Whistle Blowing

At CIMB, we expect our employees to conduct themselves with a high standard of professionalism and ethics in the conduct of our business and professional activities.

As part of good corporate governance, CIMB have establish a whistle blowing policy that sets out avenues for legitimate concerns to be objectively investigated and addressed. Individuals will be able to raise concerns about illegal, unethical or questionable practices in confidence and without the risk of reprisal.

Whistleblowing is the voluntary disclosure of inappropriate, unethical or unlawful behaviour and practices by the management or employees. It includes how employees, customers and investors are treated. The following are generally accepted as improper and reportable conduct for whistleblowing, of which the list is not exhaustive:

• Any unlawful or illegal activities, whether criminal or breach in civil law;
• Breach of policies and/or procedures;
• Fraud, theft, embezzlement or dishonesty;
• Corruption/bribery;
• Bullying and harassment;
• Actions which can cause physical danger/harm to another person and/or can give rise to risk of damage to properties/assets;
• Forgery or alteration of any documents belonging to the Company, customers, another Financial Institution, or agents of the Company;
• Poor or unethical sales practices, including mis-selling;
• Profiteering as a result of insider knowledge;
• Gross mismanagement or dereliction of duties;
• Conflict of interest;
• Misuse of position or information; and
• Any other similar or related irregularities.

Anyone has the right to whistle blow. This Policy applies to all matters involving the CIMB’s employees (including former employees and irrespective of nature of employment status), customers and any other stakeholders/persons providing services to the Group, including consultants, vendors, independent contractors, external agencies and/or any other party with a business relationship with CIMB.

We take whistle blowing seriously and your concern matters to us, so we would like to hear from you if any of your disclosure is related to improper practices occurring within CIMB. Any disclosure can be made to any of the following dedicated reporting channels:

1. Email to whistleblowing@cimb.com

2. Send via post to:

    Chairman, Group Audit Committee

    CIMB Group Holdings Berhad

    17^th Floor Menara CIMB,

    No. 1 Jalan Stesen Sentral 2,

    Kuala Lumpur Sentral,

    50470 Kuala Lumpur.

3. Additional channels for submission of any disclosures by CIMB employees:

a. "Have Your Say” mailbox located at various divisions.
            

b.  E-mail to epicc.culture@cimb.com

c. Email, phone or write directly to Chairman of CIMB Group Holding Berhad Group Audit Committee, Group Chief Executive Officer, Group Chief People Officer and/or Group Chief Internal Auditor, based on the nature, type or  category of disclosure to be made.  

d. Employees of Group Corporate Assurance Division may direct their disclosure  to the Group Chief People Officer directly or via the "Have Your Say Mailbox" or to epicc.culture@cimb.com                    

4. Disclosure Form click here

Alternatively, the Whistleblower may report directly to relevant government or regulatory authorities and enforcement agencies in Malaysia as prescribed by the Whistleblower Protection Act 2010 such as Bank Negara Malaysia (BNM), Malaysian Anti-Corruption Commission (MACC), Association of Banks Malaysia (ABM), Police, etc.

To facilitate an investigation into the alleged wrongdoing, where possible and applicable, the following information should be included when making a disclosure:

a)         Brief description of the misconduct;

b)         The date and location of the incidence;

c)         The identity of the wrongdoer;

d)         Particulars of witnesses, if any;

e)         Supporting evidence and/or documents;

f)          Other details deemed to be useful to facilitate screening and action to be carried out.

Where possible, the whistleblower is encouraged to disclose his/her personal details to enable the relevant parties conducting the investigation to contact the Whistleblower for further information:

a)            Name; and

b)            Contact details - email address and/or telephone number.

After having examined the information disclosed, the Group CIA (or Head of Internal Audit of respective country) will consult with the designated Non- Executive Director and decide whether it warrants an investigation or may decide that other actions to be undertaken.

Depending on the outcome of the investigations, the Group CIA (or Head of Internal Audit of respective country) shall recommend the appropriate action(s) to the Management. The designated Non-Executive Director shall be briefed on the matter.

CIMB commits to ensure that all disclosed information, including the identity of the whistleblower shall be treated with strict confidentiality. All personnel, directly or indirectly working relative to a whistleblowing case, shall strictly protect the identity of the whistleblower and witnesses from unauthorized disclosure before, during and after an investigation.

CIMB is also committed to protect the whistleblower from all acts of harassment, retaliation, victimization and recrimination arising from making the disclosure in good faith.

There may be certain circumstances where the identity of the whistleblower may need to be revealed on a need to know basis (e.g. requirement to testify in court). If such a situation arises, the Group shall discuss and seek consent with the whistleblower first before proceeding with the case.

The protection will be removed if it is found that the whistleblower was also involved in the improper conduct, or if the whistleblower is found to have made the disclosures in bad faith.

   (a)        Whistleblower makes the disclosure in good faith.

   (b)        Whistleblower reasonably believes that the information and allegations are substantially true.

   (c)        Whistleblower is not acting for personal gain. If the case involves the complainant’s personal interests, it

               must be informed at the outset.