Sustainability Report 2017

5

Code of Conduct and

Whistleblowing Policy

Our Code of Conduct is the cornerstone

of our governance and operation. It

spells out the guiding principles for our

staff behaviour that must meet high

standards of integrity and honesty.

We have additional codes for staff in

particular risk-related areas to cover

conflicts of interest, bribery, accounting

standards and internal management.

Staff are required to confirm that they

have understood the Code of Conduct

appropriate to their role and position in

the Company on joining and provide

annual confirmation of compliance in

writing. Staff are required to strictly follow

the Code of Conduct ensuring the Group

operates to the highest standards of

business behaviour and ethics in our

engagement with customers, business

partners, shareholders, employees

and the business community. Due

to a constantly changing business

environment, we assess our Code of

Conduct from time to time to ensure

that it reflects the current global best

practices and meets the expectations of

all stakeholders.

VTech operates a Whistleblowing

Policy in order to encourage and assist

whistleblowers to disclose information

relevant to misconduct, malpractices

or irregularities through a confidential

reporting channel. Any cases are

referred to the Chief Compliance Officer

(CCO), who will review the complaints

and determine the appropriate mode

of investigation and any subsequent

corrective action. All reported cases

are handled by the company with care

and the concerns are investigated in

a fair and proper manner. The Chief

Compliance Officer reviews the nature

and status of complaints received on a

quarterly basis, and reports the results of

his review of the complaints to the Audit

Committee on a biannual basis.

Business Integrity Policy

and Anti-Corruption

Group policy prohibits VTech Group

and its officers, employees and agents

from giving or offering to give money

or anything of value to government

officials, political parties, party officials

or candidates for political office in order

to influence official acts or decisions of

that person or entity, obtain or retain

business, or secure any improper

advantage. The Company does not

make any donations to political parties

in any country, but does not restrict

employees from individual associations

provided that there is no conflict of

interest to their role as a member of the

association with role as an employee

within VTech. Employees must not

purport to represent the Company in

any political forum and should not use

the Company brand, time or assets to

advance the interests of any political

party or group.

As a result, VTech’s management has

an obligation and a responsibility to

ensure that employees are familiar with

our anti-corruption policy, which is part

of our Code of Conduct, and the control

procedures in their job areas. Employees

receive regular anti-corruption and

internal control training to reinforce their

awareness and understanding of our

Code of Conduct.

Risk Management

Effective risk management is crucial for

maintaining our stable daily operation

and indicates our ability to respond and

adapt to the changing environment.

In order to minimise the possible

disturbances to our operation during

the event of disruptions, it is important

to be prepared for emergency and to

build resilience. VTech has implemented

an organisational structure with formal

and clearly defined lines of responsibility

and delegation of authority for risk

management.

To ensure the effectiveness of risk

management, the boards of committee

have been divided into two distinct but

complementary roles for implementing

the risk management policies and

objectives of the Group, and monitoring

the risk management process. The

RMSC, chaired by Dr. Allan WONG Chi

Yun and Dr. PANG King Fai, Mr. Andy

LEUNG Hon Kwong, Mr. WONG Kai

Man, Ms. Shereen TONG Ka Hung

and Mr. CHANG Yu Wai, as members

– a combination of executive Directors,

independent non-executive Directors

and senior management, is responsible

for putting in place policies, procedures

and frameworks for the identification and

management of risks. Risks are formally

identified and recorded in the risk register

for key operations. The risk register is

updated regularly and risk exposure and

mitigation performance are reviewed

biannually.

The RMSC held two meetings

during the financial year to review the

Group’s business and sustainability

risk management and internal control

systems and their effectiveness. The

Audit Committee reviewed the overall

effectiveness of the Group’s system

of internal control over financial,

operational and compliance issues,

risk management process, information

systems security and effectiveness

of financial reporting and compliance

with the Listing Rules, and is satisfied

that such systems are effective and

adequate.

At management level, department

representatives of each key business

function maintain a risk register

documenting the key risks and the

relevant risk response measures. They

review their risk registers on a biannual

basis to consider if any updates to the

risk registers are required based on

the events of disruption or incidents

occurred. To facilitate the review of the

risk register by the RMSC as mentioned

above, the Internal Audit Department

performs a holistic review of the updated

risk registers maintained by each key

business function and consolidates all

the risk registers into the Group’s risk

register on a biannual basis.