POL00413495
POL00413495
Our Code of Business
Conduct
Our Commitment to doing
what's right
POL00413495
POL00413495
Contents
A message from our Group Chief Executive 3
Our Code and how we speak up
Why we have a Code 4
Upholding the Code 5
Qur ways of working. 7
How to make good decisions 8
How do I speak up? 9
No retaliation 10
Our Colleagues
Diversity and inclusion 12
Prevent bullying and harassment 13
Create a safe and healthy work environment 14
Avoiding conflicts of interest 15
Our Business
Prevent bribery and corruption 18
Gifts and hospitality 19
Prevent financial crime 20
Prevention of Modern Slavery, 21
Working with suppliers 22
Use of computers, internet, phones and email 23
Protecting Post Office Information 24
Managing personal data properly 25
Maintaining accurate business records 26
Financial Accuracy and integrity 26
Managing risk 27
Protecting the environment 28
The use of social media 29
Communication with the public 30
Glossary 31
Institute of Business Ethics
© This document has been
ibe =A) BS reviewed by the I
nN I
}
Our Code of Business Conduct June 2023 v10 2
A message from our Group Chief Executive
Welcome to the most important document we have at Post
Office - Our Code of Business Conduct.
If we are to earn the trust of our customers, colleagues, and
the communities we serve we must act in a responsible,
ethical, and lawful way. It is important to me that we
maintain the trust of our customers, colleagues, and the
communities we serve.
Our ‘Ways of Working’ underpin everything that we do, they
are the ‘How’ of our business strategy. They differentiate our
business and aim to inspire great behaviours. We know that
by working in partnership, as one team, we deliver amazing
results.
Our Code of Business Conduct (the Code) defines the
expectations we have for how we act and how we make
decisions. It sets out our clear standards of conduct to ensure
that we always do what is right. The Code of Business
Conduct should help every one of us live out our purpose that
we are here, in person for the people who rely on us.
The way that we conduct business has never been more
important which is why I expect everyone at Post Office to
follow our Code, advocate for others to do the same, and feel
empowered to speak up if you are ever in doubt or have
questions. As our Code explains, our Speak Up channels are
here for you and remember Post Office does not tolerate
retaliation of any kind. We will always listen to you and I
expect leaders and managers to foster a culture where
employees feel free to ask questions and raise concerns
when something doesn't seem right.
Read and re-read our Code. It matters. Think about how it
applies to your work. Consider how your behaviours, actions
and decisions may affect others. Speak up when you have
concerns and always do what's right
I am proud to work for a company that has the highest
standards of integrity and which passionately protects its
people and reputation.
GRO
Group Chief Executive Officer
Sincerely
Our Code of Business Conduct
June 2023 v10
POL00413495
POL00413495
3
Why we have a Code
Doing what's right means we must always act with
integrity and be open and honest to ensure we are
trusted by our customers, colleagues, Postmasters,
Retail Partners and the communities in which we
work.
Who is the Code for?
Our Code is for everyone working for and with Post
Office: employees, directors, contractors, Postmasters,
business and retail partners, and suppliers. We expect
our Postmasters, business and retail partners and
suppliers to uphold the same standards.
What is the Code?
The Code is a centrepiece to our ethical culture. It sets
out what we stand for, the principles we hold
ourselves accountable to and what we expect from
every single person for and with Post Office, helping
us all make informed decisions and good choices.
Sometimes, you might face a situation where the right
thing to do is not obvious. That is where our Code of
Business Conduct can help. It is always here as a
guide to preserving our reputation. While the Code
cannot answer every question, it can show you where
to go for guidance when the answer is not clear
Sometimes doing what's right
is easier said than done. There
are times when we all could use
a little help to feel confident
that we are making good
choices.
Our Code is here to do that.
Our Code of Business Conduct
POL00413495
POL00413495
The code enables you to:
= Conduct yourself honestly and ethically.
= Upholds our ways of working and protect our
reputation.
= Understand what Post Office expects from you
= Make good decisions every day.
= Comply with the laws, regulations and standards
that apply to our Company.
= Understand where to go for assistance or
guidance if you have any questions.
What are the consequences of not
complying with the Code?
There are very serious consequences for not
complying with our Code which could result in
disciplinary action, up to and including dismissal or
termination of contract.
If an act violates the law, it could result in fines or
criminal prosecution:
When do we review the code?
The Code will be reviewed every three years and we
may modify the Code as necessary. Any modifications
will be approved by Post Office General Executive and
the Board.
June 2023v10 4
POL00413495
POL00413495
Upholding the Code
Employees’ Responsibilities
Behave in an ethical
manner. Use good
judgment, being honest
Know and live the Code.
Read it and follow it,
Complete mandatory
training as required in a
along with any other
policies that apply to our
roles.
Follow the law.
Understand and ensure
compliance with legal
and regulatory
obligations that apply to
our jobs and our
timely manner.
Ask for help. When an
answer is not clear, ask
for guidance before
taking action.
and ethical in every
action and decision you
take.
Speak up. Prevent harm
to our company and its
reputation by reporting
concerns if you feel a
working practice is not
ethical or safe or it
breaches the Code.
company.
Post Office reputation depends on the behaviour of each and every one
of us.
June 2023 v10 5
Our Code of Business Conduct
POL00413495
POL00413495
Upholding the Code
The Managers role
People managers and leaders have additional responsibilities to serve as a positive role model in every respect and to
help our employees review, understand and apply the Code. The way our managers make decisions and handle
concerns, different opinions, and even bad news, will set the foundation for trust with teams.
Take these simple steps to build a culture of trust and integrity within your team.
Lead by example and Be informed. Recognise
wiodelthe Goda Take Bele ay Hs you may not always
erconal respencibille members, including new find the answers that you
Q tor te and : joiners have read the need in the Code, so
: Py a S Code and completed know where to go for
Penrerang Pe pine pies mandatory trainin: answers when there are
and standards set out in » 2 :
questions.
the Code.
Be responsive and
create a “speak up”
culture.
Take seriously any
concern raised and never
retaliate against
someone who raises a
concern.
Expect the best. Ensure
team members know
that for results to matter,
they must be achieved
the right way. Be
consistent in what you
say and do.
Take action. Take
corrective or preventive
action when someone
violates the Code.
As a leader, you have special responsibility for setting the culture and the
work environment of your team
June 2023v10 6
Our Code of Business Conduct
Our Ways of Working
Our Postmasters and branch colleagues are there, in
person, serving communities across the UK day in,
day out. Our role at Post Office is to be there for
Postmasters, retail partners and Directly Managed
Branches, supporting them and helping them to
thrive.
How we do it.
Our Ways of Working provide the answer. They set
out how we need to work together to deliver our
Purpose. Our Ways of Working are wrapped around
our ‘We are Post Office’ colleague commitments,
where we celebrate diversity and inclusion,
encourage learning and growing, and champion
taking care of and supporting each other.
We are one team
Our Ways of Working reflect our culture where we
work in partnership with our Postmasters and
collaboratively work together to achieve the same
aims. A place where colleagues are encouraged to
speak up, feel safe to raise issues and are empowered
to make a difference.
In short: Working in partnership, as one team, we
deliver amazing results!
We work in
We are one team
POL00413495
POL00413495
We work in partnership
We deliver
We deliver
partnership
We place those who work in
Post Office branches at the
centre of everything we do.
We are reliable and always do what
we say we will do.
We are passionate about the service
we provide.
We invest time and energy into.
trusted and valued partnerships.
We build lasting relationships
. We learn from our mistakes.
with all partners.
We respect and recognise each
other's challenges.
We embrace change and find ways to
innovate and improve.
We enable our Postmasters and
DMBSs to serve their
communities.
We are outcome driven.
We work to keep it simple and get
Wi sti together.
‘e are stronger together. stuff done.
Our Code of Business Conduct
We collaborate and share freely.
We listen to understand and then
respond.
We celebrate success and say
thank you often.
We are helpful, friendly and
available.
We trust and empower everyone to
make decisions.
We act with integrity and are open
and Honest.
June 2023 v10 7
POL00413495
POL00413495
How to make Good Decisions
We trust and empower everyone to make decision. Use our ethical decision-making model to support in making good
decisions.
Ethical decision-making model
‘Would I be
comfortable
ifmy
When faced with a Would it be
acceptable
Isit legal that anyone
How might it
be viewed in
5 years
time?
choice of dilemma Isitiniine
Pause with our decision was
sthical? ed
Think Code? are eicel ey aa made public
d Ask yourself i? . internally or
externally?
If the answer to any of these
It looks like a good decision but questions is ‘no’ then think again
if you have any doubts, talk to about what to do, talk to your Speak to we Compliance, Legal
your manager. manager, or use the reporting or People team.
channels to speak up.
Making good decision and ethical choices builds trust between each of us
and the people we interact with.
Our Code of Business Conduct June 2023v10 8
How do I speak up?
To help us build the Post Office of the future
we are committed to doing things correctly
and we want you to always raise issues and
concerns with us. A healthy organisation is
one where people can speak up without fear
and, as a result, stop harm.
Noticing a problem and speaking up about it
helps us address issues quickly. This in turn
helps ensure that we can enhance Post
Office's processes and controls and support
our Postmasters and the communities that
we serve.
You must never ignore unethical or
unprofessional behaviour. We all have a
responsibility to speak up, if we witness or
otherwise learn about the company’s
standards and reputation being put at risk by
unethical, unprofessionalor even criminal
behaviour, we must immediately report it.
We don't have to have all the facts or
evidence available to report a concern, the
key element is to make sure it is reported.
If you feel you cannot question or challenge a
colleague directly you can use the reporting
model opposite that shows how
we can all raise issues of concerns:
What happens next?
We encourage you to discuss
any issues or concerns that you
have with your line manager.
Are you comfortable reporting it
to your line manager?
ie
If you are not comfortable
discussing the issue with your
line manager are you
comfortable reporting it to
another manager?
if it not appropriate to discuss
the issue with your line
manager. You can discuss the
matter with your People partner.
Are you comfortable speaking to
your People Partner?
POL00413495
POL00413495
Discuss issue or concern with
your line manager?
Discuss issue or concern with
another manager?
Discuss issue or concern with
ple Partner?
Report it confidentially via
(8 Speak Up Manager, _
External Speak Up service where you have an option to remain anonymous
(provided by an external third party (Convercent)}:
&
Website: http//speakup.postoffie.co.uk/
When a concern is
raised via the
confidential Speak up
line, the whistleblowing
team will decide
whether to handle the
concern through
management action or
an investigation
Ifhandled as a disc
management action, the ‘
business will provide
guidance and support to
those involved. If we
decide to investigate. A
thorough investigation
will be undertaken,
obtaining and analysing ly
the relevant facts to v
make a determination.
Learn More
Speaking Up Policy
Our Code of Business Conduct
The allocated person
from the business will
the findings and
decide what action
should be taken. This
may include disciplinary
action consistent with
our Conduct policy.
Feedback is provided to
the individual who
raised the concern, in
cordance with our
confidentiality
principles.
June 2023v10 9
No retaliation
It takes courage to speak up when something's not right. We
understand that you might be uncomfortable or anxious. That
is why we do not tolerate retaliation of any kind.
We do not tolerate retaliation for:
* Refusing to do something that violates our Code, policies
or the law,
+ Raising a concern in good faith about potential
misconduct,
* Cooperating with an investigation.
Examples of retaliation might include demotion, firing, a
reduced salary, job reassignment, threats, harassment or any
other action taken against someone because they raised a
concern, participated in an investigation, or attempted to
deter someone from violating.
Concerns raised honestly even if they turn out to be
unfounded is never an excuse for any kind of retaliation.
We take serious action, typically disciplinary action, against
any individual who threatens or retaliates against individuals
who have raised their concerns.
No false accusations
As much as we encourage honest reporting, we do not
tolerate knowingly false reports. Making a false accusation
can divert investigatory resources away from credible good-
faith concerns and damage morale
Report when you have a reasonable, good-faith belief that it
is true, but never knowingly make a false accusation, lie to
investigators or refuse to cooperate in an investigation, as
these actions may also violate our Code.
POL00413495
POL00413495
lam concerned that my manager will find
out if I raise a concern. Will it be kept
confidential?
Protecting the identity of people who raise a
concern in good faith is our priority. Post
Office will not tolerate retaliation against an
employee who raises a genuine concern. We
will keep what you tell us private and
confidential throughout the investigation
process, subject to our legal obligations.
Anonymous reporting is also available
through our external Speak Up line, although
note that this may limit our ability to conduct
an investigation
1am a contractor working at Post Office and
I have a concern to report. Can I use the
External Speak up line?
Yes. The external Speak Up line is for the use
of employees and contractors as well as
Postmaster, retail partners and suppliers.
By asking questions and reporting concerns, you are doing the right thing
and helping our Company stop or prevent misconduct.
Our Code of Business Conduct
June 2023 v10 10
POL00413495
POL00413495
Our employees
Posting
something
_ important?
Diversity and Inclusion
Our Ways of Working celebrate diversity and inclusion
and we are committed to building a diverse and
inclusive workplace so that we are as diverse as the
customers that we serve.
We pursue equality of opportunity and inclusion for all
employees through our employment policies and
practices.
Embracing diversity and inclusion means we must:
= Uphold the law regarding human rights and
equality.
* Act with the highest standards of conduct and
integrity and show respect towards others in our
dealings.
* Strive to promote fairness and equal opportunities
for employment and promotion based on merit.
* Not tolerate discrimination or harassment on the
Learn More
Equality, Diversity and Inclusion Polic
Dignity at Work Policy
I want to make a promotion decision. One
colleague is 55 and the other is 30. Should I
promote the younger colleague since they
may work for us for more years before
retiring?
No. We only make employment decisions
based on merit. Age should not be a deciding
factor.
POL00413495
POL00413495
basis of any legally protected characteristics.
= Encourage ideas, opinions, and ways of thinking
and prohibit exclusionary behaviours, which may
include, bullying and workplace violence,
discrimination and isolating individuals or groups.
= Invest in the physical, mental and emotional well-
being of our employees through ongoing
education around inclusion and diversity.
Post Office strives to build an inclusive workplace
where we celebrate diversity and inclusion, where all
employees feel a sense of belonging and valued for
who they are and the differences they bring. Post
Office does not tolerate harassment based on the
grounds of race, ethnic or national origin, disability,
martial or civil partner status, sexual orientation,
pregnancy or maternity, age, religion or belief, sex and
gender reassignment.
Examples of meeting standards are:
= Showing compassion and empathy as
appropriate, to people we work or come in
contact with.
« Taking a proactive approach to opposing
discrimination and encourage reporting.
= Acting and make decision on merit,
without prejudice.
« Considering the needs of the protected
characteristic groupings
= Actively seek or use opportunities to
promote equality and diversity.
We work better together because of our differences, not despite them.
Our Code of Business Conduct
June 2023 v10 12
POL00413495
POL00413495
Prevent bullying and harassment
Post Office will not tolerate inappropriate behaviour,
including bullying, harassment or abuse of authority.
We may instigate disciplinary or legal action against
people who harass, bully or abuse their authority.
We must:
= Celebrate diversity and inclusion at Post Office.
= Treat each other with respect, regardless of role,
employment status or length of service.
* Challenge any unfair behavior.
* Foster a culture in which anyone can comfortably raise
a concern without fear of retaliation.
* Comply with Diversity and Inclusion, and Dignity at
Work policies.
* Ensure that our communications abide by this Code,
no matter how informal the situation.
* Speak up through the relevant channels if you think a
colleague is being bullied or harassed.
= Ensure that our conduct when at off-site events is as it
would be at work (i.e., social/team events).
* Complete unconscious bias training if involved in
recruitment and hiring of others.
We must never bully, harass, abuse, threaten or act
violently toward others.
Learn More
Equality, Diversity and Inclusion Polic
Dignity at Work Policy
A friend sent me an email with some rude
jokes which I think are funny. Can I email
them to my work colleagues?
No. We treat all employees with dignity and
respect and what you consider funny might
be offensive to others. Always ask yourself if
your actions might be offensive, abusive or
intimidating to others.
Our Code of Business Conduct
A colleague in my team often makes
negative stereotyping comments about my
race. If I object, they say they it’s just banter
and mean no offense. What should I do?
Stereotyping, whether it be a joke or not, is an
obstacle to the inclusive environment we
expect in the workplace and can be a form of
discrimination. This situation, or concern
about inappropriate or non-inclusive
behaviour should be reported to the line
manager or People team.
June 2023 v10 13
POL00413495
POL00413495
Creating a safe and healthy work environment
Whether working in an office, branch, depot, at home,
commuting to work or out in the field nothing is more
important than your safety.
We comply with all applicable legislation and regulations and
aim to continuously improve health and safety performance.
We expect everyone at Post Office to behave in a safe and
responsible manner at all times.
Everyone at Post Office has a role to play and we must:
* Follow health and safety policies, risk assessments,
standards, procedures, laws and regulations to look after
ourselves and the safety of others
= Work and behave safely, so that we do not endanger
ourselves or others
* Make sure you know what to do if an emergency occurs
at your place of work/on the road or at a location you are
visiting
= — Intervene when we think someone's safety is at risk.
* Promptly report any actual or near miss accident or injury,
illness, unsafe or unhealthy condition so that steps can be
taken to correct, prevent of control these conditions
immediately.
* Complete mandatory and role specific Health and Safety
training in a timely manner.
* Never work under the influence of drugs, alcohol.
= Always drive safely and legally and
- Always wear a seatbelt.
- Always obey the speed limit.
- Never use a handheld mobile or device when
driving.
Learn More
Health and Safety Policy
Alcohol and Drugs Policy
Physical Security Policy
Our Code of Business Conduct
My colleague arrives at work under the
influence of alcohol. I know they are having
difficulties at home. What should I do?
It is important that you discuss the issue with
your line manager. The use of alcohol is likely
to be affecting their wellbeing, safety and
quality of work. It is likely that your colleague
needs help and support in dealing with their
difficulties.
We do not tolerate anyone
being under the influence of
illegal drugs while working.
June 2023 v10 14
POL00413495
POL00413495
Avoiding conflicts of interest
Conflicts of interest can arise when our personal relationships
or financial interests overlap with our job responsibilities. If we
don’t navigate potential conflicts of interest carefully, these
situations can impact the decisions we make, erode trust within
teams, and harm Post Offices reputation.
In business, the line between personal and professional
interests can become easily blurred. Separating the two can be
challenging, especially when personal relationships, outside
employment or investments are involved. We are all expected
to act in the best interest of the company. This means we must
never allow our personal interests to influence our actions on
behalf of Post Office. Every decision we make while on the job
must be objective and with the company’s business interests in
mind.
We must:
= Actin the best interests of Post Office. We must not do
anything which conflicts with our duty as an employee of
the company or use our position for private advantage.
= — Avoid situations where a personal relationship or financial interest in another company might influence
decisions we make in our job.
= Understand that a conflict can exist even if we are convinced that our decisions will not be affected by an
outside relationship.
= When a conflict of interest arises, ensure these are disclosed, and advice and approval is gained from the Chief
People Officer.
= Before taking on outside work, ensure that the work does not harm Post Office's business interests.
If you find yourself in a position where your personal and business interests potentially come into conflict, you are
required to declare, obtain approval and register these potential conflicts of interests. Any actual conflicts must be
avoided/removed.
To help you decide whether you are facing a potential conflict of interest, imagine you are explaining your actions to
friends, a colleague or the media and consider whether you would feel comfortable. Your line manager will be able
to assist you in determining whether a conflict exists, and whether it is an actual or potential case.
A close friend is applying for a job in Post
Office. It this ok?
We encourage you to recommend Post Office
as a great place to work. You must ensure
that you are not involved in the recruitment
process.
Our Code of Business Conduct June 2023 v10 15
Conflicts of interest
Family Member and Close Working
Relationships
Relationships with family members and close personal friends
can influence our decisions. It is important to be careful about
company business decisions that involve close personal
relationships.
To prevent conflicts of interest we must:
= Avoid taking part in the hiring or promotion of family
members
= Avoid holding a position with access to or influence over,
performance appraisals, salary information or other
confidential information related to a family member.
* Avoid the procurement of services of family members or
friends.
* — Report any family member and close working relationship to
the People team.
Outside Board Members
Serving on outside boards can present conflicts of interest and
should be disclosed and discussed with line managers. Before
accepting memberships on any board, it is important to
understand one's legal responsibilities and avoid affiliations that
carry potential for distraction and conflict of interest.
Political Activity
POL00413495
POL00413495
I have just found out that a member of my
team has been dating his subordinate for
several months. Should I do something?
This is a very sensitive situation. We respect
employees’ private lives, and therefore we do
not need or want to know about their
romantic relationships. However, we do have
a legitimate interest in their professional
relationship, namely when one reports to the
other or is in a position of authority or control
over the other person. The situation you
describe is not appropriate because there is a
conflict of interests. A manager cannot be
expected to judge their subordinate
objectively if they are romantically involved.
You should consult your manager or a
member of the People team. Depending on
the facts and circumstances, there may also
be a sexual harassment issue
We respect your right to engage in political activity to support political groups. You can only offer support and
contributions to political activities in a personal capacity.
Post Office is a politically neutral company, and our reputation must not be compromised by your interest,
affiliation or activities to a political party’s pressure groups or other causes
We must:
* Ensure any contributions towards and support for, political parties are clearly personal and give no
impressions of being connected to Post Office.
= Ensure any personal political support or contributions do not affect our performance or objectivity at work.
= Not improperly use company resources or time for personal party-political purposes
Learn More
Conflicts of Interest Policy
Our Code of Business Conduct
June 2023 v10 16
POL00413495
POL00413495
Our business
POL00413495
POL00413495
Prevent bribery and corruption
At Post Office, we have a policy of zero tolerance of
bribery and corruption, recognising that bribery is
contrary to fundamental values of integrity,
transparency and accountability and undermines the
Group's effectiveness. We conduct business using
ethical practices only.
Bribes come in many forms, and they are not always
obvious. We strictly prohibit bribes, fraudulent
conduct, kickbacks, illegal payments and any other
offer of items of value that may inappropriately
influence or secure an improper advantage.
The consequences of violating bribery laws can be
severe ~ for you and for the Company.
A gift, the promise of a job, the offer of a trip, a
charitable contribution, all could be considered bribes,
if offered in exchange for any decision or favourable
treatment, so it's important you know how to spot a
potential bribe.
Learn More
Anti-bribery and Corruption Policy
Our Code of Business Conduct
Gifts and Hospitality are part of everyday commercial
life, but they must have a demonstrable link with a
legitimate business purpose, the value must be
justifiable and proportionate for the roles and
relationship with the client and they must be
defensible under potential public scrutiny.
If you are offered gifts or hospitality, always consider
how the acceptance of the gift or hospitality would be
viewed by others or could be portrayed by the media -
would others see it as appropriate and proportionate?
We responsibly invest in our business relationships
but never offer or accept gifts, hospitality of
entertainment or anything else of value to improperly
influence people. An overly generous gift can
pressure the recipient to return the favour or feel
indebted to the giver — with decisions that benefit the
giver and create a conflict of interest or perception of
a conflict of interest.
Post Office has zero tolerance towards
bribery. Bribery is not only unethical, but
also illegal.
June 2023 v10 18
Gifts and hospitality
Gifts
The giving and receiving of gifts to an external 3
party should ordinarily be below £100 per person in
value (and must also be approved by your GE
Member).
Items costing £20 or less, such as pens, calendars,
diaries, notepads and paperweights do not need to be
reported and approved.
We must:
= Not accept cash or cash equivalent (e.g., Gift Cards)
Hospitality and Entertainment
Numbers on both sides should be limited to those
whose presence is necessary to progress the business
in hand.
Hospitality should be reasonable (not lavish or
extravagant), proportionate to its purpose and must
ordinarily be below £200 per person in value (if over
£200 it must also be approved by your GE member).
Small offers of hospitality such as tea, coffee,
sandwiches, etc. do not need to be recorded via the
gifts and hospitality too, but therecipient details must
be recorded fully on the expenses claim via the Selenity
Expense Reporting Tool.
Learn More
Gifts and Hospitality Reporting Tool
Our Code of Business Conduct
POL00413495
POL00413495
We must:
« Familiarise ourselves with and follow the Anti-
bribery and Corruption policy and procedures.
» — Always make clear, internally and when dealing
with third parties, that Post Office has a zero-
tolerance approach to bribery and corruption and
will not (directly or indirectly) offer, pay, seek or
accept a payment, gift or favour to improperly
influence a business outcome.
* Apply this code in good faith to ensure gifts and
hospitality are never considered to be excessive,
confer improper advantage or create an actual or
perceived conflict of interest
= Familiarise and observe monetary limits that Post
Office has set separately for gifts and hospitality.
= Ensure all gifts and hospitality are reported and
approved, prior to the offer or acceptance.
= Never accept cash or cash equivalent (e.g., Gift
Cards)
* Not offer or accept any gifts or hospitality if the
third party or Post Office is currently or about to
tender for a contract for services involving the
other party.
"Not ask for or accept sporting or charitable
sponsorship from an organisation that has (or is
seeking) a contract to supply the company or is in
competition with it. (You must declare to your
manager any plan to accept sponsorship and ask if
there is any conflict)
= Immediately notify our line manager if we become
aware of any suggested or actual payment or
other transaction which has the potential to be in
breach of the Anti- Bribery and Corruption Policy.
= Complete mandatory Anti-Bribery and Corruption
training in a timely manner.
I have been invited out to dinner by a
potential supplier currently bidding for a
new contract. What should I do?
You should decline. It is inappropriate to go
for dinner with a supplier during a tender
process.
June 2023 v10 19
POL00413495
POL00413495
Prevent financial crime
At Post Office we are committed to conducting business in a way that prevents the use of our product, services and
business transactions by those who might abuse them, and we all have a responsibility to ensure that the highest
standards of financial crime prevention, detection and management are maintained.
Failure to manage Financial Crime risks and incidents appropriately could have serious consequences for Post Office
including financial loss, customer impact, regulatory breaches, fines, prosecution, prevention from selling a particular
product, loss of existing or future contracts/relationships and damage to reputation.
Financial Crime” is any offence involving: fraud or dishonesty, misconduct in, or misuse of information or handling the
proceeds of crime. It can be internal (by individuals within Post Office) or external (by criminals using Post Office to
facilitate financial crime). Financial Crime is commonly considered as including one or a combination of the following
offences:
: Bribery and Tax evasion Diesen Terrorist Money
Fraud Cybercrime y ee security s 2
Corruption facilitation financing laundering
breaches
Post Office has a range of approved policies and We must:
business procedures and controls designed to prevent
activities that could facilitate financial crime, and it is * Familiarise ourselves with and follow all Post
important you always follow these. Office policies.
« Understand and follow procedures and internal
Money laundering is the process criminals use to controls that are designed to prevent financial
conceal, disguise, and dispose of money and assets crime or money laundering.
obtained from criminal activity, such as terrorism, drug = Be proactive when it comes to spotting behavior
dealing, tax evasion, human trafficking and fraud, and or transactions that might signal a problem and
change them into clean money or assets that have no ensure we report our concerns as soon as possible
obvious link to their criminal origins. (suspicions of money laundering should be
reported to Grapevine on
You may be committing an offence and be prosecuted = Complete mandatory Anti-Money Laundering and
if you facilitate or carry out a transaction where you Counter Terrorist Financing training in a timely
know, or suspect, that the funds are intended for use manner.
in support of money laundering or terrorism,
regardless of whether the funds were the proceeds of
criminal activity or lawfully derived.
Any activity where there is a
[Eg Learn More suspected link to money
Anti-Money Laundering and Counter Terrorist laundering needs to be
Financial Crime Policy .
Speaking Up Pole reported straight away.
Our Code of Business Conduct June 2023 v10 20
POL00413495
POL00413495
Prevention of Modern Slavery
Modern slavery is a crime and a violation of fundamental human rights. It takes various forms, such as slavery,
servitude, forced and compulsory labour and human trafficking, all of which have in common the deprivation of a
person's liberty in order to exploit them for personal or commercial gain.
Post Office is committed to acting ethically and with integrity in all our business dealings and relationships and to
implementing and enforcing the systems and controls set out in our Modern Slavery Statement with the aim of
ensuring that modern slavery is not taking place anywhere in our own business or in any of our supply chains.
The prevention, detection and reporting of modern slavery in any part of our business or supply chains is the
responsibility of all Post Office employees at all levels
We must:
* Read our Post Office Moder Slavery statement which can be found on our website here
* Complete the mandatory Modern Slavery and Human Trafficking training in a timely manner.
If you have any concerns about the issues raised in the statement or if you think you have identified signs of modern
slavery within our business or supply chains, please Speak up.
Learn More
Modern Slavery Statement
I heard a supplier created a work experience
program that allows minors under the age of 16
to work unlimited hours per week without pay.
Should I be concerned?
Yes. The program you describe violates child
labour laws and raised suspicion of human
trafficking and modern slavery. You should report
this concern.
Our Code of Business Conduct June 2023 v10 21
Working with suppliers
As a publicly funded organisation, we are committed to ensuring that
we deliver value for money through our trusted and valued
partnerships with suppliers. We are subject to the Public Contract
Regulations ("PCR") 2015, which mandate the processes we must
follow, from the initial supplier selection through to sourcing
competitions and contract award. These processes are designed to:
* Stimulate market competition for public contracts.
= Deliver value for money and innovation.
= Ensure equal treatment and transparency with all suppliers.
= Ensure contracts are awarded fairly.
We must ensure that our commercial activity is compliant with the
legislation and demonstrates our commitment to best practice.
Maintaining our reputation for ethical business integrity is absolutely
vital and we must also ensure that we partner with suitable suppliers
who will align with our ways of working.
If you work with suppliers, you must:
= Complete the Procurement online Training module.
= Consult with the Procurement team for advice, and to ensure that
processes are followed.
* Familiarise yourself with the Procurement Policy, Purchasing
Process, and the associated procedures on our Hub page.
= Ensure there is no commitment or contractual engagement with
Suppliers until they are onboarded correctly, which includes
accepting the Supplier Code of Conduct and other guidance
documents.
Once a Supplier has been selected and a contract is in place, you must:
= Ensure that Purchasing process is followed to ensure that orders
are raised and managed so that we are only paying for the goods or
services that we have received
«= Ensure that contracts are managed effectively in line with our
policies and controls.
* Notify your Line Manager and the Procurement team if they know
of or suspect that third party suppliers are not meeting
requirements or if they are performing contrary to the agreed
contractual terms.
Learn More
Procurement Policy
Purchasing Process
Contract Execution Policy
Supplier Code of Conduct
Our Code of Business Conduct
June 2023 v10
POL00413495
POL00413495
22
POL00413495
POL00413495
Use of computers, internet, phones and emails
The security of our information and IT systems is
critical. Many of us will have access to Post Office
systems, information and devices such as laptops and
mobile phones. It’s important that anyone who
accesses them knows how to keep them secure by
following the requirements in the Cyber and
Information Security policy. Failure to comply with the
Cyber and Information Security policy can carry
profound consequences for you and Post Office.
Breaches of the policy may lead to disciplinary action
up to and including dismissal.
To help protect our systems and information, you
should:
= Ensure Post office equipment is used
appropriately and protected from damage, loss
and theft.
* Immediately report to the IT Service Desk the loss
or theft of any Post Office equipment.
* Use a password or pin to lock unattended Post
office equipment. Use complex passwords to
protect your access.
* Ensure any removable Post Office IT equipment is
secured when left in the office overnight is locked
away or put out of sight when left unattended at
home, in a hotel, or in a vehicle. When travelling,
keep equipment with you at all times.
* Follow the appropriate IT request process to install
any software applications on your Post Office
equipment.
= Only use approved data storage areas, such as.
One Drive. Don’t sign up for public cloud storage
services which have not been procured by Post
Office
Learn More
Cyber and Information Security Polic
Don’t open emails from unknown
sources and never click on links or
open attachments you are
unfamiliar with or seem
suspicious.
Our Code of Business Conduct
You must not:
«Try to disable, defeat or circumvent Post Office
security controls, including but not limited to
firewalls, browser configuration, privileged access,
anti-virus and the deletion of system logs
= Use Post Office systems or equipment to
intentionally access, store, send, post or publish
material that is:
- Pornographic, sexually explicit, indecent or
obscene, or
- Promotes violence, hatred, terrorism or
intolerance.
= Run or engage in any form of private business
using Post Office IT equipment.
= Use your personal IT equipment to undertake Post
Office business.
* Open emails when you don't know who they are
from and click on unknown links and attachments
in emails
» Use your Post Office password for non- Post
Office IT Systems
= Use your Post Office email address for non-
business-related websites or online activity
= Share your Post Office access passwords/pins
with anyone else, including work colleagues
= Access Post Office Systems or Information after
leaving Post Office employment
If you become aware of any information security
issues or incidents, you should always report it
through the Service Desk primarily through Servi
NOW or alternatively you can contact them oni GRO}
In the event it is not possible to reach the
service desk through the above you can email
My manager does not have access to their
emails while on vacation. They have asked
me to check their emails for an important
message by logging into their email using
their password. Is this ok?
No. It is against company policy to share
passwords. You should refuse the request
and remind your manager that it is against
company policy to share passwords and
access another person's system.
June 2023 v10 23
POL00413495
POL00413495
Protecting Post Office information
Information is one of Post Office's most valuable
business assets: Post Office is committed to
safeguarding and protecting our information and any
other information entrusted to us. Disclosing (or
“leaking”) confidential information outside of Post
Office or to those who do not need it for legitimate
business purposes can have dire consequences on
Post Office business, damaging our reputation and
breaching the trust of others.
Information within Post Office is held in many different
formats, including on paper, electronically in
documents or in IT applications & systems. Our
requirements to protect information apply to all
formats.
Post Office has Information Classification standards
which define how information within Post office
should be classified, handled and protected.
When we are handling Post Office's information, we
must:
« Familiarise ourselves with all information handling
policies and complete any mandatory training on
time.
= Understand the nature and classification of the
information, as defined in the Information
Ee Learn More
Cyber and Information Security Polic
Classification Standards; understand and adhere
to the handling requirements detailed in the Cyber
and Information Security Policy; and take personal
responsibility for the proper use, circulation,
retention, protection and disposal of Post Office's
information.
Not disclose confidential information to a third
party unless there is an approved purpose.
Not share confidential information internally
beyond those who need it for their job. Take care
not to disclose information in public places,
including taking all necessary steps to protect
information in documents and on IT devices away
from the workplace.
Not forward emails containing non-public Post
Office information to personal email accounts.
Not store or synchronise Post Office information
onto personal devices.
Not take any Post Office confidential
information if we leave the company. Any work
carried out during employment will remain the
intellectual property of Post Office and must not
be deleted or destroyed upon leaving.
Immediately report events which could impact
the security of Post Office information by
following the information security reporting
procedures
Our Code of Business Conduct
June 2023 v10 24
POL00413495
POL00413495
Managing personal data properly
When customers, postmasters or third parties do business with us, they entrust us with personal data. Our
employees do the same when they join the company. We take our responsibility and obligations seriously to collect,
use and process any personal data only for legitimate business purposes and protect it from possible loss, misuse or
disclosure.
Keeping personal data secure is critical to our people, our business and our reputation. We recognise this
responsibility and follow the laws requiring us to protect personal data that can identify an individual or which relates
to an identifiable individual.
Many employees work with personal data as part of their jobs. If you are one of them, guard this data well by
following the Company policies regarding the access, transfer and use of this data.
You must:
* Familiarise yourself with and follow
company policies regarding the access,
transfer and use of personal data.
* Complete mandatory Data Protection
training on time.
* Only collect data that is adequate and
relevant and use it solely for the purpose for
which it is collected.
= Be transparent with individuals in relation
to how their personal data is used in
alignment with Post Office privacy
i tH HE PL ATH My
notices. agi REPLANET WITH Mv ders
: rs on
* Keep personal data up to date correcting n D 3
inaccurate data when requested and hs s
>
respecting individual legal rights.
= Keep personal data confidential and secure.
= Act responsibly and ethically, always
considering the risk to individuals in using
their personal data and take steps to
mitigate such risk.
When collecting, using or storing personal data, employees must not:
* Retain personal data for longer than necessary to achieve the business objective or meet minimum legal
requirements.
= Collect and use personal data for purposes that are not reasonably expected by our customers, postmasters, third
parties and employees.
You can contact GRO ....f you have any questions on concerns in regards to the access,
transfer or use of personal data.
Learn More
Protecting Personal Data Policy
Our Code of Business Conduct June 2023 v10 25
POL00413495
POL00413495
Maintaining accurate business records
At Post Office we generate a large volume of business records
each day. We are responsible for ensuring that the records in
our custody or control are maintained, retained and destroyed
in compliance with all legal and regulatory record keeping
requirements.
To manage business records properly, we must:
= Comply with our records management policies and
retention schedules for all business records, paper or
electronic.
= Keep records foronly as long as necessary for a legitimate
business purpose or legally required. Follow the retention
periods specified in the Records Retention Schedule, if
applicable, or as required by law.
= Where we receive a Legal Hold notice, follow all retention
instructions on the notice regardless of the retention
schedule or applicable law.
* Cooperate with internal and external auditors.
Learn More
Document Retention Disposal Policy
Destruction of documents
subject to a Legal Hold
notice, even inadvertently,
could expose our company
and you to civil and criminal
liability. You should consult
the legal team if you have
specific questions about
documents referred to ina
Legal Hold notice.
Financial accuracy and integrity
At Post Office we are committed to accurate reporting
in our company's books and records.
We are accountable for the accuracy and honesty of
business records, contracts and agreements that we
handle in the normal course of business. We never
falsify, omit, misstate, alter or conceal any information,
or otherwise misrepresent the facts on a company
record or encourage or allow anyone else to do so.
All transactions, no matter what the amount, are to
be properly authorised, executed and recorded.
If you notice an inaccuracy in a company record, or a
failure to follow our internal control processes, speak
up and report it immediately.
You should only ever spend company money where
there is a legitimate business need and where the cost
is worth the benefit. You should know the local
Our Code of Business Conduct
expenditure limits and financial policies which directly
apply to your role.
Our managers have an extra duty to ensure that their
teams manage budgets well and spend company
money carefully.
We are expected to:
* Understand and apply the finance and expense
policies that are relevant to our role
= Strive to find the best value when spending
company money
« Understand when we can and when we can’t
commit Post Office funds.
«= Purchase goods and services only through our
registered suppliers.
June 2023 v10 26
Managing risk
Risk management is fundamental to how Post Office
is directed, managed and controlled at all levels. The
identification and mitigation of risk must be embedded
in all Post Office activities and is key to effective
decision making.
All material risks must be identified, measured,
monitored, managed and reported on a continuous
basis.
Learn More
Group Risk Policy
Our Code of Business Conduct
POL00413495
POL00413495
Our risk management processes must also align and
integrate with the delivery of our strategy and in such
a way that supports an enterprise-wide approach.
Risk management must follow a consistent,
transparent and auditable methodology and
proactively recognise external factors, opportunities,
and uncertainties.
Managers are accountable for identifying, assessing,
owning and managing their risks as well as the
maintenance of the associated internal controls.
June 2023 v10 27
Protecting the Environment
POL00413495
POL00413495
We recognise that our business activities and policies have impacts on the environment. We shall take full account of
the environmental effects of our policies in our planning, decision making and day-to-day activities. We recognise and
value our unique position in society which ensues from:
Our heritage Our brands
Our nationwide
coverage through our
branches
Protection of this unique position and maintaining positive stakeholder relationships are integral to our business and
we shall aim to clearly demonstrate that we are an environmentally responsible company.
We are committed to the principle of Sustainable Development. We will seek to contribute to national and local
sustainable development policy aims. By enhancing economies, acting with social responsibility and minimising our
impact on the environment we can help create a world in which our company can flourish now and for generations to
come.
At Post office we:
= — Integrate environmental considerations into
business decisions to establish relevant
performance indicators along with key measures
and associated improvement targets.
* Develop and implement management frameworks
that ensures high standards of environmental
performance.
= Comply with all relevant environmental legislation
and regulations and endeavor to meet and exceed
appropriate environmental good practice
standards.
* Promote transparency by having clear
environmental accountabilities and publish
relevant information about our environmental
performance on an annual basis.
* Reduce consumption of materials in our
operations, reuse rather than dispose whenever
possible, and promote recycling and the use of
recycled materials.
= Promote the prudent use of fuel, energy, water,
Our Code of Business Conduct
raw materials and other resources, including
progressively increasing our use of renewable
energy sources.
Minimise waste and discharges to surface or
ground water.
Reduce wherever practicable the level of harmful
emissions from our vehicles, buildings and
equipment.
Encourage the implementation by all employees of
sound environmental practices, providing training
where appropriate.
To support the promotion of active environmental
management with relevant external groups and
organisations.
Work with our suppliers to minimise the impact of
their operations through a partnership approach to
our purchasing policy and to develop, where
practical, new products and services, which seek
to achieve greater sustainability.
June 2023 v10 28
The Use of Social Media
POL00413495
POL00413495
While it is recognised that we are entitled to privacy in our personal life, Post Office is committed to maintaining
confidentiality and safety whilst also maintaining the reputation of Post Office by exhibiting acceptable behaviour at
all times.
Social media is a collective term for websites and applications which focus on communication, community-based
input, interaction, content-sharing and collaboration (this includes sites such as Twitter, Facebook, Linkedin as well as
YouTube, Flickr, Instagram, Snapchat, TikTok and other image and video sharing sites (not exhaustive)
Personal use: Post Office understands that we may
wish to use our own devices such as mobile phones, to
access social media websites while we are at work,
but we should limit use so not to interfere with our
working day and should be limited to our allocated
break times.
While using social media in a personal capacity and
not acting on behalf of Post Office it should still be
recognised that our actions can damage Post Office's
reputation. All communications we make in a personal
capacity must not:
* Make statements which cause, or may cause, harm
to our reputation or otherwise be prejudicial to our
interests.
* Use data obtained in the course of our
employment in anyway which breaches provisions
of the Data Protection Act 2018.
* Make disparaging or defamatory statements about
the company, our colleagues, customers,
postmasters or suppliers.
= Make comments that could be considered to be
bullying, harassment or discriminatory against an
individual.
= Respond ourselves to negative posts about Post
Office. We may come across negative or
disparaging about the Company or see third
parties trying to spark negative conversations.
Avoid the temptation to respond and instead let
those who are certified internally know and
respond if required, by reporting to
Our Code of Business Conduct
Use at work: We are able to access social media sites
from any Post Office device in connection with work
related activities, such as posting about our services,
upcoming events or publicising Post Office. In doing
so we must first gain permission for from our GE
Member and comply with the below:
= — Post Office brands or logos are not used or altered
without prior permission from
* Do not create any social media accounts whether
for your Product Category, Area, Region,
Department, Depot without seeking permission
= Copyright and fair usage laws and restrictions are
respected and observed.
= Must not disclose any intellectual property,
confidential or commercially sensitive information
relating to the company.
* Do not respond to negative post about Post Office
and instead report these to
Sometimes the internet seems to be full of
misinformation about Post office. Isn't it my
responsibility to correct it?
No. If there is erroneous information
circulating in public, you should report to
and they will take
A co-worker posted a very offensive
comment about me on Facebook. Are they
allowed to do that?
No. Employee use of online social media must
comply with company policies, including our
Dignity at Work policies.
June 2023 v10 29
POL00413495
POL00413495
Communication with the Public and Journalists
Post Office is committed to providing accurate, clear, complete, and consistent information to the public. We must not
speak at public events or to journalists without prior authorisation.
We are not permitted to agree to an interview or external speaking engagement (business or personal) in which the
company will be discussed or referenced or publish any video or written content related to Post Office without the
support and approval of a member of the Communications team,
Where a journalist wishes to speak with someone from Post Office, this request should be put to our Press Office
who will decide whether it is appropriate to provide a comment to the journalist.
Should you be asked directly to make a comment about Post Office in a published form external to the business, such
as a newspaper, magazine, journal, radio, television or a website, you must always direct the request to our Press
Office. They can be contacted or
A local newspaper has contacted me about
a rumour which is circulating about Post
Office. Can I speak to them? I want to set
the record straight.
No, unless you are an authorised
representative you should not make a public
statement on behalf of the Company. You
should direct the request to the Press Office.
Our Code of Business Conduct June 2023 v10 30
Glossary
POL00413495
POL00413495
Term
ABC
Bribe
Company asset
Conflicts of interest
Conversant
Discrimination
Employee
Family member
Facilitation payments and
kickbacks
Harassment and bullying
Retail Partners
Retaliation
Speaking up
Supplier
Our Code of Business Conduct
Definition
Anti-bribery and corruption.
Giving or receiving anything of value in exchange for an improper decision or
action.
A term that refers to everything belonging to the Company, i.e., its money,
computer systems and software, electronic and communication devices,
photocopiers, Company vehicles etc.
A situation where a person has competing interests or loyalties.
Confidential online and telephone service, allowing the user to raise a concern
about an actual or potential breach of the Code
Discrimination includes less favourable treatment based on age, gender, disability,
race, sexual orientation, religion of belief, gender reassignment, marriage of civil
partnership or pregnancy and maternity.
A person employed by Post Office under one of a variety of contracts. The term
covers all employees, whether full-time, part-time, fixed term or permanent.
A relative, by blood or by marriage (or similar informal relationship), notably a
spouse, live-in partner, parent, or child. The term includes sibling, step or adopted
child, stepparent, grandparent, uncle, aunt, cousin, grandchild or any relative who
has lived with you for the past 12 months or more
Small payments made to government officials to expedite or facilitate non-
discretionary actions or services, such as paying £10 to an official to seed up a visa
application. A kick back is a payment made to an individual in return for a referral
transaction or contact with another party
Unwanted behaviour from another person which is intimidating, malicious,
offensive, insulting, humiliating, or degrading. It may be related but not limited to
age, gender, sexual orientation, race, disability, religion, or belief, and can be either
a repeated or a one-off incident. It can be verbal, non-verbal, physical and isn’t
always face-to-face.
A third-party organisation that is not a legal entity or employee, with which Post
Office has established a formal business relationship via a Franchise.
Retaliation is when someone takes a negative action against a colleague for
exercising their rights under employment law. Post Office has zero tolerance for
retaliation.
Being accountable for concerns and issues that we spot by reporting or telling
someone.
Any vendor of products or services to the Company. The term also refers to any
supplier that our Company is actively considering using, even if no business
ultimately is awarded.
June 2023 v10 31