Overview

Onboarding

We ensure a smooth and compliant integration for all new staff through a structured, task-based process managed within our dedicated HR system. This system automates the workflow to ensure that all critical pre-employment checks are carried out promptly and that crucial training is delivered efficiently.

The process is typically divided into three key phases:

Pre-Boarding & Compliance:

• Initiation of the digital onboarding workflow in the HR system.

• Assignment and completion of all necessary background checks and compliance documentation.

• Secure provisioning of IT resources (hardware, system access, email setup) to be ready for day one.

Initial Integration (Day 1 - Week 1):

• Formal check-in and HR system task confirmation.

• Mandatory introductory training modules, including office and information security, are tracked through our HR system and assigned via Sana, our dedicated learning platform or via live induction sessions with subject matter experts.

• System access verification and introduction to the team and key stakeholders.

Crucial Training & Development (Post-Week 1):

• As part of our ongoing development, role-specific training modules, mentorship connections, and developmental goals are assigned.

• The HR system and Sana track the completion of all required learning paths to ensure regulatory and operational readiness.

• Managers are responsible for conducting structured 30, 60, and 100-day check-ins to align with our performance management framework and ensure new starters are integrating successfully.

This structured approach ensures consistency, reduces administrative overhead, and guarantees that every new hire is fully equipped and compliant before beginning their core role responsibilities.

Background checks

Our pre-employment background check process is designed to ensure the integrity and suitability of our personnel. This process is managed by our People Team, and for high-risk roles, we engage a specialised external background check provider for advanced screening.

Standard screening

Prior to employment, all new hires are subject to a standard set of checks (except where local restrictions exist), including:

• Professional references: To gather insights into past performance, work ethic and valid employment history.

• Education/academic credentials: Verification of the institutions attended and any degrees, qualifications or certifications earned.

• Eligibility to work: Confirmation of legal eligibility to work in the country of employment (e.g. the Right To Work eligibility in EU and UK).

• Identification (ID) Check: Verification of identity by viewing a copy of personal identification documents (i.e. passports, national ID cards).

• Sanctions Screening: A check against relevant government and international sanctions lists.

Advanced Screening (High-Risk Roles)

For roles classified as high-risk, which are those with access to client environments required as part of their role, advanced screening is conducted by an external provider. This covers the standard checks, plus the following detailed verifications:

• Address Verification: Confirmation of current and previous addresses to verify the accuracy of personal information.

• Criminal Background Check: A check of criminal and county records, providing details of any spent and unspent convictions, cautions, reprimands, and final warnings held on central police records (excluding protected convictions and cautions).

• Financial Probity: An adverse financial background screening to assess financial history.

• Employment History: Verification of past employment details.

• Directorship Search: To identify and minimise potential conflicts of interest.

Contractors are solely subject to professional reference checks.

Confidentiality

All FundApps employees are bound by a comprehensive confidentiality clause in their employment contract, ensuring the protection of sensitive information both during and after their term of employment. This commitment is central to maintaining the security and integrity of our operations and client data.

The scope of this obligation includes, but is not limited to, the protection of:

• Client Information: Any proprietary data, intellectual property, financial records, or operational details shared by our clients.

• Company Proprietary Information: Our internal business strategies, financial models, intellectual property (including source code and trade secrets), and detailed operational processes.

• Personnel Information: Private data concerning our staff, our client’s employees and contractors.

Employees are required to use confidential information solely for the performance of their duties and must adhere to all internal security protocols. Any breach of this confidentiality obligation is regarded with the utmost seriousness by FundApps Limited and will result in disciplinary action, which could include termination of employment and legal proceedings being taken against the offender.

Ongoing training

We ensure the continuous security of our systems and client data is the primary focus of our ongoing training program. This commitment is supported by regular mandatory training sessions that cover crucial information security topics, including:

• Core Security Awareness: General security awareness, including recognising and preventing phishing scams, the secure use of virus scanners, and best practices for managing sensitive information. You can find more about our security awareness program here.

• Data Handling: Proper use of encryption and secure protocols for transferring sensitive information externally, whether via the internet or physical removable media.

This core training is supplemented by a regular monthly company-wide meeting to discuss both information security and business continuity issues.

In addition to our security focus, all employees must complete mandatory annual compliance training, covering essential topics such as Data Protection and Anti-Bribery and Corruption policies, ensuring our continued regulatory adherence.

Access control

Access is granted to staff on a least privilege basis. Please see our access control section for information on how we manage access to systems.

Offboarding

We follow a structured, task-based process in our HR system to ensure a smooth, compliant, and secure off-boarding of an employee, with agreed deadlines. This process is designed to mitigate risk and ensure the seamless transfer of responsibilities.

Key steps include:

• System and Access Revocation: All system and physical access is immediately revoked upon the employee’s departure. Please see our access control section for details on how we manage access to systems.

• Asset Recovery: A formal process is followed for the return of all company property, including laptops, mobile devices, access cards, and any other equipment.

• Knowledge Transfer: The departing employee’s manager oversees the necessary handover and documentation of ongoing projects and client responsibilities to ensure business continuity.

• HR and Financial Closure: The People Team manages final payroll, benefits closure, and any other contractual or administrative requirements.

This rigorous process is crucial for maintaining the security and confidentiality of our client and proprietary data, as mandated by the confidentiality clause in all employment contracts.