GHL System Berhad Annual Report 2020

A N N U A L R E P O R T 2 0 2 0 23 SUSTAINABILITY STATEMENT CONT’D REGULATORY COMPLIANCE TO LAWS RULES AND REGULATIONS (Cont’d) Anti-Money Laundering Policy In accordance with the provisions of the AMLA and in accordance with the Government’s and BNM’s initiatives in preventing in combating illicit and money laundering activities, as well as the financing of terrorist activities, the Group has set up an extensive infrastructure and various processes to support such efforts which include but not limited to ensuring stringent due diligence and Know Your Customer (“KYC”) guidelines are conducted on all our customers. Cyber Security The Group, ensure that our system are assessed annually by a qualified security assessor from the Payment Card Industry Security Standards Council (“PCISSC”) to ensure the safe handling of cardholder information and is fully certified as Payment Card Industry Data Security Standard (“PCIDSS”) compliant. Anti-Bribery and Corruption Policy in accordance with the MACC The Group has put in place an Anti-Bribery and Corruption Policy with its principal objective to safeguard the Group’s reputation by countering bribery, corruption and ensuring no conflict of interest in whatsoever situation and ensuring that the business practices are conducted in the utmost ethical and with the highest professionalism. All our employees are constantly reminded and educated through the effort of our Human Resource Department to consistently abide by the said Policy to ensure that there are no offering, soliciting, or receiving of any gifts/bribers in any form, to or from current or potential customers, vendors, or merchants, either directly or indirectly, which may influence the employee’s judgment in the process of decision-making or put the employee in a position of conflict. Customer Data Privacy in accordance with PDPA The Group takes customer data privacy very seriously and ensures that data is protected at all times by maintaining a Privacy Policy in line with the Personal Data Protection Act (PDPA) 2010. Various measures have been applied to safeguard all data from unauthorised access and security breaches. The Group also acknowledges that since customers’ and employees’ information are stored digitally, the risk of cyber- attacks are higher as well. As such, the Group is committed to maintaining a high information technology security controls environment to ensure sustainability of its business operations and will continue to implement the best practices embedded within the security standards. Customer Due Diligence The process of Customer Due Diligence/Know-Your-Customer (KYC) is conducted by the Group’s Risk Department for proper customer identification and risk assessments, using reliable information and documentation. KYC allows a standardised approach of understanding customers/merchants during on-boarding and ongoing due diligence reviews. This ensures that the Group only deals with customers whose background information has been adequately verified and approved to eliminate probabilities of chargeback or fraud. Whistleblowing Policy in accordance with the Whistleblower Protection Act 2010 The Group operates an independent and unbiased Whistleblowing Policy that encourages employees and any other party to bring to the attention of the Board any concerns of integrity and misconduct. While developing an open culture, accountability and integrity is the Group’s main priority, the Group’s Whistleblowing Policy offers protection and places high importance on confidentiality. Employees and third parties are encouraged to feel at ease protected when speaking up about serious concerns around misconduct and irregularity within the Group.