Request a Demo

Whistle Policy

PREAMBLE

Facttwin is committed to conducting business with integrity, transparency, and in compliance with applicable laws and regulations. This Whistle Blower Policy (“Policy”) establishes a vigil mechanism that enables directors, employees, contractors, and other stakeholders to report genuine concerns about unethical conduct, violations of the Company’s Code of Conduct, fraud, or other irregularities.

This Policy has been formulated in accordance with best practices in corporate governance and information security management, including compliance with ISO/IEC 27001:2022 and ISO/IEC 27701:2019 standards. The Company recognizes the importance of providing a safe and confidential channel for raising concerns without fear of retaliation.

This Policy affirms Facttwin’s zero-tolerance approach towards unethical behavior and its commitment to protecting those who report such concerns in good faith.

Purpose And Objectives

The objectives of this Policy are to:

  • Provide a formal mechanism for reporting concerns about unethical practices, violations of law, or breaches of the Company’s Code of Conduct
  • Ensure confidential and fair treatment of whistle blowers
  • Protect whistle blowers from retaliation, victimization, or unfair treatment
  • Facilitate independent and impartial investigation of reported concerns
  • Promote a culture of transparency, accountability, and ethical conduct
  • Preserve the security and integrity of information created, stored, handled, or processed at Facttwin

The Whistle Blower Policy Statement lays down the core vision and objectives of Facttwin management towards preserving the security of information created, stored, handled, or processed at Facttwin.

Scope And Applicability

This Policy applies to all directors, employees (permanent, temporary, or contractual), contractors, subcontractors, consultants, vendors, and other third parties who have access to Facttwin’s systems, services, or information.

This Policy covers concerns related to, but not limited to:

  • Violations of applicable laws, regulations, or Company policies
  • Fraud, theft, or misappropriation of Company assets
  • Corruption, bribery, or conflicts of interest
  • Information security breaches or data privacy violations
  • Financial irregularities or accounting malpractices
  • Harassment, discrimination, or workplace misconduct
  • Abuse of authority or gross negligence
  • Any other conduct that poses a risk to the Company, its employees, customers, or stakeholders

Definitions

For the purpose of this Policy, the following terms shall have the meanings assigned to them:

Audit Committee
The Audit Committee of the Board of Directors of the Company, serving as the ultimate reporting authority under this vigil mechanism

Code of Conduct
The code of conduct and ethics policies of Facttwin, including information security policies, data protection policies, and other governance documents applicable to employees and stakeholders

Disciplinary Action
Any action taken upon completion of or during investigation proceedings, including but not limited to warnings, reprimands, fines, suspension, demotion, termination of employment or contract, or legal proceedings

Disclosure or Protected Disclosure
A written communication made in good faith by a Whistle Blower reporting genuine concerns about actual or suspected violations covered under this Policy

Employee
Any person employed by Facttwin on a permanent, temporary, or contractual basis, including directors, but excluding external contractors and third-party service providers

Respondent
Any person against whom allegations have been made under this Policy, who may be a director, employee, contractor, or the Company itself

Retaliation
Any adverse action taken against a Whistle Blower as a consequence of making a disclosure, including but not limited to termination, demotion, harassment, discrimination, or any action that adversely affects the terms and conditions of employment

Vigilance Committee
A committee constituted by the Company to assist the Audit Committee in conducting inquiries and investigations on disclosures and recommending appropriate action to the Management or Audit Committee

Whistle Blower
Any director, employee, contractor, or stakeholder who makes a Protected Disclosure under this Policy in good faith

REPORTING PROCEDURE

How to Report

Whistleblowers may report concerns through the following channels:

Email: ciso.dpo@akrivia.in

Phone: +91 89775 35368

Written Communication: Addressed to the Audit Committee at:
Audit Committee Facttwin Information Technology Division [Company Address] Email: ciso.dpo@akrivia.in

Content of Disclosure

A Protected Disclosure should include:

  • Identity and contact details of the Whistle Blower (anonymous disclosures may be considered but are generally not encouraged)
  • Clear description of the concern or alleged violation
  • Names of individuals involved or implicated, if known
  • Details of when and where the incident(s) occurred
  • Supporting documents or evidence, where available
  • Names of potential witnesses, if any

Timeline for Reporting

Whistle Blowers should report concerns as soon as possible, preferably within 15 days of becoming aware of the alleged violation or unethical conduct.

Anonymous Disclosures

While the Company encourages Whistleblowers to identify themselves to facilitate effective investigation and communication, anonymous disclosures will be considered on a case-by-case basis. However, the Company may face limitations in investigating anonymous complaints due to a lack of ability to seek clarifications or additional information.

Investigation Procedure

Receipt and Initial Assessment

Upon receipt of a Protected Disclosure, the Audit Committee, with assistance from the Vigilance Committee, shall:

  • Acknowledge receipt of the disclosure within 7 working days
  • Determine whether the disclosure falls within the scope of this Policy
  • Assess the gravity of the matter and decide whether to proceed with an investigation, typically within 15 days of receipt

Investigation Criteria

In determining whether to investigate, the Audit Committee shall consider:

  • Whether the issue constitutes a violation of law or Company policy
  • The credibility and accuracy of the allegations
  • The adequacy of supporting evidence
  • Whether the conduct appears to be isolated or systematic
  • Whether similar issues have been raised previously
  • The gravity of the subject matter
  • Cost and consequences of potential investigation

Conduct of Investigation

If the Audit Committee decides to proceed with an investigation:

  • The investigation shall be conducted by the Vigilance Committee through a neutral, fact-finding process
  • If any member of the Vigilance Committee or Audit Committee has a conflict of interest, they shall recuse themselves from the proceedings
  • The Committee may call for any information, documents, or examination of any employee or other person
  • The Committee may conduct hearings with the Whistle Blower, Respondent, witnesses, or other relevant persons
  • All involved parties shall be provided a fair opportunity to present their case and defend themselves
  • The identity of the Whistle Blower shall be kept confidential throughout the investigation, to the extent possible

Investigation Timeline

The Vigilance Committee shall complete the investigation normally within 90 days of receipt of the disclosure. In exceptional cases requiring additional time, the timeline may be extended with approval from the Audit Committee.

Upon completion, the Vigilance Committee shall submit a detailed investigation report with findings and recommendations to the Audit Committee. All findings shall be supported by evidence and appropriate reasoning.

Decision and Action

The Audit Committee shall review the investigation report and recommendations. If the allegations are substantiated, the Audit Committee may advise the Management to:

  • Issue a reprimand or warning to the Respondent
  • Take Disciplinary Action, including suspension or termination
  • Impose penalties or order recovery of damages
  • Terminate or suspend any contract or arrangement vitiated by the violation
  • Initiate legal proceedings against the Respondent
  • Implement corrective measures to prevent recurrence

The decision of the Audit Committee shall be final and binding on all parties involved.

Communication of Outcome

Subject to legal limitations and approval by the Audit Committee, the outcome of the investigation will be communicated to the Whistle Blower and the Respondent. The Whistle Blower shall have the right to access the Chairman of the Audit Committee directly in exceptional cases.

Protection And Safeguards

Protection from Retaliation

This Policy provides robust safeguards against victimization of Whistle Blowers who report concerns in good faith:

  • No Whistle Blower shall be subject to unfair dismissal, disciplinary action, harassment, discrimination, or any adverse action as a consequence of making a Protected Disclosure
  • The Company strictly prohibits retaliation in any form against Whistle Blowers
  • Any employee found retaliating against a Whistle Blower shall be subject to serious Disciplinary Action, including termination

Confidentiality

The Company shall maintain strict confidentiality throughout the disclosure and investigation process:

  • The identity of the Whistle Blower shall be kept confidential unless: (a) the Whistle Blower agrees to be identified, (b) identification is necessary for effective investigation or law enforcement, or (c) disclosure is required by law or in disciplinary proceedings
  • All persons involved in the investigation shall maintain confidentiality and discuss matters only with authorized individuals
  • Unauthorized disclosure of a Whistle Blower’s identity or investigation details may result in Disciplinary Action

Reporting Retaliation

If a Whistle Blower experiences any form of retaliation, they may file a written complaint with the Audit Committee. The Audit Committee shall investigate the complaint and recommend appropriate corrective action to the Management, including Disciplinary Action against the retaliating individual.

Limitations on Protection

The protections provided under this Policy do not shield Whistle Blowers from adverse actions that occur independent of their disclosure, such as poor job performance, violation of Company policies unrelated to the disclosure, or legitimate Disciplinary Action for other reasons.

Exceptions And Exclusions

This Policy does not apply to:

  • Personal grievances related to individual employment terms and conditions (such as salary, benefits, or work assignments)
  • Interpersonal conflicts or disputes between colleagues
  • Matters related to individual performance evaluations or career development

Such matters should be addressed through the Company’s existing HR channels, grievance redressal mechanisms, or performance management processes.

False Or Frivolous Complaints

While the Company encourages reporting of genuine concerns, it takes a serious view of malicious, false, or frivolous complaints made with intent to harm or defame others.

If an investigation reveals that a Whistle Blower has:

  • Made false allegations knowingly and deliberately
  • Made repeated frivolous or vexatious complaints
  • Abused the Policy for personal gain or to settle scores

The Audit Committee may recommend Disciplinary Action against such Whistle Blower, including termination of employment or contract.

Record Keeping And Documentation

All Protected Disclosures and related investigation records shall be maintained as follows:

  • All disclosures, investigation reports, findings, and recommendations shall be documented in a Whistle Blower Incident Tracker
  • Records shall be retained for a minimum period of seven years from the date of closure or disposal of the disclosure
  • All documents shall be classified as confidential and access shall be restricted to authorized personnel only
  • Records shall be reviewed during Management Review Meetings as part of the Company’s governance processes

Reporting To The Board

The Audit Committee shall submit an annual report to the Board of Directors containing statistical information on: (a) number of disclosures received during the year, (b) number of disclosures accepted and rejected, (c) number of investigations completed and pending, (d) summary of actions taken, and (e) any significant trends or systemic issues identified.

Compliance And Enforcement

Compliance with this Policy is mandatory for all employees, directors, and stakeholders covered under its scope.

The CEO of Facttwin, assisted by the CISO/DPO/Information Security Designee, shall ensure compliance with this Policy. Regular compliance reviews shall be conducted by Internal Audit and reported to the CISO/Information Security Designee.

All employees must promptly report any suspected violations of this Policy to the CISO/Information Security Designee.

Consequences Of Policy Violations

Violations of this Policy, including:

  • Retaliating against a Whistleblower
  • Unauthorised disclosure of confidential information
  • Tampering with evidence or coaching witnesses
  • Making false or malicious complaints
  • Obstructing or interfering with investigations

shall result in Disciplinary Action commensurate with the severity of the violation. Such action may include warnings, fines, suspension, termination of employment or contract, and/or legal proceedings. Disciplinary measures shall be determined by Management, Human Resources, and the Legal Department based on the investigation findings.

Policy Review And Amendment

The Audit Committee shall be responsible for the effective administration, interpretation, application, and periodic review of this Policy to ensure its continued relevance and effectiveness.

The Board of Directors reserves the right to amend, modify, or replace this Policy in whole or in part, at any time, as deemed necessary to align with legal requirements, industry best practices, or organizational needs.

Contact Information

For questions, clarifications, or to report concerns under this Policy, please contact:

Policy Sponsor: CEO, Facttwin

Policy Custodian: CISO/DPO/Information Security Designee

Email: ciso.dpo@akrivia.in

Phone: +91 89775 35368