CITY BROKERS LTD CODE OF ETHICS & BUSINESS CONDUCT Approved by ARC/Board on 17 June 2026 Compliance and HR 6-1-2026 This Code sets out the ethical principles, conduct expectations, and responsibilities that apply to everyone who represents City Brokers Ltd ("CBL").
1 |21 Table of Contents 1. Introduction ..................................................................................................................................................................... 3 2. Definitions ........................................................................................................................................................................ 5 For purposes of this Code: ................................................................................................................................................ 5 3. Scope and Applicability............................................................................................................................................. 6 4. Mission, Vision and Purpose.................................................................................................................................. 6 4.1. Vision ............................................................................................................................................................................ 6 4.2. Purpose ....................................................................................................................................................................... 6 4.3. Values and Behaviours........................................................................................................................................ 6 4.3.1. Integrity & Trust .................................................................................................................................................. 6 4.3.2. Commitment to Excellence........................................................................................................................... 6 4.3.3. Client-Centric Focus ........................................................................................................................................ 7 4.3.4. Professional Excellence................................................................................................................................. 7 4.3.5. Respect & Dignity.............................................................................................................................................. 7 5. Core Ethical Expectations ....................................................................................................................................... 7 6. Legal & Regulatory Compliance........................................................................................................................... 7 7. Financial Integrity & Internal Controls ............................................................................................................... 8 8. ESG and Sustainability Commitments .............................................................................................................. 8 8.1. Environmental Stewardship .............................................................................................................................. 8 8.2. Social Responsibility ............................................................................................................................................. 9 8.3. Governance & Ethics ............................................................................................................................................ 9 9. Risk Management Responsibilities ..................................................................................................................... 9 9.1. Strategic Risk Areas ............................................................................................................................................. 9 9.2. Expectations.............................................................................................................................................................. 9 10. Client Relationships and Service Excellence ........................................................................................... 9 10.1. Comprehensive Needs Assessment ....................................................................................................... 9 10.2. Objective Product Presentation ............................................................................................................... 10 10.3. Transparent Communication ..................................................................................................................... 10 10.4. Responsive Service ....................................................................................................................................... 10 10.5. Internal Collaboration and Service ......................................................................................................... 10
2 |21 10.6. Claims Advocacy ............................................................................................................................................. 10 11. Professional Conduct Standards .................................................................................................................. 10 12. Anti-Bribery, Fraud and Corruption ............................................................................................................. 11 13. Conflicts of Interest (incl. Personal Relationships) .............................................................................. 11 14. Personal Relationships at Work .................................................................................................................... 11 15. External Employment, Side Businesses and Commercial Activities .......................................... 12 16. Prohibited Activities ............................................................................................................................................. 12 17. Gifts, Hospitality and Entertainment............................................................................................................ 13 18. Competition and Fair Dealing ......................................................................................................................... 13 19. Confidential Information and Insider Protection .................................................................................... 13 20. Data Privacy, Information Security and Cyber Resilience ............................................................... 13 20.1. Personal Data Handling ............................................................................................................................... 14 20.2. Cybersecurity Expectations ....................................................................................................................... 14 20.3. Data Protection Officer (DPO) – Contact ............................................................................................ 14 21. Artificial Intelligence and Responsible Technology Use ................................................................... 14 22. Remote Work and Confidentiality................................................................................................................. 15 23. Social Media and Online Conduct................................................................................................................ 15 24. Workplace Standards ......................................................................................................................................... 16 24.1. Equal Employment Opportunity ............................................................................................................... 16 24.2. Safety and Health............................................................................................................................................ 16 24.3. Anti‑Harassment .............................................................................................................................................. 16 24.4. Nepotism and Family Employment ........................................................................................................ 16 25. Political Neutrality ................................................................................................................................................. 17 26. Media and External Communications ........................................................................................................ 17 27. Asset Protection and Acceptable Use of Technology ........................................................................ 17 28. Compliance Monitoring, Reporting & Non‑Retaliation ....................................................................... 17 29. Record Retention.................................................................................................................................................. 17 30. Whistleblowing and Reporting ....................................................................................................................... 18 31. Governance and Oversight (ESG Champion, Risk Champion, DPO, MLRO) ...................... 18 32. Disciplinary Action ................................................................................................................................................ 18 33. Code Review, Updates and Acknowledgment ...................................................................................... 18
3 |21 Executive Summary This Code of Ethics and Business Conduct establish the fundamental principles and standards that govern the professional behaviour of all stakeholders associated with City Brokers Ltd (“CBL”, the “Company”, “we”, “us”, “our”) and individuals (“employees”, “you”, “your”) employed by CBL. This comprehensive framework serves as our ethical foundation and provides clear guidance for proper business conduct across all aspects of our operations. The Code is designed to foster trust, fairness, and professionalism within our company and throughout the insurance industry, ensuring that we consistently serve the best interests of our clients and contribute positively to the broader insurance marketplace. At CBL, we are committed to conducting business in a legal, ethical, and transparent manner. This Code provides general guidance for acceptable and appropriate behaviour; however, it does not contain every detailed requirement that may be needed during the course of employment or business relationships with our company. Each stakeholder is responsible for their actions. Violations can result in disciplinary action, including termination of employment and criminal prosecution. There will be no reprisal against an employee who in good faith reported a violation or suspected violation. The absence of specific guidelines, practice or instruction covering a particular situation does not relieve an employee or any other stakeholder from exercising the highest ethical standards applicable to the circumstances. If any employee has doubts regarding a questionable situation that might arise, that person should immediately consult his manager and in the case of an external stakeholder contact the CEO. Important Notice: This Code may be modified or revised from time to time as we continuously review our policies to ensure they remain current and effective. All stakeholders are expected to familiarise themselves with this Code and distinguish any proposal or action that would constitute a violation.
4 |21 1. Introduction This Code of Ethics & Business Conduct (“the Code”) sets out the principles, standards, and behavioural expectations that govern all activities of City Brokers Ltd (“CBL” or “the Company”). This Code is approved by the Board of Directors and applies to Directors, Management, Employees, Contractors, and Third Parties acting on behalf of CBL. The Code reflects our commitment to: • Integrity and transparency • Regulatory compliance • Responsible risk management • ESG integration • Protection of clients and stakeholders • Sustainable long-term performance This Code does not replace laws or internal policies. Where stricter rules apply under law or policy, those standards prevail.
5 |21 2. Definitions For purposes of this Code: ▪ “Board” means the Board of Directors of CBL. ▪ “Bribery” means making, accepting, offering, or promising to make (or conduct) a bribe, or other improper payments, benefits, or advantages to any person, individual, entity or company, or otherwise facilitate any direct payment to themselves (or others). ▪ “Company” or “CBL” means City Brokers Ltd and its subsidiaries or affiliated entities. ▪ “Conflict of Interest” means a situation where personal interests interfere, may interfere, or appear to interfere with CBL’s interests. ▪ “Director” means any member of the Board. ▪ “Employee” means any person employed by CBL on a permanent, temporary, fixed-term, internship, or part-time basis. ▪ “External Commercial Activity” means any paid employment, consultancy, freelance engagement, directorship, partnership, ownership interest, or business activity conducted outside CBL, whether part-time, formal or informal, including online businesses and self-employment. ▪ “Fraud” means making a false representation with the intention to make a gain for himself or another person, or to cause loss to another person, or to expose another person to a risk of loss. ▪ “Good Faith” means honest belief in the truth of the information reported, without malicious intent. ▪ “Personal Data” has the meaning assigned under the Data Protection Act 2017 (Mauritius). ▪ “Sensitive Personal Data” includes health, biometric, financial, minor, or legally protected information as referred to in the Data Protection Act 2017. ▪ “Third Party” means any consultant, contractor, insurer partner, intermediary, supplier, or service provider acting on behalf of CBL. ▪ “Retaliation” means adverse action taken against an individual for reporting concerns in good faith. ▪ “Romantic Relationship” refers to a consensual relationship of an intimate, emotional, or dating nature between two individuals that goes beyond a purely professional or platonic association. This includes relationships where there is a reasonable perception of emotional or intimate involvement, regardless of marital status or whether the relationship occurs inside or outside the workplace.
6 |21 3. Scope and Applicability This Code applies to all CBL employees (permanent, fixed-term, temporary, and interns), directors, contractors, and third parties acting on CBL’s behalf, regardless of location. It applies during business activities and includes external engagements where an employee may be seen as representing CBL. 4. Mission, Vision and Purpose Our Code is anchored in who we are and why we exist. The following statements guide our decisions and conduct across the organisation. 4.1. Vision To shape the future of insurance broking by delivering expert solutions rooted in service excellence, driving innovation to meet evolving client needs, and empowering our people to lead with confidence. 4.2. Purpose To deliver expert advice and exceptional service to every client – protecting what matters most to them through a human‑centred approach, innovation, trust, and long‑term performance. 4.3. Values and Behaviours Our values describe the standards we uphold and the behaviours we expect: 4.3.1. Integrity & Trust • Act honestly, transparently, and lawfully in all interactions. • Take responsibility for decisions and outcomes; avoid deceitful or manipulative behaviour. • Protect company and client assets and information; never engage in theft, fraud, or misrepresentation. 4.3.2. Commitment to Excellence • Deliver accurate, timely, and professional work. • Continuously develop skills and knowledge; complete all mandatory training.
7 |21 4.3.3. Client-Centric Focus • Understand each client’s needs before recommending solutions. • Communicate clearly on coverage, exclusions, and obligations. 4.3.4. Professional Excellence • Maintain required licences and professional standards. • Provide personalised advice and efficient turnaround times. 4.3.5. Respect & Dignity • Treat everyone with dignity and courtesy; foster inclusion and wellbeing. • Zero tolerance for violence, harassment, or victimisation. 5. Core Ethical Expectations All representatives of CBL must: • Act honestly and lawfully • Exercise sound professional judgement • Avoid actual or perceived conflicts of interest • Protect confidential information • Comply with regulatory requirements • Safeguard company assets • Report misconduct promptly 6. Legal & Regulatory Compliance CBL complies with all applicable laws and regulations including: • Financial Services Commission (FSC) requirements • Data Protection Act 2017 • FIAMLA 2002 and AML/CFT obligations • Financial Crimes Commission Act 2023 and Financial Crimes Commission Guidelines on Legal Persons 2025 • Employment and labour laws • Health & Safety legislation • Taxation laws • Competition and fair-trading laws • Cybersecurity & Cybercrime Act 2021
8 |21 • Information & Communication Technologies Act (ICT Act) 2021 Failure to comply may result in disciplinary action and legal consequences. 7. Financial Integrity & Internal Controls CBL maintains strong financial governance standards. All individuals must: • Ensure accuracy of financial records • Submit truthful expense claims • Comply with procurement and approval controls • Respect segregation of duties • Never create undisclosed funds or false entries • Protect against fraud or financial misstatement Any suspicion of fraud must be reported immediately. 8. ESG and Sustainability Commitments CBL is progressively integrating Environmental, Social, and Governance (ESG) considerations into decision‑making, planning, and reporting, aligned with IBL Group’s sustainability strategy We shall: • Appoint and empower an ESG Team at senior management level. • Use evidence‑based tools (e.g., Impact Mapping and Radar assessments) to identify ESG risks and opportunities across climate, ecosystems, water, pollutants, materials & waste, rights & wellbeing at work, rights & resilience in communities, and governance & ethics. • Prioritise and embed ESG actions with clear accountability and stakeholder alignment. 8.1. Environmental Stewardship • Use resources responsibly (energy, water, materials); reduce waste and emissions. • Comply with environmental laws and group standards; support initiatives that minimise our footprint.
9 |21 8.2. Social Responsibility • Promote health, safety, equity, and wellbeing at work. • Engage constructively with communities and respect human rights in our value chain. 8.3. Governance & Ethics • Maintain strong oversight, transparency, and board‑level engagement on ESG. • Report progress and integrate ESG into strategy and risk management. 9. Risk Management Responsibilities Managing risk is everyone’s responsibility. We maintain a proactive risk culture that identifies, assesses, mitigates, and monitors risks impacting our objectives. 9.1. Strategic Risk Areas • Regulatory & Compliance • Operational • Cybersecurity • Reputational • Strategic Partnerships 9.2. Expectations • Maintain an up‑to‑date Risk Register and implement mitigation plans. • Conduct compliance reviews; strengthen processes, automation, and controls. • Promote risk awareness at all levels, supported by a Risk Champion reporting to the CEO. • Implement cyber resilience measures for prevention, detection, and response. 10. Client Relationships and Service Excellence 10.1. Comprehensive Needs Assessment All employees are required to conduct thorough assessments to understand each client's unique risks, requirements, and objectives before recommending solutions.
10 |21 10.2. Objective Product Presentation We are committed to presenting a diverse range of insurance options that align with each client's specific needs and budget, without favouring any insurer based on personal gain or bias. 10.3. Transparent Communication All policy terms, exclusions, limitations, and conditions must be clearly explained to ensure clients have a complete understanding of their coverage and obligations. 10.4. Responsive Service We maintain a standard of prompt and professional response to all client inquiries and concerns, providing ongoing assistance throughout the entire lifecycle of each policy. Our standard practice in CBL is to respond to clients’ inquiries within 24 hours at least with an acknowledgement if we do not have the solutions immediately. 10.5. Internal Collaboration and Service All employees of CBL must: • Maintain a high standard of professionalism and cooperation in all internal interactions • Treat colleagues and departments as internal clients • Ensure timely responses to colleagues in line with applicable departmental KPIs • Support collaborative problem-solving • Contribute to consistent and effective service delivery to external clients 10.6. Claims Advocacy Our commitment extends to handling claims fairly and efficiently, consistently advocating for our clients' best interests within the terms and conditions of their insurance policies. 11. Professional Conduct Standards • Keep licences/certifications current, complete mandatory training annually. • Refuse participation in illegal or unethical activities, even under pressure. • Report suspected misconduct or fraud immediately to MLRO/alternate MLRO per internal procedures.
11 |21 12. Anti-Bribery, Fraud and Corruption CBL has zero tolerance for bribery, corruption, fraud, or improper inducements. No individual may: • Offer or accept bribes • Provide facilitation payments • Offer anything of value to improperly influence decisions All books and records must accurately reflect transactions. 13. Conflicts of Interest Conflicts may arise from: • Personal financial interests • External employment • External commercial activities • Family relationships • Supervisory relationships • Acceptance of significant gifts All actual or potential conflicts must be disclosed to the CEO. CBL may adjust roles or reporting lines to manage conflicts appropriately. 14. Personal Relationships at Work CBL recognises that personal romantic relationships may develop between consenting adults in the workplace. While the Company does not seek to interfere in employees’ private lives, such relationships must not create actual, potential, or perceived conflicts of interest, favouritism, bias, or misuse of authority. Romantic relationships are strictly prohibited where there is a direct or indirect reporting line, supervisory influence, involvement in performance evaluation, remuneration decisions, promotion, disciplinary action, or access to confidential employment information concerning the other party. Employees involved in a romantic relationship that may give rise to a conflict must disclose the situation promptly and confidentially to the CEO and HR so that appropriate measures (such as reassignment or adjustment of reporting lines) may be implemented. Failure to disclose a relationship that creates a conflict of interest may result in disciplinary action. All such matters will be handled discreetly, fairly, and with respect for privacy.
12 |21 15. External Employment, Side Businesses and Commercial Activities CBL recognises that employees may wish to engage in external commercial activities. However, such activities must not: • Create actual, potential, or perceived conflicts of interest • Compete directly or indirectly with CBL • Involve CBL clients, insurers, suppliers, or business partners • Use CBL confidential information • Use CBL time, systems, resources, or brand • Interfere with job performance, availability, or productivity • Damage CBL’s reputation Employees must disclose in writing to the CEO and HR any External Commercial Activity prior to its commencement. Approval may be granted where: • No conflict exists • The activity does not impair performance • It does not expose CBL to regulatory or reputational risk CBL reserves the right to: • Refuse approval • Impose conditions • Request cessation if a conflict later arises Failure to disclose external commercial activity may result in disciplinary action. 16. Prohibited Activities The following are strictly prohibited: • Acting as an insurance agent, or advisor outside CBL • Providing financial, risk, or insurance advice independently • Soliciting CBL clients for personal business • Using insider or confidential company information • Conducting business during working hours • Using CBL IT systems, email, or equipment for personal business
13 |21 17. Gifts, Hospitality and Entertainment Gifts and entertainment must be modest, lawful, infrequent, and never intended to influence a decision or create a sense of obligation. Do not solicit gifts or favours. As a guide, cumulative value should not exceed Rs 5,000 per year without prior approval. Always consider perception and potential conflicts. Please refer to the AMLCFT Gift Hospitality and Entertainment Policy & Procedures. 18. Competition and Fair Dealing CBL is committed to fair competition. Employees must not: • Engage in price fixing • Share sensitive commercial information improperly • Collude with competitors • Manipulate tender processes We compete fairly and ethically. 19. Confidential Information and Insider Protection Confidential information includes: • Client data • Pricing strategies • Tender information • Financial projections • Strategic plans Such information must not be disclosed without proper authorisation. It must never be used for personal gain. 20. Data Privacy, Information Security and Cyber Resilience We respect privacy and protect personal and confidential information. Access and share data strictly on a need‑to‑know basis and for legitimate business purposes, using secure methods and password protection when appropriate. Immediately notify the Data Protection Officer (DPO) of any unintended disclosure or suspected breach.
14 |21 20.1. Personal Data Handling • Collect only what is necessary; use for specified purposes. • Protect sensitive data (e.g., minors’ data, health information, pension data) with heightened controls. • Verify recipients before sending emails; use encryption/passwords for lists containing personal data. 20.2. Cybersecurity Expectations • Use strong passwords; do not share credentials; enable MFA where available. • Do not use corporate email for personal social accounts; avoid posting images of screens or badges. • Report phishing or suspected incidents immediately; follow incident response guidance. 20.3. Data Protection Officer (DPO) – Contact Data Protection Officer, City Brokers Ltd, 2nd Floor Harbour Front Building, John Kennedy Street, Port Louis, Mauritius. Email: dpo@citybrokers.mu | Tel: +230 2082522 21. Artificial Intelligence and Responsible Technology Use CBL recognises the increasing use of artificial intelligence (AI), automation tools, and digital platforms in business operations. While such technologies may enhance efficiency and innovation, they must be used responsibly and in compliance with legal, regulatory, confidentiality, and data protection obligations. Employees must not: • Upload or input confidential, client, financial, strategic, or personal data into external AI platforms or digital tools that are not formally approved by CBL. • Use AI tools in a manner that bypasses internal controls, regulatory obligations, or professional judgement. • Rely solely on automated outputs for client advice, underwriting analysis, or risk assessment without appropriate human review. All technology used for business purposes must be authorised, secure, and compliant with internal IT security policies. Employees remain fully accountable for decisions made using technological tools.
15 |21 22. Remote Work and Confidentiality Where remote or hybrid work arrangements are permitted, employees remain fully responsible for safeguarding confidential information and company assets. Employees working remotely must: • Ensure that work devices are password-protected and not accessible to unauthorised individuals; • Do not use unsecured public Wi-Fi networks without appropriate security measures; • Prevent confidential conversations from being overheard; • Secure physical documents containing sensitive information; • Ensure screens and printed materials are not visible to third parties. The same standards of data protection, cybersecurity, and professional conduct that apply in the office apply equally in remote work environments. Failure to protect confidential information while working remotely may result in disciplinary action. 23. Social Media and Online Conduct Employees must exercise sound judgement and professionalism when using social media or participating in online discussions, whether during or outside working hours. Employees must not: • Disclose confidential, proprietary, or client information; • Post defamatory, discriminatory, offensive, or misleading content; • Make statements that could reasonably be interpreted as representing CBL without authorisation; • Criticise clients, insurers, business partners, colleagues, or competitors in a manner that may harm CBL’s reputation. Where employees identify themselves as associated with CBL, they must ensure their conduct is consistent with the Company’s values and professional standards. Personal social media use must not interfere with work responsibilities.
16 |21 CBL reserves the right to take appropriate action where online conduct materially damages the Company’s reputation or breaches this Code. 24. Workplace Standards 24.1. Equal Employment Opportunity Decisions on recruitment, promotion, and career development are based on merit and business needs. We provide equal opportunities in line with Mauritian laws and prohibit discrimination on protected grounds. 24.2. Safety and Health • Maintain a safe, secure, and healthy workplace; follow safety rules and report hazards or incidents immediately. • Substance abuse that impairs safety is prohibited. 24.3. Anti‑Harassment • Treat everyone with respect and professionalism; no tolerance for harassment, violence, or threats. • Report concerns promptly through the channels in Sections 28 or 30. 24.4. Nepotism and Family Employment For the purposes of this Code, a “Close Family Member” includes a spouse, partner, parent, child, sibling, in-law, or any individual with whom there is a significant familial relationship. Employees must disclose if: • A Close Family Member is employed by CBL; • A Close Family Member is being considered for employment; • A Close Family Member works for a client, insurer, supplier, or competitor where the employee has influence over business decisions. No employee may participate in the recruitment, supervision, performance evaluation, remuneration decision, or disciplinary process of a Close Family Member. All family-related disclosures will be managed confidentially and objectively to prevent favouritism, bias, or conflicts of interest.
17 |21 25. Political Neutrality CBL does not support political parties or candidates using company resources. Employees may engage in personal political activities in a private capacity but must not: • Use company assets • Represent CBL in political matters • Create perception of company endorsement 26. Media and External Communications All press or official requests from authorities or external stakeholders must be approved by the CEO. Communications must be timely, consistent, and compliant with disclosure requirements. 27. Asset Protection and Acceptable Use of Technology • Use company assets efficiently and for legitimate business purposes only. • Do not waste, misuse, or misappropriate funds, data, or equipment. • Follow acceptable‑use rules for systems, devices, and information. • Upon request from IT, bring company assets within 24 hours. Misuse, theft, or waste of assets is prohibited. 28. Compliance Monitoring, Reporting & Non‑Retaliation • All new employees receive the Code during onboarding; annually, employees reconfirm understanding. • Raise concerns to your manager (where application), CEO, Compliance, MLRO/alternate MLRO. • CBL prohibits retaliation against anyone who raises a concern in good faith or participates in an investigation. 29. Record Retention • CBL maintains records in accordance with regulatory and legal requirements. • Employees must: • Retain documents per retention schedules • Not destroy documents subject to investigation or regulatory review • Ensure secure disposal of sensitive information
18 |21 30. Whistleblowing and Reporting CBL encourages reporting of suspected misconduct. Reports may be made to: • Immediate Manager • CEO • Compliance • MLRO • DPO (personal data matters) Anonymous reporting is permitted where legally permissible. All reports will be handled confidentially and investigated fairly. Retaliation against individuals reporting in Good Faith is strictly prohibited. Malicious or knowingly false reports may result in disciplinary action. 31. Governance and Oversight (ESG Champion, Risk Champion, DPO, MLRO) The Board oversees ethical governance. Key roles: • ESG Champion • Risk Champion • DPO • MLRO • CO • DMLRO Annual confirmation of compliance with this Code is required. 32. Disciplinary Action Violations of this Code may result in: • Verbal or written warning • Suspension • Termination • Legal action Disciplinary measures will follow applicable local employment legislation and internal disciplinary procedures. 33. Code Review, Updates and Acknowledgment This Code is reviewed periodically by Management and updated as needed. It does not create an employment contract or specific rights. By working with CBL, you acknowledge
19 |21 your responsibility to understand and comply with this Code and to seek guidance whenever in doubt.