Fraud Risk Management Policy

Objective

The objective of this policy is to protect the brand, reputation and assets of the Persistent Systems Limited (PSL Group or the Company) from loss or damage resulting from any incidents of fraud or misconduct by employees or other stakeholders of the PSL Group.

Definition

Fraud is defined as any intentional act committed to secure unlawful or unfair gain, in cash or in kind. Misconduct includes any acts of violation of law, regulations, internal policies or code of conduct of the Company.

Fraud prevention measures

• Clarity about role, authority and responsibility
  PSL Group has implemented a role based organization structure in which authority and responsibilities applicable to all roles that the employees perform are clearly defined.
• Segregation of duties
  The duties of employees are segregated in a manner that it is not possible to perpetrate fraud unless there is collusion of two or more employees.
• Limits on delegation of financial authority
  The Company has defined financial authority of managerial staff in a chart of delegation of authority which shows approving authority limits of different managers.
• Well defined business processes
  The Company has well defined processes which have appropriate work flows and checks and balances to reduce the risk of fraud.
• Implementation of the ERP system
  The Company has implemented Microsoft Dynamics in important areas such as finance, procurement, HR and CRM.
• Joint authorization of financial transactions by two employees
  The payment procedures of the company require that any transaction involving bank payment/remittance requires joint authorization of minimum two employees in managerial level.
• Information Security Management Systems
  The Company has adopted the framework provided by the BS ISO/IEC 27001:2005 and BS ISO/IEC 17099:2005 for strengthening information security and management
• Third party background check
  The Company has a system of conducting third party background checks for new employees joining the organization with a view to verify their character, integrity and past history.
• Purchase Control Committee (PCC)
  PCC reviews all high value purchase orders above defined limits.
• Vendor approval system
  Any new vendor goes through a comprehensive process of vendor approval and registration.
• Stringent contract review system
  The legal department reviews major contracts/agreements prior to execution and oversees all statutory compliances.
• Code of conduct
  The Company has a well defined code of conduct for its directors and employees.
• Monthly reconciliation of Payroll
  This report facilitates reconciliation of the head count and salaries on a monthly basis and reduces risk of fraud in the area of payroll.

Fraud detection measures

• Internal audit
• System of obtaining third party confirmations
• Physical verification of assets
• Quarterly management
  The Company practices a system of management review of performance of its Business Units (BUs) and support departments on a quarterly basis.
• Customer satisfaction surveys
• CFO certification to the Audit Committee
• Reporting of lapses in information security
• Cash verification on surprise basis
• Job rotation

Process to deal with instances of fraud or misconduct

• Prompt reporting of incidents of suspected fraud
  If any incident of fraud is suspected, it will be immediately reported to the functional head of the employee, HR Head and the Head legal.
• Investigation Committee
  Depending on the nature of fraud, a Committee will be set up to investigate the incidence of fraud. Typically this Committee will comprise the HR Head, CFO and the Head legal or persons nominated by them.
• Disciplinary action
  The Committee will submit the investigation report to the CEO and chairman of the Audit Committee. Based on this report, appropriate disciplinary action will be taken against the employee who committed the fraud in consultation with the Head of HR.
• Root cause analysis and corrective action
  TThe investigation Committee will direct to perform root cause analysis of fraud to identify circumstances or weaknesses in the system which led to the fraud.