1. Code of Conduct
Our Code of Conduct (the “Code”) sets out the standards and principles expected of our employees. Available on our corporate website, the Code provides the foundation for establishing a corporate culture of high integrity, both real and perceived. The Code outlines the legal responsibilities and ethical tone for the expected behaviour of all employees and guides daily interactions with fellow employees, customers, vendors, government officials and business partners. We encourage the reporting of any malpractice and misconduct.
We also benchmarked our policies and procedures to ensure compliance with all relevant laws and regulations concerning anti-corruption, AML, extortion, fraud and combatting terrorist financing. All employees are required to comply with all corporate policies and the Code. The Code sets out our principles in 11 areas.
1. Personal conduct | 5. Bribery, kickbacks and rebates | 9. Responsibility for reporting violations of the Code |
2. Company books and records |
6. Gifts, entertainment and political contributions |
10. Relationships with suppliers, contractors and third parties |
3. Compliance programme | 7. Employee betting | 11. Employment practices |
4. Conflict of interest | 8. Safeguard of assets and use of confidential and proprietary information |
During employee onboarding, new joiners are provided with an onboarding pack, which includes the Employee Handbook and Internal Rules and Regulations. Staff must acknowledge their acceptance of these documents, be aware of their role in anti-corruption and AML and declare any conflict with the Company’s interests.
2. Anti-corruption
We have zero tolerance for corruption or bribery activities. We are sensitive to the risks of unsuitable associations and the need to comply with legal and regulatory requirements. Due diligence is conducted to avoid impropriety and the appearance of impropriety. Our Anti-corruption Policy reinforces the Code and provides additional guidance regarding compliance with laws and regulations related to bribery and corruption. Our Anti-corruption Handbook enables our employees and subsidiaries to have a holistic understanding of corruption, how to avoid it, and what to do when confronted with it. Together, the Code, Anti-corruption Policy and Anti-corruption Handbook play a critical role in defining our values and act as a framework for guiding our operations and business practices.
Annually, all staff and directors participate in mandatory anti-corruption refresher training to ensure they understand the Anti- Corruption Policy and their responsibilities. In 2024, 94% of employees completed the annual anti-corruption training. Conducted online in English and Khmer on our LMS, the training covered our zero-tolerance policy on corruption, various acts of corruption (e.g. bribery, extortion, fraud, collusion, money laundering and other related offences), legal penalties and reporting mechanisms. In 2024, no legal case regarding corruption was brought against the Company or our employees.
3. Whistleblowing
We provide channels for our employees and third parties (e.g. suppliers and customers) to raise serious concerns about suspected fraud, malpractice, misconduct or irregularity and disclose related information confidentially. We do not permit retaliation against any individual who, in good faith, reports actual or suspected wrongdoing. Employees, suppliers, and other business partners can report potential allegations anonymously to the Head of Internal Audit through email or in person. Whistleblowing reports are reviewed and investigated promptly. Reported matters of significance are referred to the Audit Committee for further assessment and appropriate action.
4. Anti-money Laundering
Internal controls on AML are firmly in place to ensure we maintain a high standard for compliance and integrity. The Board reviews and assesses the adequacy and effectiveness of the Group’s internal control system on AML through the AML Oversight Committee and the independent review by an independent AML specialist firm. The AML Oversight Committee formulates the development and implementation of AML programmes’ policies and strategies, ensures quality control, and oversees AML matters. To ensure a high standard for compliance and integrity on AML, we established a four-tier AML control structure to safeguard our reputation and mitigate AML risks. We comply with all relevant Financial Action Task Force (“FATF”) recommendations, follow best practices, and impose strict rules on AML controls in daily operations.
5. Data Privacy and Cybersecurity
In the course of our operations, we collect physical and digital personal information of our hotel guests and NagaWorld Rewards loyalty programme members. Physical data records are securely stored in a central location, while digital data records are securely maintained on our IT servers. Our IT systems adopt best practices from ISO 27000 (Information security management systems) and the Information Technology Infrastructure Library.
A multi-level control system is in place to ensure safe and secure access and storage of our customer’s digital data. SOPs are established regarding handling personal data and monitored at a departmental level. Customer’s data is used only for marketing and promotion purposes with their consent. In 2024, there were no reported incidents concerning threats to data privacy.
With cybersecurity threats on the rise globally, raising staff awareness is an essential component of our cybersecurity defence. Our IT Security department conducts a yearly mandatory security awareness training for all staff. The training covers various types of cyber attacks, defences and reporting.