62 About Strategy and Governance Our People Our Business Our Outcome AppendixCompliance Program As an organization operating in markets and industries where inducements in the form of gifts, hospitality, or other formats are not uncommon, actively managing bribery risks features high on our corporate agenda. At DKSH, bribery is understood to be a form of corruption that includes offering, giving, receiving, or soliciting an item of value to influence the actions or decisions of an individual or organization in a position of power or authority. The Group Risk department manages bribery as part of the Governance, Risk, and Compliance (GRC) Function. Our management approach to mitigating these risks is addressed in several Group policies, including our: %u2023 Compliance Policy %u2023 Donations Policy %u2023 Anti-Bribery Monitoring Policy %u2023 Anti-Corruption and Anti-Bribery (ABAC) Policy %u2023 Gifts, Hospitality & Entertainment (GHE) Policy %u2023 Third-Party Intermediary (TPI) Policy %u2023 Conflict of Interest (COI) Policy %u2023 Manuals for Interaction with Healthcare Professionals (IHCP) for our Pharmaceutical, Medical Devices, and Diagnostics product categories %u2023 Non-Trade Procurement (NTP) Policy A comprehensive compliance management system and program address compliance with our anti-bribery standards. These efforts are guided by our ABAC and related policies, which reflect recognized international regulations, such as the U.K. Bribery Act 2010 and the U.S. Foreign Corrupt Practices Act.Our Compliance Policy is the backbone of our compliance program. It defines the fundamental principles of compliance, sets out responsibilities, and specifies how this Function is organized within DKSH. The Policy designates integrity and reputation as key assets at DKSH. Under its provisions, management is in charge of compliance at DKSH, but all employees share responsibility for its implementation. The Policy outlines these core principles to increase ownership of compliance risks.DKSH manages fraud under the Group%u2019s Internal Audit Function (GIA) and within the framework of DKSH%u2019s Anti-Fraud Policy. Fraud is considered to be an activity that relies on deception to achieve a gain. It becomes a crime when it is a %u201cknowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment%u201d32. Risk Assessment In 2018, we launched an enhanced bribery risk assessment process33 to be rolled out across all our markets, with prioritization based on national scores in Transparency International%u2019s Corruption Perception Index (CPI). By the end of 2023, 15 of our markets had adopted our bribery risk assessment process, representing 100 % of our significant operations. We identify risks using a detailed mapping process. The level of risk is determined using the Group%u2019s Risk Management policy and procedures, and appropriate controls are assigned. For example, working with intermediaries in business transactions potentially increases the risk of bribery; controls include due diligence requirements for standard or enhanced procedures depending on the assigned risk levels. Interaction with healthcare professionals, which is highly regulated at national and global levels, is another area where we have identified and addressed a risk of non-compliance with the law. We also carefully monitor and manage the handling of gifts and hospitality. Furthermore, we are aware of and mitigate bribery-related risks during procurement, when obtaining product and/or marketing approvals, and in the bidding process for public tenders. All risks and their mitigating controls are documented in detailed Bribery Risks & Controls (BRC) templates. Controls include documenting control processes and procedures, how controls are communicated within the organization, and how relevant personnel are instructed and trained to perform controls. BRC templates are reviewed and revised annually to ensure that they are up to date. These templates also serve as the basis for review and enforcement activities by the corporate compliance team. DKSH%u2019s bribery risk assessment approach is closely aligned with the company%u2019s broader risk management policies. It closely follows the ABAC risk assessment process, which is conducted regularly at the Business Unit level.The Board of Directors is involved in our risk management processes. It receives quarterly updates on the results of the bribery risk assessment by the GRC Function and on the results of ABAC risk assessments. Furthermore, the Board of Directors provides regular feedback on risk management processes, also beyond formal processes, and in particular when critical risks occur. We handle fraud-related risks using a separate process. Under DKSH%u2019s Anti-Fraud Policy, the Group%u2019s Internal Audit Function investigates fraud-related cases and regularly reviews monitoring procedures to mitigate fraud risks in audits. Using a formal reporting process, significant cases are reported to the Board%u2019s Audit Committee five times per year.%u2023 GRI 2-12, GRI 2-24, GRI 205-1Conflicts of Interest In addition to performing risk assessments, our compliance program includes training, education, reviews, and audits, as well as investigations and corrective actions if incidents occur. Managing conflicts of interest (COI) is critical in any compliance program. 32 Source: Association of Certified Fraud Examiners. 33%u2002 Based on %u201cDiagnosing Bribery Risk%u201d, Guidance for the Conduct of Effective Bribery Risk Assessment, Transparency International UK.