Approved at BOD 43/2017, dated 5 December 2017.

1. Purpose

1. The objectives of the Whistleblower Policy are:

1.1.1. To directly support UiTM Holdings Sdn Bhd (“the Company”) Code of Ethics and Governance requirement as it places high value on the level of trust and integrity expected of its employees within its Group of Companies (“Group”).

1.1.2. To encourage and enable employees and others to raise concerns within the Company prior to seeking resolution outside the Company. 

1.2. To provide and avenue for all employees of the Company and the Group to disclose any improper misconduct in accordance with the procedures as provided for under this policy and to provide protection for employees and members of the public who reports such allegations.

1.3. In line with this, the Company and its Group of Companies has adopted a Whistleblower Policy that outlines the Group’s commitment to ensure that employees are able to raise concerns regarding any illegal conduct or malpractice at the earliest opportunity without being subject to victimization, harassment or discriminatory treatment, and to have such concerns properly investigated. This Policy sets out the mechanism and framework by which employees, contractors and consultants can confidently voice concerns/ complaints in a responsible manner without fear of discriminatory treatment.


2. Scope

2.1. This Policy is designed to facilitate the Company, the Groups and all employees (whether permanent, contract, part-time or casual), Directors, Shareholders, Consultants, Vendors, Contractors, Outside agencies or any parties with a business relationship with the Company or its subsidiaries are encouraged to disclose any wrongdoing that may adversely impact the company. Such misconduct or criminal offences include the followings:

  • Fraud
  • Bribery
  • Abuse of Power
  • Conflict of Interest
  • Theft or Embezzlement
  • Misuse of Company’s Property
  • Non-Compliance with Procedures

2.2. The above list is non-exhaustive and it includes any act or omission if proven, will constitute an act of misconduct under the Company and the Groups Code of Ethics or any criminal offence under relevant legislation in force.

3. Definitions

3.1 Whistleblowing – This occurs when an employee raises a genuine concern about a dangerous or illegal activity or improper conduct that he is aware of through his work.

3.2 Whistleblower – A person who provides information disclosing an act of improper conduct, to the Whistleblower Committee, that may enable the Whistleblower Committee to initiate an investigation. The Whistleblower’s identity shall not be disclosed, and protections will be provided under the Whistleblower Protection Act 2010.

4. Policy

4.1.The Company encourages it’s any person to make any disclosures openly and honestly and that concerns/complaints raised will be treated fairly and properly.  

4.2.  All disclosures made under this Policy will be dealt with in a confidential manner. Disclosures received under anonymity will not be entertained.  

4.3.  The culture of openness and transparency is encouraged where concerns regarding fraud, corruption, illegal conduct, wrongdoings or any form of malpractices can be reported in an appropriate way at an early stage without fear or apprehension that the Whistleblower will be harassed or victimized in any way.  


5. Improper Misconduct

5.1.  The following shall constitute “Improper Conduct” under this Policy: 

  • Incidents of fraud, corruption or bribery; 
  • Conduct or activity which breaches any law or regulatory obligation;
  • Breach of the Company’s policies, practices, procedures or other rules of conduct;
  • Improprieties in matters of financial reporting;
  • Situation which pose a danger to the health, safety of any individual or significant danger to the environment; 

(Other improper conducts as provided in the following Appendix 1) 

6. Reporting

6.1. Disclosure of information should initially and promptly be made by the Whistleblower to one or more of the following persons within the Company:

  1. Chairman, Group Audit & Risk Committee.
  2. Chairman, Group Nomination & Remuneration Committee. III. Group Chief Executive Officer.

6.2 The Company website will be used to encourage employees to report allegations of wrongdoing or unethical business behaviour.

6.3 Reports or disclosure under this Policy can also be made through e-mail, fax or mail (using the attached form as per Appendix 2) addressed to the above persons.

6.4 Employees who have raised concerns internally will be informed of who is handling the matter, how they can contact them and if there is any further assistance required.

7. Evidence Needed Before Investigation

7.1 The Whistleblower should be able to provide in the disclosure whether in writing, information regarding the type of activity or conduct, identity of the person(s) suspected as being involved, when it occurred and who was affected. 

7.2 The Whistleblower must have first-hand knowledge or information of the facts, i.e. information obtained from third party or ‘hearsay’ will not be entertained. However, the Whistleblower should not be discouraged from making a report because they are unsure whether there is sufficient evidence to support their allegations. 


8. Procedures

8.1 All complaints/disclosure received would be placed before a Whistleblower Committee for its action.

8.2 The Whistleblower Committee shall comprise of the following members:

  1. Chairman, Group Audit & Risk Committee
  2. Chairman, Group Nomination & Remuneration Committee 
  3. Group Chief Executive Officer 

8.3.  The Committee shall have the authority to:  

8.3.1 Determine the legitimacy of the disclosure;

8.3.2 Direct further action; and

8.3.3 Determine who should conduct the investigation i.e. engage external expertise, management or Group Internal Audit.

8.4 If any of the Committee members is the suspect being involved in the improper conduct, he will automatically abstain from attending the meeting.

8.5 If, the Group Chief Internal Auditor (or other assigned investigators) is tasked to investigate, they must take all reasonable steps to ensure that investigations regarding the disclosure are fair and unbiased.

8.6 The Group Chief Internal Auditor (or other assigned investigators) will keep detailed records of all evidence gathered, interviews conducted, and all records received which affect the outcome of the investigation.


9. Reporting

9.1 Upon conclusion of the investigation, the Group Chief Internal Auditor will present the outcome of the investigation to the Group Audit & Risk Committee. 


10. Action Subsequent To Report

10.1 If the Group Audit & Risk Committee is satisfied with the outcome of the investigation, it will communicate to Management to proceed with action based on established policy and procedures for the necessary disciplinary action to be taken immediately. Instituting the disciplinary action will be the responsibility of Group Human Resource.

10.2 Senior Management must also take into account recommendations contain in the investigation report to prevent the conduct from continuing or occurring in the future. Actions to be taken may also be directed to remedy any harm or loss arising from the conduct.


11. Confidentiality And Protection

11.1. A Whistleblower must identify himself/herself when submitting a complaint/ disclosure. Upon making the disclosure in good faith:

11.1.1 The Whistleblower will be protected from any reprisal within the Company or its subsidiaries as a direct consequence of the disclosure. (‘Reprisal’ means disciplinary measures, demotion, suspension or termination of employment or service).

11.1.2 The Whistleblower’s identity shall be protected i.e. kept confidential unless otherwise required by law or for purposes of any proceedings by or against the Company;

11.1.3 The identity and personal information of the Whistleblower and the alleged wrongdoer may be revealed to persons involved in the investigations or any other process.

11.2. Protection under 11.1 above will be accorded by the Company only when the Whistleblower satisfy all the following conditions:

11.2.1 The disclosure was done in good faith;

11.2.2 Whistleblower is aware that the information and any allegations disclosed are true;

11.2.3 Whistleblower has not communicated the disclosure to any other party not related to the disclosure;

11.2.4 The disclosure was made not for personal gain or interest.

11.3 The Company views seriously any false, malicious or defamatory allegation. This can be considered as gross misconduct where appropriate disciplinary action may be taken by the Company.

11.4 Suppliers/Vendors of the Company and members of the public who become a Whistleblower will also be protected by the Company as to his/her/its identity subject to satisfying all conditions in 11.2 above.

11.5 Employee and industrial relations related issues and human resources related issues are excluded from the operation of this Policy because there are other established mechanisms to raise such complaints.

12. Review Of This Policy

12.1 The Board of Directors or Group Audit & Risk Committee can modify this Policy unilaterally at any time without notice. Modification may be necessary, among other reasons, to maintain compliance with laws or regulation and/or accommodate organizational changes within the Company or Group. However, the modification made shall be effective after the same is circulated to employees in writing or electronically. 


13. Process Flow


14. Appendix

Appendix 1

List of Complaints under Whistleblower Policy

    1. Corruption or bribery.
    2. Breaching of legal obligation.
    3. Misuse of company information. 
    4. Any dishonest or fraudulent act.
    5. Any act of conflict of interest with suppliers, vendors or contractors.
    6. Forgery or alteration of any document or account belonging to the company.
    7. Forgery or alteration of a cheque, bank draft or any other financial document.
    8. Misappropriation or theft of funds, supplies or other assets.
    9. Providing or accepting gifts of material value to/from customers, contractors, vendors or other persons doing or attempting to do business with the Company or its Group of Companies that are intended to influence a business decision or selection process.
    10. Destruction, removal or inappropriate use of the Company’s records, furniture, fixtures and equipment.
    11. Falsifying payroll records or overtime claims.
    12. Falsifying travel and entertainment expenses and/or utilising company funds to pay for personal expenses.
    13. Fictitious reporting of receipts, delivery orders from suppliers or shipment to customers. 
    14. Misappropriation of Company-owned computer hardware, software, data.
    15. Acceptance of fictitious quotations from suppliers, vendors or contractors in favouring for a particular entity.
    16. Inventory or asset theft.
    17. Any other detrimental wrongdoing which nature of the wrongdoing is subject to the absolute discretion of the Committee.

15. Whistleblowing Form

Appendix 2