Policy Statement 
At Sterling Business Alignment Consulting Sdn Bhd (STERLING), we are committed to fostering sustainability through responsible business practices, good governance and continuous engagement with stakeholders. The SHIELD framework guides our efforts to achieve measurable sustainability outcomes while adhering to Malaysia’s legal and regulatory requirements. This policy outlines our commitment to sustainability by integrating environmental, social, economic and governance considerations into our operations. Using the SHIELD principles, we ensure compliance with Malaysian laws, regulatory standards and best practices to create long-term value for all stakeholders.

 

SHIELD Framework for Sustainability

S – Sustainability Integration

• Embed sustainability into corporate strategy, policies and decision-making processes.
• Align operations with Malaysia’s Environmental Quality Act 1974 and Energy Efficiency and Conservation Act 2022.
• Integrate sustainability metrics into governance reporting frameworks for transparent monitoring.

H – Health and Well-Being

• Ensure employee safety and well-being as per the Occupational Safety and Health Act.
• Engage in employee health care monitoring programs to promote health and enhance quality of life.
• Establish health and safety governance structures to monitor compliance and improvements.

I – Innovation for Sustainability

• Encourage adoption of innovative technologies to reduce environmental impact and improve operational efficiency.
• Regularly review governance practices to ensure alignment with evolving sustainability goals and innovations.

E – Environmental Responsibility

• Establish accountability for environmental compliance at every organisational level.
• Consider environmental risks and opportunities in our governance practices to ensure environmental responsibility at every organisational level.

L – Leadership in Sustainability

• Provide sustainability training programmes to at every organisational level, including the leaders and potential leaders.
• Promote stakeholder engagement through transparent communication.

D – Delivery of Measurable Results

• Ensure compliance with reporting requirements under the Companies Act 2016, including Environmental, Social and Governance (ESG) guidelines.
• Conduct periodic evaluations to assess progress and identify areas for improvement.

 

 

We place great importance on the safety of our employees. We will do our utmost to provide a safe and healthy working environment at all times. Sterling Business Alignment Consulting Sdn Bhd’s Safety and Health Policy is “SHIELD“, as follows:

“Prioritising Safety and Wellness in Every Step, Every Day”
S (Safety): Directly highlights safety as the top priority.
H (Health): Emphasises wellness as a cornerstone.
D (Dedication): Reflects the consistency of commitment “Every Step, Every Day.”

“Safety and Health: Our Commitment, Your Assurance”
I (Integrity): Represents the trustworthiness and reliability that “assurance” implies.
L (Leadership): Shows leadership in maintaining safety and health standards.

“Building Trust with Safety and Well-Being at the Core”
S (Safety) & H (Health): These are central to building trust.
E (Excellence): Indicates the high-quality approach to ensuring well-being.

“Your Safety, Our Mission—In Every Way, Always”
D (Dedication): Reflects the unwavering focus on safety.
I (Integrity): Highlights the commitment to this mission.

“Dedicated to Health and Safety in Every Project”
D (Dedication): Matches the core value of commitment to safety and health.
E (Excellence): Reinforces that this dedication is carried out with top standards.

“Safe Practices, Healthy Outcomes—Without Compromise”
S (Safety) & H (Health): Embody the theme’s focus on practices and outcomes.
I (Integrity): Ensures “without compromise” is adhered to.

“Ensuring Safety and Health: Every Task, Every Time”
E (Excellence): Reflects the consistency in safety and health efforts.
L (Leadership): Demonstrates leadership in upholding high standards.

We take all necessary steps to provide the best possible care for our employees and in the maintenance of equipment and facilities.

We instil and promote safety consciousness among our employees to prevent accidents and injuries.

All employees are expected to be familiar with the relevant statutory requirements, Code of Practices and Company’s procedures. They must not permit themselves or the people under their supervision to perform the work unsafely.

At the same time, it is the duty and personal responsibility of every employee to prevent injury to him/herself and to his/her colleagues.

Please remember that the prevention of accident is a joint effort. We should cooperate and work as a team to make our Company a safe and healthy place to work.

 

 

Objectives

The Personal Data Protection Act 2010 (“PDPA”) governs the processing of personal data in commercial transactions. For the purpose of this policy, “personal data” and “processing” have the meanings prescribed in the PDPA.

Scope of Application

This policy applies to all personal data processed electronically or manually by Sterling Business Alignment Consulting Sdn Bhd (“STERLING” or the “Company”), regardless of the medium used.

Purpose of Processing Personal Data

This policy serves to inform employees that their personal data is being processed by or on behalf of the Company. Personal data processed includes information contained in the Employment Application Form, Letter of Employment, and any other information obtained about the employee. This may include personal data collected through oral or written communications and all other employment forms.

The Company processes personal data, including any additional information provided by the employee, to perform functions relevant to the employee’s appointment and any other contracts entered into between both parties. This includes purposes related to employment, administrative, operational, and legal requirements (“Purposes”). It is mandatory for employees to provide personal data, and failure to do so may result in the Company’s inability to process the data for the Purposes.

Legal Basis for Processing

The Company processes employees’ personal data based on contractual necessity, compliance with legal obligations, and, where applicable, the employee’s consent.

Consent for Processing Sensitive Personal Data

Employees hereby voluntarily and explicitly consent to the processing of sensitive personal data, including but not limited to NRIC No., nationality, race, religion, health information, and bank details. This consent is provided freely and is informed by the purposes outlined in this policy.

Access, Correction, and Enquiries

Employees have the right to:

1. 1. 1. 1. Access their personal data and request corrections.
         2. Withdraw consent for processing their personal data, subject to applicable laws and contractual obligations.
         3. Restrict or object to the processing of their personal data in certain circumstances.
         4. Lodge complaints with the Personal Data Protection Commissioner if they believe their data protection rights are violated.

Employees may access and request correction of their personal data by contacting the Human Resources and Administration Department. They may also contact the Human Resources and Administration Department with any enquiries or complaints regarding their personal data.

Fees and Refusal for Access or Correction

In accordance with the PDPA, the Company may charge a fee for processing requests for access or correction of personal data. The Company may also refuse to comply with such requests if permitted under the PDPA.

Disclosure of Personal Data

Employees’ personal data may be disclosed to the Company’s related entities, auditors, financial institutions, governmental agencies, regulatory bodies, external legal counsel, IT service providers, payroll processors, or any third party authorized by the employee, in compliance with applicable laws.

Cross-Border Data Transfers

The Company may transfer personal data outside Malaysia when necessary for the Purposes. The Company will ensure that the destination country has adequate data protection standards or that the transfer complies with Section 129 of the PDPA. Employees will be informed of such transfers, and their consent will be obtained where required.

Accuracy and Update of Personal Data

Employees are responsible for ensuring that the personal data provided to the Company is accurate, complete, and not misleading. They must keep their personal data up to date. The Company may request employees’ assistance in obtaining consent from third parties whose personal data is provided to the Company.

Data Minimization

The Company will only collect personal data that is necessary for the specified Purposes and will avoid processing excessive or irrelevant data.

Retention Period

In compliance with Section 10 of the PDPA, the Company will not keep personal data longer than is necessary for the fulfilment of the Purposes. Once the data is no longer required, it will be securely deleted or anonymized. Specific retention periods are determined based on legal requirements, industry standards, and operational needs. Employees will be informed of any specific retention period applicable to their data.

Security Principle

The Company will take reasonable steps to protect the personal data it holds from loss, misuse, modification, unauthorized or accidental access or disclosure, alteration, or destruction. This includes implementing appropriate physical, administrative, and technical safeguards to ensure the security and confidentiality of personal data (Section 9, PDPA).

Data Breach Management

In the event of a data breach involving employees’ personal data, the Company will take immediate steps to contain the breach and assess its impact. Where required under applicable laws, affected employees will be notified promptly, and necessary actions will be taken to mitigate further risks.

Training and Awareness

The Company will provide regular training or updates to employees on the requirements of the PDPA and their responsibilities in handling personal data securely.

Review and Updates

This policy will be reviewed periodically to ensure its effectiveness and compliance with applicable laws and regulations. Employees will be informed of any significant changes to this policy through appropriate communication channels, including email or official notices.

 

 

Sterling Business Alignment Consulting Sdn Bhd (“STERLING”) requires directors, officers and employees to observe high standards of business and personal ethics in the conduct of their duties and responsibilities. As employees and representatives of the STERLING, we must practice honesty and integrity in fulfilling our responsibilities and comply with all applicable laws and regulations.

Reporting Responsibility

This Whistleblower Policy is intended to encourage and enable employees and others to raise serious concerns internally so that STERLING can address and correct inappropriate conduct and actions. It is the responsibility of all Directors, officers or employees to report concerns about violations of STERLING’s code of ethics or suspected violations of law or regulations that govern STERLING’s operations.

No Retaliation

It is contrary to the values of STERLING for anyone to retaliate against any Director, officer or employee who in good faith reports an ethics violation, or a suspected violation of law, such as a complaint of discrimination, suspected fraud, or suspected violation of any regulation governing the operations of STERLING. An employee who retaliates against someone who has reported a violation in good faith is subject to discipline up to and including termination of employment.

Reporting Procedure

STERLING has an open-door policy and suggests that employees share their questions, concerns, suggestions or complaints with their managers. If you are not comfortable speaking with your manager or you are not satisfied with your manager’s response, you are encouraged to speak with the Directors. Managers are required to report complaints or concerns about suspected ethical and legal violations in writing to the Directors, who have the responsibility to investigate all reported complaints. Employees with concerns or complaints may also submit their concerns in writing directly to the Directors.

Responsibility

The Directors are responsible for ensuring that all complaints about unethical or illegal conduct are investigated and resolved.

Acting in Good Faith

Anyone filing a written complaint concerning a violation or suspected violation must be acting in good faith and have reasonable grounds for believing the information disclosed indicates a violation. Any allegations that prove not to be substantiated and which prove to have been made maliciously or knowingly to be false will be viewed as a serious disciplinary offense.

Confidentiality

Violations or suspected violations may be submitted on a confidential basis by the complainant. Reports of violations or suspected violations will be kept confidential to the extent possible, consistent with the need to conduct an adequate investigation.

Handling of Reported Violations

The managers will notify the person who submitted a complaint and acknowledge receipt of the reported violation or suspected violation. All reports will be promptly investigated and appropriate corrective action will be taken if warranted by the investigation.

 

 

1. INTRODUCTION

Sterling Business Alignment Consulting Sdn Bhd (“STERLING”) is committed to acting professionally, fairly and with integrity in all our business dealings and the discharge of our business relationships, wherever we operate. We are steadfast in conducting our business in an open, transparent, honest and ethical manner. In this respect, STERLING adopts a zero-tolerance approach towards all forms of corruption and bribery. We will ensure full cooperation with enforcement agencies and competent authorities in the event of an investigation of corruption.

This Anti-Bribery and Corruption Policy (the “Policy”) provides a basic introduction to how STERLING combats bribery and corruption in line with our commitment to lawful, ethical and honest behaviour at all times. These guides are designed to prevent situations in which bribery and corrupt practices may bud and sometimes not provide definitive answers to all questions concerning bribery and corruption.

STERLING reserves the right to amend or delete any provision in this Policy as and when it deems necessary.

The Directors and the Management of STERLING shall have overall responsibility for the implementation and administration of this Policy.

 

2. APPLICABILITY

This Policy is applicable to all employees and/or any person,  in discharging their duties for and on behalf of STERLING, including but not limited to the Directors and the Management.

All Personnel shall be informed of the requirements set out in this Policy and of the need for them to comply with the requirements set out in this Policy.

 

3. RELATED DOCUMENTS

This Policy shall be read in conjunction with:

1. • the Employee Code of Business Conduct Ethics;
   • the Whistleblowing Policy;
   • the Employee Handbook;
   • all relevant policies and procedures of STERLING; and
   • all applicable laws and regulations.

 

4. ALL APPLICABLE LAWS AND REGULATIONS

STERLING is committed to conducting its business ethically and in compliance with all applicable laws and regulations in the countries where it does business. These laws include but are not limited to the Malaysian Penal Code 1936 (and its amendments)(“Penal Code”), the Malaysian Anti-Corruption Commission Act 2009 (“MACC”), the Companies (Amendment) Act 2024, and the Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001. In the event that there is a conflict between mandatory laws and the provisions contained in this and other policies, the law shall prevail. However, the provisions in this Policy are to be adhered to in the event of any conflict or inconsistencies with a local custom or practice.

This Policy extends across all of STERLING’s business dealings in Malaysia and any other countries in which it operates, if applicable. All persons covered by this Policy, in discharging their duties on behalf of STERLING, are required to comply with not only the Malaysian laws and regulations but also the laws and regulations applicable in the location of the business activities, and in particular with respect to anti-bribery and corruption laws, rules and regulations. In jurisdictions where local laws and regulations set stricter rules than those set out in this Policy, the stricter rules shall prevail.

The main law governing corruption in Malaysia is the MACC. The Penal Code also contains provisions relating to corruption. The regulatory body responsible for the enforcement of the anti-corruption laws in Malaysia is the Malaysian Anti-Corruption Commission.

The MACC stipulates four (4) main offences, being:

1. 1. 1. • Soliciting / Receiving Gratification (Bribe) – Sections 16 & 17(a)
         • Offering / Giving Gratification (Bribe) – Section 17(b)
         • Intending to Deceive (False Claim) – Section 18
         • Using Office or Position for Gratification (Bribe) (Abuse of Power / Position) – Section 23

The Malaysian Anti-Corruption Commission (Amendment) Act 2018, which will be in force on 1 June 2020 introduces two (2) more offences, being:

1. 1. 1. • Offering / Giving Gratification by commercial organisation (Corporate Liability) – Section 17A
         • Deemed Parallel Personal Liability for Senior Personnel (Personal Liability) – Section 17A (3)

What is corruption?

Meaning of corruption

Corruption generally means the act of soliciting or receiving, or offering or giving any gratification for the purpose of improperly influencing a business decision in relation to a dealing.

Forms of gratification

Examples of gratification are as follows:

• Money, donation, gift, loan, fee, reward, valuable security.
• Any office, dignity, employment, contract of employment or services.
• Any payment, release, discharge or liquidation of any loan.
• Any valuable consideration of any kind, discount, commission, rebate, bonus.
• Any forbearance to demand for any money or money’s worth.
• Any other service or favour of any description.
• Any offer, undertaking or promise of any gratification.

Forms of corruption

Corruption may be in a variety of forms, including but not limited to:

• Bribery, where a person offers or gives, solicits or receives benefits (which may be in the form of hospitality, entertainment or gifts) with the intention or knowledge that the benefit will be used to induce someone to perform a dishonest act.
• Embezzlement, where someone dishonestly appropriates money or other assets with which he has been entrusted.
• Abuse of power, where someone abuses a position of trust for the purposes of illicit gain.

Consequences of non-compliance

All Personnel must bear in mind that there are severe consequences of being involved in corrupt activities. The consequences generally come in two (2) forms, namely in the form of individual liability or corporate liability or both, depending on the specific circumstances of each of the acts. This means that not only would the individual be liable for his acts, but STERLING would also be implicated.

In the event an employee or personnel is suspected of any acts or behaviours that could amount to corruption, he may be subject to an internal investigation and disciplinary proceedings leading to disciplinary action or any other action deemed necessary against him, if deemed necessary by STERLING.

 

5. GIFTS, ENTERTAINMENT AND HOSPITALITY

All Personnel (including their family members), or agents acting on behalf of the Personnel (including their family members) are prohibited from, whether directly or indirectly:

• Receiving gifts, entertainment and hospitality from Business Partners or any third parties that have dealings with STERLING;
• Giving gifts, entertainment and hospitality to Business Partners or any third parties that have dealings with STERLING.

By abiding by this rule, any conflict of interest or appearance of a conflict of interest for either party in the ongoing or potential business dealing between STERLING and its suppliers, customers, agents, representatives and any others who are performing work or services for STERLING (“Business Partners”) or the public can be avoided. The reason why this is important is because a gift can be seen as a bribe that may tarnish the good name and reputation of STERLING or violate anti-bribery and corruption laws. It is the responsibility of all Personnel to inform Business Partners or any third parties involved in business dealings with STERLING of this Policy and to request their understanding and cooperation to comply with this Policy.

However, STERLING recognises that the need to provide and receive reasonable and proportionate gifts, entertainment and hospitality under situations of the normal course of business courtesies, particularly during festive periods, is a legitimate way to network and build business relationships.  Such gifts, entertainment and hospitality are allowed if they are not lavish, appropriate and reasonable in the light of the accepted business practice that STERLING operates.

All Personnel must always exercise proper care and judgment and ensure the gifts, entertainment and hospitality must not be carried out with a view to improperly cause undue influence or in exchange for favours or advantages.

 

6. DONATIONS, SPONSORSHIPS AND CORPORATE SOCIAL RESPONSIBILITIES (CSR)

STERLING is a responsible corporate citizen and is committed to contributing to the well-being of the people and nation in the countries where it operates. That said, it is important that all donations, sponsorships and CSR are made in a legitimate manner and adhere to the values that we subscribe to as a company.

Donations and sponsorships

All Personnel must ensure that all donations and sponsorships are not used as trickery to conceal bribery or to circumvent or avoid any of the integrity provisions of this Policy, particularly the prohibition on bribery. It must be ensured that donations and political contributions to charities or beneficiaries are not disguised as illegal payments to Public officials and that the charities or beneficiaries are not conduits to fund illegal activities. All donations and sponsorships must adhere to the following:

• Ensure such contributions are allowed by applicable laws;
• Obtain all necessary internal and external authorisations;
• Select well-established entities having an adequate organisational structure to guarantee proper administration of the funds;
• Be accurately reflected in the company’s accounting books and records; and
• Not to be used as a means to cover up an undue payment or bribery.

CSR

As part of STERLING’s commitment to corporate responsibility and development, as a general principle, STERLING provides such assistance in appropriate circumstances and an appropriate manner. However, such requests must be carefully examined for legitimacy and not be made to improperly influence a business outcome.

The proposed recipient of assistance must be a legitimate organisation and appropriate due diligence must be conducted. Even requests determined to be legitimate must be carefully structured to ensure that the benefits reach their intended recipients.

 

STERLING requires all Personnel to use good judgment and common sense in assessing the requests for donations and sponsorships. If the employee or personnel is in doubt, he should seek advice from the Directors and /or the Management before proceeding with the donations and sponsorships.

 

7. FACILITATION PAYMENTS & KICKBACK

As facilitation payments constitute a form of bribery and corruption, STERLING prohibits the use of facilitation payments or kickbacks in its business. If there is a situation where the safety and security of any Personnel is at stake or the Personnel has been coerced to make a payment, the Personnel should immediately escalate such matter to the Administrator for appropriate actions to be taken.

 

8. MANAGING RELATIONSHIPS

 Dealings with Business Partners or the public

As a corporate citizen committed to preventing bribery and corruption, STERLING’s dealings with Business Partners or the public must be carried out with care, in such a manner consistent with the values and principles that STERLING advocates and adopts, and in compliance with all relevant laws and regulations.

It is STERLING’s expectation that all Business Partners acting for or on its behalf share the values, principles and ethical standards of STERLING as being outsiders having dealings with STERLING, their actions can implicate STERLING legally and tarnish STERLING’s reputation. STERLING also requires that the public that deals with STERLING adhere to ethical conduct and practices.

Thus, before establishing any business relationship with these external parties, STERLING is obligated to conduct appropriate due diligence to understand the business and background of these prospective Business Partners before entering into any arrangements with them. This is to ascertain that STERLING filters its Business Partners and engages and deals only with those that subscribe to an acceptable standard of integrity in their business practices. No business dealings should be entered into with prospective Business Partners that are reasonably suspected of engaging in bribery and improper business practices unless those suspicions have been investigated and resolved satisfactorily.

As a way of ensuring that STERLING only does business with Business Partners that share STERLING’s values, principles and ethical standards, the following must be complied with:

• Conduct due diligence to assess the integrity of STERLING’s prospective Business Partners.
• Make all Business Partners (prospective and existing ones) aware of STERLING’s compliance policies, particularly this Policy, communicate STERLING’s expectations on them and obtain their commitment to comply with the same.
• Continue to be aware of and periodically monitor third-party performance and business conducts and practices to ensure ongoing compliance.

Standard clauses shall be included in all legal documents and/or contracts with the STERLING’s Business Partner, requiring them to comply with this Policy and other applicable laws besides granting STERLING the right to terminate any contract or business relationship in which an act of bribery or corruption has been observed or proven to have occurred.

In the absence of contracts or other legal documents stipulating the aforementioned clauses, the Business Partners are required to declare their adherence to this Policy via the Business Partner Declaration Form as in Schedule 2 of this Policy.

In the course of conducting due diligence, where there are red flags raised, these warrant further investigations and must be appropriately and sufficiently addressed before the engagement of the Business Partners can progress.

STERLING requires its Personnel to use good judgment and common sense in assessing the integrity and ethical business practices of external parties to ensure that STERLING deals only with those who share common values as STERLING. As a guideline to assist the Personnel in its assessment of prospective Business Partners, refer to Schedule 1 on Red Flags for further guidance.

Dealings with Public Officials

Caution must be exercised when dealing with Public Officials. Providing gifts, entertainment, hospitality or other benefits, whether directly or indirectly, to Public Officials is generally considered a red flag situation in most jurisdictions.

Such provision to Public Officials or their family/household family in exchange for future benefits or results is prohibited in STERLING.

Conflict of Interest

Conflict of interest arises where there is personal interest that can be considered to have potential interference with objectivity in performing duties or exercising judgment on behalf of STERLING. All Personnel must avoid situations in which their personal interest would conflict with their duties and responsibilities. Personnel must not use their position, official working hours, STERLING’s resources and assets, or information available to them for personal gain or to STERLING’s disadvantage.

In situations where a conflict does occur, the Personnel are required to declare the matter to their reporting head or Directors and/or the Management.

Recruitment of Personnel

STERLING’s recruitment, performance evaluation, remuneration, recognition and promotion for employees shall be objective and show no favour.

Appropriate due diligence shall be conducted on prospective employees and directors, in proportion to the risk profile of the position. The assessment shall include background checks to ensure the prospective employee or director has not been convicted in any bribery or corruption case(s) nationally or internationally.

STERLING will not offer employment to prospective employees in return for previous favour or in exchange for improper favour. STERLING shall award employee positions based on merit. Support/referral letters in all forms shall not be recognised as part of the business decision-making process.

 

9. CONTROL MEASURE

Record Keeping

STERLING shall keep financial records and have appropriate internal controls in place which will evidence the business reason for making payments to Business Partners, for a period of time subject to prevailing laws and regulations on record keeping.

All Personnel must provide to the Directors and Management all written records of all gifts, entertainment, hospitality or any other benefit offered to or accepted by them, irrespective of value via the Gifts Declaration Form as in Schedule 4 of this Policy.

All Personnel must also ensure that all expense claims relating to gifts, entertainment and hospitality incurred for the benefit of Business Partners and other external parties are submitted in accordance with STERLING’s finance policies for the time being, with the basis/reason for such expenses clearly recorded.

All accounts, invoices, forms and other documents and records relating to dealings with Business Partners must be prepared, maintained and submitted with full accuracy and completeness.

Reporting

Any person subject to this Policy who learns of any attempted, suspected or actual bribery or corruption activities that violate this Policy and/or other relevant policies and procedures of STERLING is responsible for reporting promptly through STERLING’s whistleblowing channels as prescribed in the Whistleblowing Policy.

Reports made in good faith, either anonymously or otherwise, shall be addressed in a timely manner and without incurring fear of reprisal regardless of the outcome of any investigation, as provided by STERLING’s Whistleblowing Policy.

 

10. EMPLOYEE DECLARATION

All Personnel shall certify in writing that they have read, understood and will abide by this Policy via the Employee Declaration Form as in Schedule 3 of this Policy. A copy of this declaration shall be documented and retained by the Management for the duration of the Personnel’s employment.

STERLING reserves the right to request any information, including on employees’ assets, in the event that the person is implicated in any bribery and corruption-related accusation or incident.

 

11. COMMUNICATION, TRAINING AND AWARENESS

This Policy is a public document which shall be communicated to all our Personnel and Business Partners. Our Personnel and Business Partners must read and understand. STERLING’s position regarding anti-bribery and corruption, integrity and ethics.

Adequate training on STERLING’s anti-bribery and corruption approach shall be provided to our Personnel.

 

12. SYSTEMATIC REVIEW, MONITORING AND ENFORCEMENT

Governance, Monitoring and Compliance.

The Directors and the Management will monitor the effectiveness and review the implementation of this policy, regularly considering its suitability, adequacy and effectiveness. Any improvements identified will be made as soon as possible. Internal control systems and procedures will be subject to regular audits to provide assurance that they are effective in countering bribery and corruption. Our Personnel is encouraged to raise any concerns or inadequacies in the anti-corruption compliance programme to the Corporate Affairs Department.

Responsibility for this Policy.

In enforcing STERLING’s anti-corruption programme, particularly this Policy, the Administrator is responsible for monitoring the performance of all Personnel relating to the policies and procedures to combat bribery and corruption that STERLING has adopted. This is to ensure that the Personnel understand and comply with the requirements of these policies and procedures whilst performing their roles and functions.

Audits and Compliance.

To ensure that STERLING’s anti-corruption compliance programme is up-to-date and relevant to existing laws and regulations, this Policy should be reviewed regularly to ensure that the controls and measures put in place to prevent corruption and to operate in an ethical manner are still relevant.

Infringement of this Policy.

Where there is any non-compliance to this Policy, such non-compliance should be reported to the Directors. Upon receiving such a report, the Directors should initiate disciplinary proceedings to investigate the report and determine whether an actual violation of this Policy has taken place.

STERLING is committed to enforcing the requirements of this Policy. As such, any failure to observe any of the provisions in this Policy and other compliance documents may result in disciplinary actions, including termination of employment and referral for criminal prosecution, depending on the circumstances. Further details on the disciplinary procedures and actions which may be taken against misconducts such as corruption and bribery can be found in the Employee Code of Conduct and / or Employees’ Handbook.

 

SCHEDULE 1
GENERAL RED FLAGS

The following is a list of possible red flags that may arise during the course of your working for Sterling and which may raise concerns under various anti-bribery and corruption laws. The list is not intended to be exhaustive and is for illustrative purposes only. If you encounter any of these red flags while working for Sterling, you must promptly inform your reporting Head of Department or Director or submit a report to the Administrator:

• Inadequate credentials for the nature of the engagement or lack of an office or an established place of business.
• The transaction involves a country known for a high incidence of corrupt payments.
• Family, business or other “special” ties with the Public Officials.
• Objection to anti-corruption representations and warranties in formal agreements or negative responses when told of such requirements.
• Get promises of cash payments.
• Pressure exerted for payments to be made urgently or ahead of schedule.
• Payments are being made through a company in country “B” though goods or services are supplied to different a company in country “A”.
• Abnormally high commission percentage being paid to a particular agency. This may be divided into 2 accounts for the same agent, often in different jurisdictions.
• Unsanctioned private meetings with public contractors or companies hoping to tender for contracts.
• Lavish gifts are being offered.
• Individual that never takes time off even if ill. Or during holidays, or insists on dealing with specific contractors him/herself.
• Making unexpected or illogical decisions when accepting projects or contracts.
• Unusually smooth process if cases where individual does not have the expected level of knowledge or expertise.
• Abusing decision processes or delegated powers in specific cases.
• Agreeing to contracts that are not favourable to the organisation.
• Unexplained preference for certain contractors during the tendering period.
• Avoidance of independent checks on tendering or contracting processes.
• Raising barriers around specific roles or departments which are key in tendering/contracting process.
• Bypassing normal procurement process and procedure.
• Invoices being agreed in excess of contract without reasonable cause.
• Missing documents or records regarding meetings or decisions.
• Company procedures or guidelines not being followed.
• The payment of or making funds available for, high-value expenses or school fees etc. on behalf of others.
• Knowingly dealing with a customer or Public Official that has personal, business or family relationship with suppliers.
• A customer or Public Official recommends or insists on the use of the transaction party.
• Transaction party refuses to agree to anti-corruption contractual terms, uses a shell company or other unorthodox corporate structure, insists on unusual or suspicious contracting procedures, refuses to divulge the Business Partner of its owners or requests that its agreement be backdated or altered in some way to falsify information.
• Transaction party has a poor business reputation or has faced allegations of bribes, and kickbacks. Fraud or other wrongdoing or has poor or non-existent third-party references.
• Transaction party does not have office, staff, or qualifications adequate to perform the required services.
• Expense or payment request is unusual, is not supported by adequate documentation, is unusually large or disproportionate to services to be rendered, does not match the terms of a governing agreement, or involves the use of cash or bearer instrument.
• Expense or payment request is described as required to “get the business” or “make the necessary arrangements”.

 

 

1. Policy and Procedure Statement

Sterling Business Alignment Consulting Sdn Bhd (“STERLING”) is committed to high standards of ethical behaviours, and the prevention and detection of all criminal activities, including money laundering.

This document sets out the Anti-Money Laundering, Countering Financing Of Terrorism, Countering Proliferation Financing Policy (“AML/CFT/CPF” or the “Policy”) to be followed if money laundering is suspected, and defines the responsibilities of the Board, the Management and the employees of STERLING in the process. This Policy serves as preventive measures in accordance with the Anti-money Laundering, Anti-terrorism Financing and Proceeds of Unlawful Activities Act 2001 and the latest Guidelines on Anti-Money Laundering, Countering Financing of Terrorism and Targeted Financial Sanctions for the Designated Non-Financial Businesses and Professions (DNFBPs) & Non-Bank Financial Institutions (NBFIs) issued by the Bank Negara Malaysia on 31 December 2019 (“BNM Guidelines”). STERLING understands the dangers and impact of these financial crimes and the deleterious socio-economic effects on the nation.

 

2. Purpose and Scope of this Policy

This Policy applies to all members of STERLING, namely:

• Board of Directors
  Management and employees of STERLING

This Policy covers the activities undertaken in Malaysia or overseas, in relation to the direct and indirect activities of STERLING. Potentially any of the members of STERLING could be committing an offence under the money laundering laws, if they suspect money laundering or if they become involved in some way and do nothing about it.

This Policy outlines STERLING’s arrangements to comply with the requirements of the money laundering regulations which are:

• To obtain satisfactory evidence of the identity of each customer dealt with and/or has a business relationship. This evidence of a customer’s identity and the details of transactions must be retained for at least seven (7) years from the date the account is closed or the business relationship, transaction or activity is completed or terminated.
• To require all the members of STERLING to prevent, detect and report any suspicious transactions that have been or are about to be used for money laundering, terrorist financing and other illegal activities to the Directors and / or the Management of STERLING.
• To report suspicion of money laundering, if deemed appropriate, by the Directors and/or the Management of STERLING to the appropriate authorities in Malaysia, namely the Financial Intelligence & Enforcement Department, Bank Negara Malaysia.

 

3. What are Money Laundering and Terrorist Financing?

Money laundering is a process of converting cash or property derived from criminal activities to give it a legitimate appearance. It is a process to clean ‘dirty’ money in order to disguise its criminal origin.

Terrorism financing is the act of providing financial support, funded from either legitimate or illegitimate sources, to terrorists or terrorist organisations to enable them to carry out terrorist acts or to benefit any terrorist or terrorist organisation.

While most of the funds originate from criminal activities, they may also be derived from legitimate sources; for example, through salaries, revenues generated from a legitimate business or the use of non-profit organisations to raise funds through donations.

 

4. Procedures

The Directors and the Management of STERLING are responsible for implementing and maintaining anti-money laundering procedures and responding to reports of suspected money laundering activities.

The Directors and the Management of STERLING are responsible for:

• Receiving reports of suspicious activities and maintaining a Register of all suspected money laundry reports received;
• Considering all reports and evaluating whether there is, or seems to be, any evidence of money laundering or terrorist financing;
• Reporting any suspicious activity or transactions to the Financial Intelligence & Enforcement Department, Bank Negara Malaysia.

All members of STERLING shall discharge their duties in accordance with this Policy, as follows;

• To avoid handling any money, goods or other items known or suspected to be associated with the proceeds of crime, or becoming involved with any services known or suspected to be associated with the proceeds of crime;
• To remain vigilant and report concerns related to suspected money laundering activities;
• To co-operate fully with any investigations into reported concerns;

The members shall use their best endeavours to meet the requirements imposed and all applicable laws commensurate with the nature of STERLING’s businesses and activities.

 

5. Reporting

All the members of STERLING may report any suspicious transactions that have been or are about to be used for money laundering, terrorist financing and other illegal activities to the Directors and / or the Management of STERLING.

The Directors and/or the Management of STERLING shall be responsible for the reporting and / or submission of suspicious transaction reports to the Financial Intelligence & Enforcement Department, Bank Negara Malaysia.

 

6. Disciplinary Procedures

STERLING may follow disciplinary procedures against any employee who has committed a money laundering offence, which could result in dismissal.

 

7. Monitoring and Review

This Policy shall be reviewed and updated by the Board and /or the Management when necessary. Any incidents of money laundering reported to, and recorded will be incorporated into that review.

 

8. Examples of “Red Flags”

The examples below are not intended to be exhaustive but provide a general indication of the range of matters covered by this Policy.

• Payment by a person or company of any substantial sum in cash, particularly if they fail to provide proper evidence to confirm their identity and address.
• A person or company doing business with lacks proper paperwork, e.g. invoices, failure to quote an SST number or invoices issued by a company that lacks the company’s registered office/address and number.
• A person or company attempts to engage in circular transactions, where payment is followed by an attempt to obtain a refund from bank accounts.
• Unusual or unexpected large payments are made into the bank accounts.
• A secretive person or business e.g. that refuses to provide the requested information without a reasonable explanation.
• Absence of any legitimate source for funds received.
• Overpayments for no apparent reason.
• Involvement of an unconnected third party without a logical reason or explanation.
• Significant changes in the size, nature, and frequency of transactions with a customer that is without reasonable explanation.
• Requests for payments or refunds after funds have been paid into the bank account by a third party, particularly if there is a request to return money to a different account or individual to the payer.
• Cancellation, reversal or requests for refunds of earlier transactions.
• Funding is received from an organisation/NGO or entities in which all/part of the fund is then used to pay services provided by the organisation/NGO or entities directly related to the funding organisation/NGO.

 

 

PURPOSE

This Employee Non-Disclosure Policy is established to protect the confidentiality of the Company’s proprietary information and ensure compliance with the Personal Data Protection Act 2010 (PDPA). Employees are required to adhere to this Policy to safeguard sensitive information, including personal data processed in the course of their employment.

 

SCOPE

This Policy applies to all employees, interns and any other individuals engaged by Sterling Business Alignment Consulting Sdn Bhd (“STERLING” or  the “Company”) (collectively referred to as “Employees”) who have access to the Company’s confidential information during and after their tenure with the Company.

 

DEFINITION

Confidential Information includes, but is not limited to:

• Proprietary information such as trade secrets, business strategies, financial data, and operational plans.
• Personal data of employees, customers, or third parties collected or processed by the Company.
• Any data classified as confidential under the PDPA or relevant regulations.
• Any other information designated as confidential by the Company.

Confidential Information does not include:

• Information that becomes publicly available through no fault of the Employee.
• Information independently developed by the Employee without use of or reference to the Company’s Confidential Information.
• Information disclosed to the Employee by a third party lawfully and without breach of confidentiality obligations.

 

EMPLOYEE OBLIGATIONS

Employees are required to:

• Maintain Confidentiality: Ensure that all Confidential Information is protected and not disclosed to unauthorized individuals, both within and outside the Company.
• Limit Access: Access and use Confidential Information strictly for purposes related to their job responsibilities.
• Secure Information: Safeguard Confidential Information by implementing appropriate physical, technical, and administrative measures to prevent unauthorized access, use, or disclosure.
• Comply with PDPA: Process personal data in accordance with the principles and requirements set out in the PDPA.
• Report Breaches: Promptly report any actual or suspected breach of confidentiality to the Human Resources and Administration Department.

 

PROHIBITED ACTIONS

Employees are prohibited from:

• Disclosing Confidential Information to third parties without prior written authorization from the Company.
• Using Confidential Information for personal gain or purposes unrelated to their job responsibilities.
• Copying, reproducing, or removing Confidential Information from the Company’s premises without proper authorization.

 

DURATION OF OBLIGATION

Employees’ obligations to maintain the confidentiality of the Company’s Confidential Information remain in effect both during and after their employment with the Company. Any unauthorized use or disclosure of Confidential Information after employment will result in legal action and penalties under applicable laws.

 

RETURN OF CONFIDENTIAL INFORMATION

Upon termination of employment or engagement, Employees must:

• Return all documents, files, and electronic media containing Confidential Information.
• Delete or destroy any copies of Confidential Information in their possession.

 

LEGAL AND DISCIPLINARY ACTIONS

Failure to comply with this Policy may result in disciplinary action, including termination of employment. The Company reserves the right to pursue legal remedies for any unauthorized use or disclosure of Confidential Information.

 

ACKNOWLEDGMENT AND AGREEMENT

Employees are required to sign a Non-Disclosure Agreement (NDA) as a condition of their employment or engagement with the Company. By signing the NDA, Employees acknowledge their understanding of and agreement to comply with this Policy.

 

REVIEW AND UPDATES

This Policy will be reviewed periodically to ensure its alignment with legal requirements, including the PDPA, and updated as necessary. Employees will be informed of any changes to this Policy through official communication channels.

 

 

Policy Statement

At Sterling Business Alignment Consulting Sdn Bhd, we adopt the SHIELD principles to govern Information Technology (IT), ensuring strategic alignment, operational efficiency, compliance, and the protection of critical assets. This policy is also for managing IT resources responsibly, ensuring compliance with Malaysian laws and standards and achieving organizational objectives while safeguarding information, driving innovation and promoting sustainable growth.

 

SHIELD Framework for IT Governance

S – Strategy

• IT strategies must align with organizational goals and comply with relevant regulations, including the Personal Data Protection Act and Malaysia Cybersecurity Act.
• Conduct regular IT strategy reviews to adapt to technological advancements and regulatory changes.

H – Honesty

• Ensure transparency in IT operations and decision-making processes.
• Promote ethical use of technology and compliance with data protection laws, including ensuring users’ rights under the Personal Data Protection Act .
• Foster open communication about IT risks, vulnerabilities and mitigation strategies.

I – Innovation

• Encourage the adoption of emerging technologies while adhering to Malaysian standards and guidelines.
• Invest in innovative IT solutions that enhance operational efficiency and competitive advantage.
• Regularly evaluate and update IT systems to remain compliant with Cybersecurity Malaysia guidelines.

E – Excellence

• Implement IT Good Governance standards to ensure excellence in information security management.
• Conduct regular risk assessments to maintain IT system integrity and compliance.

L – Leadership

• Assign clear roles and responsibilities for IT governance, ensuring leadership accountability.
• Provide training programs for leaders and employees on cybersecurity, data privacy and ethical IT usage.

D – Delivery

• Ensure timely implementation of IT usage with a focus on compliance, efficiency, and effectiveness.
• Monitor IT performance and outcomes for better delivery of services to stakeholders.