Anti-Corruption and International Risk Compliance Policy

ENVOY:
ANTI-CORRUPTION AND INTERNATIONAL RISK COMPLIANCE POLICY

I. INTRODUCTION

Envoy (the “Company”) is committed to conducting all aspects of its business in keeping
with the highest legal and ethical standards and the Company expects all persons acting on its
behalf to uphold this commitment. To assist the Company in upholding this commitment in the
context of corruption-related issues, the Company has designed and implemented the following
Anti-Corruption and International Risk Compliance Policy (the “Policy”). This Policy is designed
specifically to help all persons acting on behalf of the Company to understand the legal and ethical
issues regarding corruption that can arise while conducting business. This Policy is applicable to
all directors, officers, employees, agents, representatives and other associated persons of the
Company (collectively “Company Personnel”).

It is the Company’s policy that all Company Personnel must conduct their activities in full
compliance with all applicable anti-corruption laws, including without limitation, the U.S. Foreign
Corrupt Practices Act (“FCPA”), the U.K. Bribery Act (“UKBA”), and any other anti-corruption
laws that are in effect in the countries in which Company Personnel operate. A failure to do so
will place both the Company’s business reputation and business success in serious jeopardy and
may subject both the Company and the individuals involved to civil and/or criminal liability,
including possible extradition and imprisonment. Avoiding compliance breakdowns requires
maintaining consistent ethical behavior. In other words, you must avoid behavior that amounts
to giving or offering anything of value to anyone to reward improper performance or obtain
an unfair business advantage. Violations of anti-corruption laws can subject both the Company
and individual employees to substantial criminal and civil penalties, in addition to jeopardizing the
Company’s reputation.

The pages that follow provide a general guide to the requirements of the FCPA and UKBA
and set forth the Company’s own requirements for conducting business in a manner that is
compliant with applicable anti-corruption laws. Any Company Personnel who have any questions
whatsoever concerning the requirements of the FCPA, UKBA, local anti-corruption laws, or this
Policy should consult with a Member of the Leadership Team.

II. BASIC REQUIREMENTS OF THE FCPA

A. Provisions

The FCPA is divided into two main sections—the Anti-Bribery Provisions and the Record
Keeping Provisions.

B. Anti-Bribery Provisions

The Anti-Bribery Provisions of the FCPA make it illegal to give, offer or promise to give
anything of value to any foreign official¹ for the purpose of obtaining or retaining business or securing an improper advantage. Both the FCPA and this Policy require that these terms be
interpreted broadly. Although any number of scenarios could present the risk of improper activity,
a typical, relevant example is making a payment to foreign officials or third parties to improperly
expedite a visa adjudication by a foreign government or to otherwise ensure a favorable outcome.

In addition to prohibiting improper direct payments to foreign officials, both the FCPA and
this Policy prohibit payments made to third parties with the knowledge that the money or products
will be passed on to foreign officials for improper purposes. For purposes of this Policy, the term
“payment” includes any gift, offer or promise to give anything of value to any foreign official for
the purpose of obtaining or retaining business or securing an improper advantage.

Because of the strict limitations on payments to foreign officials imposed by the FCPA, it
is the Company’s strict policy that no Company Personnel may provide, offer or promise to provide
anything of value to any foreign official except as set forth in this Policy.

C. Record Keeping Provisions

The Record Keeping Provisions of the FCPA require that the Company maintains accurate
financial records that reflect in reasonable detail all transactions and dispositions of assets. The
Record Keeping Provisions of the FCPA are designed to ensure that all payments made by the
Company are accurately reflected in its financial records and that all payments made with the
Company’s funds, or on behalf of the Company, have been properly authorized. Thus, the FCPA
prohibits the mischaracterization or omission of any transaction on the Company’s books, as well
as the failure to maintain control over the Company’s financial records such that a
mischaracterization or omission may result. Keeping detailed, accurate descriptions of all
payments and expenses is crucial for this component of the Act.

Accordingly, employees must follow applicable standards, principles, laws and practices
for accounting and financial reporting. In particular, employees must be timely and complete when
preparing all reports and records required by management. Company Personnel must obtain all
required approvals from the Finance and Legal Departments and, when appropriate, from foreign
governmental entities, prior to paying or authorizing a payment to a foreign official.

Employees should be sure that no part of any payment is to be made for any purpose other
than that to be fully and accurately described in the Company’s books and records. No undisclosed
or unrecorded accounts are to be established for any purpose. False or artificial entries are not to
be made in the Company’s books and records for any reason. Finally, personal funds must not be
used to accomplish what is otherwise prohibited by this Policy.

¹ For purposes of this Policy, the term “foreign official” includes but is not limited to any employee, agent or instrumentality of any foreign government, including departments or agencies of a foreign government, foreign political parties, candidates for office in a foreign country, businesses that are wholly or partially state-owned and any employees of such businesses. The term shall also include immediate family members of the aforementioned persons.

III. BASIC REQUIREMENTS OF THE UKBA

The U.K. Bribery Act criminalizes four separate offenses:

• offering, promising, or giving “a financial or other advantage” to any other person
  with the intention to induce or reward improper performance of a relevant function
  or activity;
• requesting, agreeing to receive, or accepting “a financial or other advantage”
  intending that a relevant function or activity be performed improperly;
• offering, promising, or giving a “financial or other advantage”, directly or
  indirectly, to a “foreign public official” with the intention to obtain business or an
  advantage in the conduct of business;
• failing to prevent an “associated person” from bribing with the intention to obtain
  business or a business advantage for the commercial organization.

The conduct prohibited under the UKBA is similar to that prohibited under the FCPA, but
is more expansive than the FCPA in three respects. First, and most significantly, the UKBA
imposes a strict liability criminal offense that applies to any company with ties to the U.K. that
fails to prevent an “associated person” (anyone performing services on the Company’s behalf)
from paying a bribe. The only defense to liability is if the company can prove that it had “adequate
procedures” in place to prevent the bribery from occurring. Second, the UKBA does not contain
any exceptions for “facilitation payments²,” those relatively insubstantial payments made to
facilitate or expedite routine governmental action. Third, the UKBA criminalizes “purely
commercial” bribery that is unconnected to any public or governmental official, unlike the FCPA,
meaning that bribery of all persons is prohibited.

IV. OUR POLICY

No Company Personnel shall make, offer to make, or promise to make payments, or give
anything of value, directly or indirectly, to any third party, including without limitation any
Government Official,³ to assist the Company in obtaining or retaining an improper business
advantage.
Likewise, Company Personnel shall not solicit or accept payments or anything of value
from any third party for purposes of providing an improper benefit.

² “Facilitation payments” generally do not include government-assessed filing fees for express processing, such as the Premium Processing Service in the United States or the Priority Service in the United Kingdom.
³ “Government Official” shall be defined as the same positions listed as examples for “Foreign Official”, but includes officials of both foreign and domestic governments.

If confronted with a request, demand, or offer for an improper payment or other violation
of this Policy, the request, demand, or offer must be immediately rejected and reported to a
Member of the Leadership Team.

V. GIFTS, HOSPITALITY, ENTERTAINMENT, AND OTHER ITEMS OF VALUE

As a general matter, the Company competes for and earns business loyalty through the
quality of its personnel and customer service, not with gifts or lavish entertainment. However,
this Policy recognizes that the polite conduct of business, especially in certain foreign countries,
may involve Company Personnel giving modest gifts to counterparts as a matter of courtesy or
local custom. Similarly, hospitality or entertainment may be used to cement cordial relations.
The following rules apply to gifts, hospitality and entertainment. All such expenditures must be
recorded accurately in the Company’s books and records.

1. Gifts Given by Company Personnel
   1. Giving Gifts to Government Officials
      Gifts to any Government Official may never be made without first
      contacting a Member of the Leadership Team and receiving specific written
      authorization. It does not matter whether the gift is given with the intent to
      influence the Government Official; nor does it matter what the value of the gift is.
      You must immediately report to a Member of the Leadership Team any request for
      a gift or other favor by a Government Official. In addition, gifts to Government
      Officials are subject to the general guidelines (below).
   2. Giving Gifts to Non-Government Officials
      Subject to the general guidelines (below), giving any gift, or any series of
      gifts, to the same person or entity in any one calendar year that exceeds $100 in
      total value is presumed to be unreasonable. Prior to providing such gifts to anyone,
      Company Personnel must consult with a Member of the Leadership Team and
      obtain specific written authorization.
   3. General Guidelines for Gifts
      The following general guidelines for gifts apply to all interactions or
      transactions in which Company Personnel act on Envoy’s behalf or for Envoy’s
      benefit:
      1. The gift must be reasonable in value and not give the appearance of any impropriety. This includes both individual expenses and a
         series of expenses paid on behalf of a single individual or entity.
      2. No cash or cash equivalent gifts (e.g., gift cards) are permitted.
      3. The gift must be permitted under local law.
      4. The gift must be permitted by the recipient’s employer’s guidelines.
      5. The gift must be presented openly and with complete transparency.
      6. The gift must be properly recorded in the Company’s books and
         records.
      7. The gift must be provided as a token of esteem, courtesy or in return
         for hospitality and should comport with local custom.
      8. The aggregate value of gifts given during the course of a calendar
         year to individuals associated with any single entity with which the
         Company does or may do business cannot exceed $100.

      Note that the provision of gifts, as well as the reporting requirements, in this
      Policy apply even if Company Personnel are not seeking reimbursement for the
      expenses (i.e. paying these expenses out of your own pocket does not avoid these
      requirements).

      When in doubt, confer with a Member of the Leadership Team prior
      to giving any gift.

2. Gifts Received by Company Personnel
   Company Personnel must not accept, or permit any member of his or her immediate
   family to accept, any gifts, gratuities or other favors from any customer, supplier or other person
   doing or seeking to do business with the Company, other than items of nominal value. All
   Company Personnel must immediately report to a Member of the Leadership Team receipt of
   any gift, or any series of gifts in a year, exceeding $100 in total value from any party that does
   business or competes with the Company. Such gifts should be returned immediately. If
   immediate return is not practical, they should be given to the Company for charitable disposition
   or accepted on the Company’s behalf and shared among all employees in the office.
   Discounts or other preferential treatment from business providers are acceptable only if
   they are well-known and available to all Company employees.
3. Gifts in Foreign Countries
   Giving or receiving gifts to or from anyone in a foreign country is an area that raises
   complicated legal issues and that could expose you and the Company to liability. You should
   not give or receive any gift that would violate either United States or foreign law, and you should
   consult with a Member of the Leadership Team before offering or receiving a gift in a foreign
   country.
4. Hospitality and Entertainment
   The restrictions on giving gifts do not preclude Company Personnel from engaging in
   “ordinary and usual business entertainment” when an employee is hosting clients, prospects or
   other business associates (i.e., the employee must be present) at an occasional meal, sporting event,
   theater production or comparable entertainment event. Similarly, the restrictions on receiving gifts
   do not preclude Company Personnel from accepting “ordinary and usual business entertainment.”
   Common sense and moderation should prevail in business entertainment and the payment of travel
   and lodging expenses engaged in on behalf of the Company.In all cases, entertainment may not be so frequent or so extensive as to raise any question
   of propriety, and should be intended to serve legitimate business goals. Company Personnel may
   not use business entertainment to provide incentives to conduct business with or through the
   Company in bad faith, in breach of trust, or without complete transparency. Meals, entertainment,
   travel, and lodging should never be offered as a means of influencing another person’s business
   decision. Each should only be offered if it is appropriate, reasonable for promotional purposes,
   offered or accepted in the normal course of an existing business relationship, and if the primary
   purpose is Company business. The appropriateness of a particular type of entertainment, travel,
   and lodging of course, depends upon both the reasonableness of the expense and on the type of
   activity involved. This is determined based on whether or not the expenditure is sensible and
   proportionate to the nature of the individual involved.
   1. Entertainment of Government Officials
      Subject to the general guidelines (below), prior to providing any hospitality
      or entertainment to a Government Official, Company Personnel must consult with
      a Member of the Leadership Team and obtain specific written authorization. Per
      diem allowances may not be paid to a Government Official or any other individual
      (in the private or public sector) that has the power to decide or influence the
      Company’s commercial activities for any reason.Instances where the Company pays for travel-related expenses for a
      Government Official, shall be considered gifts, and subject to the rules and
      requirements for gifts specified in this Policy. Pursuant to those requirements, prior
      to providing any travel-related expenses for a Government Official, Company
      Personnel must contact a Member of the Leadership Team and obtain specific
      written authorization.
   2. General Guidelines for Providing Hospitality and Entertainment
      The following general guidelines for providing hospitality and
      entertainment apply to all interactions or transactions in which Company Personnel
      act on Envoy’s behalf or for Envoy’s benefit:
      1. All business entertainment expenses must be reasonable in value and not give the appearance of any impropriety. This includes both individual expenses and a series of expenses paid on behalf of a single individual or entity.
      2. All business entertainment expenses must be offered or accepted in
         the normal course of an existing business relationship and incurred
         in connection with an occasion where business is discussed.
      3. The expenses must be bona fide and related to a legitimate business
         purpose.
      4. The business entertainment expenses must be permitted under local
         law.
      5. The business entertainment expenses must be permitted under the
         guidelines of the recipient’s employer.
      6. The business entertainment expense must comport with local
         custom and practice.
      7. The business entertainment expense must be properly recorded in
         the Company’s books and records.
      8. When possible, the payment should be made directly by the
         Company to the provider of the service, and should not be paid
         directly to the beneficiary as a reimbursement.
      9. The events involved must be attended by appropriate Company
         Personnel.
      10. In addition to traditional gifts, hospitality or entertainment that is
          provided to a business partner where Company Personnel is not in
          attendance will be considered a gift, subject to the rules and
          requirements for gifts specified in this Policy.

      For all hospitality and entertainment expenses, the reimbursement request
      must identify the total number of all attendees and their names, employer, and titles
      (if possible). All expense reimbursements must be supported by receipts, and
      expenses and approvals must be accurately and completely recorded in the
      Company’s records. In all instances, Company Personnel must ensure that the
      recording of the expenditure associated with meals, lodging, travel, or
      entertainment clearly reflects the true purpose of the expenditure.

      Note that the provision of meals, entertainment, travel, and lodging, as well
      as the reporting requirements in this Policy, apply even if Company Personnel are
      not seeking reimbursement for the expenses (i.e., paying these expenses out of
      one’s own pocket does not avoid these requirements).

5. Internships/Employment
   On occasion, clients or Government Officials may request that the Company provide
   internships or employment to certain individuals, including relatives. Offering internships or
   employment at the request of clients or Government Officials may be viewed as providing an item
   of value.With respect to such internships or employment, Company Personnel are encouraged to
   consult with a Member of the Leadership Team before making any internship or employment offer
   if: (1) a candidate is interviewed for an internship or employment within the ordinary course of
   filling a position, and there is an existing relationship between the candidate (or his or her
   immediate family or an entity with which such family member is employed or otherwise affiliated)
   and the Company; or (2) a candidate is interviewed outside of the ordinary course of filling a
   position and the candidate (or his or her immediate family member) is employed by or otherwise
   affiliated with a client or Government Official.
6. Political Contributions & Charitable Donations
   Company Personnel may not make political contributions or charitable donations, whether
   in their own name or in the name of the Company, to obtain or retain business or to gain an
   improper business advantage. Any political contribution or charitable donation by the Company
   must be permitted under the law, permissible pursuant to the terms of this Policy, and made to a
   bona fide organization. Company Personnel must obtain permission from the CEO and CFO prior
   to making any political contribution or charitable donation on behalf of the Company or its thirdparty
   business partners.Charitable donations should be made only for legitimate philanthropic reasons, such as to
   serve humanitarian interests and to support cultural or educational institutions. Company
   Personnel are encouraged to consult with a Member of the Leadership Team when making
   charitable donations to organizations that have significant or well-known sponsorship by a
   Government Official or any individual or entity that has the power to decide or influence the
   Company’s commercial activities. In certain instances where there is heightened risk of
   corruption, the Company may require diligence to be conducted.A Member of the Leadership Team must be notified if a Government Official solicits a
   political contribution or charitable donation in connection with any government action related to
   the Company or its third-party business partners. Political or charitable donations are never
   permissible, regardless of the amount of the donation, if the purpose of the donation is to
   improperly influence a decision.

VI. ANTI-MONEY LAUNDERING

The Company is firmly committed to complying with applicable laws and regulations
related to combatting money laundering. Money laundering is the process by which persons
attempt to conceal the true origin and ownership of the proceeds of illegal activities while still
retaining control over such proceeds. Often in order to do this, such persons or groups “launder”
the money by introducing the illegal proceeds into the financial system, carrying out a series of transactions or transfers in order to distance the funds from the original source, and reintroducing
the newly “cleansed” proceeds into a legal environment. To achieve this end, money launderers
seek out and use almost any business that accepts currency in large sums.

The following are examples of activity that could fall within the definition of money
laundering or that might constitute evidence of money laundering:

• • Engaging in a financial transaction with knowledge that the transaction is
    facilitating a crime;
  • Engaging in a financial transaction with knowledge that the funds being used are
    derived from the proceeds of criminal activity;
  • Concealing the source of illegally obtained funds by subsequent transfers to
    disguise the origin of funds;
  • Facilitating a financial transaction while willfully or recklessly disregarding the
    source of a client’s assets or the nature of the client’s transactions (i.e., turning a
    blind eye); or
  • Advising a client or third-party business partner on how to structure a currency
    transaction to avoid reporting requirements.

Any involvement in money laundering activity, even if inadvertent, could result in potential
civil and criminal penalties for the Company and personnel, as well as possible forfeiture of assets.
Because association with money laundering could cause significant, long-term harm to the
Company’s reputation, all employees are responsible for protecting the Company from being used
for money laundering. Under no circumstances shall employees knowingly, or through willful
blindness, facilitate or participate in any money laundering activity. Non-compliance will subject
any personnel involved to disciplinary action, which may include termination of employment, and
possible civil or criminal penalties.

In the event that any employee identifies a potentially suspicious activity or
reasonably believes that any action described in these policies and procedures may need to
be taken, such employee must notify a Member of the Leadership Team before the
transaction at issue is processed or before further services are performed on the client’s
behalf.

VII. TRADE SANCTIONS

The Company will comply with all applicable trade sanctions laws, including the Office
of Foreign Assets Control (“OFAC”) sanctions regulations and the various UK Statutory
Instruments which implement EU sanctions regulations.

The internal controls herein have been designed to prevent violations of the trade
sanctions laws, avoid the appearance of wrongdoing, and enable the Company to respond
promptly and effectively to any inquiries about its conduct. Employees who violate this Policy
may be subject to disciplinary action, up to and including termination. The sections that follow provide a general guide to trade sanctions compliance but do not address every potential scenario
that may implicate issues bearing on compliance with this Policy. You should raise any
questions you have about these issues with a Member of the Leadership Team.

• 1. U.S. Trade Sanctions
     OFAC is an office within the U.S. Department of the Treasury that has responsibility for
     administrating, implementing, and enforcing economic sanctions. There are two general
     categories of OFAC sanctions programs: (1) comprehensive sanctions programs and (2) targeted
     sanctions programs. The comprehensive programs involve country-wide sanctions against certain
     countries and regions (“Embargoed Countries”). As of the date of this Policy, the Embargoed
     Countries are Crimea, Cuba, Iran, North Korea, Sudan, and Syria.4 A Member of the Leadership
     Team will notify you to the extent there are material changes to the list of Embargoed Countries.By contrast, OFAC’s targeted sanctions programs apply to individuals and entities in
     specific countries (e.g., Belarus, Ivory Coast, Zimbabwe) as well as individuals and entities
     participating in certain activities (e.g., narcotics trafficking, terrorism, and proliferation of
     weapons of mass destruction). The OFAC sanctions regulations prohibit transactions between the
     Company and parties (including entities they control) that are listed on OFAC’s Specially
     Designated Nationals List (“SDN List”). OFAC sanctions also prohibit transactions with entities
     owned or controlled by parties on the SDN List. All such entities and parties are collectively
     referred to as “Blocked Persons.”The OFAC sanctions regulations also prohibit the Company from “facilitating”
     transactions or other activities with Embargoed Countries or Blocked Persons.
     Through a licensing process, OFAC can authorize the Company to engage in certain
     transactions that would be otherwise prohibited by the sanctions regulations. Additionally, certain
     exceptions codified in the sanctions regulations may allow the Company to do business with
     Embargoed Countries and Blocked Persons under certain circumstances. You should not assume
     a transaction involving an OFAC-restricted party is permissible pursuant to an exception or license
     without first consulting with a Member of the Leadership Team.
  2. U.K. Trade Sanctions
     The Foreign & Commonwealth Office has overall responsibility for the U.K.’s policy on
     sanctions, arms embargoes and trade restrictions. The Export Control Organization (“ECO”) is
     responsible for implementing embargoes and other trade control measures and HM Treasury has
     primary responsibility for administering, implementing and enforcing the U.K. financial
     sanctions regime.There is no single Act of Parliament that sets out the U.K. sanctions regime. Instead,
     sanctions are contained in a number of separate U.K Statutory Instruments and/or E.U.

     ---

     ⁴ Sanctions programs concerning Cuba and Iran are currently in flux. See the U.S. Department of the Treasury website
     (https://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx) for up-to-date sanctions programs and country information.

     Regulations. E.U. Regulations are directly applicable in E.U. Member States, so that entities
     incorporated or constituted under E.U. law, and persons and entities doing business in the E.U.
     (including non-E.U. nationals) are subject to their provisions. U.K. Statutory Instruments
     implement the sanctions imposed by E.U. legislation and apply to any person in the U.K., all
     U.K. nationals and any entity incorporated or constituted in the U.K.⁵

     The U.K. sanctions regime includes embargoes and trade and finance restrictions.
     Certain goods are subject to a wholesale ban on their trade or export (for example, anti-personnel
     landmines and laser weapons). Other items and certain services are subject to qualified
     restrictions which require a license before goods or services are provided. Sanctions may be
     comprehensive and imposed against a particular country, for example there are financial
     sanctions against Afghanistan, Iran, Iraq, Sudan, Zimbabwe and North Korea (among others) and
     subject the government, all corporate entities and residents of a sanctioned country to an asset
     freeze. Alternatively, sanctions measures may target specific individuals, entities and
     organizations (including Al-Qa’ida and the Taliban). In all cases, the nature of the sanction and
     the identity of the sanctions targets will be set out in the relevant U.K. and/or E.U. legislation.
     Individuals and entities which are the subject of targeted financial sanctions are also identified in
     H.M. Treasury’s Consolidated List. Sanctions targets may be resident in the U.K. or elsewhere.

     Breach of U.K. sanctions is a criminal offense, unless an appropriate license or
     authorization has been obtained from H.M. Treasury or the ECO as appropriate. You should not
     assume a transaction is permissible pursuant to an exception or license without first consulting a
     Member of the Leadership Team.

  3. Our Policy
     Employees must conduct their activities in full compliance with this Policy and all
     applicable trade sanctions laws. Without prior approval from the Finance and Legal
     Departments, you are not permitted to:
     • engage in any business or dealings with Embargoed Countries, Blocked Persons,
       or individuals or entities listed as a sanctions target by U.K. and/or E.U.
       legislation; or
     • facilitate transactions with third parties that involve Embargoed Countries,
       Blocked Persons, or individuals or entities listed as a sanctions target by U.K.
       and/or E.U. legislation.

     Please note that this Policy prohibits employees from engaging in direct and indirect
     business and dealings with Embargoed Countries and Blocked Persons. This means that the
     Company will not enter into any agreement whereby the Company agrees to provide services to
     or receive services from Embargoed Countries or Blocked Persons. Additionally, employees
     located in the United States and abroad will not authorize the Company’s third-party business
     partners or agents to provide services to or receive services from Embargoed Countries or

     ---

     ⁵ Please note that while the withdrawal of the U.K. from the E.U. (“Brexit”) may impact the applicable sanctions laws in the future, this is the current state of the law as of the date of this Policy.

     Blocked Persons. To the extent that you learn that an employee or third-party business partner is
     providing services to or receiving services from an Embargoed Country or Blocked Person, you
     must immediately notify a Member of the Leadership Department.

     VIII. THIRD PARTIES

     1. Due Diligence for Third Parties
        The Company’s commitment to compliance with anti-corruption laws extends to the
        activities of the Company’s third-party business partners, including Envoy’s in-country partners
        around the world. Company Personnel should be careful to avoid any situations involving third
        parties that might lead to a violation of this Policy or any applicable anti-corruption laws.In the ordinary course of business, the Company enters into numerous agreements and
        transactions with third parties. The Company has ongoing commercial relationships with many of
        these third parties; others may be new to the Company. Pursuant to the Company’s Guidelines for
        Risk-Based Due Diligence, prior to entering into an agreement or relationship with any new third
        party, the Company will perform reasonable, risk-based anti-corruption-related due diligence with
        respect to the prospective third-party business partner. Unless warranted by the circumstances, it
        is generally not necessary for the Company to perform anti-corruption-related due diligence prior
        to executing an agreement with an internationally recognized commercial bank, investment bank,
        consulting firm, accounting firm or law firm (or other firm previously approved by the Finance
        and Legal Departments). The Head of Global Immigration, in consultation with the Finance and
        Legal Departments, will have the primary responsibility for coordinating the Company’s due
        diligence process. Company Personnel should contact a Member of the Leadership Team with
        any questions regarding conducting due diligence on third parties.In addition, as part of every agreement or relationship with a potentially risky third-party
        business partner, the Company will perform risk-based due diligence, and as a result ensure
        identified third-party business partners complete and sign the Company’s Anti-Corruption
        Representations and Warranties for Third-Party Engagements. Only a Member of the Leadership
        Team is authorized to enter any agreement with a third party on behalf of Envoy.”
     2. Third-Party Business Partners Operating Outside the United States
        Since the illegal or improper actions of our third-party business partners can have serious
        and detrimental consequences for the Company and its personnel, we require that our third-party
        business partners operating outside the United States and performing services on Envoy’s behalf
        comply with the principles in this Policy and all applicable laws. The Company will, as
        appropriate, work with these third-party business partners to ensure a strong culture of compliance.
        For example:
        • The Company will notify third-party business partners operating outside the
          United States in writing of this Policy and our commitment to compliance with
          anti-corruption laws, and require that the third party has not violated and will not
          violate this Policy and any applicable anti-corruption laws during the course of its
          business with the Company. The Head of Global Immigration, in consultation with the Finance and Legal Departments, will have the primary responsibility for
          providing this notification.
        • The Company will perform risk-based, ongoing monitoring of the reasonableness
          and legitimacy of the services provided by and/or the compensation paid to third
          parties operating outside the United States during the Company’s engagement
          with them. The Head of Global Immigration, in consultation with the Finance
          and Legal Departments, will have the primary responsibility for coordinating the
          Company’s monitoring process.
        • The Company may facilitate the updating or implementation of an anti-corruption
          compliance policy for our third-party business partners operating outside the
          United States.
        • The Company may assist in providing anti-corruption compliance training to our
          third-party business partners in high-risk locations.
     3. “Red Flags” Associated with Third Parties
        If any employee knows or has reason to believe a third party is making improper payments
        on the Company’s behalf, the Company may be held responsible for the third party’s actions.
        Therefore, it is important for all employees to be alert for signs that are often associated with
        bribery and corruption (“red flags”). Acting with willful blindness by “looking the other way” or
        “burying one’s head in the sand” and ignoring red flags may be sufficient to establish knowledge.Red flags are certain actions or facts which should alert a company that there is a high
        possibility of improper conduct by a third party. They may arise at any time, not only during the
        due diligence process. A red flag does not mean that something illegal has happened, but rather
        that further investigation is necessary. Red flags are highly fact-dependent, but some examples of
        red flags include:
        • • Familial or other relationships between any employee or representative and a
            foreign official that could improperly influence the decision of a Government
            Official;
          • A third party related to or recommended by a foreign official;
          • A foreign official or their representative demands retention of a particular party or
            suggests that such retention will make it easier to obtain business;
          • Requests by a foreign official or customer for employment of friends/relatives;
          • The country involved has a reputation for corruption and bribery;
          • A third party requests payment to be made to another third party, to an account in
            a third country, or in cash or other untraceable funds;
          • Invoices are not adequately documented or are higher than normal;
          • Unusual or excessive payment requests, such as requests for over-invoicing, illdefined
            or last-minute payments, or mid-stream compensation payments;
          • Commissions, fees or bonuses out of proportion to the value of services rendered
            (e.g., “success fees”);
          • A third party has past convictions or charges for violating local laws;
          • A third party expresses a desire to keep his representation of the Company or the
            terms of his retention secret;
          • Payments for unspecified services or otherwise questionable services;
          • Demands for lavish entertainment, gifts or travel in connection with negotiations;
          • Requests for political or charitable contributions;
          • Refusal or hesitancy by the third party to disclose its owners, partners or principals;
          • The third party uses holding companies or other methods to obscure its ownership,
            without adequate business justification;
          • Refusal to agree to abide by the FCPA, applicable law, or this Policy; or
          • Statements such as, “I don’t have experience in your industry, but I know the right
            people.”

        If you have reason to suspect that a third party is engaging in potentially improper conduct, you must report the case to a Member of the Leadership Team immediately.

        Please report any actual or potential conflict of interest situation, or any questions or concerns regarding Envoy’s Policy for Anti-Corruption via the Red Flag Reporting service by going to www.redflagreporting.com or calling 1-877-647-3335 and note client code “ENVOY”.

        IX. PENALTIES FOR VIOLATIONS

        In addition to jeopardizing the Company’s business reputation, violations of anticorruption
        laws can subject both the Company as well as individual employees to substantial
        criminal and civil penalties. In addition to those penalties, violations of this Policy may result in
        discipline by the Company, including reprimand, suspension or termination. The Company may
        also report violations of this Policy to the appropriate supervisory regulatory or law enforcement
        authorities.

        X. UPDATES, ACKNOWLEDGEMENT, AND TRAINING

        As part of the Company’s ongoing commitment to anti-corruption compliance, all
        Company Personnel will receive and must review a copy of this Anti-Corruption and International
        Risk Compliance Policy. All Company Personnel will then be required to certify their compliance
        with this Policy in writing by completing the Employee Certification attached to this Policy. In
        addition, the Company will provide periodic email reminders to all Company Personnel reminding
        them of their obligations under this Policy and, if applicable, apprising Company Personnel of any
        updates to this Policy. The Company may require all Company Personnel to acknowledge periodic
        compliance with this Policy.

        The Company will offer periodic anti-corruption compliance training programs to educate
        employees about the requirements and obligations of anti-corruption laws and this Policy. Such
        training may be provided either in person or online. All Company Personnel must participate in
        such training when requested to do so, and the Finance and Legal Departments will retain
        attendance records establishing compliance with this requirement. In addition, at the discretion of
        the Company, certain Company Personnel may be required to undergo further training concerning
        the requirements of this Policy.

        XI. REPORTING REQUIREMENTS, WHISTLEBLOWER PROTECTION, AND
        INVESTIGATION OF REPORTS

        The Company takes its commitment to anti-corruption compliance very seriously and
        expects all Company Personnel to share that commitment. The Company therefore requires that
        Company Personnel report actual or suspected violations of applicable law or the Policy to a
        Member of the Leadership Team. Failure by a Company employee to report known or suspected
        violations may result in disciplinary action, up to and including termination.

        The Company’s strict policy is that no adverse employment action will be taken against
        any personnel in retaliation for reporting, honestly and in good faith, a violation or suspected
        violation of anti-corruption laws or this Policy.

        Reports of alleged violations will be treated confidentially to the extent consistent with
        corporate interests and legal obligations. Where appropriate, the Company will further investigate
        the alleged misconduct. Company Personnel are expected to cooperate with any reviews or
        investigations conducted pursuant to this Policy.

        All questions regarding this Policy should be directed to a Member of the Leadership
        Team.⁶

        ---

        6 Members of the Leadership Team include the CEO, CFO, CMO, VP of Technology and Product, VP of Sales, and Head of Global. The list of Members of the Leadership Team is available on the intranet.