CCC Fraud Control Policy
CCC Intelligent Solutions Holdings Inc. and its subsidiaries and entities controlled by it (the “Company”) is committed to complying with applicable laws, rules, and regulation. The purpose of this Fraud Control Policy (this “Policy”) is to expand and provide further guidance to the Company’s Directors, Officers, and employees, in conjunction with the Company’s Whistleblower Policy, on the various methods used by the Company for preventing, detecting, reporting on, and remediating fraud and related activities. This Policy is also designed to provide assurance that any and all suspected fraudulent activities will be fully investigated. This Policy is applicable to all Directors, Officers, employees, agents, representatives and other third parties when they act on behalf of the Company.
2. POLICY STATEMENT
The Company is committed to creating an environment that helps prevent, detect, and remedy fraudulent activities. The Company encourages all employees, vendors, customers, and all other internal and external parties to report any incident of Fraud to the Company. The Company is also committed to complying with applicable local, state, and federal laws, rules and regulations. Policies and programs established by the Company have been designed to detect, prevent, and remediate Fraud. The Company’s framework outlining the ethical standards and responsibilities for reporting incidents of Fraud can be found within the following Company policies:
- Code of Ethics
- Global Anti-Bribery Policy (including Foreign Corrupt Practices Act)
- Whistleblower Policy
- Insider Trading Policy
3. WHAT CONSTITUTES FRAUD
For purposes of this Policy, “Fraud” is defined to mean and include:
- An intentional act of deception or misrepresentation of fact, that results in a misstatement, either quantitatively or qualitatively, in the financial statements. The misstatement can involve fraudulent financial reporting, misappropriation of assets or corrupt business practices. Frauds are perpetrated by parties and organizations, either internal or external, to obtain money, property or services; to avoid payment or loss of services; or to secure personal or business advantage;
- The occurrence of any of the following:
- Misrepresentation of the financial condition of the Company, accomplished through the intentional misstatement or omission of amounts or other information in the financial statements to deceive financial statement users;
- Misappropriation of company assets including but not limited to cash receipts, disbursements, inventory, and non-cash assets;
- Bribery and corruption including the offering, giving, soliciting, or acceptance of anything of value with the intent to corruptly influence the action of any person;
- Theft of assets including intellectual property;
- Forgery or alteration of any document, account, or other record; or
- Other similar activities.
4. REPORTS OF FRAUD AND INVESTIGATION PROCEDURES
The Company takes allegation of Fraud seriously, and has established the following processes for reporting and investigating such events:
- All reports of incidents of Fraud (through EthicsPoint or other reporting mechanisms) will be forwarded to the Legal Department or the Audit Committee.
- Following any allegation of Fraud, a thorough investigation (which may be conducted by the Company or by an independent third party) will be undertaken to establish the facts in an equitable and objective manner. Depending on the nature of the allegation, investigative actions may include:
- Interviewing suspects and witnesses, taking statements, and securing evidence
- Liaising with other departments or law enforcement
- Any other activity as directed by the Audit Committee or the Legal Department
- After completion of an investigation, the Company will take legal and/or disciplinary action in all cases where it is considered appropriate. The Company commits to unbiased, consistent handling of cases.
- At the conclusion of an investigation, the Legal Department will provide a briefing to the Audit Committee summarizing the facts of the case and any recommended actions resulting from such an investigation. The Legal Team will also take action to consolidate and retain any materials related to the investigation, and appropriately protect them to prevent disclosure of confidential Company information.
The Company will cooperate fully with police investigations which may result in the offender(s) being prosecuted. Steps will be taken to attempt to recover all losses resulting from the Fraud. A civil action against the perpetrator may be taken, if appropriate.
5. ROLES & RESPONSIBILITIES
It is the responsibility of all individuals acting on behalf of the Company to participate in the prevention, detection, reporting, and remediation of Fraud. The roles and responsibilities of various groups and departments within the Company in these efforts are set out in Appendix 1 to this Policy.
“RED FLAGS” FOR BRIBERY
- Demonstrate and instill an appropriate anti-Fraud tone and culture throughout the Company.
- Undertake efforts to understand the risk exposure of the company and implement controls designed to prevent and/or detect Fraud within their departments or units.
- Ensure that their employees are aware of the Policy and related requirements.
- Strive to create an environment in which staff feel safe to approach them with any concerns they may have about suspected irregularities.
- Provide targeted training to employees who are responsible for more susceptible areas (e.g., Accounts Payable and Receivable).
- Ensure that references and qualifications of all proposed new employees of the Company are thoroughly checked prior to a position being offered.
- Report all incidents of Fraud that they are aware of or allegations of Fraud that have been communicated to them.
- Should not participate in receiving or giving benefits of any kind from or to any third party unless the benefit is not perceived to improperly influence the conduct of anyone within the Company.
- Maintain department-specific procedural documents aligned with this Policy.
- Be familiar with the types of Fraud that might occur within their area of responsibility and be alert for any indication of Fraud.
- Consider Fraud prevention and detection in their day-to-day operations.
- Identify the risks to which systems and procedures are exposed to Fraud as part of evaluating their internal control framework.
- Maintain and execute designed controls completely, accurately, and timely to assist in preventing or detecting Fraud.
- Assist in strengthening controls where necessary to mitigate and prevent Fraud.
Chief Legal Officer / Legal Department
- Manage the EthicsPoint helpline process and monitor information received from the hotline and other channels.
- Participate in creating and maintaining appropriate anti-Fraud and related policies and procedures and assist in communicating these to all employees and third parties.
- Lead the compliance function at the Company, including policies, procedures, and behaviors that ensure a culture of integrity enabling the Company to conduct its global business with the highest ethical standards, in full compliance with applicable laws and regulations, and the Code of Ethics.
- Manage the overall process of investigating, concluding, and resolving allegations of Fraud, unethical behavior, non-compliance accounting matters and FCPA violations
- As needed, perform investigation of allegations of Fraud in accordance with Policy.
- Provide communication on a periodic basis to the Audit Committee including:
- Report on the status of investigations related to allegations of Fraud.
- Ad-hoc communications on any other significant or sensitive matters.
- Provide guidance and resources as necessary for the Company to implement this policy.
- Maintain the confidentiality and security of allegations, evidence, and investigations.
Finance and Accounting
- Report all incidents of Fraud in accordance with Policy.
- Coordinate with Legal on investigations and reporting to Audit Committee as needed.
- Report to the Audit Committee on the adequacy of processes and controls for managing the risk of Fraud and ensuring that the Company promotes an anti-Fraud culture.
- Assist in the deterrence and prevention of Fraud by examining and evaluating the effectiveness of controls commensurate with the extent of the potential exposure/risk in the various segments of the Company’s operations.
- Support Management’s review of the Company’s risk exposure.
- Monitor financial activity and achievements for indications of Fraud.
Board of Directors and Audit Committee
Provide oversight over:
- Creation of the appropriate “tone at the top.”
- Monitor for Fraud or violations of the Code of Ethics.
- Appropriate investigation of suspected Fraud and remediation. Allegations involving accounting matters will be investigated under the direction of the Audit Committee
- Whistleblower and EthicsPoint Hotline processes.
- Internal Audit program