GOVERNANCE, ETHICS, AND CYBERSECURITY

Integrating sustainability thinking in the way we conduct our business flows naturally from our Purpose and our culture of Engineered Excellence. We work to continually improve our ESG performance and reporting to meet stakeholder expectations for transparent, measurable and standardised reporting that aligns to international frameworks and associated commitments.

A high standard of corporate governance has been instilled within the Group. We gain competitive differentiation in how we execute projects that are safe, efficient, and of high quality while considering environmental impacts; in our approach as an employer in all our markets; and in how we behave as a corporate citizen with international and local responsibilities. An effective governance structure, aligned with the principles and practices of King IV, is in place and a clear organisational framework defines the relationships and decision-making rights between governing bodies in the Group and across business platforms. Our governance frameworks and reporting structures ensure visibility and compliance across all our business platforms.

ETHICAL BUSINESS CONDUCT

Corporate culture ultimately determines strategic choices and outcomes. The Murray & Roberts culture is real and present. It is rooted in our Values and aligns our operations to the philosophy of Engineered Excellence. Our Values, Statement of Business Principles and Code of Conduct guide the Board, the executive team and our employees when acting for and on behalf of the Group in pursuit of our strategic and business objectives.

These pillars are the reference point for our decisions on policy positions, capital allocation, business practices and contracting principles, as well as how we manage performance and set and communicate our priorities.

The Board and leadership team lead by example, maintaining an ethical culture through open and ethical decision-making. The social & ethics committee oversees the application of our Code of Conduct and the controls needed to prevent and combat bribery and corruption.

We expect every one of our employees to adhere to our high ethical standards, and all our businesses and partners are expected to align to the Group’s frameworks, standards and Values as minimum best practice, in tandem with all local laws, regulations and contracting norms.

The following three elements ensure we uphold our reputation for responsible and ethical conduct:

1. Code of Conduct
Our Code of Conduct supports ethically robust and defensible decision-making. It applies to all employees and all other stakeholders with whom we do business. Behaviours that depart from these principles are firmly sanctioned. The code and supporting policies are updated regularly.

2. Standards of Good Practice
We subscribe to and comply with the 10 business principles of the UN Global Compact and with the principles and standards of good practice of the OECD Guidelines for Multinational Enterprises.

3. Business Practices
Group executives and senior management complete written declarations twice a year, confirming they are aware of the Group’s anti-corruption and bribery policies and are not aware of any instances where these policies, or competition law, have been infringed. For every tender submitted, everyone in a position of authority of influence in the preparation and authorisation of the tender, formally declare that there was no unethical, unlawful or uncompetitive practice involved in the preparation and/or submission of the tender, and that they are not aware of anyone else affiliated with the tender directly or indirectly having committed any such malpractice. The declaration is binding throughout the project life cycle.

SHAREHOLDERS

The Company has a capital structure where each share carries one voting right. There are no restrictions to the shareholders’ rights to introduce a resolution at the AGM, subject to the requirements set out under Section 61 of the Companies Act. On receipt of a written demand delivered to the Company and submitted by holders in aggregate of at least 10% of the voting rights, the Board must call a shareholders meeting.

There are no anti-takeover measures in place and the Company is only able to issue shares on the express permission of the shareholders by means of an ordinary resolution. No resolution to approve the general issue of shares has been proposed since the 2010 AGM. There are no limitations on share ownership as an anti-takeover device.

TAX

The Group does not trade in countries that are grey listed by the latest OECD tax transparency report. The sole purpose for registration in such countries is as an Investment Holding company which does not obtain any tax benefit.

AUDIT FEES

PricewaterhouseCoopers non-audit related fees are 14% (FY20: 10%) of the total audit fees.

INTEREST OF DIRECTORS

The directors of the Company held direct beneficial interests in 2 342 338 ordinary shares of the Company’s issued ordinary shares (FY2021: 1 879 694).

WHISTLE BLOWING POLICY

The Whistle Blowing Standard, implemented by the Murray & Roberts Limited Board and management teams, provides for the anonymous reporting of unethical behaviour and is available to all stakeholders of the Group.

The Murray & Roberts Group conducts its business honestly and with integrity. This protects the reputation of our organisation and our employees. The Group subscribes to an independent, confidential whistle-blowing hotline service that operates 24 hours a day, 7 days a week and 365 days a year.

How does it work?

  • Anybody can contact Tip-Off's Anonymous.
  • Trained operators will respond to calls in all 11 of the official languages.
  • The hotline is open 24 hours a day and 365 days a year.
  • All information is sanitised and fed back to the company for further investigation.
  • Tip-Off's Anonymous will never reveal the identity of the caller and you don’t have to give your name.

Contact Tip-Off''s Anonymous using any of these methods:

  Toll Free 0800 00 32 46
  Free Fax 0800 00 77 88
  murrob@tip-offs.com
  www.tip-offs.com
  Freepost DN298, Umhlanga Rocks, 4320

CYBERSECURITY

As the Group accelerates its digital strategy, the potential for disruption or damage to the Group caused by cyber breaches or attacks increases. The Group maintains robust cybersecurity frameworks to guard against these real threats.

Our IT systems are independently tested, and improvement are regularly made to our IT security framework, including our security governance processes and technical defences. We use the lates technology firewalls, encryption and mechanisms to secure email, servers and other end points. Business continuity system restore tests are run annually and a cyber incident response procedure is in place, including backup solutions to recover from breaches, insurance cover for cybercrime-related losses and cybersecurity awareness programmes for employees. A cybersecurity standard prescribes a minimum set of controls to provide system and data security.

FY2022 performance:

  • We are satisfied that we comply with the POPI Act requirements, and POPIA awareness in the organisation is ongoing.
  • There were no cybersecurity breaches in FY2022 and no data lost (FY2021: none).
  • We conducted an external compliance assessment against the Group-wide minimum security baseline standard, which incorporates a number of cybersecurity controls. A maturity rating for people, process and technology is assigned to each control, and is monitored and reported to the Board quarterly.
  • Board members were provided with the opportunity to participate in online cybersecurity training.