Ethics, Conduct and Integrity

On aggregate the Framework focuses on two integrated themes to manage an array of potential, perceived or actual risk exposure areas. The first theme pivots on professional business conduct and ensuring integrity in how we operate. The second theme ensures the Group complies with all identified and applicable obligations imposed by laws, regulations, and adopted rules, codes, and standards the Group subscribe to, being applicable in the jurisdiction where the Group has a presence.

The Integrity theme pivots on engineered solution to support the business culture, from a conduct point of view. The Group Code of Conduct is the pivot of enabling internal and external stakeholders to gauge behaviour and integrity.

During 2016 the Group reviewed and updated the Code of Ethics and launched a revised Code of Conduct (“the Code”) in December 2016. The Code applies to all directors, employees (all categories) and stakeholders, and the nature and extent of the design is to cover all business and operational activities in the Group's end-to-end value chain. An end-to-end review of the Code is planned for 2024.

The Code is approved by the Board and its members, members of the Executive Committee and Company employees. They have signed an acceptance declaration to commit to embedding the intent, principles, and requirements of the Code in everyday business, and how we engage with all our stakeholders, internally and externally.

Impact

If not well managed, non-compliance to the Code, and related and aligned Policies, can have far-reaching effects, and can theoretically manifest in an array of related risks. The most importance ones being regulatory, reputation, and association risk from a business perspective. From an employee perspective, an individual may be subject to disciplinary action, and reputation risk, which could manifest in condemnation risk.

Commitment

Gold Fields is committed to operate within the ambit of the law and portray good corporate citizenship in how we conduct business, and more importantly with integrity.

Management Actions

Reference has been made to the process whereby solutions are engineered, operationalised, and maintained to support the business culture, from a conduct and strong inclusivity point of view.

An interactive Group Compliance Governance Portal enables execution and oversight, which systemically record, analyse, and report on the level of compliance, and adherence to the Code, in the Group. The Portal has a Code of Conduct Gateway to act as a centre of excellence for employees to further contextualise the Code and its application.

A cross-jurisdictional Framework, Policy Statement and Guideline Register for the Group and all Regions in the Group, therefore facilitating the alignment between these policy levels, and thus ensuring Group policy principles and application prevail. This register is published and maintained on the Group Compliance Governance Portal. In addition, the Register acts as the single source of truth for all internal governance documents, which apart from easy and reliable access by employees, enables document owners to adequately review and maintain documents. The solution is widely applied as a robust control mechanism, a prominent value attribute in ISO Certification, and moreover an solution to ensure alignment of the Code to related internal requirements recorded in Policy.

An interactive Third-Party Due Diligence Gateway enabling the Procurement teams across countries to ensure any potential risk of procuring products and services from a vendor is diligently accessed, and if same cannot be mitigated, not to enter a business relationship with the vendor.

Meta data analysis is conducted on filed declarations, required in terms of the Code, to determine trends, gaps and enhance the interpretation and application value of the guidance offer to the business. Data analytic tools enable management and other internal stakeholders to unpack identified trends and enhance the interpretation and application value.

Although the requirements of the Code and the ABC Policy are made applicable to contractors and suppliers, given the nature, extent and location, formal training sessions are not conducted. They are, however, furnished with a copy of the Code of Conduct, and are required to sign the Group's Supplier Code of Conduct Certification and via the normal contractual management cycle, contract managers ensure awareness of the Code, as it is a contractual requirement to adhere to the values and principles of the Code is included in all the agreements with third parties.

Conduct and ethical behaviour awareness and attestation across the Group.

Employees are required to complete an eLearning training programme on ethics, and as at end-December 2023, the completion rate was 91%. In addition, high-risk exposure portfolios, i.e., finance, procurement, stakeholder engagement, etc. have received more in-depth training, with a specific focus on anti-bribery and corruption, as a defined element of the Code. As part of the eLearning programme, there is a defined focus on corruption and bribery.

In addition to the programme, anti-corruption training, under the ambit of and within the outline of the Foreign Corrupt Practices Act (“FCPA”), has been initiated at senior levels of management and defined departments (i.e., finance, procurement, community relations, etc.). FCPA-training has been completed for all D band job levels and above, as well as for Board and the Executive Committee.

Gold Fields has also implemented a Group Whistle-blowing protocol and Policy.

Gold Fields has specific procedures in place to deal with any actual or potential corruption incident:

• International and local external legal counsel are consulted for sound boarding and guidance purposes, where required.
• The in-country legal teams take responsibility and are the regional custodians of the Code. They are thus the first port of call regarding advice. Significant matters are escalated to the Executive Vice-President: Group Head of Legal and Compliance. Note that a defined escalation and approval framework forms part of the Code. A Decision Tree has been developed regarding the application of key Code requirements. The Decision Tree is scoped and designed for the in-country legal teams to facilitate application, interpretation, and professional guidance.
• In-country legal teams are the first port of call regarding advice and incidents. Significant matters are escalated to the Executive Vice-President: Group Head of Legal and Compliance. Note that a defined escalation and approval framework forms part of the Code.
• Internal and external issues, depending on their severity, can also be escalated through the management structures, as defined in the Code. In addition, concerns about unethical and/or unlawful behaviour by external stakeholders may be raised through interactions between them and our operational procurement and contract management teams.
• The referenced Decision Tree serves a guidance tool purpose for dealing with stakeholder enquiries. In addition, the ample real life business examples offer excellent guidance re stakeholders with questions.
• Meta data analysis is conducted monthly per operating jurisdictions to determine trends and enhance the interpretation and application value of the Code, during the furnishing of advice and guidance. Also, annually, and where necessary, ad hoc reviews are conducted by Internal Audit and the Group Compliance Office.
• With reference to anti-corruption, the Group is involved in presentations on anti-corruption legislation with mining industry bodies, together with invited guests from government.

Measurement, Evaluation, Assurance and Assessment

Enhancement and development of the Framework is a key focus of the Legal & Compliance team. The Framework is therefore continuously reviewed and improved.

Structured reviews of the Framework are conducted by Internal Audit. This is to ensure the appropriateness and design/ operating effectiveness.

Reporting and Disclosure

Reporting forms an integral part of the contextualisation and disclosure focus of the Framework.

The Code enables the reporting of concerns about unethical, inappropriate, or unlawful behaviour, and organisational integrity via an array of reporting channels. The most prominent avenues are the certified tip-offs line (External Whistleblowing Hotline Service Provider Standard EO1.1.1), escalation to management and the Whistle-blowing Policy procedure. Re the tip-offs line, internal and external stakeholders have access to this line, which is independently operated and managed by an external entity. Confidentiality is guaranteed and the investigation process are recorded and approved by the Audit Committee. In addition, stakeholders are constantly reminded via awareness mechanism that any concern can be recorded anonymously.

Disciplinary case outcomes are indexed in line with themes in the Code. The intent is to enhance the nature and extent of awareness re the application of the Code, as well as to consistently review the Code for updates. During 2023 653 disciplinary cases were heard via formal hearings (2022: 392). 592 (91%) of these cases related to Code and related contraventions.

The reporting of trends is included in the monthly Compliance Update submitted to all Executive Vice Presidents across the Group. The intent is to keep them and their in-county management committees up to date re the state of business integrity and oversight. On a quarterly basis, an aggregate Compliance Governance overview is reported to the Group Audit Committee, and other defined Board sub-committees.