis other third parties?

Is it reasonable to expect that the TPI will encounter government officials when representing the organization?

Will the TPI be in a position to influence decisions or the conduct of other third parties for the benefit of the organization?

3. Third-Party Risk Assessment

Assessing the level of corruption risk associated with individual Third Parties.

Risk Assessment shall be carried out by the Compliance and Legal departments. The next step is to define the risk and find the appropriate level of due diligence for each entity. The appropriate level of due diligence should be guided by the results of a risk assessment process. The idea is to assess third parties as high, medium or low-risk third parties. Such risk assessment can be made for each individual TPI or for groups of third parties, based on the nature of services provided. The level of risk will ultimately determine the amount of due diligence that needs to be performed, with high-risk third parties subject to a more detailed due diligence process.

a. Key Risk Indicators:

The list below shows a selection of key risk indicators that should/must be used to assess the risk of corruption related to an individual TPI or group of third parties.

i. Geographic location

High-risk factors: The geographic location where the TPI resides and/or operates (as per the contract) is:

-A country perceived to be a high-risk country for corruption.

-A jurisdiction known to have high levels of bank secrecy and presenting a high risk for facilitating illicit financial flows

-A jurisdiction that encourages or requires organizations to hire local agents to transact business for the government

ii. Industry

High-risk factors:

The industry with which the TPI conducts business transactions is perceived to present a high risk for corruption.

The TPI belongs to an industry with a history of anti-corruption enforcement scrutiny.

iii. Background and identity of the TPI

High-risk factors:

-Initial internet searches and use of news services have revealed glaring problems related to the TPI’s reputation for integrity.

-The TPI, or any of its senior officials, has previously been subject to regulatory action or legal proceedings as a result of alleged breaches of anti-corruption laws.

-The TPI, or any of its senior officials, appears on a denied parties/persons list in consequence of national or international sanctions or as a result of past misconduct.

-The TPI has little or no experience in the relevant industry sector and/or is unknown to USPL.

iv. Connection with government officials or entities

High-risk factors:

-The TPI, in the course of doing work for your organization, will have frequent interaction with government officials (including customs officials), governmental agencies or government-controlled entities.

-The TPI is wholly or partly (directly or indirectly) owned by a government official/entity or has direct or indirect links with government officials/entities.

-The TPI has previously worked for government or is closely connected with the political elite. v.

v. Compensation structure of the proposed arrangement

High-risk factors:

- The TPI’s compensation is to be based on performance (i.e. success fees, bonus fees and other contingency fees).

- The TPI requires payment by unusual means (e.g. deviating from standard practice, to multiple accounts, with upfront payments, split into small amounts, in cash or similar, in a country or currency that is different from that of the TPI’s domicile or the country where the work will be performed).

- The TPI’s compensation is to take the form of a political or charitable contribution.

vi. Additional factors related to the scope of the services to be rendered:

High-risk factors:

- The TPI’s role is to enhance the organization’s chances of winning commercial and/or government contracts.

- The TPI requests discretionary authority to handle local matters alone.

vii. Selection of the TPI High-risk factors:

- The TPI was recommended by a customer.

- The retention of this specific TPI was encouraged or required by a government official.

b. Risk Assessment Process

For each of the risk indicators detailed above, it is essential to evaluate whether the TPI and the business relationship under review present a high, medium, or low corruption risk. These indicators should then be reviewed together so that judgement can be applied on the basis of an overall risk evaluation (high, medium or low), which will trigger the level of due diligence to be applied. Management and employee interviews are a valuable tool to help assess and substantiate risk evaluations when conducting TPI risk assessment. These conversations can provide an in-depth view of the business and help the organization benchmark what is normal in terms of scope, quantity and usual terms of third-party business relationships. The interviews can also help provide an overview of corruption risks which have either manifested historically or could materialize at present.

Key questions to consider when interviewing business managers and employers include:

- What are third-party contractors used for?

- When are they needed, and when can the company do without?

- What is a relevant TPI’s normal expertise?

- Where and how do these TPIs normally operate, and what are their normal deliverables? - What is their normal compensation scheme?

- What documentation is normally kept within the company on third-party transactions?

- What part of the relevant business division’s revenue depends on sales intermediaries?

- How often are third parties usually changed?

- What is the usual selection process for third parties?

- Which third parties are involved in governmental contracts and for what purpose?

Management and employee interviews can also help get to the details of specific corruption risks or control weaknesses in a business unit by asking questions such as:

- Do you use non-standard third-party agreements?

- Do you pay rates exceeding the normal fee level?

- Have you used third parties with only post-office boxes in offshore jurisdictions and no physical offices?

- Have you used third parties where nobody ever saw their representative in person?

- Is it possible for anyone to tweak matters in the course of third-party transactions (e.g. by inflating invoices, fabricating agreements, manipulating the selection process etc.) in order to abuse third parties to covertly siphon off money from the company which subsequently may be used to corrupt others?

- What are some of the suboptimal or missing controls which could facilitate such tweaks?

To ensure objectivity in certain cases, assessment and evaluation may also include consultation with and inputs from independent subject-matter experts (e.g. legal, compliance, internal audit, security and local experts). At the end of the risk assessment process, the evaluator should justify and document their decision to categorize an entity or individual as a high-, medium- or low-risk TPI.

4. Due Diligence

Conducting risk-based anti-corruption due diligence For low, medium and high-risk TPI, thorough data collection and investigation will be needed and will likely require input or supervision from an independent business function (e.g. the organization’s compliance or legal department) and, in some cases, the assistance of an external due diligence service provider. Information may be gathered from basic internet searches and database such as those maintained by government authorities and official court websites.

The three key elements to conduct a thorough third-party due diligence are:

a) Data collection

b) Verification and validation of data

c) Evaluation of results, including identification of red flags.

a. Data Collection:

The objective of the data collection process is to assemble and document relevant information about the structure, ownership and operations of the TPI, its reputation for and commitment to integrity, and its suitability for the type of business relationship being considered.

Data collection to support third-party due diligence can generally be accomplished through the following tools:

1. Internet, database and media searches, including denied parties lists and politically exposed persons screening, to obtain information about the TPI’s integrity profile and to identify flagrant problems which may be of public knowledge.

2. An internal questionnaire (Annexure 1), to be completed by USPL’s department looking to hire the TPI.

3. An external questionnaire (Annexure 2), to be completed by the candidate TPI.

b. Verification and Validation of Data

After the data has been collected, it needs to be verified and validated. Data collection process verification and validation phase should involve the participation of the compliance and legal department, in all cases. During data collection, it is essential to look for gaps or inconsistencies in the information collected through internal and external questionnaires. In case of such gaps or inconsistencies, or if any alarming fact has been discovered during the data collection process, the legal/compliance team may involve subject-matter experts to help examine dubious points, to request clarifying information from the TPI, or in certain cases, to conduct phone interviews and site visits to address outstanding issues. As with risk assessment, it is always relevant and wise to incorporate consultation with subject-matter experts into the process of data verification to help ensure objectivity by allowing a second set of independent eyes to weigh in on the findings.

For certain high-risk third parties, the assistance of an external due diligence service provider may be taken to undertake the following additional tasks:

- Obtain information on previous company positions, interests of the owner and the operator’s key principals.

- Conduct live, local language media research on the owner, the operator and its key principals. - Conduct independent bankruptcy and litigation checks.

- Check the owner, operator and key principals against watch lists.

- Obtain reputational intelligence through local investigators on the owner, operator and key principals.

c. Evaluation of Results, including Identification of Red Flags

Once data has been properly verified and validated, a certain degree of judgement will be necessary to determine whether or not to move forward with the proposed TPI business relationship. To help reach such a judgement, the information collected should be tested against a “red flag” checklist. Red flags refer to circumstances suggesting a strong corruption risk that should be properly identified and mitigated through adequate safeguards. The identification of a red flag does not mean that USPL cannot go ahead with the TPI business relationship. However, no red flag should be left unaddressed or unresolved, and steps should be taken to implement mitigating measures that reflect the level of seriousness of the red flag(s) identified.

Examples of red flags:

- The TPI appears to lack sufficient capability or staff qualifications to provide the services or goods for which it is being engaged.

- The TPI wants to work without a contract (or with a vague contract).

- The TPI is hesitant to make anti-corruption compliance certifications in an agreement.

- The TPI has family or business ties with government officials.

- The total amount to be paid for goods and services appears to be unreasonably high or above the customary or arms-length amount.

- Unusual upfront or excessive payments have been requested by the TPI.

- Indirect or unusual payment or billing procedures are being requested.

A detailed Red Flag Checklist is available in Annexure 3.

In addition to the identification of red flags, teams/departments including the Compliance/Legal department should evaluate whether the data collected through the due diligence process provides a “complete and honest picture” of the proposed TPI’s background and integrity profile.

Key questions the responsible departments/teams may ask themselves include:

- Is the information collected honest and comprehensive?

- Do I trust the source from which the data was collected or who submitted it?

- Are there outstanding issues or concerns that simply cannot be resolved?

4. Approval Process and Post

-Approval Risk Mitigation Managing the approval process and mitigating identified risks

Once the concerned team/department (including the legal and compliance team), is confident it has sufficiently robust information about the proposed TPI and the specifics of the business relationship, it should be in a position to decide whether to go ahead or not with the proposed transaction. Whatever the decision, the concerned department should clearly document its due diligence efforts and explain the rationale for its decision. It should also identify and implement the necessary mitigating measures to address any risks exposed during the due diligence process.

a. Approval Process

The responsibility of the risk assessment and due diligence processes lies with the concerned department of USPL proposing to transact with the TPI and the compliance and legal departments. The persons responsible for the risk assessment should document the rating process in reasonable detail and renew the assessment periodically (e.g. once every three years).

System of approval for determining whether or not to move forward with the TPI:

- For low-risk third parties, it is appropriate for the compliance and legal department to be responsible for approving the business relationship.

- For medium- to high-risk third parties, there should be a minimum of two relevant departments involved in the approval process, along with the CEO, COO, CFO compliance and legal department.

All documentation relating to the risk assessment and due diligence processes, and to the evaluation of red flags, should be signed by the parties responsible and retained by the organization.

b. Post-approval Risk Mitigation

After a TPI has been approved, compliance and legal department on consultation with concerned departments involved in the transaction with the TPI, may take any number of mitigating measures to address potential corruption risks that may have been identified in the due diligence process. The following is a menu of actions departments shall consider to minimize the risk of improper conduct by their TPI.

Mitigating measures shall be mandatory in respect of all TPIs.

- Contract protections:

Departments shall mandatorily include the following provisions, representations and warranties in their contractual agreements with third parties:

- A written agreement by the TPI to comply with USPL’s anti-corruption policies and programmes (or other materially equivalent policies and programmes) and/or with applicable laws and regulation

- A written confirmation that the TPI has read the organization’s Supplier Code of Conduct and agrees to satisfy its requirements

- A “right to audit” provision, providing access to the TPI’s relevant records

- A provision obligating the TPI to maintain accurate books and records, and an effective system of internal controls

- A contractual right of termination in case of breach of anti-corruption laws

- Provisions limiting the TPI’s ability to act on behalf of the company and/or to have interactions with government officials

- A contractual obligation by the TPI to report on services rendered

Monitoring measures Organizations may consider undertaking the following monitoring activities to supervise the conduct of their third parties on an ongoing basis: - A periodic bi-annual renewal or update of the risk assessment and due diligence processes - Recurring Internet and database searches to identify new red flags - Implementing a post-approval assurance programme, including bi-annual training activities and periodic and/or risk-based audits of the TPI - A request for the TPI to submit an annual certification of compliance with applicable anti-corruption laws - A periodic review of the TPI’s payment requests and payments - Tracking unusual or excessive expenses by the TPI.

5. Effective Implementation of the TPI Due Diligence Process

A robust third-party due diligence process requires development a number of supporting measures at an operational level to ensure the effective implementation of the process and its appropriate communication to management and employees. In addition, compliance and legal departments may seek to educate third parties on the due diligence process itself and include them, as appropriate, in their compliance activities. Training of company employees and third parties: Training is a primary tool for communicating USPL’s anti-corruption standards and procedures to personnel. Employees of all departments must be familiar with these Guidelines. The compliance and legal departments may also consider, where appropriate, the delivery of training on USPL’s anti-corruption policy for their agents, contractors and suppliers. Decisions about when and in what form to offer training support should reflect the TPI’s risk profile and the degree of corruption risk in the relationship.

- Monitoring of the due diligence process

Senior management of USPL shall monitor the third-party due diligence process, periodically review its suitability, adequacy and effectiveness, and implement improvements where needed. In particular, the compliance and legal department shall conduct spot checks to ensure that the due diligence process is properly applied and to deter any potential abuse. It is also important to regularly reassess due diligence measures to ensure that they are adapted to the changing circumstances of the organization.

- Consultation channels for questions and support

USPL aims to “provide secure and accessible channels through which employees and others can raise concerns and report suspicious circumstances (“whistleblowing”) in confidence and without the risk of reprisal”. The reference to “others” is meant to include USPL’s TPI. For more information, refer to USPL’s Whistle-blower’s Policy available at [●].

- Disciplinary sanctions for non-compliance

USPL hereby clarifies that any abuse or disregard of the TPI due diligence process or Guidelines may lead to disciplinary sanctions, including termination in appropriate circumstances.

Annexure 1- Internal Due Diligence Questionnaire

General Information

By signing the below I certify that I have performed such procedures and inquiries as necessary to ensure that the answers provided in this document are accurate and complete to the best of my knowledge.

Prepared by: Name: Date: Title: Signature: TPI Details: Name: Address: Principal Contact: Contact details: Nature of business:

Q1. List previous or current relationships with our organization showing the period when such relationship was active.

Q2. In the context of the proposed project or business commitment, provide an explanation of why the Third Party is financially suitable.

Q3. Does the Third Party have the overall financial strength to bear its proportionate share of the financial obligations of the joint association?

Q4. How did we come to know of the Third Party?

Q5. What other parties were considered as candidates?

Q6. Why was this Third Party chosen?

Q7. Explain why the proposed relationship is necessary and what is the added value to our organization?

Q8. Describe the nature of the proposed relationship, the allocation of responsibilities, the services to be provided and the country where the services will be rendered by the Third Party.

Q9. Is the third party: (i) an agent, consultant or other third party representing or otherwise acting for our organization before government or regulatory entities or officials; assisting our company in obtaining any type of government or regulatory permit, certification, registration, licence or approval; or performing lobbying activities on our organization’s behalf; or (ii) a transport, logistics or other service provider interacting with customs agents on our organization’s behalf; or (iii) any third party submitting tenders to enable the sale of our organization’s products or services to government agencies or entities?

Q10. If equity or payment of development costs are involved, describe the sharing of such costs with the Third Party.

Q11. Specify the duration of the relationship with the Third Party.

Q12. Describe the commercial arrangement with the Third Party, the contract value and the payment terms.

Q13. Does the expected compensation of the Third Party for its services vary significantly from what is dictated by local custom or local law for similar services? Please explain.

Q14. Is the compensation for such services higher than what is paid elsewhere for similar services? Please explain.

Q15. If the business relationship with the Third Party will incur development costs or require equity contributions, will the Third Party have a carried interest either in development costs or equity? Or will they be directly funding their equity in the project or their share of development costs? Please explain.

Q16. Has the Third Party, or any key employee or senior management member of the Third Party, made comments to the effect that any particular payment, contribution or other activity is needed to “get the business”, “make necessary arrangements”, etc.?

Q17. Is there any substantial basis to believe that business in the country is frequently obtained by bribing officials and/or that such payments are common? What is the country’s rating in the Transparency International Corruption Perceptions Index, if applicable? What is the Third Party’s view of these issues? Please explain.

Q18. Has anyone, including the Third Party, requested that any payment be made out to “cash” or “bearer”, or that payments be made in some other similar form? If yes, please explain the request in detail and indicate what measures have been taken, or procedures implemented, to ensure that such request for payment is not made for improper purposes. If you believe the request may have been made for improper purposes, please explain.

Q19. Has anyone, including the Third Party, requested that payment be made partly or wholly to a person or company other than directly to the Third Party? If yes, please explain.

Q20. Has anyone, including the Third Party, requested that payment be made in a country other than the one in which the services will be performed? Has anyone, including the Third Party, requested that payment be made in a currency different to the currency of the country where the Third Party is located, or of the country in which the services will be performed?

Q21. Has the Third Party, or any key employee or senior management member of the Third Party, requested any false documentation (i.e. false invoicing or failure to report the payment to host country fiscal authorities) or structuring of the payment provisions for services?

Results of Research

Q22. Having reviewed all due diligence reports and documents prepared regarding this potential Third Party,is there anything in those materials that raises a concern about the Third Party? If yes, please describe these issues of concern and the Third Party’s response when you raised these issues with them.

Q23. Has the appropriate Region or Country Manager in the organization, if any, been contacted for information?

Red Flags

Q24. Did you find any Red Flags (listed in Annexure 3: Red Flag Checklist)? If yes, please identify each red flag and describe the results of the investigation into the matter.

Q25. Is the Third Party, or any key employee or senior management member of the Third Party, a citizen of a country subject to sanctions?

Affiliate Relationships

Q26. To the best of your knowledge, has the Third Party, or any key employee or senior management member of the Third Party, ever been employed by or performed services for our organization or any of our organization’s subsidiaries or affiliates? If yes, please explain.

Q27. To the best of your knowledge, does the Third Party, any key employee or senior management member of the Third Party, or its subsidiaries or affiliates, have any financial interest or arrangement with any officer, director or employee of our organization or any of our organization’s subsidiaries or affiliates?

Q28. To the best of your knowledge, does the Third Party, any key employee or senior management member of the Third Party, or its subsidiaries or affiliates, have a position of responsibility (for example, as an officer, director, principal, stockholder, Third Party or owner) with any business interest of any officer, director or employee of our organization or any of our organization’s subsidiaries or affiliates?

Q29. Is the Third Party, or any key employee or senior management member of the Third Party, related (by blood, marriage or otherwise) to you (the person completing this questionnaire) or any other officer, director or employee of our organization or any of our organization’s subsidiaries or affiliates?

Q30. Do you (the person completing this questionnaire) have a personal relationship with the Third Party or do you know of any personal relationship between the Third Party and any officer, director or employee of our organization or any of our organization’s subsidiaries or affiliates?

Q31. Has the Third Party refused to provide any information to our organization necessary to complete any part of this questionnaire?

Q32. Is there any indication that any aspect of this transaction will be used for an improper or prohibited purpose?

Laws and Customs

Q33. Is it legal for the Third Party to enter into a relationship, to perform its share of the services of the relationship and to participate as a partner with our organization?

Q34. Is the Third Party required by law to be licensed to perform its share of the services of the relationship, and, if so, is it properly licensed?

Q35. Describe the current customs of the country where the services will be rendered with respect to forming joint associations, sponsorship, as well as the standard forms and terms of payment. Describe the customary terms for paying taxes.

Third Party References and Checks

Q36. Have you contacted the lending institutions, law firms, accounting firms, etc. with whom our company has relationships for information about this potential Third Party?

Q37. What is the general reputation in the community of the Third Party in the view of the persons with whom you spoke?

Third Party Interviews

Q38. Have you conducted an interview with the Third Party to discuss responses to data collection questionnaires, fill in gaps or inconsistencies, and address any issues/concerns identified in Internet/ database/media search processes?

Q39. If yes, have you prepared and attached a summary of the interview with the Third Party and the inspection of the Third Party’s facilities?

Q40. Have you prepared and attached a summary of the personal meeting, face-to-face, between senior officials of the Third Party and our organization?

Compliance with Commitments

Q41. Have you or other employee(s) from our organization reviewed and discussed the provisions of Prevention of Corruption Act, 1988, U.S. Foreign Corrupt Practices Act, the UK Bribery Act or other anti-corruption laws applicable to the transaction, with the Third Party? If yes, provide a detailed description of the conversation.

Q42. Have you provided to the Third Party a copy of USPL’s ANTICORRUPTION POLICY AND/OR CODE OF BUSINESS CONDUCT?

Q44. Has the Third Party confirmed its compliance with all laws and regulations of the country in which they are doing business?

Q45. Has the Third Party confirmed that no shareholder, partner, owner, director or employee is a Public Official, political party official, or quasi-government or political official?

Q46. Has the Third Party confirmed that it has fully disclosed to our organization any existing family relationships between any of its employees, partners, officers, directors or stockholders and any Public Official and will notify the company if such arrangement arises during the term of the agreement?

Q47. Does the Third Party accept that our organization may obtain a legal opinion from local counsel that the proposed arrangement is lawful and the Third Party shall provide assistance as necessary?

Q48. Provide a detailed description of any objections or concerns the Third Party may have had in relation to questions 44 to 47.

Q49. Based on your answers to all of the questions in this questionnaire, and any other information in your possession, do you (the person completing this questionnaire) believe that our organization should partner with this Third Party?

Annexure 2: EXTERNAL DUE DILIGENCE QUESTIONNAIRE

By signing the below I certify that I have performed such procedures and inquiries as necessary to ensure that the answers provided in this document are accurate and complete to the best of my knowledge.

Prepared by: Name: Date: Title: Signature: TPI Details: Name: Address: Principal Contact: Contact details: Nature of business:

Q1. Is your organization publicly listed and where?

Q2. What is the ownership structure of your organisation? (Please mention the nature of your entity, i.e whether it is a proprietorship concern, \partnership, LLP, company etc. Full name, address, PAN details, date of incorporation of your entity to be provided).

Q3. Who are the members of your organization’s governing board?

Q4. Who are the principal officers of your organization?

Q5. In which countries will your organization be providing goods or services to our organization?

Q6. Who are the key subsidiaries or jointly-owned organizations that will be involved in the proposed project/partnership? Full name, address, PAN details, date of incorporation of the aforementioned entities to be provided).

Q7. What is the nature and history of your business operations?

Q8. List the name(s) and title(s) of the individuals who will be responsible for working with our organization. (Please mention full name, address, date of birth and PAN details of the aforementioned individuals).

Q9. List all previous or current relationships with our organization and the period when such relationship was active.

Q10. Please give financial references including banks, principal suppliers, etc

Q11. Please give names of other organizations with which you had similar business relationships (include for each: the name of the organization, your relationship with the organization, the organization’s address, a contact name, a telephone number and an e-mail address).

Q12. Please attach your current balance sheets and income statement as well as those of the last two years.

Q13. In the context of the proposed project or business commitment, please provide an explanation of why you consider you are financially suitable.

Q14. Do you have the overall financial strength to bear your proportionate share of the financial obligations of our joint association?

Q15. How did we come to know you?

Q16. Explain why the proposed relationship is necessary and what the added value to our organization is.

Q17. Do you have pertinent experience with this type of activity? If yes, please describe the previous experience(s) and the time frame of such experience.

Q18. Do you plan to use any other entities or individuals, including subsidiaries, affiliates, partnerships or joint ventures, consultants, intermediaries, public relations agencies, marketing agencies, logistics providers, freight forwarders, customs brokers or any individuals other than your own employees to perform services under the proposed agreement? If yes, identify their name and address, their relationship to you, and the activities they will perform.

Q19. To the best of your knowledge, is any key employee or senior management member of your organization a Public Official?

Q20. To the best of your knowledge, is any key employee or senior management member of your organization related (by blood, marriage, current or past business association or otherwise) to a Public Official? If yes, please explain.

Q21. To the best of your knowledge, is any shareholder or partner in your organization, or any subsidiaries of the shareholder(s) or partner(s), owned in any part by a Public Official or a person related to a Public Official?

Q22. To the best of your knowledge, does any key employee or senior management member of your organization provide financial or any other benefits to a Public Official or a member of a Public Official’s family (e.g. educational or medical assistance, housing)? If yes, please explain.

Q23. To the best of your knowledge, does any Public Official or a member of a Public Official’s family have any interest, or stand to benefit in any way, as a result of the proposed agreement? If yes, please explain.

Q24. Have you or any key employee or senior management member of your organization, ever been convicted of a felony or any other serious crime in the country where the services will be rendered or in any other country (other than traffic violations)? Are there any legal proceedings of this nature pending?

Q25. Has a consent decree ever been issued against your organization, or any key employee or senior management member, by any governmental entity or political subdivision of the country where the services will be rendered or by the government of any other country? If yes, please explain.

Q26. To the best of your knowledge, have you or any key employee or senior management member of your organization, ever been employed by or performed services for our organization or any of our organization’s subsidiaries or affiliates? If yes, please explain.

Q27. To the best of your knowledge, do you or any key employee or senior management member of your organization, its subsidiaries or affiliates, have any financial interest or arrangement with any officer, director or employee of our company or its subsidiaries or affiliates? If yes, please explain.

Q28. To the best of your knowledge, do you, any key employee or senior management member of your organization, or its subsidiaries or affiliates, have a position of responsibility (for example as an officer, director, principal, stockholder, partner or owner) with any business interest of any officer, director or employee of our company or any of our organization’s subsidiaries or affiliates?

Q29. Is any key employee or senior management member of your company related (by blood, marriage or otherwise) to any other officer, director or employee of our organization or its subsidiaries or affiliates? If yes, please explain.

Q30. Is it legal for you to enter into a relationship, to perform the services of the partnership, and to participate as a partner with our organization?

Q31. Are you required by law to be licensed to perform the services of the partnership, and, if so, are properly licensed?

Q32. Describe the current customs of the country where the services will be rendered with respect to forming joint associations, sponsorship, as well as the standard forms and terms of payment. Describe the customary terms for paying taxes.

Q33. Provide, to the extent available, a list (including location and coordinates) of the bank(s) and law firm(s) you are working with.

Q34. Are you aware of and agree to abide by the provisions of applicable laws, including but not limited to the Prevention of Corruption Act, 1988, U.S. Foreign Corrupt Practices Act, the UK Bribery Act, in providing goods and services under the proposed agreement?

Q35. Please confirm that you have read and agree to abide by our Code of Ethics and Business Conduct and Prevention of Corruption Act, 1988, U.S. Foreign Corrupt Practices Act, the UK Bribery Act in providing goods and services under the proposed agreement.

Q36. Describe your organization’s compliance organization and provide copies and/or descriptions of your Code of Ethics and Business Conduct, your anti-corruption compliance policies, your compliance training activities, and your whistle-blowing channels, if any.

Q37. Do you have a written policy in place prohibiting the illegal conversion, concealment or transfer of money or property?

Q38. Does your organization have a corporate policy which prohibits facilitation payments? If not, under which circumstances would the policy allow for making facilitation payments?

ANNEXURE 3- RED FLAG CHECKLIST

1. Industry- and location-related Red Flags

a. Is the perceived level of corruption risk in the country where work is to be performed relatively high based on the Transparency International Corruption Perceptions Index?

b. Does the transaction involve an industry that has a history of anti-bribery violations?

2. Organization-specific Red Flags

a. Is the TPI new to the organization by which it is being engaged?

b. Does the TPI appear to lack sufficient capability or staff qualifications to provide the services or goods for which it is being engaged (based on years in business, types of service performed, staffing levels, etc.)?

c. Is the TPI reluctant to provide business references or did the response from any of the business references present a basis for concern about the TPI?

d. Is the TPI a lawyer, accountant or other person intermediary who is not normally directly involved in the type of project or business activity for which it is being retained?

e. Have we been asked or directed by someone to use this specific TPI? If so, by whom and why?

f. Does the TPI want to work without a contract or with a vague contract?

g. Is the TPI hesitant to make anti-corruption compliance certifications in an agreement?

h. Does the TPI have family or business ties with government officials?

i. Have we been asked by anyone associated with the transaction to make any political or charitable contributions of any kind?

3. Transactional Red Flags

a. Does the total amount to be paid for goods and services appear to be unreasonably high or above the customary or arms-length amount?

b. Are unusual upfront or excessive payments required (high commissions, substantial bonuses, etc.), or is the compensation to be based on performance (success fees)?

c. Are indirect or unusual payments or billing procedures being requested, such as:

i. Payments through bank accounts in a foreign country outside of the one where the services are being provided

ii. Payments to anonymous (numbered) bank accounts

iii. Payments to bank accounts containing corporate funds but held in names of individuals

iv. Payments to third persons for goods or services provided by the TPI

v. Payments through shell companies created to receive revenues and facilitate transactions

vi. Payments in cash rather than by cheque or wire transfer

vii. Cheques made out to “bearer” or “cash”

4. Other Red Flags

a. Will the TPI be exposed and/or have interactions with public officials on behalf of our organization?

b. Will the TPI be dealing with customers, suppliers and agents of our organization on behalf of our organization?