Anti-Corruption and Bribery Policy

1. Introduction

Coaley Peak Ltd is committed to conducting business ethically and with integrity. This policy sets out our position on bribery and corruption and provides guidance to all employees, contractors, and third parties on expected standards of conduct.

2. Tone from the Top

A director of Coaley Peak Ltd holds senior responsibility for setting the tone from the top with regard to anti-bribery communications and culture. This responsibility includes:

• sponsoring and communicating this policy to all employees and relevant third parties;
• ensuring that anti-bribery compliance is embedded in business practices and decision-making;
• receiving and reviewing anti-bribery management information and KPIs; and
• taking personal accountability for escalated incidents and breaches.

This policy is communicated to all employees at induction and is reviewed at least annually. Any material update is communicated to all relevant personnel promptly.

3. Adherence to the UK Bribery Act 2010

Coaley Peak Ltd complies fully with the UK Bribery Act 2010. Bribery is a criminal offence. We do not tolerate any form of bribery, whether direct or indirect, by or on behalf of our organisation. All personnel must understand and comply with this Act.

4. Facilitation Payments

4.1 Prohibition

Facilitation payments are strictly prohibited. These are unofficial payments made to secure or expedite routine or necessary actions. No employee or agent may make such payments on behalf of Coaley Peak Ltd under any circumstances.

4.2 Detection and Prevention Controls

The following controls are in place to detect and prevent facilitation payments being made:

• Expenditure review: all payments made on behalf of the company are subject to review and approval by a director before processing;
• No-cash policy: cash payments to third parties are not permitted under any circumstances;
• Supplier onboarding: due diligence on new suppliers includes assessment of jurisdictions and sectors known to present facilitation payment risk;
• Employee training: all employees are trained to identify requests for facilitation payments and to refuse and report them; and
• Contractual prohibitions: our standard supplier and agency agreements prohibit facilitation payments explicitly.

4.3 Escalation if a Facilitation Payment is Made

If an employee or associated person becomes aware that a facilitation payment has been made, or has been requested and not yet refused, the following steps must be taken immediately:

• report the matter to a director of Coaley Peak Ltd without delay;
• preserve all relevant documentation, communications, and records relating to the payment or request;
• do not destroy, alter, or conceal any evidence;
• co-operate fully with any internal investigation; and
• where required by law or determined by senior management, report the matter to the relevant authorities (including the National Crime Agency or HMRC).

Employees who report facilitation payments in good faith will be protected from retaliation under our Whistleblowing Policy.

5. Gifts and Hospitality

All gifts and hospitality, whether given or received, must be recorded in the company gift register. Gifts and hospitality must be reasonable, proportionate, and given or received in good faith without any expectation of reciprocity. Any gifts above a nominal value must be approved by senior management.

5.1 Gift Policy

Coaley Peak Ltd maintains a clear position on the giving and receiving of gifts and hospitality. The following rules apply to all employees, contractors, and anyone acting on behalf of the company:

• Nominal threshold: Gifts with a value exceeding £25 (or local equivalent) must be declared and approved by senior management before acceptance or offer.
• Gift register: All gifts given or received, regardless of value, must be recorded in the company gift register maintained by the compliance function.
• Prohibited gifts: Cash, cash equivalents (vouchers, gift cards), or gifts to public officials and government employees are strictly prohibited.
• Hospitality: Business hospitality must be proportionate, infrequent, and directly related to a legitimate business purpose. Lavish or frequent hospitality is not permitted.
• Reciprocity: No gift or hospitality may be offered or accepted where it could create an obligation, expectation of favourable treatment, or conflict of interest.
• Declining gifts: Employees should politely decline any gift or hospitality that does not meet these standards and report the offer to their line manager.
• Third parties: Suppliers, contractors, and business partners are expected to adhere to equivalent standards when interacting with Coaley Peak personnel.

5.2 Training on Gifts, Entertainment and Hospitality

All employees receive training on the gift register and gifts, entertainment and hospitality (GEH) requirements at induction, and refresher training is provided periodically thereafter. Training records are maintained. The purpose of this training is to ensure all personnel understand their obligations to declare, record, and (where necessary) decline gifts and hospitality.

5.3 Management Information and Breach Reporting

Management information (MI) derived from the gift register (including any breaches of the GEH policy, patterns of frequent or high-value declarations, and any gifts declined as non-compliant) is reported to senior management on a periodic basis. Any individual breach of the GEH thresholds is escalated to a director immediately. This MI forms part of the anti-bribery KPI reporting described in section 6.

Breaches of this gift policy are treated as breaches of the Anti-Corruption and Bribery Policy and may result in disciplinary action. For queries or to declare a gift, contact compliance@coaleypeak.co.uk.

6. Anti-Bribery Metrics and KPIs

Key anti-bribery metrics and KPIs are reported to senior management on a regular basis. These include:

• number of gifts and hospitality entries recorded in the gift register, broken down by given/received and value band;
• number of GEH policy breaches or near-misses and actions taken;
• number of anti-bribery training completions and outstanding training obligations;
• number of suspected or confirmed bribery incidents reported, investigated, and resolved;
• status of any ongoing regulatory or law enforcement engagement relating to bribery or corruption; and
• status of supplier due diligence reviews and any red flags identified.

This reporting enables senior management to maintain oversight, identify emerging risks, and take timely corrective action.

7. Client Breach Notification

If Coaley Peak Ltd becomes aware that it has breached, or is likely to have breached, applicable anti-bribery regulatory requirements in a manner that is material or that affects services being provided to a client, we will notify the affected client promptly. Notification will include:

• a description of the nature of the breach or suspected breach;
• the steps being taken to investigate and remediate;
• any impact on the services provided to that client; and
• a point of contact for further enquiries.

Client notification will be coordinated by a director and handled in accordance with applicable contractual and legal obligations.

8. Conflicts of Interest

All employees must disclose any personal interests that could conflict with the interests of Coaley Peak Ltd. Conflicts of interest must be reported promptly and managed appropriately. A written record of declared conflicts and the steps taken to manage them is maintained.

9. Political and Charitable Contributions

Political donations or contributions are not permitted on behalf of Coaley Peak Ltd. Charitable contributions must be transparent, properly documented, and approved by senior management to ensure they are not used as a vehicle for bribery.

10. Supplier Scrutiny

We conduct due diligence on all suppliers, contractors, and business partners to assess bribery and corruption risks. Suppliers are expected to adhere to standards consistent with this policy.

11. Internal Controls

Coaley Peak Ltd maintains robust internal controls including financial reporting, audit trails, and approval processes to prevent and detect bribery and corruption.

12. Third-Party Due Diligence

Before engaging third parties, we conduct risk-based due diligence to ensure they operate with integrity and do not pose a bribery or corruption risk to our organisation.

13. Record Keeping

We maintain accurate and complete records of all financial transactions. All accounts, invoices, and other documents must accurately reflect the transactions they represent.

14. Training

All employees receive training on anti-corruption and anti-bribery policies and procedures. Training is provided at induction and refreshed periodically. Records of training are maintained.

15. Whistleblowing

Coaley Peak Ltd encourages the reporting of any concerns regarding bribery or corruption. We provide confidential reporting channels and protect whistleblowers from retaliation. See our Whistleblowing Policy for full details.

16. Reporting

Any suspected instances of bribery or corruption must be reported immediately to senior management. Reports can be made confidentially and will be investigated thoroughly.

17. Root Cause Analysis

Upon detection or substantiated suspicion of a bribery or corruption event, Coaley Peak Ltd will conduct a formal Root Cause Analysis (RCA) as part of the post-incident response process. The purpose of the RCA is to identify the underlying conditions that enabled the event to occur, and to implement corrective and preventive measures to reduce the risk of recurrence.

17.1 Triggers

An RCA will be initiated upon:

• confirmed or substantiated detection of a bribery or corruption event involving any employee, contractor, agent, or third party acting on our behalf;
• a referral to or investigation by law enforcement or a regulatory body relating to bribery or corruption;
• identification of a material control failure that created conditions in which bribery or corruption could occur undetected; or
• a pattern of near-miss events or concerns that suggests systemic risk.

17.2 Process

The RCA will be conducted or overseen by a director of Coaley Peak Ltd, with external specialist support engaged where the nature or complexity of the event warrants it. The process will include:

• Fact-gathering: collection and preservation of relevant documentation, communications, and financial records;
• Timeline reconstruction: establishing the sequence of events leading to the incident;
• Causal analysis: identifying the immediate cause, contributing factors, and root causes, including any policy, control, cultural, or oversight failures;
• Control gap assessment: evaluating whether existing internal controls and procedures were adequate and appropriately followed; and
• Corrective action plan: documenting specific, time-bound remediation actions and assigning ownership for each.

17.3 Outcomes and Follow-up

Findings from the RCA will be documented in a written report. The corrective action plan arising from the RCA will be implemented within a reasonable and defined timeframe, and progress will be monitored by senior management. Where the RCA identifies systemic weaknesses, this policy and related procedures will be updated accordingly. The RCA report will be retained as part of our compliance records.

18. Policy Review

This policy is reviewed annually and updated as necessary to reflect changes in legislation, best practices, and organisational requirements. The policy review cycle is 12 months. We are committed to the continuous improvement of our anti-corruption measures.

19. Penalties

Breach of this policy may result in disciplinary action, including dismissal. Bribery is a criminal offence that can result in imprisonment and unlimited fines for both individuals and organisations.