Neftaly Staff

NeftalyApp COURSES Partner INVEST Corporate CHARITY Divisions

[Contact SayPro] [About SayPro][Services] [Recruit] [Agri] [Apply] [Login] [Courses] [Corporate Training] [Study] [School] [Sell Courses] [Career Guidance] [Training Material[ListBusiness/NPO/Govt] [Shop] [Volunteer] [Internships[Jobs] [Tenders] [Funding] [Learnerships] [Bursary] [Freelancers] [Sell] [Camps] [Events&Catering] [Research] [Laboratory] [Sponsor] [Machines] [Partner] [Advertise]  [Influencers] [Publish] [Write ] [Invest] [Franchise] [Staff] [CharityNPO] [Donate] [Give] [Clinic/Hospital] [Competitions] [Travel] [Idea/Support] [Events] [Classified] [Groups] [Pages]

Email: info@neftaly.net Call/WhatsApp: + 27 84 313 7407

Neftaly Human Capital Anti-Bribery Management Policy, Procedures, Processes, Templates, Documents and Forms NeftalyP027

Document Code: NeftalyP027
Version: 1.0
Approved By: Chief Executive Officer (CEO)

Date Approved: 29 October 2025

Review Date: 28 November 2026

Policy Owner: Neftaly Chief Human Capital Officer, NeftalyCHCR

NeftalyP027-1 Policy Overview

NeftalyP027-1-1 The Neftaly Human Capital Anti-Bribery Management Policy (NeftalyP027) establishes the standards, principles, and controls required to prevent, detect, and respond to bribery and corruption across all Neftaly Royal operations and Human Capital activities.

This policy supports Neftaly’s unwavering commitment to integrity, transparency, and ethical governance, ensuring that no bribery, facilitation payments, or corrupt practices are tolerated under any circumstances.

NeftalyP027-2 Purpose

NeftalyP027-2-1 The purpose of this policy is to:

  • NeftalyP027-2-1-1 Prevent bribery, corruption, and unethical influence within Neftaly operations.
  • NeftalyP027-2-1-2 Establish clear rules for identifying, reporting, and addressing bribery-related incidents.
  • NeftalyP027-2-3 Protect Neftaly, its Royal Committees, Officers, and Human Capital from reputational and legal risks.
  • NeftalyP027-2-4 Promote a culture of honesty, fairness, and accountability in all relationships.
  • NeftalyP027-2-5 Ensure compliance with local and international anti-bribery and anti-corruption laws.

NeftalyP027-3 Scope

NeftalyP027-3-1 This policy applies to:

  • NeftalyP027-3-1-1 All Neftaly Human Capital, Royal Directors, Deputy Chiefs, Officers, Contractors, Consultants, Vendors, and Partners.
  • NeftalyP027-3-1-2 All business dealings, transactions, procurement, events, recruitment, and financial operations.
  • NeftalyP027-3-1-3 Any activity or interaction where there is potential for offering, giving, requesting, or receiving something of value to improperly influence a decision.

NeftalyP027-4 Policy Statement

NeftalyP027-4-1 Neftaly operates with zero tolerance for bribery or corruption.
No Human Capital, Officer, or Partner shall directly or indirectly offer, give, solicit, or accept any bribe or improper advantage in any form.

All dealings must comply with ethical, legal, and governance standards. Violations of this policy will result in disciplinary action, up to and including termination of contract, dismissal, and possible legal proceedings.

NeftalyP027-5 Definitions

TermDefinition
BriberyOffering, giving, receiving, or soliciting anything of value to influence a decision or action improperly.
Facilitation PaymentA small payment made to expedite a routine process — strictly prohibited under this policy.
KickbackA portion of money or benefit returned for awarding a contract or favor — prohibited.
Conflict of InterestA situation where personal interest conflicts with Neftaly’s interests.
Gift / HospitalityAny item, favor, or event that may influence or appear to influence decisions.

NeftalyP027-6 Objectives

  • NeftalyP027-6-1 To protect Neftaly’s reputation for integrity and ethical excellence.
  • NeftalyP027-6-2 To ensure all staff understand their responsibilities under anti-bribery laws.
  • NeftalyP027-6-3 To provide clear procedures for reporting and investigating bribery concerns.
  • NeftalyP027-6-4 To embed anti-bribery controls into all Neftaly Royal and Human Capital processes.

NeftalyP027-7 Principles of Anti-Bribery Compliance

NeftalyP027-7-1 Zero Tolerance: Bribery and corruption are never acceptable.

NeftalyP027-7-2 Transparency: All dealings must be open, documented, and accountable.

NeftalyP027-7-3 Accountability: All staff must take responsibility for upholding Neftaly’s ethical standards.

NeftalyP027-7-4 Due Diligence: All business partners and vendors must undergo compliance screening.

NeftalyP027-7-5 Fairness: Decisions must be made based on merit, need, and organizational interest.

NeftalyP027-8 Procedures and Processes

NeftalyP027-8-1 Risk Identification

NeftalyP027-8-1-1The Chief Human Capital Officer (CHCO) and Royal Compliance Unit conduct regular risk assessments to identify potential bribery risks in operations, procurement, and recruitment.

NeftalyP027-8-2 The Bribery Risk Assessment Form (NeftalyF027-01) is used to document findings and mitigation strategies.

NeftalyP027-8-2 Preventive Controls

NeftalyP027-8-2-1 All procurement and contracting must follow NeftalyP092 (Procurement Management Policy).

NeftalyP027-8-2-2 All gifts or hospitality offered or received must be declared using the Gift and Hospitality Declaration Form (NeftalyF027-02).

NeftalyP027-8-2-3 Neftaly prohibits facilitation payments under all circumstances.

NeftalyP027-8-2-4 Financial transactions must be reviewed and authorized by two approved signatories.

NeftalyP027-8-2-5 The Anti-Bribery Register (NeftalyR027-01) must record all relevant disclosures, reports, and investigations.

NeftalyP027-8-5 Reporting Bribery and Suspicious Activity

  • NeftalyP027-8-5-1 All Neftaly Human Capital are required to report suspected or actual bribery immediately.
  • NeftalyP027-8-5-2 Reports can be made anonymously via:
    • Email: ethics@saypro.org
    • Hotline: [Insert number]
    • Directly to the Royal Compliance Officer or CEO.
  • NeftalyP027-8-5-3 The Anti-Bribery Incident Report Form (NeftalyF027-03) must be used to record all allegations.

NeftalyP027-8-4 Investigation Procedure

NeftalyP027-8-4-1 The Royal Compliance Unit will conduct a confidential investigation.

NeftalyP027-8-4-2 Findings will be documented in the Investigation Report (NeftalyR027-02).

NeftalyP027-8-4-3 Disciplinary action, where required, will be managed under NeftalyP165 (Disciplinary Management Policy).

NeftalyP027-8-4-4 Results and corrective actions will be logged in the Anti-Bribery Register (NeftalyR027-01).

NeftalyP027-8-5 Training and Awareness

  • NeftalyP027-8-5-1 Mandatory annual anti-bribery training for all staff and officers.
  • NeftalyP027-8-5-2 Specialized training for high-risk units (procurement, finance, recruitment, and external relations).
  • NeftalyP027-8-5-3 Awareness materials distributed via internal communications and Neftaly Royal workshops.

NeftalyP027-8-6 Monitoring and Review

  • NeftalyP027-8-6-1 The Royal Audit and Compliance Committee will review all bribery cases annually.
  • NeftalyP027-8-6-2 The CHCO submits an annual Anti-Bribery Compliance Report (NeftalyR027-03) to the CEO.
  • NeftalyP027-8-6-3 External audits may be conducted to ensure transparency and compliance.

NeftalyP027-9 Roles and Responsibilities

RoleResponsibilities
Chief Executive Officer (CEO)Provides overall leadership, approves this policy, and enforces sanctions.
Chief Human Capital Officer (CHCO)Oversees implementation, awareness, and monitoring.
Royal Compliance OfficerInvestigates reports, maintains the Anti-Bribery Register, and ensures legal compliance.
Royal Directors and OfficersEnsure adherence to anti-bribery standards within their divisions.
All Neftaly Human CapitalAvoid, report, and refuse participation in any bribery-related act.

NeftalyP027-10 Templates, Documents, and Registers

CodeDocument NamePurpose
NeftalyF027-01Bribery Risk Assessment FormIdentify and evaluate bribery risks.
NeftalyF027-02Gift and Hospitality Declaration FormDeclare received or offered gifts.
NeftalyF027-03Anti-Bribery Incident Report FormReport any bribery or corruption case.
NeftalyR027-01Anti-Bribery RegisterMaintain a record of incidents and actions.
NeftalyR027-02Investigation ReportDocument investigation findings.
NeftalyR027-03Annual Anti-Bribery Compliance ReportSummarize compliance status and outcomes.

NeftalyP027-11 Compliance and Enforcement

  • NeftalyP027-11-1 Violation of this policy will result in disciplinary action, including dismissal, contract termination, and potential legal prosecution.
  • NeftalyP027-11-2 The Royal Compliance Unit will ensure ongoing monitoring of bribery controls across all operations.
  • NeftalyP027-11-3 All third parties must comply with Neftaly’s Anti-Bribery Compliance Clause in their contracts.

NeftalyP027-12 Review and Evaluation

NeftalyP027-12-1 This policy shall be reviewed annually or as required by regulatory or operational changes. Updates must be recorded in the Amendment Register (NeftalyR025-01) and approved by the CEO.

NeftalyP027-13 References

  • NeftalyP027-13-1 Neftaly Human Capital Compliance Management Policy (NeftalyP125)
  • NeftalyP027-13-2 Neftaly Human Capital Disciplinary Policy (NeftalyP165)
  • NeftalyP027-13-3 Neftaly Human Capital Procurement Policy (NeftalyP092)
  • NeftalyP027-13-4 Neftaly Human Capital Ethics Policy (NeftalyP110)
  • NeftalyP027-13-5 Neftaly Human Capital Governance Policy (NeftalyP099)
  • NeftalyP027-13-6 Neftaly Human Capital Privacy Management Policy (NeftalyP370)

NeftalyP027-14 Frequently Asked Questions (FAQs)

  • Who ultimately owns NeftalyP027?
    The Board of Directors holds ultimate accountability, with day-to-day governance by the Chief Ethics & Compliance Officer (CECO).
    What committee oversees this policy?
    The Audit & Risk Committee of the Board receives quarterly compliance reports.
    How is senior management held accountable?
    Anti-bribery KPIs are embedded in executive scorecards (30% of bonus weighting).
    What’s the “Tone from the Top” implementation?
    Monthly CEO communications, annual signed compliance attestations by all directors.
    How are policy violations at leadership level addressed?
    Immediate suspension pending investigation, with potential clawback of 3 years’ variable compensation.
    What’s the whistleblower protection for reporting executives?
    Direct hotline to Board Chair with guaranteed anonymity and external legal representation.
    How is the policy funded?
    Minimum 0.15% of global payroll allocated to anti-bribery compliance.
    Who approves exceptions to NeftalyP027?
    Only the Board Ethics Subcommittee can grant exceptions, with public disclosure.
    How is cross-border governance managed?
    Regional Compliance Officers report matrix to both local MD and Global CECO.
    What’s the escalation protocol for major incidents?
    24-hour notification to Board, regulators, and disclosure to affected candidates/employees.
    How are mergers/acquisitions integrated?
    Day 1 compliance assessment with 90-day remediation plan.
    What’s the insurance coverage?
    $50M Directors & Officers policy with specific bribery coverage.
    How are proxy advisors engaged?
    Annual briefing to ISS and Glass Lewis on anti-bribery programs.
    What’s the investor communication protocol?
    Quarterly ESG reporting with specific human capital anti-bribery metrics.
    How are trade unions involved?
    Mandatory consultation on all policy changes affecting collective bargaining.
    What’s the government liaison protocol?
    Designated Legal Counsel for DOJ/SEC/FCA communications.
    How are industry associations leveraged?
    Leadership role in WEF Partnering Against Corruption Initiative.
    What’s the crisis management integration?
    Anti-bribery incident playbook embedded in overall crisis response.
    How are legal privilege boundaries maintained?
    Clear segregation between investigative reports (privileged) and compliance findings (non-privileged).
    What’s the data governance framework?
    GDPR/CCPA compliance with specific provisions for investigation data.
    How are conflicts between laws managed?
    “Highest standard” principle applies where regulations conflict.
    What’s the sunset clause for investigations?
    7-year retention period with annual review for destruction.
    How are compliance certifications verified?
    Random 10% audit of all management certifications.
    What’s the remote work compliance protocol?
    Geolocation tracking for high-risk transactions with automated alerts.
    How are family offices of executives monitored?
    Annual disclosure of family business interests in HR supply chain.
    What’s the political contribution policy?
    Complete prohibition of corporate political donations globally.
    How are sponsored visas monitored?
    Annual ethics attestation from sponsored employees.
    What’s the protocol for state-owned enterprise engagements?
    Enhanced due diligence (Level 4) with Board pre-approval.
    How are sovereign wealth fund investments addressed?
    Transparency International Corruption Index threshold of 50 required.
    What’s the forced labor prevention integration?
    Supply chain mapping to tier 3 for all HR vendors.
    Section B: Policy Scope & Applicability (35 FAQs)
    Does this cover interns and trainees?
    Yes, including unpaid internships and graduate programs.
    What about temporary agency workers?
    Covered from first day of assignment with mandatory training.
    How are consultants engaged for <30 days treated?
    Simplified due diligence but full policy applicability.
    Does this apply to joint venture employees?
    Yes, through JV agreements mandating policy adoption.
    What about acquired companies pre-integration?
    60-day grace period with compliance liaison officer.
    How are franchise operations covered?
    Franchise agreement clause requiring policy implementation.
    Does this cover employee referrals?
    Yes, with specific controls on referral bonuses.
    What about alumni network engagements?
    Covered when alumni provide recruitment referrals.
    How are executive search firms different?
    Enhanced due diligence with personal liability clauses.
    What’s the threshold for “small value” transactions?
    No minimum threshold – all transactions covered.
    Does this apply to internal transfers?
    Yes, including departmental transfers and geographic moves.
    How are matrix reporting relationships managed?
    Both line and dotted-line managers must certify compliance.
    What about shadow payroll arrangements?
    Prohibited except where legally mandated.
    Does this cover pension fund administrators?
    Yes, with specific focus on fund selection processes.
    How are wellness program providers covered?
    Due diligence includes anti-bribery controls of health providers.
    What about employee club sponsorships?
    Requires ethics pre-clearance for any corporate sponsorship.
    Does this apply to redundancy/severance packages?
    Yes, with specific approval matrix for packages >12 months.
    How are sabbatical programs monitored?
    Pre-approval required for any external activities during sabbatical.
    What about company-sponsored education?
    University selection process includes anti-bribery assessment.
    Does this cover expatriate tax advisors?
    Mandatory rotation every 3 years to prevent capture.
    How are relocation service providers managed?
    Direct contracting only – no sub-agents permitted.
    What about immigration lawyers?
    Fixed fee arrangements only – no success fees.
    Does this apply to background check providers?
    Enhanced due diligence for providers accessing sensitive data.
    How are assessment center vendors covered?
    Psychometric test providers must certify no conflicts.
    What about employee survey platforms?
    Data privacy and anti-manipulation controls required.
    Does this cover payroll outsourcing?
    Daily reconciliation controls with exception reporting.
    How are benefits brokers monitored?
    Commission transparency with annual disclosure.
    What about corporate travel agencies?
    Centralized booking only with audit trail.
    Does this apply to temporary housing providers?
    Corporate rate agreements with no individual kickbacks.
    How are language training providers covered?
    Curriculum review for ethical content.
    What about coaching/mentoring programs?
    External coaches require compliance vetting.
    Does this cover team building event organizers?
    Competitive bidding for all events >$5,000.
    How are award ceremony organizers managed?
    Judging panel independence verification required.
    What about employee recognition platforms?
    Point system must prevent gaming/manipulation.
    Does this apply to HR technology vendors?
    Source code review for algorithmic bias prevention.
    Section C: Regulatory Framework & Standards (35 FAQs)
    Which specific FCPA provisions apply to HR?
    Books & Records provisions for all HR transactions.
    How does UKBA Section 7 apply?
    Adequate procedures defense requires documented HR controls.
    What SAPA requirements are relevant?
    South African requirements for public official interactions.
    How are EU Whistleblower Directive requirements met?
    Internal reporting channels with 30-day acknowledgment.
    What about Brazil Clean Companies Act?
    Strict liability for HR vendor actions.
    How does Canada CFPOA apply?
    Facilitation payment prohibition includes HR processes.
    What Australia Criminal Code requirements apply?
    Corporate culture assessment includes promotion fairness.
    How are India Prevention of Corruption Act provisions met?
    Specific controls on festival gift exchanges.
    What China Anti-Unfair Competition Law aspects apply?
    Commercial bribery provisions for recruitment agencies.
    How does Singapore PCA apply?
    Coverage of private sector bribery in employment.
    What UAE Federal Law No. 34 requirements apply?
    Gift registry for all recruitment-related exchanges.
    How are Nigeria EFCC requirements addressed?
    Enhanced due diligence for local recruitment partners.
    What Kenya Bribery Act provisions apply?
    Specific training for HR professionals.
    How does ISO 37001 certification apply?
    Annual external certification of HR anti-bribery controls.
    What SOC 2 Type II requirements apply?
    HR system controls for data integrity.
    How are GDPR Article 30 requirements met?
    Records of processing activities for HR investigations.
    What ILO conventions are referenced?
    Convention 111 on discrimination prevention.
    How does OECD Guidelines Chapter VII apply?
    Human rights due diligence in employment practices.
    What UN Global Compact principles apply?
    Principle 10 on anti-corruption.
    How are Equator Principles relevant?
    For HR aspects of project financing.
    What WEF Partnering Against Corruption principles apply?
    Collective action in high-risk jurisdictions.
    How does Transparency International guidance apply?
    Corruption Perceptions Index thresholds for risk assessment.
    What DOJ Evaluation of Corporate Compliance Programs applies?
    HR’s role in incentives and disciplinary actions.
    How are SEC disclosure requirements met?
    Material HR-related bribery incidents in 8-K filings.
    What NYSE corporate governance standards apply?
    Board oversight of HR compliance.
    How does EU General Data Protection Regulation apply?
    Investigation data processing safeguards.
    What California Consumer Privacy Act requirements apply?
    Employee data access rights during investigations.
    How are SOX 404 controls integrated?
    HR financial reporting controls.
    What MAS Guidelines on Individual Accountability apply?
    Senior manager responsibility for HR compliance.
    How does HK SFC Manager-in-Charge regime apply?
    Designated MIC for HR operations.
    What Monetary Authority of Singapore requirements apply?
    HR controls in financial institutions.
    How are DFSA Rulebook provisions applied?
    Senior management functions for HR.
    What CBI (Central Bank of Ireland) requirements apply?
    Fitness & probity assessments.
    How does BaFIN MaRisk apply?
    HR risk management in German operations.
    What FINMA circulars apply?
    Operational risks in Swiss HR operations.

    PART 2: RISK MANAGEMENT FRAMEWORK (150 FAQs)
    Section D: Risk Assessment Methodology (50 FAQs)
    What’s the risk assessment frequency?
    Quarterly for high-risk areas, annually for all others.
    How are HR processes risk-rated?
    5-point scale: Impact (1-5) × Likelihood (1-5) × Control Effectiveness (0.5-2).
    What are inherent vs residual risk?
    Inherent: Without controls; Residual: After controls applied.
    How are “red flags” identified?
    87 predefined red flags in recruitment, promotions, procurement.
    What’s the data analytics approach?
    Machine learning analysis of HR transactions for anomalies.
    How are predictive models used?
    Identify patterns indicating potential corruption.
    What’s the control self-assessment process?
    Quarterly manager assessments with random validation.
    How are third-party risks assessed?
    4-tier due diligence based on risk rating.
    What’s the geographic risk rating?
    Transparency International CPI + World Bank Governance Indicators.
    How are industry-specific risks addressed?
    Sector corruption indices from Trace International.
    What’s the process mapping methodology?
    End-to-end mapping of 32 core HR processes.
    How are control gaps identified?
    RACI analysis with gap heat maps.
    What’s the risk appetite statement?
    Zero tolerance for material bribery; low tolerance for minor incidents.
    How are risk limits set?
    Maximum 2% of recruitment through any single agency.
    What’s the escalation threshold?
    Any incident >$10,000 value or involving senior management.
    How are emerging risks monitored?
    Monthly horizon scanning with external intelligence feeds.
    What’s the scenario analysis approach?
    12 corruption scenarios with impact quantification.
    How are stress tests conducted?
    Annual simulation of major corruption incident.
    What’s the correlation analysis?
    Linkage between HR incidents and financial misstatement.
    How are risk indicators calibrated?
    Back-testing against historical incidents.
    What’s the benchmarking methodology?
    Peer comparison using consortium data.
    How are regulatory changes tracked?
    Automated monitoring of 47 jurisdictions.
    What’s the risk culture assessment?
    Annual survey with 15 risk culture dimensions.
    How are whistleblower data analyzed?
    Anonymized trend analysis by region/function.
    What’s the audit finding analysis?
    Root cause analysis with control enhancements.
    How are investigation outcomes incorporated?
    Lessons learned integrated into risk assessment.
    What’s the management override risk assessment?
    Specific controls for senior management transactions.
    How are confidential informants protected?
    Secure channel with legal privilege protection.
    What’s the data retention for risk assessments?
    10 years for high-risk assessments.
    How are risk assessments validated?
    Independent validation by Internal Audit.
    What’s the technology enablement?
    GRC platform with automated workflows.
    How are qualitative risks quantified?
    Reputational damage scoring matrix.
    What’s the supply chain risk assessment?
    N-tier mapping for critical HR vendors.
    How are merger integration risks assessed?
    Cultural compliance assessment during due diligence.
    What’s the divestiture risk assessment?
    Legacy liability assessment.
    How are joint venture risks assessed?
    Partner compliance capability assessment.
    What’s the project-based risk assessment?
    For major HR transformation projects.
    How are economic downturn risks assessed?
    Increased corruption pressure indicators.
    What’s the geopolitical risk assessment?
    Country risk ratings with early warning indicators.
    How are sanctions risks assessed?
    Screening of all HR vendors against sanctions lists.
    What’s the cyber risk integration?
    HR system integrity controls assessment.
    How are mobile workforce risks assessed?
    Remote hiring and payment controls.
    What’s the gig economy risk assessment?
    Platform worker engagement controls.
    How are algorithm risks assessed?
    AI hiring tool bias and manipulation risks.
    What’s the social media risk assessment?
    Recruitment via social platforms controls.
    How are virtual interview risks assessed?
    Integrity controls for remote assessments.
    What’s the biometric data risk assessment?
    Ethical use of assessment technologies.
    How are wellness data risks assessed?
    Health information privacy controls.
    What’s the genetic information risk assessment?
    Prohibition of genetic testing in hiring.
    How are neurodiversity assessment risks managed?
    Ethical assessment tools validation.
    Section E: Due Diligence Procedures (50 FAQs)
    What’s the due diligence framework?
    4 levels: Basic, Standard, Enhanced, Enhanced+.
    How are recruitment agencies vetted?
    Enhanced due diligence with site visits for high-risk.
    What’s the ownership verification process?
    Ultimate beneficial ownership tracing to natural persons.
    How are politically exposed persons identified?
    World-Check screening of all third-party owners.
    What’s the adverse media screening?
    Ongoing monitoring of 15,000+ media sources.
    How are sanctions lists screened?
    Daily screening against 200+ global lists.
    What’s the litigation history check?
    Court record searches in home jurisdiction.
    How are financial stability assessed?
    Credit checks and financial statement analysis.
    What’s the reference check protocol?
    Minimum 3 independent references.
    How are site visits conducted?
    Unannounced visits for high-risk vendors.
    What’s the interview process?
    Structured interviews with compliance focus.
    How are policies reviewed?
    Anti-bribery policy assessment against ISO 37001.
    What’s the training verification?
    Evidence of employee anti-bribery training.
    How are internal controls assessed?
    Control testing for high-risk vendors.
    What’s the payment controls review?
    Review of vendor’s own payment controls.
    How are subcontractors managed?
    Flow-down clauses in all contracts.
    What’s the re-screening frequency?
    Annual for high-risk, biennial for others.
    How are findings documented?
    Due diligence report with risk rating.
    What’s the approval workflow?
    Based on risk rating and value.
    How are exceptions handled?
    Risk acceptance with mitigation plan.
    What’s the ongoing monitoring?
    Quarterly reviews for high-risk vendors.
    How are incidents reported?
    24-hour notification requirement.
    What’s the termination protocol?
    30-day notice with investigation preservation.
    How are local agents assessed?
    Enhanced+ due diligence for commission-based.
    What’s the family relationship check?
    Declaration of family ties to Neftaly employees.
    How are conflicts of interest identified?
    Cross-check against employee databases.
    What’s the gift policy assessment?
    Review of vendor’s gift policies.
    How are facilitation payments addressed?
    Zero tolerance clause in contracts.
    What’s the whistleblower mechanism?
    Requirement for vendor reporting channels.
    How are audits conducted?
    Right-to-audit clauses with 30-day access.
    What’s the certification requirement?
    Annual compliance certification.
    How are training requirements enforced?
    Minimum 2 hours annual anti-bribery training.
    What’s the record retention?
    10 years post-contract termination.
    How are digital signatures verified?
    PKI-based digital identity verification.
    What’s the video verification process?
    For high-risk remote due diligence.
    How are document authenticity verified?
    Notarization or apostille requirements.
    What’s the translation protocol?
    Certified translations for key documents.
    How are data privacy complied?
    GDPR-compliant due diligence processing.
    What’s the local law assessment?
    Legal opinion for high-risk jurisdictions.
    How are cultural considerations addressed?
    Local compliance expert consultation.
    What’s the speed vs thoroughness balance?
    Tiered approach based on risk.
    How are urgent hires managed?
    Provisional approval with post-hire diligence.
    What’s the temporary staff protocol?
    Agency diligence covers all temporary staff.
    How are interns vetted?
    Educational institution verification.
    What’s the volunteer screening?
    Same standards as paid staff.
    How are board members screened?
    Enhanced due diligence by Nominating Committee.
    What’s the executive search firm protocol?
    Personal liability for inaccurate information.
    How are assessment providers vetted?
    Psychometric test validation review.
    What’s the relocation provider diligence?
    Real estate license verification.
    How are payroll providers assessed?
    SOC 1 Type II report review.
    Section F: Red Flags & Monitoring (50 FAQs)
    What are recruitment red flags?
    Candidate with no relevant experience hired for senior role.
    How are promotion red flags identified?
    Rapid promotion without documented justification.
    What are compensation red flags?
    Unusual bonus payments outside cycle.
    How are vendor selection red flags detected?
    Single source justification without competition.
    What are training assignment red flags?
    Repeated assignments to same luxury locations.
    How are expense claim red flags identified?
    Pattern of just-below-approval-limit claims.
    What are conflict of interest red flags?
    Employee’s relative winning multiple contracts.
    How are gift register anomalies detected?
    Sudden increase in gift values before decisions.
    What are whistleblower report patterns?
    Multiple anonymous reports about same individual.
    How are system access red flags identified?
    Unusual HR system access times or volumes.
    What are data manipulation indicators?
    Back-dated approval records in system.
    How are communication pattern red flags detected?
    Excessive personal communications with vendors.
    What are lifestyle change indicators?
    Employee with sudden unexplained wealth.
    How are resignation pattern red flags identified?
    Key staff resigning after new vendor appointment.
    What are interview process anomalies?
    Missing interview notes for selected candidate.
    How are reference check red flags detected?
    References from same company network.
    What are background check discrepancies?
    Unexplained employment gaps or false credentials.
    How are performance review anomalies identified?
    Consistently high ratings before promotion.
    What are succession planning red flags?
    Family members in succession plans without merit.
    How are talent pool manipulation signs detected?
    Removing qualified candidates from pools.
    What are recruitment metric anomalies?
    High offer acceptance rates from single source.
    How are agency performance red flags identified?
    All placements from agency failing probation.
    What are visa processing red flags?
    Unusual urgency or premium processing requests.
    How are relocation expense anomalies detected?
    Inflated moving company invoices.
    What are payroll processing red flags?
    Duplicate payments or ghost employees.
    How are benefits enrollment anomalies identified?
    Family members enrolled as dependents improperly.
    What are training completion red flags?
    Certificates without attendance records.
    How are assessment result anomalies detected?
    Identical test answers across candidates.
    What are social media recruitment risks?
    Direct hiring through personal connections.
    How are remote hiring red flags identified?
    Virtual interview technical issues pattern.
    What are algorithm bias indicators?
    Demographic disparities in hiring outcomes.
    How are third-party payment red flags detected?
    Payments to countries different from service location.
    What are cash transaction indicators?
    Cash payments for HR services.
    How are cryptocurrency payment red flags identified?
    HR vendors requesting crypto payments.
    What are invoice splitting indicators?
    Multiple invoices just below approval thresholds.
    How are round number payment red flags detected?
    Suspiciously round consultancy fees.
    What are entertainment pattern indicators?
    Regular entertainment of same HR staff.
    How are travel pattern red flags identified?
    First-class travel for internal candidates.
    What are conference attendance patterns?
    Repeated attendance at luxury conferences.
    How are sponsorship red flags detected?
    Vendor sponsoring employee club events.
    What are donation request indicators?
    Requests for charitable donations to vendor’s charity.
    How are family event red flags identified?
    Vendor paying for employee family vacations.
    What are loan arrangement indicators?
    Personal loans from vendors to employees.
    How are investment opportunity red flags detected?
    Vendor offering investment opportunities to HR staff.
    What are employment promise indicators?
    Promise of future employment to vendor staff.
    How are consulting arrangement red flags identified?
    HR staff consulting for vendors post-employment.
    What are data theft indicators?
    Unusual downloads of candidate databases.
    How are system override red flags detected?
    Excessive use of manual overrides in HRIS.
    What are after-hours access patterns?
    Regular system access outside business hours.
    How are password sharing indicators identified?
    Multiple logins from same credentials.

Approved By:
Neftaly Malatjie
Chief Executive Officer