Skip to main content.

Governance and Accountability

Our commitment to integrity in all facets of our business is foundational to who we are, and strong governance and accountability are inculcated in all that we do.

Home / Corporate Responsibility / Governance and Accountability

Corporate Governance

We believe it is important for our stakeholders to fully understand and have confidence in our corporate governance. Everyone in our organization is held to the highest standards by our Board of Directors and management. 

Our corporate governance practices are designed to promote honesty and integrity throughout the organization and provide transparency and accountability to our shareholders and other stakeholders.

  • Our Board operates under defined Corporate Governance Principles that outline our governance policies and procedures, including director responsibilities, Board committees, director access to the company’s officers and employees, director compensation, management succession, and annual performance evaluations of the Board and committees.
  • Our Board of Directors consists of a distinguished and diverse group of leaders with an independent Chair. Seven of our eight directors are independent, and independent directors comprise all Board committees.
  • The Board actively seeks candidates who will increase its diversity in all respects, thereby benefiting the company with distinctive and varied ideas, perspectives, experience, and wisdom.

Ethical Business Conduct

We are committed to the highest standards of ethical and professional conduct, and we provide guidance on how to uphold these standards.

Our business conduct policies and programs ensure that we maintain an ethical work environment, uphold an unwavering commitment to integrity, and conduct our business in a transparent manner to be in full compliance with all laws and regulations.

  • The Code of Conduct defines the policies and programs that are designed specifically to uphold an ethical work environment, including those related to reporting of suspected unethical, illegal, or inappropriate behavior.
  • All employees receive regular training on key policies and procedures, including our Code of Ethics.

Risk Management

Risk management is fundamental to our business and embedded within the organization at multiple levels, with clearly defined roles and responsibilities.

Our risk management program is grounded in a strong culture and consistent approach to risk identification, assessment, and monitoring in the execution of business activities.

We maintain a comprehensive risk management framework that is managed by an Executive Risk Committee under the guidance of our Board of Directors and is focused on identifying and managing operational risk throughout the organization.

  • The Board of Directors and its Committees: have independent oversight responsibilities for policies, practices, and procedures relating to risk assessments and risk management; meet with management to understand and discuss major risk exposures; and review the steps taken by management to monitor and mitigate these exposures.
  • The Executive Risk Committee, consisting of the company’s executive officers, has primary responsibility for day-to-day risk management processes, supplemented by risk-related committees.

Our information security framework is designed to protect vital company assets as well as our, and our clients’ and business partners’, sensitive information.

  • We have comprehensive policies, processes, and management oversight – including oversight of our critical third party service providers – to embed the responsibility for safekeeping of data at multiple levels of the organization with clearly delineated roles and responsibilities.
  • We maintain geographically dispersed locations for hosting in-house production systems to provide appropriate redundancies in the event of hardware or software failure, data corruption, or a malicious attack.  All production systems are backed up to an alternate location at least once a day. Recovery tests for each of these systems are performed at least once a year.
  • Our protocols include mandatory annual training for all employees on data privacy and cyber security as we believe that each employee has an important role to play in helping the organization maintain and protect our robust information security platform.

We maintain a high-priority focus on business continuity and disaster recovery in the event of an unexpected disruption in operations that may have a significant impact on our systems and ability to maintain normal business operations.

  • Plans and processes are documented and in place to ensure proper management of unforeseen events – such as cyber-attacks, equipment failures, natural disasters, and pandemics – that may have a significant impact on the company’s systems and ability to facilitate normal business operations.