1. Introduction

ESAF Small Finance Bank’s (hereinafter referred to as ‘the Bank’) vision to build a society with equal opportunities, which has complete access to sustainable financial services, so as to help in promoting livelihood opportunities and economic development and to address environmental concerns is the foundation for all the decisions taken. The Bank believes in conducting all affairs of its constituents in a fair and transparent manner by adopting the highest standards of honesty, professionalism, integrity and ethical behaviour.

The Whistle Blower Policy has been formulated as part of corporate governance norms and transparency where the employees, customers, stakeholders are encouraged to prefer any complaint which have not been resolved or satisfactorily resolved within the usual applicable protocols. The stake holders including employees may refer any complaint covering areas such as corruption, misuse of office, criminal offences, behavioural issues, suspected/actual fraud, failure to comply with existing rules and regulations and acts resulting in financial loss/operational risk, loss of reputation, etc. detrimental to depositors’ interest/public interest/bank’s interest.

This policy shall provide a channel to the employees (including Directors) and other stakeholders to report to the management about unethical behaviour, actual or suspected fraud or violation of the Codes of conduct or legal or regulatory requirements, incorrect or misrepresentation of any financial statements and reports and such other matters.

2. Regulatory Guidelines

The Policy is formulated primarily in compliance with the following directions:

• 2.1 Section 177 (9) of the Companies Act, 2013 mandated the establishment of vigil mechanism for all companies, as part of the whistle blower policy, for the Directors and Employees of such companies to report concerns about unethical behaviour, actual or suspected fraud or violation of the company’s code of conduct or ethics policy. It also provides that a whistle blower mechanism be provided by such company enabling stakeholders, including individual employees and their representative bodies, to freely communicate their concerns about illegal or unethical practices.
• 2.2 RBI Guidelines No: RBI/2006-2007/328 DO DBS.FrMC.No.BC.5/23.02.011/2006-07 dated April 18, 2007 on introduction of 'Protected Disclosures Scheme for Private Sector and Foreign Banks' is the basic document for the Whistle Blower Policy of the bank.

3. Scope and Coverage

• 3.1 The complaints under the Scheme would cover areas such as corruption, misuse of office, criminal offences, suspected/actual fraud, failure to comply with existing rules and regulations such as RBI Act 1934, Banking Regulation Act 1949 and acts resulting in financial loss/ operational risk, loss of reputation etc. detrimental to depositors’ interest/public interest/bank’s interest.
• 3.2 Under the Scheme, employees of the bank, customers, stake holders, NGOs and members of public can lodge complaints.
• 3.3 The following nature of complaints are not covered in the policy:
  • Anonymous/pseudonymous complaints.
  • Complaints which are frivolous in nature.
  • Issues relating to personal grievance (increment, promotion etc.)
  • Sexual harassment as it is covered by Policy on Prevention of Sexual Harassment.
• 3.4 The Policy intends to cover the following types of complaints:
  • Fraudulent activities or activities in which there is suspected fraud
  • Intentional or deliberate non-compliance with laws, regulations and policies
  • Questionable accounting practices including misappropriation of monies
  • Illegal activities
  • Corruption and deception
  • Misuse/Abuse of authority
  • Violation of Bank rules, manipulations and negligence
  • Breach of contract
  • Pilferation of confidential/propriety information
  • Deliberate violation of law/regulation
  • Wastage/misappropriation of Bank’s funds/assets
  • Malpractices/events causing danger to public health and safety.
  • Immoral/questionable behaviour that can cause reputational risks to the Bank/Brand, etc.

4. Audit Committee of the Board

The Audit Committee of the Board is responsible for monitoring and reviewing the effectiveness of the vigil mechanism and implementation of the Whistle Blower Policy to provide adequate safeguards against victimization of employees and relevant stakeholders. The details of establishment of vigil mechanism shall be disclosed by the Bank on the website and in the Board’s Report to the stakeholders.

5. Nodal Officer, his duties and responsibilities

• 5.1 Chief of Internal Vigilance (CIV), the Head of Vigilance Department, will be the Nodal Officer under the Whistle Blower Policy. He is appointed with the concurrence of the Board of Directors of the Bank.
• 5.2 The CIV of the Bank shall act as a Special Assistant/Advisor to the MD&CEO of the Bank in the discharge of these functions. CIV shall report to the Audit Committee/Board on the Vigilance activities, disciplinary cases and related investigation reports as well as aspects relating to the implementation of the Whistle Blower Policy.
• 5.3 The CIV shall also act as a liaison officer between the Bank and the Police/Serious Fraud Investigation Office (SFIO)/other law enforcement authorities. The CIV shall collect intelligence about the corrupt practices committed or likely to be committed, by the employees of the Bank, investigate or cause an investigation to be made into verifiable allegations reported to him, process investigation reports for further consideration of the disciplinary authority concerned and report/refer the matters to the MD&CEO of the Bank.
• 5.4 Nodal Officer shall act upon the complaints received under Whistle Blower Policy and references received from RBI. Ongoing through the complaints/references received from RBI, the Nodal Officer shall decide the manner in which the enquiry/investigation is to be conducted on a case to case basis.
• 5.5 After the enquiry/investigation and on the basis of findings recorded, the reference made by RBI will be replied and if found necessary, further directions may be sought for.
• 5.6 On the basis of the scrutiny/enquiry conducted and on the basis of the findings, the Nodal Officer will submit the investigation report to the MD & CEO for appropriate action.
• 5.7 If the findings bring out any loss caused to the bank as a result of the corrupt act/misuse of office by any of the official of the bank, appropriate administrative process may be recommended for recovery of the loss caused to the bank.
• 5.8 Apart from the disciplinary action or recovery process as stated above if the Nodal Officer is of the opinion that any further action including criminal proceedings is warranted by the facts and circumstances of the case, he may so recommend to the MD & CEO.
• 5.9 On the basis of the findings, if it deems fit, the nodal officer can also recommend to initiate process for corrective measures for preventing recurrence of such events in future.
• 5.10 The Nodal Officer shall ensure the utmost of secrecy in all the proceedings in this connection and unless for the explicit act by the complainant himself, no disclosure shall be made of the reference made by RBI.
• 5.11 Complaints received under Whistle Blower Policy are to be investigated and redressed within 90 days of receipt of the complaint.

6. Guiding Principles

To ensure that this Policy is adhered to and to assure that the concerns raised under this Policy will be acted upon seriously, the Bank will:

• 6.1 Ensure that the Whistle Blower and/or the person processing the Protected Disclosure is not victimized.
• 6.2 Ensure complete anonymity of the identity of the Whistle Blower.
• 6.3 Provide an opportunity of being heard to the persons involved, especially to the subject
• 6.4 Provide protection to Whistle Blower under this Policy provided that Protected Disclosure is made in good faith, the Whistle Blower has reasonable information or documents in support thereof and not for personal gain or animosity against the subject
• 6.5 Ensure that the Whistle Blowers, who make any Protected Disclosures, which have been subsequently found to be mala fide, frivolous or malicious be liable to Disciplinary Action.
• 6.6 Take Disciplinary Action for event covered under this Policy or upon victimizing Whistle Blower or any person processing the Protected Disclosure or if any one destroys or conceals evidence of the Protected Disclosure made/to be made.
• 6.7 Ensure that any employee or stake holders assisting in the said investigation or furnishing evidence, is protected to the same extent as the Whistle Blower.

7. Protected Disclosure

• 7.1 Protected Disclosures should be reported in writing so as to ensure a clear understanding of the issues raised and should either be typed or written in a legible handwriting in English or in Hindi.
• 7.2 All Protected Disclosures should be addressed to Chief of Internal Vigilance of the Bank. The contact details are as under: Chief of Internal Vigilance, ESAF Small Finance Bank, ESAF Bhavan, Mannuthy PO, Thrissur -680651. Email whistle.blower@esafbank.com
• 7.3 Protected Disclosure against the MD & CEO, Key Management Personnel and Chief Vigilance Officer should be addressed to the Chairman of the Audit Committee. The contact details of the Chairman of the Audit Committee are as under: Chairman of the Audit Committee, ESAF Small Finance Bank, ESAF Bhavan, Mannuthy PO, Thrissur -680651. Email pdschairman@esafbank.com
• 7.4 The Protected Disclosure may be forwarded by email or by way of a covering letter which shall bear the identity of the Whistle Blower. The Protected Disclosure shall be submitted in a closed and secured envelop and shall be super-scribed as “Protected Disclosure under the Whistle Blower Policy”. If the complaint is not super-scribed and closed as mentioned above, it will not be possible to protect the Whistle Blower and the complaint will be dealt with, as if, a normal disclosure. In order to protect the identity of the Whistle Blower, no acknowledgement will be issued by the Bank.
• 7.5 Anonymous disclosures may not be entertained.

8. Secrecy / Confidentiality

The Whistle Blower, the Subject, the managerial personnel (s) and everyone involved in the process shall:

• 8.1 Maintain complete confidentiality/ secrecy of the matter under this Policy
• 8.2 Not discuss the matters under this Policy in any informal/social gatherings/ meetings
• 8.3 Discuss only to the extent or with the persons required for the purpose of completing the process and investigations.
• 8.4 Not keep the papers unattended anywhere at any time
• 8.5 Keep the electronic mails/files under password.
• 8.6 If anyone is found not complying with the above, he/she shall be held liable for such Disciplinary Action as is considered fit by the Audit Committee.

9. Reporting

Chief of Internal Vigilance shall submit a report to the Audit Committee on all the Protected Disclosures, together with results of investigations, Disciplinary Actions recommended and implemented. He is responsible to submit the half yearly review to the Board.

10. Record Retention

All Protected Disclosures, documents along with the results relating Chief of Internal Vigilance of the Bank for a minimum period of 5 (five) years or as mentioned in applicable law, if any.

11. Amendment

This Policy may be amended from time to time by the Board on the recommendation of the audit committee.

12. Owner of the Policy

Vigilance Department of the Bank is owner of the Whistle Blower Policy.

13. Awareness to employees

All the employees of the bank will be provided with a copy of the Whistle Blower Policy against proper acknowledgement. In case of newly recruited employees, they will be provided with a copy of the policy at the time of entering into the service of the bank.

ANNEXURE A
Protected Disclosures Scheme

1. Introduction

• 1.1 Disclosure of information in the public interest by the employees of an organisation is increasingly gaining acceptance by public bodies for ensuring better governance standards and probity / transparency in the conduct of affairs of public institutions.. In the Indian context, the Government of India had passed a resolution on April 21, 2004 authorizing the Central Vigilance Commission (CVC) as the 'Designated Agency' to receive written complaints or disclosure on any allegation of corruption or of misuse of office and recommend appropriate action. The jurisdiction of the CVC in this regard is restricted to employees of the Central Government or of any corporation established by it or under any Central Act, Government companies, societies or local authorities owned or controlled by the Central Government.
• 1.2 As a proactive measure for strengthening financial stability and with a view to enhancing public confidence in the robustness of the financial sector, RBI has formulated a scheme called "Protected Disclosures Scheme for Private Sector and Foreign Banks" and directed the private sector and foreign banks operating in India to frame a protected Disclosure Scheme keeping in view of the broad frame work given by RBI. The salient features of the Scheme are as under:

2. Scope and Coverage

• 2.1 The complaints under the Scheme would cover the areas such as corruption, misuse of office, criminal offences, suspected / actual fraud, failure to comply with existing rules and. and acts resulting in financial loss / operational risk, loss of reputation, etc. detrimental to depositors' interest / public interest.
• 2.2 Under the Scheme, employees of the bank concerned customers, stake holders, NGOs and members of public can lodge complaints.
• 2.3 Anonymous / pseudonymous complaints will not be covered under the Scheme and such complaints will not be entertained.
• 2.4 Reserve Bank of India (RBI) will be the Nodal Agency to receive complaints under the Scheme. RBI would keep the identity of the complainant secret, except in cases where complaint turns out to be vexatious or frivolous and action has to be initiated against the complainant as mentioned at para 2.5 below.
• 2.5 The institution against which complaint has been made can take action against complainants in cases where motivated / vexatious complaints are made under the Scheme, after being advised by RBI. An opportunity of hearing will, however, be given by the concerned bank to the complainant before taking such action.
• 2.6 Final action taken by RBI on the complaint will be intimated to the complainant.

3. Procedure for lodging the complaint under the Scheme

• 3.1 The complaint should be sent in a closed / secured envelope.
• 3.2 The envelope should be addressed to The Chief General Manager, Reserve Bank of India, Department of Banking Supervision, Fraud Monitoring Cell, Third Floor, World Trade Centre, Centre 1, Cuffe Parade, Mumbai 400 005. The envelope should be superscribed "Complaint under Protected Disclosures Scheme for Banks".
• 3.3 The complainant should give his / her name and address in the beginning or end of the complaint or in an attached letter. In case of an employee making such complaint, details such as name, designation, department, institution and place of posting etc. should be furnished.
• 3.4 Complaints can be made through e-mail also giving full details as specified above. For this purpose, a separate e mail ID dbspd@rbi.org.in been created.
• 3.5 The complainant should ensure that the issue raised by him involves dishonest intention/moral angle. He should study all the relevant facts and understand their significance. He should also make an effort, if possible, to resolve the issue through internal channels in order to avoid making the complaint.
• 3.6 The text of the complaint should be carefully drafted so as not to give any details or clue to complainant's identity. The details of the complaint should be specific and verifiable.
• 3.7 In order to protect the identity of the complainant, RBI will not issue any acknowledgement of receipt of the complaint and the complainants are advised not to enter into any further correspondence with the RBI in their own interest. RBI assures that, subject to the facts of the case being verifiable, it would take necessary action, as provided under the scheme. If any further clarification is required, RBI will get in touch with the complainant.
• 3.8 If the complaint is accompanied by particulars of the person making the complaint, the RBI shall take the following steps :
• • The identity of the complainant will not be revealed unless the complainant himself has made the details of the complaint either public or disclosed his identity to any other authority.
  • If the identity of the complainant is concealed, RBI shall make discreet inquiries to ascertain if there is any basis for proceeding further with the complaint.
  • Either as a result of the discreet enquiry, or on the basis of complaint itself without any inquiry, if RBI is of the opinion that the matter requires to be investigated further, RBI may consider calling for the comments / response from the Chairman / Chief Executive Officer of the concerned bank.
  • After obtaining the response of the concerned bank and / or on the basis of an independent scrutiny conducted / ordered by RBI, if RBI is of the opinion that the allegations are substantiated, the RBI shall recommend appropriate action to the concerned bank. These shall, inter alia, include the following :
  • Appropriate action to be initiated against the concerned official.
  • Appropriate administrative steps for recovery of the loss caused to the bank as a result of the corrupt act or mis-use of office, or any other offence covered by the Scheme.
  • Recommend to the appropriate authority / agency for initiation of criminal proceedings, if warranted by the facts and circumstances of the cases.
  • Recommend taking corrective measures to prevent recurrence of such events in future.
• 3.9 If any person is aggrieved by any action on the ground that he is victimized due to filing of the complaint or disclosure, he may file an application before the RBI seeking redressal in the matter. RBI shall take such action, as deemed fit. In case the complainant is an employee of the bank, RBI may give suitable directions to the concerned bank, preventing initiation of any adverse personnel action against the complainant.
• 3.10 Either on the basis of application of the complainant or on the basis of information gathered, if the RBI is of the opinion that either the complainant or the witnesses in the case need protection, the RBI shall issue appropriate directions to the concerned bank.
• 3.11 The system evolved herein shall be in addition to the existing grievances redressal mechanism in place. However, secrecy of identity shall be observed, only if the complaint is received under the scheme.
• 3.12 In case RBI finds that the complaint is motivated or vexatious, RBI shall be at liberty to take appropriate steps.
• 3.13 In the event of the identity of the informant being disclosed in spite of RBI's directions to the contrary, the RBI shall be authorized to initiate appropriate action as per extant regulations against the person or agency making such disclosure. RBI may also direct such person or agency to suitably compensate the complainant.

4) Nodal Officer

His duties and responsibilities Head of Vigilance Department of the bank will be the nodAl officer under the Protected Disclosure Scheme. He shall be appointed by the Board of Directors of the Bank. The Nodal officer shall act upon to such references received from RBI. He will be responsible to submit the half yearly review to the Audit Committee of the Board

• On going through the references received from RBI, the Nodal Officer may decide the manner in which the enquiry/investigation is to be conducted on a case to case basis and he will record his findings in such cases.
• After the enquiry/investigation and on the basis of findings recorded by him, the reference made by RBI will be replied and if found necessary, further directions may be sought for.
• On the basis of the scrutiny/enquiry conducted and on the basis of the findings, the Nodal Officer may recommend to the MD & CEO for appropriate action to be taken including disciplinary action against the erring employees, if any.
• If the findings also bring out any loss caused to the bank as a result of the corrupt act/misuse of office by any of the official of the bank, appropriate administrative process also may be recommended for recovery of the loss caused to the bank.
• Apart from the disciplinary action or recovery process as stated above if the Nodal Officer is of the opinion that any further action including criminal proceedings is warranted by the facts and circumstances of the case, he may so recommend to the Chairman.
• On the basis of the findings, if it deems fit, the nodal officer can also recommend to initiate process for corrective measures for preventing recurrence of such events in future.
• The Nodal Officer shall ensure the utmost of secrecy in all the proceedings in this connection and unless for the explicit act by the complainant himself no disclosure shall be made of the reference made by RBI.

5) Publicity of the Scheme

The Bank will give wide publicity to the scheme by hosting the same in the bank's website. Subsequent amendments if any in the policy also will be put in the website.

6) Awareness to employees

All the employees of the bank will be provided with a copy of the scheme against proper acknowledgement. In case of newly recruited employees, they will be provided with a copy of the scheme at the time of entering into the service of the bank. Amendments to the policy will be hosted in the website.