1.1 This Whistleblower Policy establishes a comprehensive framework for the reporting, investigation, and resolution of concerns regarding illegal, unethical, fraudulent, or improper conduct within the Organization, and provides robust protections for individuals who raise such concerns in good faith. The Organization is committed to maintaining the highest standards of ethical conduct and legal compliance, and recognises that employees and other stakeholders are often the first to identify wrongdoing. This policy is designed to encourage the reporting of legitimate concerns by assuring reporters that they will be protected from retaliation and that their concerns will be taken seriously, investigated promptly, and resolved appropriately.

1.2 This policy applies to all employees, officers, directors, temporary staff, interns, contractors, consultants, agents, vendors, suppliers, and any other individual who has a legitimate relationship with the Organization and who wishes to report a concern about conduct that they reasonably believe constitutes a violation of law, regulation, or Organization policy. The policy covers reports made through internal channels as well as disclosures to external regulatory bodies where permitted by applicable whistleblower protection legislation. The protections afforded under this policy extend to reporters, individuals who participate in or assist with investigations, and anyone who is associated with a reporter and may be subjected to retaliation as a result of the report.

1.3 The Organization shall designate a Whistleblower Protection Officer, who shall be a senior leader with appropriate independence, authority, and expertise, to oversee the operation of this policy. The Whistleblower Protection Officer shall be responsible for receiving reports through internal channels, ensuring that all reports are investigated promptly and impartially, monitoring for retaliation against reporters, reporting aggregate data and material findings to the Board of Directors or its designated committee, and ensuring that the Organization's whistleblower processes comply with applicable legislation. The Whistleblower Protection Officer shall operate independently of the management chain of any individual who is the subject of a report and shall have direct access to the Board.

2.1 Reportable concerns under this policy include any conduct that the reporter reasonably believes constitutes a violation of applicable law, regulation, or statutory obligation; financial fraud, misstatement, or irregularity; corruption, bribery, or kickbacks; misuse or misappropriation of Organization assets; a threat to the health or safety of employees, clients, or the public; environmental damage or non-compliance with environmental regulations; discrimination, harassment, or retaliation prohibited by Organization policy; obstruction or manipulation of an audit or investigation; or a material breach of the Organization's code of ethics, policies, or contractual obligations. The reporter need not have definitive proof of the wrongdoing; a reasonable belief based on the information available to the reporter at the time is sufficient to trigger the protections of this policy.

2.2 This policy is intended to address concerns about systemic or serious misconduct that affects the Organization, its stakeholders, or the public interest. Personal grievances, individual employment disputes, disagreements about performance evaluations, routine HR complaints, and matters relating solely to the reporter's own terms and conditions of employment are generally outside the scope of this policy and should be addressed through the Organization's standard grievance procedure, complaint resolution process, or the relevant HR Business Partner. However, if a personal grievance reveals or is intertwined with a broader pattern of misconduct, fraud, or illegality, it may be reported under this policy at the discretion of the Whistleblower Protection Officer.

2.3 To enable the Organization to assess and investigate a reported concern effectively, reporters are encouraged to provide as much factual detail as reasonably available, including a description of the conduct or activity that gives rise to the concern, the approximate date, time, and location of the conduct, the identity or description of the individuals involved, the names of any witnesses, any documentary, electronic, or physical evidence that supports the concern, and the reporter's explanation of why they believe the conduct constitutes wrongdoing. Reports that lack sufficient detail may be difficult to investigate; however, the Organization shall not dismiss a report solely on the grounds that it is incomplete, and the Whistleblower Protection Officer may follow up with the reporter to obtain additional information where the reporter's identity is known.

3.1 The Organization provides multiple confidential reporting channels to ensure that reporters can raise concerns in the manner most appropriate to their circumstances. Available channels include direct verbal or written communication with the Whistleblower Protection Officer, direct communication with the reporter's manager, the Head of Human Resources, or Legal Counsel, a confidential third-party ethics hotline staffed by trained operators and available 24 hours a day, 7 days a week, and a secure online reporting portal accessible from any device. Anonymous reporting shall be accepted through the hotline and online portal where permitted by applicable law. The Organization shall publicise all reporting channels through the employee handbook, intranet, workplace notices, and annual training, and shall ensure that contact information is readily accessible.

3.2 All reports received through any channel shall be acknowledged within 5 business days of receipt by the Whistleblower Protection Officer or their delegate. The acknowledgement shall confirm that the report has been received, provide information on the next steps and expected timeline, and remind the reporter of the protections available under this policy. The reporter shall be kept informed of the progress of the investigation at reasonable intervals and shall be notified of the outcome and any corrective actions taken, to the extent consistent with confidentiality obligations, legal requirements, and the rights of the individuals who are the subject of the report. Where a report is received anonymously, the Organization shall provide updates through the reporting platform where technically feasible.

3.3 The Organization encourages reporters to use internal channels in the first instance; however, the Organization recognises that applicable whistleblower protection legislation may grant reporters the right to make disclosures directly to external regulatory bodies, law enforcement agencies, or other competent authorities. Such external disclosures shall be protected under this policy and applicable law where the reporter has a reasonable belief that the reported conduct constitutes a violation of law, that internal reporting has been exhausted or would be futile, that there is an imminent risk of harm, or that reporting internally would result in retaliation or the destruction of evidence. Reporters who are uncertain about their rights under applicable whistleblower legislation are encouraged to seek guidance from the Whistleblower Protection Officer or independent legal counsel before making an external disclosure.

4.1 All reports received under this policy shall be subject to a preliminary assessment by the Whistleblower Protection Officer within 10 business days to determine the nature, credibility, and urgency of the concern and to identify the appropriate investigation approach. Reports that are assessed as credible and within scope shall be assigned to a qualified investigator, who may be an internal resource from the Legal, Compliance, or Internal Audit function, or an external investigator engaged for the purpose. The investigator shall be impartial, free from conflicts of interest, and have the skills and experience necessary to conduct the investigation effectively. Investigations shall be conducted thoroughly, with due regard for the confidentiality and rights of all parties, including the reporter, the subject of the report, and any witnesses.

4.2 The investigator shall have the authority to access all documents, records, electronic systems, and physical locations that are reasonably necessary to conduct the investigation, subject to applicable legal privileges and data protection requirements. The investigator may interview any employee, contractor, or stakeholder who may have information relevant to the reported concern, and all individuals shall be required to cooperate fully with the investigation. Failure to cooperate, or the provision of false or misleading information during an investigation, shall constitute a separate policy violation subject to disciplinary action. The investigator shall maintain detailed records of all evidence gathered and interviews conducted, and shall prepare a comprehensive written report upon completion of the investigation.

4.3 Upon completion of the investigation, the investigator shall prepare a written report that includes a summary of the reported concern, the investigation methodology, a detailed account of the evidence and testimony gathered, factual findings, a determination of whether the reported concern is substantiated, and recommendations for corrective, remedial, and disciplinary actions. The report shall be presented to the Whistleblower Protection Officer and the appropriate governance body, which shall typically be the Board of Directors, its designated committee, or the executive leadership team, depending on the seniority of the individuals involved and the severity of the findings. The governance body shall determine the actions to be taken and shall ensure that any corrective measures are implemented promptly and monitored for effectiveness.

5.1 The Organization strictly prohibits any form of retaliation against any individual who in good faith makes a report under this policy, participates in or assists with an investigation, provides testimony or evidence, or is associated with a reporter. Retaliation includes, but is not limited to, termination, demotion, suspension, reduction in compensation or benefits, unfavourable reassignment, exclusion from opportunities, negative performance evaluation, harassment, intimidation, threats, or any other adverse action that would discourage a reasonable person from reporting a concern. Retaliation shall be treated as a serious disciplinary offence subject to sanctions up to and including termination of employment, regardless of whether the underlying reported concern is substantiated. The Whistleblower Protection Officer shall proactively monitor for potential retaliation following all reports.

5.2 Any reporter or associated individual who believes they have experienced retaliation as a result of a report made under this policy shall immediately notify the Whistleblower Protection Officer, who shall initiate a separate investigation into the alleged retaliation. If retaliation is substantiated, the Organization shall take immediate steps to stop the retaliatory conduct, restore any benefits, compensation, or opportunities lost as a result of the retaliation, take disciplinary action against the individual or individuals responsible for the retaliation, and implement safeguards to prevent further retaliation. The Organization shall also inform the reporter of their rights under applicable whistleblower protection legislation, which may include the right to seek external remedies through regulatory agencies or courts.

5.3 This policy shall be reviewed comprehensively at least once every 12 months by the Whistleblower Protection Officer in consultation with Legal Counsel, the Head of Human Resources, and the Board of Directors or its designated committee. Reviews shall evaluate the effectiveness of reporting channels, investigation timeliness and quality, retaliation monitoring outcomes, and feedback from reporters and investigators. All employees shall receive mandatory whistleblower awareness training within 30 calendar days of hire and on an annual basis thereafter. Training shall cover the types of concerns reportable under this policy, the available reporting channels, the protections afforded to reporters, the investigation process, and the consequences of retaliation. The Organization shall benchmark its whistleblower program against regulatory expectations and industry best practices.