ETHICS


Purpose and Scope

This Code of Ethics and Anti-Corruption Policy establishes the ethical standards, compliance principles, and integrity framework governing all activities conducted by CORAC and its group of companies.

The Policy applies to:
- CORAC as the parent company;
- All subsidiaries, affiliated entities, and business units under CORAC Holding’s control; and
- All directors, officers, employees, contractors, intermediaries, and business partners acting on behalf of any entity within the Group.

This framework reflects CORAC’s commitment to lawful, transparent, and responsible business conduct worldwide, in line with international best practices and the principles of ISO 37001 (Anti-Bribery Management Systems) and ISO 37301 (Compliance Management Systems).

Ethical Principles

The CORAC Group operates with integrity, accountability, and respect for the law.

Our shared values include:

- Integrity and Honesty — Conducting all activities transparently and ethically.
- Compliance and Responsibility — Meeting both legal and moral obligations in every jurisdiction.
- Fairness and Respect — Building equitable, inclusive, and respectful relationships.
- Sustainability and Innovation — Promoting responsible growth and digital innovation.
- Zero Tolerance for Corruption — Prohibiting bribery, fraud, and any improper advantage.

Legal and Regulatory Compliance

All companies within the CORAC Group comply with applicable laws and regulations, including but not limited to:

- U.S. Foreign Corrupt Practices Act (FCPA)
- UK Bribery Act 2010
- OECD Anti-Bribery Convention
- United Nations Convention Against Corruption (UNCAC)
- All national and regional anti-bribery and compliance frameworks in the territories where we operate.

Each subsidiary must implement internal measures consistent with this Policy to ensure group-wide compliance.

Prohibition of Bribery and Corrupt Practices

Bribery in any form — direct or indirect — is strictly forbidden throughout the CORAC Group.

No person acting on behalf of any Group company may offer, promise, give, request, or accept anything of value to improperly influence a decision or obtain an undue advantage.

“Anything of value” includes money, gifts, hospitality, donations, employment offers, or any other benefit intended to influence conduct.

Special caution must be taken in interactions with public officials or state-owned entities, and prior written authorization is required for any courtesy or contribution involving them.

Gifts, Entertainment, and Hospitality

Business courtesies must always be:

- Reasonable and proportionate;
- Compliant with local customs and laws;
- Transparent and duly recorded;
- Free from any intent to influence a decision.

Extravagant or repeated gifts, or those offered during contract processes, are prohibited across all Group entities.

Conflicts of Interest

All employees, managers, and directors within the CORAC Group must avoid conflicts between personal interests and the Group’s business interests.

Potential conflicts must be disclosed promptly and managed under the oversight of the relevant compliance officer or management team.

Charitable Contributions and Sponsorships

Group companies may support legitimate social or charitable causes, provided contributions:

- Are transparent and properly documented;
- Serve a genuine charitable purpose;
- Are never used to gain undue influence or business advantage.

Political Contributions

No company within the CORAC Group may make political contributions or donations on behalf of the organization without prior authorization from the CORAC Holding Board and full compliance with applicable law.

Accurate Books, Records, and Internal Controls

All financial and operational transactions across the CORAC Group must be recorded accurately and completely.

Falsified entries, hidden accounts, or misrepresented expenses are strictly prohibited.

Each subsidiary maintains internal controls that support transparency, accountability, and audit readiness.

Third-Party Due Diligence

Before engaging agents, consultants, distributors, or resellers, Group companies perform integrity due diligence.

All third parties must commit contractually to ethical conduct and compliance with anti-corruption laws and this Policy.

Anti-Money Laundering and Trade Compliance

The CORAC Group forbids money laundering, terrorism financing, or participation in unlawful trade practices.

All transactions must involve legitimate counterparties and transparent financial channels.

Data Protection, Fair Competition, and Confidentiality

Ethical conduct extends to protecting data, intellectual property, and confidential information.

Group companies respect privacy regulations, compete fairly, and avoid any collusive or anti-competitive behavior.

Reporting Concerns (Whistleblowing)

All employees, partners, and third parties are encouraged to report — confidentially and in good faith — any suspected violation of this Policy or applicable law.

Reports may be submitted to legal@cor.ac

The CORAC Group strictly prohibits retaliation against anyone who raises a concern or cooperates in an investigation.

Investigations and Disciplinary Actions

Alleged breaches are investigated promptly and objectively.

Confirmed violations may lead to disciplinary action, termination, or legal proceedings, depending on their severity.

Training and Awareness

All Group entities ensure that employees and key third parties receive regular training on ethical conduct, anti-bribery laws, and compliance obligations.

Training completion is monitored and recorded as part of the Group’s compliance framework.

Oversight, Monitoring, and Continuous Improvement

CORAC Holding oversees the ethical performance of all subsidiaries through internal audits, compliance reviews, and policy updates.

The Group continuously strengthens its compliance systems in alignment with evolving global standards.

Governance and Accountability

The Board of Directors of CORAC Holding retains ultimate oversight of ethics and compliance across the entire Group.

Each subsidiary’s management team is responsible for implementing this Policy locally and ensuring adherence to its provisions.

A Group Compliance Officer coordinates training, investigations, and harmonization of compliance practices across all entities.

Enforcement and Consequences

Violations of this Policy may result in disciplinary action, contract termination, civil liability, or criminal prosecution.

Subsidiaries are responsible for enforcing consistent measures under the direction of CORAC Holding.

Review and Publication

This Policy is reviewed annually by CORAC Holding’s Compliance Office and approved by the Board of Directors.

It is publicly available at https://cor.ac/legal/ethics, serving as the reference for all entities within the CORAC Group.

Alignment with International Standards

The CORAC Group’s compliance and ethics framework is guided by internationally recognized principles, including those established in:

- ISO 37001 — Anti-Bribery Management Systems, and
- ISO 37301 — Compliance Management Systems.

These standards inform CORAC’s approach to integrity, governance, and accountability across all companies within the Group.