Corporate Governance

At the core of our corporate governance practice is the Executive Board, which oversees how the management serves and protects the long-term interests of all stakeholders of the Company.

We believe that sound corporate governance is critical to enhance and retain the trust of all stakeholders. Accordingly, we always seek to ensure that we adhere to attain our performance rules with integrity. Our Board exercises its fiduciary responsibilities in the widest sense of the term. Our disclosures always seek to attain the best practices in international corporate governance.

Our corporate governance philosophy is based on the following principles:

1. Satisfy the spirit of the law and not just the letter of the law. Corporate governance standards should go beyond the law.
2. Comply with the laws in all the countries in which the Company operates.
3. Have a simple and transparent corporate structure driven solely by business needs.
4. Make a clear distinction between personal conveniences and corporate resources.

Code of Ethics

At VFS Global, we maintain and promote a corporate culture and behavior in which honesty; integrity and respect for the law are viewed as essential to achieving its desired success. VFS Global is committed to being an ethically responsible corporate group, to both itself and the outside world.

Our code of ethics is more than just a collection of abstract ideas. It's a formalization of VFS Global's commitment to ethical corporate behavior in letter and spirit. It guides and governs all of our business practices:

1. We respect human rights in all dealings with VFS Global stakeholders, including team members, clients, suppliers and local communities.
2. We recognize that local customs, traditions and practices may differ and as a global organization, we respect local laws and customs while supporting international laws and regulations.
3. We refuse unlawful discrimination of any kind, and we promote diversity.
4. We develop flexible working conditions to promote a healthy balance between work and personal life.
5. We promote training and personal development of our team members.
6. We respect health and safety regulations in our working environment and in dealings with stakeholders.
7. We require our team members to maintain confidentiality with regard to all information to which they have access, in accordance with the applicable laws.
8. We are sensitive to environmental impact and promote environmentally friendly policies.

Ecology Policy

At VFS Global, we recognize that it is our duty as corporate citizens to pass on to the next generation, the most precious of resources - a sound global environment. We make every effort to improve environmental preservation through each of our corporate activities and strive to work in harmony with the society.

We conduct proper evaluation of the environmental impact of our corporate activities at every level of the company, with efforts made to reduce the burden placed on the environment through energy and resource-saving measures, as well as reducing waste material.

Our efforts include simple measures like recycling paper, keeping back-end systems virtually paper free, pooling cars, recycling waste materials, switching off lights when we leave the room, etc.

Considering the fact that we handle thousands of visas every month, processing paperwork for millions of customers, through hundreds of staff, in offices worldwide, the implication of these simple measures is enormous.

As the old adage has it: Sometimes it is the simplest actions that wield the greatest power.

Data Security

We have adopted a combination of systems security and monitoring measures for transactions to create a secure environment. We have firewall systems, strong data encryption, anti-virus protection and round-the-clock security surveillance systems to detect and prevent any form of illegitimate activities on our network systems.

We appreciate the importance of information security and have a program to achieve ISO 27001 (a well-known internationally accepted standard for Information Security) compliance within our business processes.

To ensure that all our operations are ISO compliant, we have an ongoing program to address information security risks within various business processes. Following broad activities are carried out as part of ISO 27001 compliance at the visa application centre (VAC) level:

1. Risk Assessment & Risk treatment of business process and associated assets
2. Mitigation of risk based on risk analysis
3. Training of end-users to make them aware about information security risks
4. Physical security review.
5. Implementation of ISO 27001 controls using technology
6. Management awareness.
7. Incident reporting & management.
8. Change control management.
9. Compliance audits.

Data Confidentiality

Data Confidentiality covers data in storage, during processing, and in transit. We ensure that the information will not be made available or disclosed to unauthorized individuals, entities, or processes and will be protected from intentional or accidental attempts to perform unauthorized data reads.

To ensure data confidentiality and integrity, all information transmitted over the Internet is encrypted using the 128-bit Secure Sockets Layer (SSL) protocol from Verisign Certificate Authority. SSL is a secure way of transferring information between two computers on the Internet using encryption. Strong end-to-end encryption is also adopted within the company's computer networks and resources.

Integrity of Process

Integrity, in terms of data and network security, is the assurance that information can only be accessed or modified by those authorized to do so. At VFS Global, we take measures to ensure integrity, which include controlling the physical environment of networked terminals and servers, restricting access to data, and maintaining rigorous authentication practices.

Practices followed to protect data integrity in the physical environment include: making servers accessible only to network administrators, keeping transmission media (such as cables and connectors) covered and protected to ensure that they cannot be tapped, and pr otecting hardware and storage media from power surges, electrostatic discharges and magnetism.

Our network administration measures to ensure data integrity include: maintaining current authorization levels for all users, documenting system administration procedures, parameters, and maintenance activities, and creating disaster recovery plans for occurrences such as power outages, server failure and virus attacks.