The TCOC and Leadership of Business Ethics (LBE) framework continue to serve as the foundation for the Group’s shared commitment to ethical business practices in order to safeguard and strengthen the brand’s legacy.
Number of employees trained in Tata Code of conduct training
As outlined in our global Anti-corruption Policy, we have comprehensive guidelines and procedures in place that address anti-corruption, anti-bribery, and the anti-money laundering. We periodically evaluate and update our policies, including our anti-corruption policy. Furthermore, the Company examines corruption-related risks on a regular basis for all its operations. In fiscal year 2022-23, no incidences of corruption were recorded or brought to our attention where disciplinary action was taken by any regulator, law enforcement agency or judicial institution.
This policy reaffirms our commitment to building an atmosphere of respect, decency, diversity, and inclusion for all of our employees, as well as to eliminating all types of workplace discrimination, harassment, bullying, and retaliation. We ensure that all people have equal employment opportunities and a safe, healthy, and fair work environment through this policy. Total 29 cases have been reported in FY 2023 out of which 25 have been successfully closed with due action being taken (where applicable) and 4 cases are still under investigation.
We have zero tolerance for sexual harassment. During this reporting period, we received 3 sexual harassment complaints. All the complaints were resolved after a thorough examination by the Internal Compliance Committee and with suitable recommendations.
Our remuneration policy for directors, key management personnel (“KMP”), and employees is based on a commitment to developing a culture of leadership with trust. This concept is mirrored in the remuneration policy and is adhered to across our company and helps in determination of remuneration across all levels.
Our whistleblower policy provides employees, customers, and third-party intermediaries to confidentially and anonymously report violations of the Tata Code of Conduct and any unethical behaviour or potential misconduct without fear of retaliation, discrimination, or any other adverse effect on their association. In fiscal year 2022-23, we received 33 complaints, 18 of which were resolved, and the remaining are under examination.
Our Privacy Policy serves as a testament to our commitment to upholding data privacy obligations and responsibilities in consonance with applicable privacy laws and regulations. In addition to elucidating how we collect, use, disclose and protect personal data, the policy offers transparency on the use of cookies, tracking mechanisms, and third-party advertisement networks and clearly defines the purposes for user information sharing with third parties. By elaborating on these vital aspects, we prioritize transparency, user control, and the protection of personal data, assuring our stakeholders that their privacy is of utmost importance to us.
To read our policies in detail please click here
Tata Communications takes pride in maintaining the highest ethical standards in conducting business and upholding the ideals of dignity and integrity in all its ways. Our strong ethical culture is evident through our strong policy framework and well-defined internal procedures. We strive to comply with all applicable laws and regulations and globally recognised ethical and business standards in the sourcing, production and sale of our products and services.
Through periodic training sessions and mandatory e-learning programs, we aim not just to familiarize employees with our policies and procedures but also encourage their active implementation.
Our commitment to upholding the highest ethical standards extends to our business partners as well. Tata Communications enforces a Supplier Code of Conduct that aligns with our corporate values, mandating adherence to ethical practices, respect for human rights, health and safety standards, environmental protection, and effective management practices. This is reinforced through contractual assurances and our due diligence framework.
As an organisation, Tata Communications has identified relevant BU functions to periodically interact and correspond with their relevant stakeholder groups. We have also established a formal grievance redressal and reporting mechanism for both internal and external stakeholders in the form of a Whistleblower Policy, EOHS mailbox, Ethics Helpline, Customer Service Helpline and Investor Relations mailbox, through which internal and external stakeholders can report their grievances.
Moreover, our grievance redressal mechanism extends to our customers and partners, offering dedicated customer care channels for prompt resolution of issues. These mechanisms emphasise our commitment to an ethical, transparent and inclusive environment.
We actively engage with several leading industry associations, contributing to crucial dialogues and policy discussions that shape the future of the sector.
Our distinctive approach to bilateral interaction with regulatory bodies such as the DoT and TRAI helps us to smoothly navigate the regulatory landscape. We ensure that our voice and the industry’s issues are heard by participating in consultation processes, utilising industry platforms such as ISPAI, ITU-APT, FICCI, and CII, and maintaining regular interactions with DoT and TRAI. This strong engagement framework enables us to monitor and respond to policy concerns affecting our business and consumers, with our response to nine consultation papers in FY 2022-2023 being an outstanding accomplishment.
Data privacy and information security have evolved as key components in our company, as well as a component of our corporate governance framework, as we move forward into the realm of digitization. Tata Communications is committed to safeguarding our customers’ personal information and private communications from intricate cyber-crime by utilising appropriate digital technology. We feel that data privacy and information security are vital not just for achieving compliance with applicable regulations, but also for retaining our customers’ trust in the company.
We have not received any substantial complaints about client privacy issues in this fiscal year.
Our efficient Information Security Management system is ISO 27001:2013 certified, with a service scope that encompasses the Information Security Management System, service delivery, and support operations of ‘Enterprise IT Services, IT Data Centre Operations, and Global Information Security Group.’
We have an Information Security Policy that was created in accordance with the ISO 27001 Information Security standard and is applicable to all employees and third parties who have access to our data. The following are the objectives of our policy and methods:
Protect the confidentiality of sensitive information from unauthorised access
Maintain integrity by ensuring accuracy and completeness of the information
Make sure that users are aware of, and comply with, all current and relevant legal, regulatory, and contractual requirements
Ensure that all users understand their responsibilities for protecting the confidentiality and integrity of the data that they handle
Provide the principles by which a safe and secure information systems working environment can be established for all authorised users
Respond to changes in the context of the organisation as appropriate, and initiate a cycle of continuous improvement
Furthermore, we have an Information Security organisation structure led by the Chief Information Security Officer to ensure the security of information and information systems, provide overall direction to maintain and improve Tata Communications’ security posture, and define and drive the implementation of our Company’s information security policies, procedures, and standards. Tata Communications’ security assurance programme covers a variety of security testing tracks to ensure that the organization’s digital ecosystem is adequately secured and supported. The steps include internal and external vulnerability and penetration testing of infrastructure, red teaming involvement, Blackbox testing, and regulatory audits. Furthermore, ISO 27001, SOC 2 Type II, Statutory ITGC, and regulatory compliance are examined and certified for security assurance.
