Murray & Roberts

ETHICAL BUSINESS CONDUCT MANAGEMENT

ETHICS

The Board and leadership team lead by example, maintaining an ethical culture through open and ethical decision-making. We expect every employee and all our businesses, business partners and suppliers who work on our behalf to adhere to and/or apply and practice our high ethical standards when conducting our business activities.

This includes our Statement of Business Principles, Code of Conduct and Values and our frameworks such as our health, safety and environment (HSE) framework, standards such as our anti-bribery and corruption standard, and project delivery standards as minimum best practice, in tandem with all local laws, regulations and contracting norms. Behaviours that depart from these principles are firmly sanctioned.

The Code of Conduct and supporting policies and standards are regularly revised and updated.

Business conduct

Our Statement of Business Principles, Code of Conduct and Values support ethically robust and defensible decision-making, including on competitive and fair pricing of projects, contracts with reasonable commercial terms and to deliver predictable project outcomes in line with expectations.

Employees are required to complete an online assessment of their understanding of and commitment to the Code. Various online courses and workshops also provide training on ethical business conduct.

New employees are required to undertake an induction programme which emphasises the importance of the Group’s Statement of Business Principles, Code of Conduct and Values, and communicates our culture and performance expectations.

Formal declarations

Employees and business partners are made aware of the Group’s governance policies, standards and procedures. Group executives and senior management complete written declarations twice a year, confirming that they are aware of the Group’s anti-bribery and corruption policies and are not aware of any instances where these policies, or competition laws have been infringed.

For every tender submitted, everyone in a position of authority and influence in the preparation and authorisation of the tender formally declares that there was no unethical, unlawful or uncompetitive practice involved in the preparation and/or submission of the tender, and that they are not aware of anyone affiliated with the tender directly or indirectly having committed any such malpractice. The declaration is binding throughout the project life cycle.

REGULATORY COMPLIANCE

As a multinational organisation, regulatory compliance is complex as we must comply across all jurisdictions of operation with legal and other requirements that could materially impact our performance and sustainability. We use a structured approach to evaluate potential compliance failures and implement adequate responses to prevent and, where necessary, mitigate any negative impact.

The Group regulatory compliance executive, with the assistance of internal audit, investigates and reports on:

• The multiple regulatory environments applicable to our businesses.
• The organisational controls in the jurisdictions in which we operate that ensure compliance with all applicable laws, rules, codes and standards.
• The levels of compliance across the Group based on a comprehensive internal audit, monitoring and review plan.
• The corrective actions and improvements required, including education and training, to address any identified control weaknesses or compliance failures.

HUMAN RIGHTS

We uphold the human rights of people in all jurisdictions of operation, including the right to collective bargaining, the right to peaceful industrial action and all other labour rights. We reject child and forced labour and respect the rights of Indigenous Peoples.

DISCRIMINATION AND INEQUALITY

Discrimination in any form is not tolerated. Appropriate disciplinary action is taken against offenders. All employees, joint-venture partners and subcontractors are required to treat the people they encounter with dignity and respect, and promote the diversity, equity and inclusion (DEI) priorities of the countries in which they operate.

WHISTLE BLOWING

Employees, joint-venture partners, subcontractors and all concerned stakeholders are encouraged to report any incidents of workplace dishonesty, unlawfulness and unethical behaviour within our operations, including discrimination, theft, fraud and corruption.

The Deloitte Tip-Offs Anonymous hotline covers the corporate office, our mining businesses globally and our renewable energy and power infrastructure business. This independently managed hotline is toll free and safeguards anonymous reporting. All reports are recorded in an incident register and alleged unlawful conduct is thoroughly investigated by independent forensic consultants and fully reported on.
How it works:

• Anybody can contact Tip-Offs Anonymous.
• Trained operators will respond to calls in all 11 of the official South African languages and in Chile, in Spanish.
• The hotline is open 24 hours a day and 365 days a year.
• All information is fed back to the Group for further investigation.
• Tip-Offs Anonymous will never reveal the identity of the caller and reports can be made without revealing the name of the concerned stakeholder.

Additional information: refer to our whistle-blowing policy below.

Additional information: refer to our 2024 Indicator Report below.

SUPPLY CHAIN MANAGEMENT

Our business partners (joint-venture partners, subcontractors, service providers and consultants) and suppliers of goods and services help us deliver projects that meet client and stakeholder expectations. Collaborating with business partners and suppliers who share our sustainability objectives and align with our Values and principles therefore enables us to meet our environmental, social and governance (ESG) commitments and build strong stakeholder relationships.

Our supply chain standard applies to all business partners and suppliers, and specifies our requirements for environmental protection (water, energy, emissions, biodiversity, waste, pollution control, climate change and resource use) and social matters (safety and labour standards and DEI expectations). Our expectations are also clearly set out in our agreements.

Business partners and suppliers are selected based on Group and client requirements, covering a wide array of goods and services, and the regions in which our projects are based. The number of business partners and suppliers therefore varies year on year depending on the number of projects started or completed.

We endeavour to conduct pre-qualification assessments of potential business partners and to provide induction and training to prepare them for projects. Their performance is monitored during project execution and, where gaps are found, corrective measures are implemented. Audits, regular leadership engagements and climate surveys are additional measures used to track business partner performance.

These periodic reviews and the review following the completion of work yield valuable information for continuous improvement and provide guidance on whether to continue procuring services from a particular business partner in the future. This is also used to determine whether the business partner remains on the pre-qualified vendor list, which could potentially lead to the contracting relationship becoming a more sustainable partnering relationship.

DATA PROTECTION AND CYBERSECURITY

Our Statement of Business Principles, Code of Conduct and privacy standard set out our expectations in terms of the treatment of confidential information concerning privacy, individual, commercial, technical or contractual matters, as well as information protected by law and propriety information. We are satisfied that we comply with the requirements of the Protection of Personal Information Act in South Africa.

Our information management standard establishes the principles for the effective management of information and applies Group-wide. It defines business information as all information collected, produced, used and retained by the Group regardless of form (paper, electronic or otherwise) and includes records related to the Group and its employees and clients. Information owners are responsible for implementing the standard, tailored to the business practices and processes of their operations.

Our Statement of Business Principles also covers the sharing of information with trade associations and competitors. This must be done legally and ethically, without any direct or indirect improper means such as collusion, bribes or misrepresentation.

Cybersecurity and data privacy training and awareness, including simulated phishing tests, ensure that employees understand their responsibilities when working with and processing personal and confidential data.

We maintain robust cybersecurity frameworks to guard against cyberattacks. Improvements are made to our IT security framework, including our security governance processes and technical defences. We use appropriate technology, firewalls, encryption and mechanisms to secure email, servers and other end points. The cybersecurity standard prescribes a minimum set of controls for system and data security. Business continuity tests are undertaken annually, and a cyber incident response procedure is in place, including backup solutions to recover from breaches.

POLITICAL PARTY FUNDING

We do not favour any political party, group or individual. The use of funds to support political candidates or parties is prohibited, and we are not involved in any political activities.

SHAREHOLDERS

The Group has a capital structure where each share carries one voting right. There are no restrictions to the shareholders’ rights to introduce a resolution at the annual general meeting (AGM), subject to the requirements set out under section 61 of the Companies Act.

On receipt of a written demand delivered to the Group and submitted by holders in aggregate of at least 10% of the voting rights, the Board must call a shareholders meeting.

There are no anti-takeover measures in place and the Group is only able to issue shares with the express permission of the shareholders obtained by means of an ordinary resolution. No resolution to approve the general issue of shares has been proposed since the 2010 AGM. There are no limitations on share ownership as an anti-takeover device.

TAX

The Group does not trade in countries that are grey listed by the latest OECD tax transparency report. The sole purpose for registration in such countries is as an Investment Holding company, which does not obtain any tax benefit.

INTEREST OF DIRECTORS

Group directors held direct beneficial interests in 2 388 608 ordinary shares of the Group’s issued ordinary shares (FY2023: 2 342 338).

GOVERNANCE

Managing Group ethics is an important part of the Board’s focus and responsibility. The social & ethics committee oversees the application of our Code of Conduct and the controls needed to prevent and combat fraud, bribery and corruption. The committee receives a regulatory compliance report at three of its meetings, and reports its findings to the Board three times a year.

A maturity rating for people, process and technology is assigned to each cybersecurity control and is monitored and reported to the Board quarterly.

Additional information: governance of sustainability.

• Murray & Roberts Statement of Business Principles
• Murray & Roberts Code of Conduct
• Murray & Roberts Values
• Whistle-blowing policy
• Anti-bribery and corruption standard
• Privacy standard
• Maintaining an ethical culture and responsible business practices
• 2024 Indicator Report