policies certificates & Licences

All members who wish to engage in public practice, as defined in CIMA’s member-in-practice rules, must hold a current practising certificate.  

The CFBL practising certificate is a license to practice and is issued following admission to CIMA’s member in-practice register or following successful annual renewal.   

CIMA has an obligation to protect the public; who must have confidence in the integrity and standards of those who are licensed by the Institute.  

CIMA is aware that circumstances change. To ensure that only registered and monitored members in practice are licensed; practising certificates are only valid for one calendar year. A replacement practising certificate will be re-issued once your annual member-in-practice renewal is completed.    

A mark of professionalism  

CIMA members in practice achieve and maintain professionalism through compliance with regulations around CPD, anti-money laundering and mandatory requirement policies. The practising certificate highlights that the holder has attained a level of competency to offer management accountancy services to the public and does so in an ethical and professional manner.     

Conditions of use  

Holders of CIMA practising certificates are entitled to call themselves chartered management accountants. Find out more about the use of the title.  

To maintain their practising certificate members must renew their member in-practice status annually with CIMA. Failure to do so when requested can result in losing members in practice status, and a full reapplication being required to regain entry onto CIMA’s register.    

All members working in practice must be compliant with CIMA’s mandatory requirements. CIMA conducts quality assurance checks on these documents and selected members are required to send in copies as confirmation of compliance and to ensure they meet CIMA’s quality criteria.  

Any member found to be providing accounting services whilst not registered as a member in practice will be in breach of the Member in Practice Rules (Rule 12) and may be liable to disciplinary action by the institute. 

Below is a list of our external policies, scroll further down to review each.  

• Accessibility Statement  

• Anti-Bribery and Corruption Policy  

• Anti-Fraud and Corruption Policy  

• Artificial Intelligence and Content Generation Policy  

• Audit and Compliance Policy  

• Change Management Policy  

• Cloud Services and Hosting Policy  

• Code of Conduct  

• Code of Conduct for Digital Services  

• Community Guidelines / Moderation Policy  

• Complaints and Appeals Policy  

• Conflict of Interest Policy  

• Content Management and Publishing Policy  

• Contract Management Policy  

• Copyright and Intellectual Property Policy  

• Corporate Social Responsibility (CSR) Statement  

• Cybersecurity Policy  

• Data Encryption and Storage Policy  

• Data Privacy and Security Policy  

• Data Protection Policy  

• Device and Endpoint Security Policy  

• Digital Identity and Trust Framework Compliance  

• Digital Inclusion and Assisted Digital Support Policy  

• Diversity and Inclusion Statement  

• Donations and Sponsorship Policy  

• Driver Safety Policy  

• Equal Employment Opportunity Policy  

• Equality, Diversity, and Inclusion (EDI) Statement  

• Equality, Diversity, and Inclusion Statement  

• Financial Transparency and Reporting Policy  

• Freedom of Information (FOI) Policy  

• Grant Management Policy  

• Health and Safety Policy  

• Health and Safety Statement  

• Incident Response and Breach Notification Policy  

• Information Security Policy  

• Legal Disclaimer  

• Meeting and Agenda Publication Policy  

• Mobile and App Services Policy  

• Modern Slavery and Human Trafficking Statement  

• Multilingual and Plain Language Policy  

• News and Announcements Policy  

• Open Data Policy  

• Privacy Policy  

• Procurement and Tendering Policy  

• Public Engagement and Consultation Policy  

• Public Notices and Alerts Policy  

• Quality assurance  

• Quality Assurance Statement  

• Records Management and Retention Policy  

• Remote Working Policy  

• Service Availability and Continuity Policy  

• Service Level Agreement (SLA) Policy  

• Social Media Use Policy  

• Software and Patch Management Policy  

• Spending and Budget Disclosure Policy  

• Supplier Code of Conduct  

• Sustainability and Net Zero Carbon Statement  

• Sustainability and net zero carbon statement  

• Terms of Use / Acceptable Use Policy  

• Third-Party Integration and API Use Policy  

• Transparency and Accountability Statement  

• User Access and Authentication Policy  

• User Feedback and Satisfaction Policy  

• User Support and Helpdesk Policy  

• Value for Money and Efficiency Policy  

• Website Archiving Policy  

• Website Maintenance and Uptime Policy  

• Whistle blower Policy  

• Workplace Health and Safety Policy 

We promote ethical behaviour, legal adherence, and organisational accountability. 

Anti-Bribery and Corruption Policy 

CFBL enforces a strict zero-tolerance approach to bribery or corruption, ensuring compliance with relevant anti-corruption regulations. Examples of how we achieve this are by: 

• Conducting risk‑based due diligence on third parties before entering any partnership.  

• Educating on annual anti‑bribery training, including real‑world scenarios and certifications. 

• Auditing expense claims and gifts registers to detect and investigate irregularities. 

Anti-Fraud and Corruption Policy 

Fraud prevention is embedded in our operational and client-facing activities, with active monitoring, review protocols, and due diligence on financial controls. Examples of how we achieve this are by: 

• Automating anomaly detection in high-volume financial processes 

• Requiring dual sign-off for large payments or consultancy agreements 

• Conducting scheduled fraud risk assessments and control updates 

Audit and Compliance Policy 

We operate under robust internal audit frameworks and cost assurance methodologies, aligning with government and infrastructure sector compliance standards. Examples of how we achieve this are by: 

• Aligning our audit programs to comply with international standards 

• Conducting regular peer reviews and external quality assessments 

• Maintaining up‑to‑date compliance lists tailored to each client industry 

Code of Conduct 

CFBL team members abide by a clear set of behavioural standards, ensuring professionalism, respect, and transparency in every client engagement. Examples of how we achieve this are by: 

• Embedding core values into onboarding and annual refresher training for all staff. 

• Ensuring acknowledgments from every team member to reinforce accountability. 

• Publishing conduct metrics to leadership and integrating them into performance reviews. 

Complaints and Appeals Policy 

We maintain a fair, transparent process for reviewing client or stakeholder feedback, ensuring timely resolution and continuous service improvement. Examples of how we achieve this are by: 

• Displaying a prominent disclaimer banner on all site pages 

• Updating legal terms whenever new content or services are launched 

• Providing clear attribution guidelines for downloading or referencing our publications 

Conflict of Interest Policy 

We proactively identify and manage any personal or financial interests that could influence our objectivity, safeguarding the impartiality of our advice. Examples of how we achieve this are by: 

• Mandating quarterly declarations of financial and outside interests from all consultants. 

• Establishing an independent review committee to assess and mitigate flagged conflicts. 

• Rotating engagement teams when potential conflicts are confirmed.    

Donations and Sponsorship Policy 

All donations or sponsorships are subject to ethical review, ensuring they align with our corporate values, are transparent, and avoid undue influence. Examples of how we achieve this are by: 

• Reviewing funding proposals through a professional evaluation panel 

• Officially disclosing sponsorships and amounts in an annual transparency register 

Reviewing post-funding impact to verify ethical alignment and outcomes 

Freedom of Information (FOI) Policy 

In line with applicable public sector guidelines, CFBL supports transparency by appropriately managing and responding to FOI requests within its project remit. 

Examples of how we achieve this are by: 

• Publishing FOI submission protocols and response timelines 

• Training staff on FOI handling, redaction, and exemptions 

• Logging all requests internally to track trends and refine disclosure practices 

Legal Disclaimer 

We maintain a clarification of the limitations and terms governing the use of CFBL’s website and published content. Examples of how we achieve this are by: 

• Displaying prominent disclaimers on all communications and pages 

• Updating legal terms whenever new content or services are launched 

• Providing clear attribution guidelines for downloading or referencing our publications 

Quality assurance 

Our consultancy is governed by strict quality assurance standards, leveraging experienced professionals, peer review, and steering group oversight to deliver consistently high value to our clients. Examples of how we achieve this are by: 

• Requiring peer review of all deliverables prior to client submission 

• Holding regular steering-group sessions to examine quality KPIs 

• Incorporating client feedback and industry benchmarks into process improvements 

Whistleblower Policy 

Our secure, confidential reporting channels empower employees and stakeholders to raise concerns or violations without fear of retaliation. Examples of how we achieve this are by: 

• Guaranteeing anonymity and support through formal policy safeguards. 

• Ensuring all reports are followed by a standardized investigation protocol 

• Protecting whistleblowers through anti‑retaliation measures and support resources 

We demonstrate responsible financial stewardship and ethical procurement. 

Contract Management Policy 

CFBL ensures rigorous contract oversight including clear deliverables, performance metrics, and review checkpoints, so that all parties meet their obligations and project goals are achieved. Examples of how we achieve this are by: 

• Establishing contract‑specific governance forums to review progress against milestones 

• Implementing automated tracking of key dates (e.g., deliverable submissions, renewal windows) in our contract management system 

• Conducting quarterly performance reviews with suppliers and clients to address issues proactively 

Financial Transparency and Reporting Policy 

CFBL publishes clear financial statements and budget summaries for relevant projects, enabling clients and stakeholders to track expenditure and outcomes with confidence. Examples of how we achieve this are by: 

• Sharing project‑level budget dashboards via secure client portals, updated monthly 

• Issuing quarterly financial reports that reconcile planned versus actual spend and highlight variances 

• Hosting annual financial-review webinars open to stakeholders to discuss performance and forecasts 

Grant Management Policy 

Our grant administration adheres to funder requirements, with robust application vetting, compliance monitoring, and regular reporting to secure and sustain funding. Examples of how we achieve this are by: 

• Implementing pre‑award due diligence to verify grantee eligibility and capacity 

• Tracking fund utilisation against milestones via a centralised management platform 

• Delivering interim and final grant reports, audited by an independent reviewer, to ensure accountability 

Procurement and Tendering Policy 

We follow transparent and competitive tendering processes, awarding contracts based on merit, cost‑effectiveness, and alignment with our ethical and sustainability criteria. Examples of how we achieve this are by: 

• Publishing clear tender invitations with defined evaluation criteria  

• Engaging cross‑functional panels, including legal, commercial, and sustainability experts to assess bids 

• Documenting and publishing tender outcomes and rationales to maintain stakeholder confidence 

Spending and Budget Disclosure Policy 

We openly disclose spending thresholds and budget allocations for client engagements, supporting informed decision‑making and preventing cost overruns. Examples of how we achieve this are by: 

• Publishing threshold levels for approval tiers and associated delegation authorities in our policy handbook  

• Providing real‑time spend trackers accessible to authorised client representatives 

• Documenting budget re‑forecast rationales and approvals in our governance logs 

Supplier Code of Conduct 

All suppliers commit to our ethical standards, covering labour practices, environmental stewardship, and anti‑corruption to qualify for procurement and our ongoing collaboration. Examples of how we achieve this are by: 

• Embedding our Supplier Code into every procurement contract and onboarding package 

• Conducting periodic supplier audits to verify adherence to labour and environmental criteria 

• Enforcing remediation plans or contract termination when non‑compliance is identified 

Value for Money and Efficiency Policy 

We continuously assess processes, resource allocation, and supplier performance to optimise costs, streamline operations, and deliver measurable efficiencies for clients. Examples of how we achieve this are by: 

• Applying benchmark analyses and unit‑cost comparisons across similar project scopes 

• Facilitating quarterly efficiency reviews with project teams to identify and implement savings initiatives 

• Incorporating value‑engineering workshops at key project stages to refine deliverables and reduce waste 

We ensure a safe and healthy environment for all stakeholders and workers. 

Driver Safety Policy  

All business travel and site visits follow strict vehicle maintenance, driver training, and journey‑planning standards to protect staff and third parties on the road. Examples of how we achieve this are by: 

• Requiring annual driver‑safety training and licence checks for all employees undertaking site visits 

• Mandating pre‑trip vehicle inspections and adherence to defined client roads 

• Utilizing journey‑planning tools to optimize routes, reduce fatigue, and track travel incidents 

Health and Safety Policy  

We maintain comprehensive procedures, including emergency response, road safety, and remote‑work protocols to proactively identify and mitigate risks in both office and off‑site settings. Examples of how we achieve this are by: 

• Conducting regular risk assessments and emergency drills across all work settings 

• Publishing clear protocols for incident reporting, road safety, and first‑aid arrangements 

• Reviewing and updating our policy annually to incorporate legal requirements and best practices 

Remote Working Policy  

We support safe and healthy home working through ergonomic guidance, check‑ins, and clear communication channels to address any concerns. Examples of how we achieve this are by: 

• Issuing home‑office setup guides and offering digital equipment assessments to all remote workers 

• Scheduling virtual check‑ins with line managers to monitor welfare and workload balance 

• Enforcing secure VPN access and data‑protection protocols to safeguard confidential information 

Workplace Health and Safety Policy 

Our on‑site safety measures cover hazard assessments, regular training, and incident reporting to ensure a secure and supportive office environment.  Examples of how we achieve this are by: 

• Completing monthly workplace inspections and logging corrective actions for later reference 

• Delivering quarterly health and safety workshops, covering manual handling, fire safety, and stress management 

• Reporting near‑misses and incidents centrally to drive continuous improvement and accountability 

We protect data, systems, and ensures compliance with regulatory frameworks. 

Accessibility Statement 

Our website and digital materials are designed for inclusive access, meeting WCAG 2.1 AA standards and providing alternative formats upon request. Examples of how we achieve this are by: 

• Conducting semi‑annual accessibility audits with assistive‑technology testing 

• Offering downloadable text transcripts and captioning for multimedia content 

• Maintaining a feedback form to capture and address accessibility issues 

Artificial Intelligence and Content Generation Policy 

We are committed to the ethical, secure, and transparent use of Artificial Intelligence technologies including generative AI, for areas like internal operations, content development and so on. Examples of how we achieve this are by: 

• Clearly disclosing when AI-generated content, recommendations, or tools are used in reports, insights, or communications 

• Reviewing all AI outputs through human subject-matter experts to verify relevance, quality, and factual integrity before client distribution 

• Limiting the use of AI to non-sensitive contexts, ensuring no confidential data is input into public or third-party AI systems 

Cloud Services and Hosting Policy 

We engage only certified cloud providers with robust security certifications ensuring data sovereignty and compliance with UK regulations. Examples of how we achieve this are by: 

• Conducting annual security and compliance reviews of all cloud vendors 

• Ensuring data residency within approved UK/EU jurisdictions 

• Using cloud‑native security tools for continuous configuration monitoring 

Code of Conduct for Digital Services 

We require all digital interactions and content to adhere to our ethical standards, including truthfulness, professionalism, and respect for user privacy. Examples of how we achieve this are by: 

• Training digital‑team members on ethical content creation and moderation 

• Implementing editorial review boards for all public‑facing updates 

• Applying privacy‑by‑design principles when developing new features 

Copyright and Intellectual Property Policy 

All CFBL content is protected by intellectual property laws, and we respect third‑party copyrights by securing permissions and attributing sources appropriately. Examples of how we achieve this are by: 

• Registering our publications and methodologies under UK copyright law 

• Requiring documented license checks before using external content 

• Embedding digital‑watermarking in client‑facing deliverables to track distribution 

Cybersecurity Policy 

CFBL committed to maintaining a secure digital environment that protects the confidentiality, integrity, and availability of our data, systems, and client information, including regular staff training on cybersecurity awareness, secure data handling, and up-to-date security tools and encryption. Examples of how we achieve this are by: 

• Deploying up to date firewalls and intrusion‑detection systems 

• Conducting phishing simulations and cybersecurity training 

• Partnering with external experts for periodic penetration testing 

Data Encryption and Storage Policy 

Sensitive data is encrypted both in transit and at rest using industry‑standard protocols, and backups are securely stored and regularly tested. Examples of how we achieve this are by: 

• Utilizing secure encryption channels for all internal and external data transfers 

• Encrypting database volumes with the latest security tools 

• Verifying backup integrity and restorability on a monthly basis 

Data Protection Policy 

Our robust data protection measures include periodic risk assessments, staff training, and documented procedures to prevent unauthorised access, loss, or disclosure of sensitive information. Examples of how we achieve this are by: 

• Running mandatory annual training on data‑handling best practices for all staff 

• Performing quarterly risk assessments and updating controls accordingly 

• Documenting and testing secure data‑transfer procedures with encryption 

Device and Endpoint Security Policy 

Company‑issued and personal devices used for CFBL work comply with security configurations, antivirus protection, and encrypted storage to prevent data leakage. Examples of how we achieve this are by: 

• Requiring disk‑encryption and regular endpoint‑security health checks 

• Blocking non‑compliant devices from accessing corporate networks 

Digital Identity and Trust Framework Compliance 

CFBL aligns with national digital identity standards, ensuring secure and verifiable interactions with both public‑sector bodies and private clients. Examples of how we achieve this are by: 

• Integrating single‑sign‑on solutions compliant with modern standards 

• Periodically updating identity‐proofing checks to meet regulatory changes 

• Verifying third‑party digital credentials through accredited trust anchors 

Incident Response and Breach Notification Policy 

In the event of a security incident, we follow a documented response plan, promptly notifying affected parties and regulators in line with ICO guidelines. Examples of how we achieve this are by: 

• Maintaining a dedicated incident‑response team with defined escalation tiers 

• Running tabletop exercises quarterly to validate readiness and refine procedures 

• Issuing breach reports to stakeholders within event of detection 

Information Security Policy 

We enforce role‑based access controls, data classification, and regular audits to guarantee confidentiality, integrity, and availability of client and company information. Examples of how we achieve this are by: 

• Granting permissions through an identity‑and‑access management system 

• Reviewing access logs monthly to detect and revoke unnecessary privileges 

• Classifying all data assets and labelling them according to sensitivity levels 

Privacy Policy (GDPR & UK Data Protection Act) 

We collect and process personal data lawfully, transparently, and only for specified purposes, ensuring rights to access, correction, and deletion are fully respected under GDPR and the UK Data Protection Act. Examples of how we achieve this are by: 

• Publishing clear data‑collection notices and consent forms on our website 

• Providing self‑service portals for data‑subject requests and forms, such as access or deletion 

• Conducting regular audits to ensure all processing activities align with declared purposes 

Records Management and Retention Policy 

We maintain accurate records throughout their lifecycle, retaining documents for legally mandated periods and securely disposing of them when no longer required. Examples of how we achieve this are by: 

• Classifying records by type and applying automated retention schedules 

• Utilizing secure shredding and digital‑wiping services for end‑of‑life documents 

• Logging all destruction activities in an audit trail for regulatory verification 

Software and Patch Management Policy 

All software and firmware are kept up to date through patching schedules and vulnerability scans to eliminate known security risks. Examples of how we achieve this are by: 

• Deploying patches within defined SLA windows based on criticality 

• Running weekly vulnerability scanning and remediation workflows 

• Logging and auditing all patch deployments for compliance reporting 

Terms of Use / Acceptable Use Policy 

Users of our website agree to lawful, respectful conduct and understand that misuse of our digital services may result in access restrictions. Examples of how we achieve this are by: 

• Displaying clear terms on our homepage with acknowledgment 

• Monitoring traffic for suspicious behaviour and enforcing IP blocks when needed 

• Reviewing and updating the policy annually to reflect new legal or technical developments 

User Access and Authentication Policy 

We enforce strong, unique credentials and multi‑factor authentication for access to Access to CFBL systems, with periodic reviews to revoke unnecessary permissions. Examples of how we achieve this are by: 

• Enforcing password complexity and rotation policies via our IAM platform 

• Implementing hardware or software tokens for privileged‑access accounts 

• Auditing user roles quarterly to remove outdated or unnecessary access 

Website Maintenance and Uptime Policy 

We perform regular updates, monitoring, and redundancy checks to guarantee continuous availability and resilience of our online services and user experience. Examples of how we achieve this are by: 

• Implementing balanced server uptime with automatic failover 

• Conducting off‑peak maintenance and announcing windows in advance 

• Monitoring performance metrics in real time and triggering alerts for anomalies

The Modern Slavery Act of 2015  

The Modern Slavery Act came into force on 26 March 2015. The Act clarifies the existing offences of slavery and human trafficking and introduces tougher penalties.  

The Act includes a new requirement for commercial organisations such as CFBL to publish a statement each financial year setting out the steps we have taken to ensure that no slavery or trafficking is taking place in our business and supply chain.  

The term ‘modern slavery’ describes exploitation so severe that people are not able to leave their place of work. ‘Slavery’ refers to the condition of treating another person as if they were property, something to be bought, sold, traded, or even destroyed. Victims may be ‘owned’ by their employers and controlled through means including massive recruitment debts that they are unable to pay off, and threats of harm if they try to leave. The significant characteristic of all forms of slavery is that they involve one person depriving another person of their freedom.  

Situations that may present a particular risk of modern slavery include:  

• Where workers have fewer protections through inadequate laws and regulations, weak or non-existent enforcement, and poor business and government accountability.  

• Where there are high levels of poverty among workers.  

• Where there is widespread discrimination against certain types of workers (e.g. women and ethnic groups);  

• Where there is the widespread use of migrant workers.  

• In conflict zones, and.  

• In some specific high-risk industries (typically industries involving raw materials).  

The risk of modern slavery affects almost every industry globally. As well as the potential for legal sanction, companies that fail to take effective action may also suffer severe reputational damage and loss of market share. CFBL takes this risk very seriously.  

Measures to address modern slavery in CFBL’s supply chains  

– CFBL has undertaken the following measures to manage the associated risks of modern slavery in its supply chain:  

Action Planning  

For situations where corrective action is required, CFBL Consulting management will seek to address any issues with the appropriate level of management within the supplier. As a last resort, it may be necessary to terminate a relationship with a supplier.  

Report on the latest Financial Year  

CFBL is not aware of any breach of the Modern Slavery Act 2015 in the context of its business operations or amongst its current supply chain during the current financial year. 

CFBL Consulting’s Policy  

CFBL Consulting has adopted the following policy on modern slavery:  

CFBL Consulting is committed to upholding the highest ethical and professional standards, and to maintaining public confidence in management accounting. As part of that commitment, we will use our best endeavours to identify and mitigate the risks of modern slavery and human trafficking by:  

• Never supporting or dealing with any business knowingly involved in slavery or human trafficking.  

• Ensuring our suppliers and business partners understand our expectations of what acceptable business behaviour is, including this policy;  

• Where necessary asking our suppliers and business partners to adopt suitable anti-slavery and human trafficking policies and procedures; and  

• Encouraging the reporting of concerns and provide appropriate protection for whistleblowers.  

CFBL Consulting’s leadership team will ensure that staff are aware of this policy statement and that any further steps are implemented to prevent slavery and human trafficking within CFBL and its supply chains.  

This policy will be reviewed annually.  

Staff are made aware of the Modern Slavery Policy and encouraged to report concerns to the Senior Leadership Team.  

Contract Provisions  

CFBL Consulting will ensure that its contractual arrangements with new or existing suppliers support its modern slavery policy.   

Supplier policy  

All supplier policies dealing with modern slavery will be vetted during any procurement processes to ensure that they align with CFBL Consulting’s own policy.  

Supply Chain Assessment and Reviews  

CFBL Consulting will seek to identify vulnerabilities through supply chain assessment and reviews. While it is impractical for CFBL Consulting to audit and monitor each supplier in its entire supply chain at all levels, CFBL Consulting will identify key vulnerabilities and will take a risk management approach to ethical procurement and contracting. CFBL Consulting will ensure that its tender processes assist in assessing supplier compliance with the law. 

Whistleblowing  

CFBL Consulting will continue to encourage whistleblowing to identify breaches of policy and contractual provisions in respect of modern slavery. Reporting systems are in place to ensure that whistle-blowers identities are protected and that they have HR, Procurement and Senior Leadership support.  

Sustainability and Net Zero Target 

CFBL Consulting is proud and committed to achieving Net zero carbon emissions by 2030. In this statement, we express our increased ambition and demonstrate our commitment to net zero emissions in the future. We are dedicated to enhancing this foundation and work together to share our experiences and methods with others. We are aware that we cannot change the world in an immersion, so CFBL Consulting is dedicated to making small changes that can be the starting point for a large -scale impact. 

Key Action Steps 

We intend to achieve our Net Zero commitment and contribution by doing one or more of the following: 

Environmental Sustainability 

1. Energy Efficiency: Utilise energy-efficient systems such as high-performance insulation, LED lighting, and energy-efficient HVAC systems to reduce energy consumption.

1. Renewable Energy: Incorporated renewable energy sources, such as solar panels or geothermal systems, to offset energy use and reduce carbon emissions to enhance sustainability. implementing practices that support biodiversity and resource conservation.  

1. Sustainable Materials: We manage waste responsibly and use eco-friendly, recycled, or locally sourced materials for repairs and renovations to minimize the carbon footprint associated with materials transport and production. 

1. Water Conservation: We have Implemented water-saving technologies and practices, such as rainwater harvesting to reduce water usage.  

We believe these minor proactive approaches can also contribute to a healthier planet, enhancing both a company’s financial performance and its societal impact. 

Social Sustainability 

As a business, we also focus on creating an impact on society and the well-being of communities. This involves 

1. We promote fair labour practices, ensuring diversity and inclusion in the workplace 

1. Supporting employee development and contributing positively to local communities. 

1. Engaging with local communities to support social development and address social inequalities, 

1. Meeting regarding enhancing mental health and well-being 

1. Remote work arrangements 

By prioritising social responsibility, we aim to foster strong relationships with stakeholders, enhance their reputation, and create lasting positive change. 

Sustainability Governance 

We address our strong governance by the following actions 

1. Maintaining transparency, accountability, and ethical business practices that encompass policies on executive compensation, board diversity, shareholder rights, and compliance with regulations. 

1. We exhibit robust governance structures as it helps us better to mitigate risks, navigate challenges effectively, and maintain investor trust. 

Sustainability Partners 

We are delighted to partner with the UK’s pioneers in sustainability positive action. Our partners offer a comprehensive service, beginning with mapping out our carbon footprint and helping our company achieve, or as close to as possible, net zero. With a focus on scope 1 and 2, we measure our carbon footprint, create a roadmap for our business to implement changes that will deliver measurable reductions in our company’s carbon footprint. We develop a tailor-made carbon reduction strategy for the company to identify quick wins in the short- and medium- and long-term. 

Sustainability Reporting 

CFBL contributes to climate change and sustainable development by developing a methodology to ensure the publication of non-financial reports on the audit of financial reports to help CFBL audit teams consider the effects of climate-related risks on financial outcomes. In this way, we help companies understand the broader value impacts and outcomes, identify opportunities, and support the publication of non-financial performance risk reports to their stakeholders. Additionally, we collaborate with partners, advisors and clients on sustainability, climate, energy transition and environmental, social and governance (ESG) to lead a wave of innovation and economic growth that protects the planet and promotes sustainable development. We are delighted to be working with some of the UK’s leading sustainability action pioneers. Our partners provide a comprehensive service that starts with mapping our carbon footprint and helps our operations achieve net zero emissions, or as close to it as possible. CFBL Consulting is a signatory to SME Climate Hub and is proud to be an ambassador working with Compare your Footprint to support businesses in achieving this. 

Sustainability Roadmap 

With a focus on scope 1 and 2, we measure the carbon footprint and create a roadmap for the business to implement changes that will lead to a measurable reduction in the businesses’ carbon footprint. We develop a tailored carbon emissions reduction strategy to help business achieve rapid success in the short, medium, and long term. We leverage our net zero commitment by leading other businesses in sustainability, attracting eco-conscious clients and projects. Furthermore, we are enhancing our brand reputation through effective marketing of its sustainability initiatives, engage in partnerships with like-minded organisations, and participate in industry forums, thus increasing visibility and competitiveness in a market increasingly focused on environmental responsibility. 

Sustainability and ESG Finance 

Additionally, we also dedicate ourselves to along with a carbon coach to provide training and guide staff through any proposed changes, provide comprehensive support to accurately quantify the company’s carbon reduction for reporting. Consequently, we are actively driving changes within organisations that have minimal impact on the operations but have a positive impact on the company’s carbon footprint and potentially the energy costs. We support our customers and suppliers in transforming their activities to reach net zero. However, we also recognise the importance of actively reducing the climate impact of our own operations, including Scope 3 emissions from the supply chain. 

 Decarbonisation Targets by 2030 

• Scope 1 – To reduce direct emissions generated by the company’s activities by 85% 

• Scope 2 – To reduce indirect emissions associated with energy purchased and transition to 100% renewable energy across 85% of territories 

• Scope 3 – To reduce other indirect emissions associated with the company’s supply chain activities and absolute business travel emissions by 85% 

We are adapting our core ESG (Environmental, Social, and Governance) services with every client to include consideration of environmental issues. This ranges from the inclusion of climate empowerment in our Assurance methodologies and processes, diversity and equity in the workforce, transparency report and sustainability-focused transformation programs in Consulting, among many others. 

We offer specialized services to help organizations develop their own net zero strategies, advise them on best practices, and promote case studies of successful implementations to share. Explore more about our commitments in our website https://www.cfbusinesslinks.com/ 

With our sustainability practices, we aim to help organizations plan, source, deliver, finance, and measure the broader impact of products and services. We help businesses ensure their sustainability by making them more resilient, agile, and sustainable. We will accomplish this through a comprehensive strategy that includes reducing our emissions by 80% by 2030, investing in renewable energy, improving energy efficiency, and offsetting remaining emissions through verified carbon offset projects. We recognize the importance of transparency and accountability and will report our progress annually.” 

By following these strategies, CFBL believes to contribute to The Paris Agreement’s central’s aim to strengthen the global response to the threat of climate change by keeping a global temperature rise this century well below 2 degrees Celsius above pre-industrial levels and to pursue efforts to limit the temperature increase even further to 1.5 degrees Celsius. 

We support open communication, service delivery, and public trust.

Open Data Policy

We make non-sensitive data openly available where appropriate, to support knowledge sharing, collaboration, and innovation across sectors.

Examples of how we achieve this are by:

• Maintaining a searchable area of anonymized project data and industry analyses
• Regularly updating open datasets following each major project milestone
• Publishing data‑quality documentation to guide external use and interpretation

Transparency and Accountability Statement

Our operations are governed by principles of transparency, professional ethics, and measurable outcomes, with accountability built into all client engagements. Examples of how we achieve this are by:

• Issuing an annual performance report detailing key metrics and lessons learned
• Publishing governance structures and decision‑rights frameworks on our website
• Inviting third‑party reviews of select engagements and sharing summary findings

Public Engagement and Consultation Policy

CFBL engages stakeholders in meaningful dialogue when shaping relevant policies, projects, or reports, ensuring decisions are informed, inclusive, and evidence-based. Examples of how we achieve this are by:

• Hosting virtual and in‑person workshops during project development phases
• Publishing consultation drafts with open comment periods and response summaries
• Integrating stakeholder feedback into final deliverables and acknowledging contributor

Community Guidelines / Moderation Policy

We maintain respectful and constructive discourse across our digital platforms, with clear rules on content moderation to prevent abuse or misinformation.

Examples of how we achieve this are by:

• Enforcing a zero‑tolerance policy for hate speech and personal attacks
• Moderating comments and posts within 24 hours to remove prohibited content
• Providing clear escalation paths for users to report violations and appeal moderation decisions

Social Media Use Policy

Our official social media channels are used professionally to share insights, news, and thought leadership, while respecting confidentiality, brand integrity, and public expectations. Examples of how we achieve this are by:

• Maintaining an approved digital‑content calendar reviewed by our Marketing team
• Training spokespeople on compliant messaging and crisis‑communication protocols
• Archiving all social posts against our transparency commitments

Meeting and Agenda Publication Policy

Where applicable, we publish key agendas, summaries, or decisions from governance meetings to demonstrate openness and reinforce client trust. Examples of how we achieve this are by:

• Uploading board and steering‑group agendas at least five business days in advance
• Circulating action‑minute summaries to participants within 48 hours of each meeting
• Making non-confidential governance documents publicly accessible via our data portal

News and Announcements Policy

CFBL communicates timely updates on services, projects, and regulatory changes via our website, email lists, and social media. Examples of how we achieve this are by:

• Posting press releases and blog updates within an acceptable timeframe of key events
• Distributing email newsletters to subscribers with clear content sections
• Synchronizing news across our website, social media, and partner platforms

Public Notices and Alerts Policy

Critical service updates or urgent announcements—such as policy changes or data security alerts—are published promptly and clearly through designated channels. Examples of how we achieve this are by:

• Publishing banner notices on our website homepage for critical alerts
• Sending SMS and email notifications to registered clients during emergencies
• Maintaining an alert‑archive area for reference to past notices

Service Level Agreement (SLA) Policy

Our SLAs define clear expectations for service delivery, response times, and escalation procedures, ensuring accountability and transparency with clients. Examples of how we achieve this are by:

• Specifying response and resolution targets for each service tier in client contracts
• Reviewing SLA performance quarterly with clients and adjusting terms as needed

Service Availability and Continuity Policy

Our business continuity plans, cloud-based infrastructure, and secure backups help maintain service availability during potential disruptions or emergencies. Examples of how we achieve this are by:

• Implementing cloud services with fail‑over capabilities
• Conducting semi‑annual disaster‑recovery drills and updating plans accordingly
• Providing clients with continuity‑of‑service documentation and contact lists

Change Management Policy

We follow a structured process for managing internal and client-facing changes to ensure minimal disruption, risk mitigation, and stakeholder alignment. Examples of how we achieve this are by:

• Logging all proposed changes in our Project Change Register and assessing impacts
• Securing formal approvals from change‑advisory boards before implementation
• Communicating scheduled updates to affected parties with clear timelines and rollback options

User Support and Helpdesk Policy

Dedicated support channels are available for client queries and technical issues, with defined response and resolution timeframes based on service agreements. Examples of how we achieve this are by:

• Operating a 24/5 helpdesk with trained support responses
• Issuing ticket confirmations within 30 minutes of request submission
• Providing self‑service knowledge‑base articles and video tutorials for common issues

Content Management and Publishing Policy

All published content undergoes review for accuracy, clarity, and alignment with our values and sector-specific compliance standards. Examples of how we achieve this are by:

• Routing drafts through an intensive review before publishing with team members
• Applying version control and maintaining a public changelog for major publications
• Using standardized templates and style guides for consistency

Website Archiving Policy

We preserve website content in line with data retention and legal requirements, ensuring historical transparency and public accessibility when needed. Examples of how we achieve this are by:

• Automatically capturing quarterly snapshots of web pages and file attachments
• Storing archives in a secure, read‑only environment for ten years
• Providing indexed, searchable access for audit and public‑record requests

Third-Party Integration and API Use Policy

Any external integrations used by CFBL are vetted for data protection, compliance, and reliability, ensuring secure collaboration and interoperability. Examples of how we achieve this are by:

• Conducting security and privacy assessments on third‑party libraries
• Restricting API keys to least‑privilege scopes and rotating them regularly
• Monitoring integration performance and logging all external calls for audit trails

Mobile and App Services Policy

Mobile access to CFBL resources and any digital services is provided through secure, user-friendly channels compliant with accessibility and privacy standards. Examples of how we achieve this are by:

• Requiring MFA and device‑management compliance for mobile app logins
• Designing interfaces to meet standards for accessibility
• Pushing security updates to mobile clients through managed app stores

User Feedback and Satisfaction Policy

Client feedback is actively solicited through surveys and review sessions, enabling us to enhance service quality and align with evolving needs. Examples of how we achieve this are by:

• Distributing post‑engagement surveys within one week of project close
• Holding quarterly stakeholder review meetings to discuss satisfaction trends
• Implementing action plans for improvement and reporting back on progress

Digital Inclusion and Assisted Digital Support Policy

We provide additional support and accessible formats to ensure our services remain inclusive and usable for all, regardless of digital literacy or access barriers. Examples of how we achieve this are by:

• Offering telephone‑based assistance and walk‑through sessions for key deliverables
• Supplying large‑print and audio versions of critical documents on request
• Partnering with community organisations to reach under‑served user groups

Sustainability and net zero carbon statement

CFBL is committed to reducing its environmental footprint by minimising emissions, adopting low-carbon practices, and supporting sustainable, climate-conscious operations. Examples of how we achieve this are by:

• Offsetting business‑travel emissions via certified carbon‑offset practices
• Prioritising renewable‑energy supplies and energy‑efficient office practices
• Embedding sustainability criteria in supplier selection and contract management