This document describes the policy and measures implemented by CGI Inc., together with its direct and indirect subsidiaries excluding CGI Federal Inc. (collectively, “CGI”), with respect to reporting incidents of possible misconduct or alleged violations of the Code of Ethics and Business Conduct, its underlying policies, and the Third Party Code of Ethics (herein referred to as the “Codes”), as well as applicable laws. It has been developed to ensure the integrity of CGI’s operating rules and internal controls and is in keeping with our corporate governance practices.
This policy is not intended to replace normal communication channels and other CGI policies used to conduct CGI’s day to day business, and we encourage member-partners and sub-contractors to maintain an open dialogue with their peers, managers and superiors and to follow the Codes at all times.
We must use this policy if we have witnessed incidents or misconduct that could harm CGI, its clients, member-partners or shareholders, and wish to advise CGI.
CGI has zero tolerance for retaliation against anyone who reports incidents in good faith.
Who is responsible for this policy?
The Executive Vice-President, Legal and Economic Affairs, and Corporate Secretary of CGI, or any other person performing similar functions, is responsible for the Ethics Reporting Policy (herein referred to as the “Policy”).
Who can use this policy?
Any salaried employee (“member-partner”), officer or director of CGI (collectively with member-partners, “we” or “us”), regardless of employment status, and any person who has direct knowledge of facts related to one or more situations targeted by this Policy can report incidents using the reporting channels implemented by CGI as described below.
Examples of incidents
Incidents or misconduct covered by this Policy are those that could harm CGI, its clients, member-partners or shareholders. A few examples include:
- Accounting and financial auditing misstatement or non-compliance;
- Manipulation or falsification of data, reports or contracts;
- Fraud, theft or embezzlement;
- Financing of suspicious activities;
- Money laundering;
- Corruption or bribery;
- Disclosure of privileged information or insider trading;
- Harassment or discrimination;
- Conflicts of interest;
- Violations of Data Privacy Laws or internal policies;
- Misuse of data and/or breaches of Security policies and standards;
- Non-compliance with laws, regulations or rules applicable to CGI;
- Any other violations of our Codes.
Click here to access CGI’s Code of Ethics.
Policy application
This policy complements the information transmission processes outlined in our management frameworks, Codes and any other policies or guidelines, and is in no way intended to replace them.
Reports can be made openly, confidentially and/or anonymously, as allowable by law, via any of the following reporting channels:
- Any manager or any other individual in our management chain or leadership team;
- Any member-partner of the HR department or the CGI legal team;
- Any officer of CGI, especially when mandated by the Codes;
- Our ethics mailbox (ethics@cgi.com); or
- Our Ethics Hotline.
Throughout the process, respect for the interests and fundamental rights of the person named in the report is also assured. Investigations are confidential and CGI will not divulge findings of such investigations, unless legally required to, in order to protect the rights of all parties involved, particularly when disciplinary actions are undertaken.
This policy must only be used in good faith. Member-partners who file an unfounded complaint intended to cause harm may face disciplinary action, up to and including termination of employment.
Ethics hotline
To enable reporting in accordance with this Policy, CGI has implemented a hotline, available 24 hours a day, 7 days a week. The use of the Ethics Hotline is voluntary and not mandatory. If a report is made anonymously via our Ethics hotline, protection of the identity of the incident reporter is completely assured.
Two methods of reporting exist: via an automated online system or a phone number. Information is channeled through a secure, automated system whereby confidentiality is assured. The process adheres to the requirements of North American and European authorities with respect to the protection of privacy, the protection of the incident reporter and the protection of the rights of the person or persons named in the report.
The process remains anonymous unless incident reporters choose to identify themselves when transmitting information or during an investigation.
To report an incident
- By Phone: Call (800) 461-9330
- Online: Go to the Ethics Hotline to file a report.
Please note that you will leave the Portal and be directed to the Convercent Web site.
SPECIAL NOTE OF CAUTION – CLASSIFIED OR RESTRICTED INFORMATION
In dealings with government entities or other clients, we may have access to export restricted or classified information. Classified information is information that is protected under government security regulations (“Classified Information”). UNDER NO CIRCUMSTANCES CAN EXPORT RESTRICTED OR CLASSIFIED INFORMATION BE INCLUDED IN AN INCIDENT REPORT UNDER THIS POLICY.
Description of investigation process and identification of those involved
Investigation Process
When an ethics incident is reported using any of the reporting mechanisms described above, the report is inputted in the Ethics Hotline either by the reporter or by the corporate function to whom the report is made initially.
Once the report is inputted into the Ethics Hotline, a notice is sent to the Executive Vice-President, Legal and Economic Affairs, and Corporate Secretary of CGI, or any other person performing similar functions and designated delegates. Depending on the nature of the incident, it may also be sent to the CGI’s local internal or external legal counsel and/or pre-identified senior executives (each a “Recipient of the Report”).
An investigation of the incident is launched upon receiving the information, and necessary actions are taken to resolve the situation based on the circumstances. Any Recipient of the Report may contact the incident reporter in order to clarify certain facts or obtain additional information relevant to an investigation. However, in no circumstances can the Recipient of the Report request identification or reveal identification of the incident reporter in any communications other than those within the investigation team, unless this individual freely chooses to be identified.
If the person named in the report is a Recipient of the Report or a senior executive of CGI, the report is immediately directed in complete confidentiality to the Founder and Executive Chairman of the Board, to the President and Chief Executive Officer and to CGI’s external legal counsel.
Upon receipt of a report and until the matter is closed, oversight of any investigation that takes place with respect to the report will be managed by the Executive Vice-President, Legal and Economic Affairs, and Corporate Secretary of CGI, or any other person performing similar functions, unless oversight is otherwise delegated by the Recipients of the Report.
If responsibility is established, the CGI will take appropriate disciplinary or legal action. The file will then be closed, and the information will be archived in accordance with CGI policies.
If the investigation cannot establish responsibility or if the report is unfounded and CGI decides not to take action, the file will be closed and the information will be archived in accordance with CGI policies.
In some cases, incident reporters may receive a message from a Recipient of the Report encouraging them to deal directly with their manager or local human resources representative.
Approval
CGI Inc. Corporate Governance Committee, April 30, 2024