IMPACT INVESTING Q4 2022 | Page 10

Responsible Business Practices

Code of Business Conduct and Ethics

All firm members, including officers and transaction partners, are required to abide by our Code of Business Conduct and Ethics and exercise the highest levels of integrity, ethics, and objectivity in all actions that may affect our business and relationships.

Compliance Training and Awareness

All firm members acknowledge our code of conduct and also participate in annual training on anti-harassement, diversity & inclusion, cyber security, and insider training. Team members can report concerns of illegal or unethical conduct anonymously through a third party without fear of retaliation.

Our Compliance Committee oversees enterprise risk management, including cybersecurity, and evaluates the risk exposure and management actions to limit, monitor or control exposures, including contingency plans relating to potential catastrophic events.

Risk Management

Overseen by our Executive Committee, we collaborate

with vendor partnerships such as IT infrastructure, with

leading data security and privacy practices. To protect

employee devices and other end-points, we deploy

multi-factor authentication and annual cybersecurity

training.

Cybersecurity

Developing and retaining talented team members is integral to our success. We encourage competency-based training, continuing education and conferences, provide team building offsites, professional development resources and have an annual performance review and goal setting process.

Training and Development

Our focus on employee wellbeing includes generous health benefits, including mental health, fitness, and ergonomics. In response to the COVID-19 pandemic, we switched the majority of our team members to work from home, while implementing additional safety measures for essential employees.

Health and Safety

10