Legal & Compliance Program

Legal & Compliance

RapidRatings operates a risk-based approach to its compliance and regulatory program by evaluating risks from a user, services, and geographical point of view. Our compliance program is strongly aligned with national and international laws (determined by the jurisdictional presence of RapidRatings) such as anti-money laundering laws, anti-bribery laws, and whistleblowing protections, etc.

The following are some of the key policies and procedures we have in place to empower us to have a unified and clear compliance program.

Frequently Asked Questions

Below are some commonly asked questions from our clients and members in relation to our legal and compliance approach.

Do employees and subcontractors enter into an NDA before discussion or access to confidential information is provided?

Non-Disclosure Agreements (NDAs) are formal legal contracts between one or more parties and can take many forms. At RapidRatings, we have a policy that all employees must sign NDAs as a condition of their employment. We also require any subcontractor with access to either RapidRatings confidential information or RapidRatings systems to have an NDA in place before beginning services.

It is generally accepted that while the employee remains employed with a business, they have an obligation to not use any such confidential information for their own benefit or the benefit of a third party. At RapidRatings, we have provisions in place to protect RapidRatings, our clients, and our members and maintain adequate legal protections through contractual provisions to prevent disclosure of information.

Are there backgrounds checks carried out on all employees?

At RapidRatings, we conduct employment eligibility checks on our employees to ensure that any employee of RapidRatings has the legal right to work in a jurisdiction and reside in a jurisdiction that RapidRatings has a presence in. Additionally, in the United States, RapidRatings conducts background checks on all employees, including criminal background checks, and may conduct additional checks depending on the role.

Is there a dedicated Code of Conduct (Code of Business Ethics) in place?

Within RapidRatings, we abide by our own internal Code of Conduct that has been set at internationally approved standards, and this is practiced by all our employees. The following core values are essential to our business:

How does the organization view whistleblowers?

Ethical companies like RapidRatings make sure that they protect any whistleblower from unfair treatment and provide mechanisms to enable employees to speak out against anything that may be deemed unethical or illegal. Look for companies like RapidRatings who have dedicated corporate policies in place to protect whistleblowers.

The RapidRatings Speak Up (Whistleblower) policy is complemented by a corporate Code of Conduct and also by our Corporate Social Responsibility Policy. To further show our support, we have published our Corporate Social Responsibility Policy on our website here: https://www.rapidratings.com/corporate-social-responsibility-policy/.

What type of information security awareness training is provided?

We take information security awareness training seriously and provide corporate security and data protection awareness training to all employees. We also provide more specific security training to employees in certain departments such as the Client Services and Information Technology teams.

What is the rate of compliance when it comes to training employees on issues such as information security and privacy?

We are delighted to state that we have obtained a 100% compliance rate from all staff. All employees regardless of their position have completed and are regularly required to complete refresher training on key areas of the business such as information security, data protection, and employment obligations.

What level of involvement does Senior Management or the Board of Directors have in managing the organization’s compliance efforts?

RapidRatings has several internal committees that are responsible for different sectors of RapidRatings' commercial, technology, and compliance operations. These committees are independent of one another and meet on a regular basis (quarterly at a minimum) to ensure that all members are aligned on the current position of the company.

In addition, the committees determine whether any policy or procedural changes need to be made. These committees have an internal audit function that is necessary to ensure any policies and procedures that we implement do not become outdated and irrelevant to RapidRatings' commercial operations.

At RapidRatings, we know that any compliance or technical committee's success depends on the commitment of Senior Management. Members of such committees within RapidRatings include the Chief Executive Officer, Chief Technology Officer, General Counsel, and other department heads.

Is there a regularly updated employee handbook in effect?

Yes, RapidRatings maintains employee handbooks that are viewed on approximately an annual basis. Some policies and procedures are reviewed more regularly depending on one or more triggering events taking place. Examples of trigger events could include changes in laws, changes in organizational structure, or changes in technology.

What are the approaches taken by the organization to reduce risk associated with remote workers?

Remote employee arrangements may raise concerns such as loss of control, fear of decreases in productivity, or reduced security. To address these issues, below are some of the practices utilized by RapidRatings in managing remote employees: