Exhibit D
BioLineRx Ltd. Code of Business Conduct and Ethics
Effective as of January 1, 2011
POLICY STATEMENT
It is the policy of BioLineRx Ltd. (the “Company”) to conduct its affairs in accordance with all applicable laws, rules and regulations of the jurisdictions in which it does business. This Code of Business Conduct and Ethics (this “Code”) applies to the Company’s employees, officers and directors. This Code is designed to promote:
| · | honest and ethical conduct by all of the Company’s employees, officers and directors, including the ethical handling by such persons of actual or apparent conflicts of interest between personal and professional relationships; |
| · | full, fair, accurate, timely and understandable disclosure in the reports and documents the Company files with, or submits to, the U.S. Securities and Exchange Commission (“SEC”) or the Israeli Securities Authority (“ISA”), and in other public communications made by the Company; |
| · | compliance with applicable governmental laws, rules and regulations; |
| · | the prompt internal reporting to the appropriate person of violations of this Code; and |
| · | Accountability for adherence to this Code. |
All directors, officers and employees of the Company are subject to this Code and are expected to adhere to and comply with those principles and procedures set forth in this Code that apply to them. The Company will take such disciplinary or preventative action as it deems appropriate to address any existing or potential violation of this Code brought to its attention.
APPROVALS AND WAIVERS
Certain provisions of this Code require you to act, or to refrain from acting, unless prior approval is received from the appropriate person. Employees requesting approval pursuant to this Code should request such approval in writing from the Compliance Officer. Approvals relating to Executive Officers and Directors must be obtained from the Company’s Board of Directors. All other approvals may be granted by the Compliance Officer, or such officer’s designee.
Other provisions of this Code require you to act, or to refrain from acting, in a particular manner and do not permit exceptions based on obtaining an approval. Waiver of those provisions relating to Executive Officers, senior financial officers and Directors may only be granted by the Board of Directors.
RESPONSIBILITY FOR COMPLIANCE
Your responsibility
You are obligated to adhere to this policy in the performance of your job responsibilities. When faced with a situation that requires an evaluation of what is, and what is not, proper business conduct, begin by applying the following criteria:
| • | Is the course of conduct legal? |
| • | Is the course of conduct in accordance with the guidelines set forth in this Code and with Company policies and procedures? |
| • | Would you or the Company be compromised or embarrassed if the situation were known by your co-workers or the public? |
| • | Does the intended course of conduct have the appearance of impropriety? |
If you are unable to answer “yes” to the first two questions and “no” to the second two questions with certainty, seek advice through the channels described under the section entitled “To seek advice or report non-compliance.”
Remember that failure to report a violation of this Code is itself a violation.
To seek advice or report non-compliance
If you suspect non-compliance, or have a question as to any aspect of this Code, including its interpretation, application or compliance therewith, regarding yourself or any other employee of BioLineRx, you must seek the advice of the appropriate Company authority, such as your immediate supervisor, human resources manager or General Counsel. If for any reason you feel uncomfortable discussing your concerns or questions with these individuals, or if you are dissatisfied with their responses, seek advice from the Internal Auditor. If you prefer, you may correspond anonymously with the Internal Auditor through our confidential mailbox: biolinerx@deloitte.co.il.
The Company Compliance Team:
Nurit Benjamini Audit Committee Chairperson email: nurit378@gmail.com Tel: 052-644-0745 | Linur Dloomy, CPA (Deloitte) Internal Auditor e-mail: LDloomy@deloitte.co.il Tel: 052-583-9635 |
Disciplinary action
The Company intends to prevent the occurrence of conduct not in compliance with the Code, applicable laws or regulations, or other policies, procedures and guidelines prepared by our Company and its business units and to halt any such conduct that may occur as soon as reasonably possible after its discovery. Allegations of non-compliance with the Code will be investigated whenever necessary and evaluated at the proper level(s). Those found to be in violation of this Code are subject to appropriate disciplinary action, up to and including termination of employment. Criminal misconduct may be referred to the appropriate legal authorities for prosecution.
When in doubt . . .
If you think you are being asked to behave or conduct business in an illegal, unethical or otherwise inappropriate manner, or you suspect others of such behavior, immediately report your concerns through the channels described above. You will not be penalized for reporting what you believe, in good faith, to be a breach of the Code; even if it later turns out that a violation has not occurred.
THE EMPLOYMENT RELATIONSHIP
Terms of employment
BioLineRx employees are generally employed by the Company either pursuant to an employment contract or other arrangement. Subject to applicable law, both the employee and the employer are legally allowed to terminate the employment at will. This BioLineRx Code may be revised from time to time at the Company’s discretion and is not a contract of employment.
Anti-discrimination and anti-harassment
BioLineRx hires, pays, promotes and makes other employment decisions based upon lawful factors, such as qualifications and performance, and without regard to race, sex, color, religion, age, national origin, sexual orientation, disability or any other basis that is protected under applicable law.
Drug and alcohol abuse and drug-free workplace
BioLineRx prohibits the illegal use, sale, purchase, transfer, possession or presence in one’s system of drugs, other than medically prescribed drugs, while on the Company’s premises.
Workplace violence
BioLineRx does not tolerate workplace violence or threats of violence committed by or against employees or property.
Conflict of interest and opportunities for personal gain
All Directors, officers and employees must avoid relationships, activities or interests that conflict or appear to conflict with the interests of the Company. Directors, officers and all employees have an obligation to promptly disclose to their supervisor or local internal auditor any relationship, activity or interest that could possibly involve or appear to involve an actual or potential conflict of interest. If you are unsure whether something is a conflict of interest you are obligated to promptly disclose it to your supervisor.
Related Party Transactions
All Directors, officers and employees should immediately inform a representative of the Finance Department or General Counsel at the outset of negotiations or contacts regarding a potential transaction between an entity or a person related to a Director, officer or employee of BioLineRx or its subsidiaries and BioLineRx or its subsidiaries and in any event prior to completion of any such transaction (without regard to size or materiality).
Acceptance and giving entertainment or gifts
You may never accept bribes, kickbacks, or other types of unusual payments from any organization or individual seeking to do business with, doing business with, or competing with BioLineRx. You may accept gifts or entertainment of nominal value as part of the normal business process if public knowledge of your acceptance would cause the Company no conceivable embarrassment. In accordance with foreign laws, you are prohibited from directly or indirectly authorizing, offering, promising or giving anything of value to a foreign governmental official as a means of influencing or inducing the official to obtain or retain business for BioLineRx.
Fraud
You may not engage in fraudulent conduct. “Fraud” is the deliberate practice of deception in order to receive unfair or unlawful gain.
Financial reporting
All financial and other records of the Company are required to accurately and fairly reflect the Company’s assets, liabilities, revenues and expenses.
Outside employment or consulting
Employment as a consultant, officer, or manager of another business organization requires prior written management approval. Outside employment or consulting must never interfere with your job performance, utilize Company property or facilities, involve the implicit or explicit sponsorship of the Company, or create the possibility of adverse publicity for the Company.
Political activity and contributions
Requiring anyone at BioLineRx to make a personal or corporate contribution to any candidate, political party, or holder of any governmental office is prohibited. You are free to participate in lawful political activity.
Company records and accounts
All Company records and accounts are the property of BioLineRx. Company records and accounts must be maintained at all times in reasonable detail and in a manner that accurately reflects all business and financial transactions, including the disposition of assets. The destruction or falsification of a document in order to impede a litigation, governmental investigation, audit or examination is prohibited and may lead to prosecution for obstruction of justice.
Protection of the Company’s Property
All employees should endeavor to protect the Company’s property, plant and other tangible and intangible assets. Company property should not be used for non-Company business, though incidental personal use may be permitted.
Expense accounts
The Company recognizes its responsibility to reimburse you for legitimate business expenses. Those expenses should be within reasonable limits and commensurate with the nature of the business assignment. You are expected to fully and clearly document business expenses and comply with the travel policy, which applies to your business unit/locale.
Employee privacy
Company information about employees is confidential and only those with a legitimate, work-related need may access such information. BioLineRx will not release any information about you to entities outside the Company without your written authorization or unless required to do so by applicable law, pursuant to a summons, subpoena or court order, or as deemed appropriate by the Company.
Proprietary information and intellectual property
Proprietary business, technical, personal information or any trade secret of the Company and its employees, customers and suppliers is considered confidential and must be safeguarded. Intellectual property developed by you or by others for the Company, or for which the Company has secured rights from others, should be used only for the benefit of the Company. Accordingly, all intellectual property rights derived from confidential information or other materials made, originated or developed by the employees shall belong exclusively to the Company, and the employees who are the inventors or developers of such intellectual property rights shall have no rights or benefits therein or deriving therefrom. You may not disclose proprietary information of the Company, its employees, customers, former employees, former customers or suppliers. These prohibitions continue even if you cease being employed by the Company for any reason.
Corporate data security
Corporate data refers to all information collected, created, processed and/or maintained in the normal course of BioLineRx’s business. The data may be in manual form (examples include verbal, handwritten, typed onto hard copy, microfilmed, photocopied or computer printouts), electronic form (examples include e-mails, voice-mails, computer memory, magnetic tape, cassette, disk, or diskette), or BioLineRx specific information included in computer applications programs, personal computing software, or operating system software.
All BioLineRx employees and any other person having physical or electronic access to corporate data are responsible for safeguarding corporate data by knowing and keeping such corporate data confidential.
Electronic communications
You may not access or use BioLineRx’s electronic and wire communications systems without appropriate authority. No individual shall use the passwords or codes of another individual in order to gain access to that individual’s e-mail, voice mail, or Internet communications on BioLineRx’s systems unless first authorized to do so by that individual or the Company. These systems are provided for Company business, and only occasional personal use of the systems is permissible. Occasional personal use means minimal and infrequent use that does not interfere with BioLineRx business or job performance. BioLineRx’s systems may not be used to access or transmit material that could embarrass, harass, or offend other persons.
External communications
Requests for financial or business information, for interviews with any BioLineRx employee including comments or responding to requests relating to BioLineRx or its business, or the issuance of any press releases by any BioLineRx employee must be referred to the Company’s Chief Financial Officer.
Public disclosure requirements
All reports and submissions (“Reports”) of BioLineRx to the SEC, NASDAQ, the Israel Securities Authority and the Tel Aviv Stock Exchange must comply with applicable legal and exchange requirements and may not contain material misstatements or omit material facts.
RELATIONSHIPS WITH BUSINESS ENTITIES AND AUTHORITIES
Product quality
We are committed to making safe quality products for our sublicensees and future users of our products. We expect each BioLineRx employees to contribute to these standards by providing high quality work, being fully familiar with applicable laws and regulations that are pertinent to their areas of responsibility and participating in training programs provided by the Company covering broad ranges of activities. Employees are also encouraged to exert diligence in identifying and preventing practices that could impair product quality, safety or compliance with law.
Economic Sanctions
BioLineRx employees must comply with the applicable laws and regulations relating to economic and trade sanctions and embargoes against certain countries or entities. This includes refraining from indirect facilitation of a prohibited transaction.
Foreign corrupt practices and anti-boycott laws
In accordance with local and/or foreign laws, BioLineRx employees are prohibited from directly or indirectly authorizing, offering, promising or giving anything of value to a foreign governmental official as a means of influencing or inducing the official to obtain or retain business for BioLineRx. BioLineRx employees also are required to comply with applicable corrupt practices laws and anti-boycott laws that prohibit participation in certain foreign boycotts.
Securities laws compliance/insider trading
All BioLineRx employees must strictly obey all laws that prohibit the trading of securities based on prior knowledge of “material,” “non-public” information about BioLineRx. You may not trade BioLineRx stock, nor recommend to others that they trade BioLineRx stock, until such information has been publicly disclosed. These restrictions also apply to any trading, including securities of other companies, based on material, non-public information about customers, competitors or business partners of BioLineRx, either when trading BioLineRx securities or the securities of these other companies as well.
Unfair trade practices and fair dealing
All BioLineRx employees must comply with applicable laws in their place of employment and the laws of other applicable jurisdictions that prohibit unfair or deceptive business acts and practices, as well as unfair competition
Environmental protection
As a Company we are committed to full compliance with all applicable environmental protection laws and expect your individual cooperation
Health and safety
Employees must observe safe practices on their jobs, report any injury or accident at work promptly and follow Company security and emergency policies and procedures.
Exhibit E
BioLineRx Ltd.
STATEMENT OF COMPANY POLICY
SECURITIES TRADES BY BIOLINERX LTD. PERSONNEL
BioLineRx Ltd. (the “Company”) has adopted the following Policy regarding trading by Company personnel in the Company’s securities. The Policy applies to all Company personnel, including directors, officers, employees and consultants of the Company and its subsidiaries.
The Need for a Policy
This Policy has been developed:
| · | to educate all Company personnel; |
| · | to set forth guidelines for courses of action; |
| · | to protect the Company and all of its personnel against legal liability; and |
| · | to preserve the reputation of the Company and its personnel for integrity and ethical conduct. |
Since the Company is a public company with its ordinary shares traded on the Tel Aviv Stock Exchange and its American Depositary Shares on the Nasdaq Capital Market, transactions in the Company’s securities are subject to both Israeli and United States federal securities laws and regulations. These laws and regulations make it illegal for an individual to buy or sell securities of the Company while aware of “inside information.” The U.S. Securities and Exchange Commission (SEC) and the Israel Securities Authority (ISA) take insider trading very seriously and devote significant resources to uncovering the activity and to prosecuting offenders. Liability may extend not only to the individuals who trade on “inside information,” but also to their “tippers,” people who leak the inside information to the individuals who trade. The Company and “controlling persons” of the Company may also be liable for violations by Company employees.
In addition to responding to the statutes and regulations, we are adopting this Policy to avoid even the appearance of improper conduct on the part of anyone employed by or associated with the Company (not just “insiders”).
The Consequences
The consequences of insider trading violations can be severe. The following are examples under U.S. law applicable to the Company:
For individuals who trade on inside information (or tip information to others):
| · | a civil penalty of up to three times the profit gained or loss avoided; |
| · | a criminal fine (no matter how small the profit) of up to $5 million; and |
| · | a jail term of up to twenty years. |
For a company (as well as possibly any supervisory person) that fails to take appropriate steps to prevent illegal trading:
| · | a civil penalty of the greater of $1 million or three times the profit gained or loss avoided as a result of the employee’s violation; and |
| · | a criminal penalty of up to $25 million. |
Any of the above consequences – or even an SEC or ISA investigation that does not result in prosecution – can tarnish one’s reputation and irreparably damage a career. In addition, if an employee violates this Policy, Company-imposed sanctions, including dismissal for cause, could result from failing to comply with the Company’s policy or procedures.
Our Policy
It is the Company’s policy that no Company personnel nor any related persons may buy or sell securities of the Company while aware of material nonpublic information or engage in any other action to take advantage of, or pass on to others, that information.
This Policy also applies with equal force to information relating to any other company, including our collaborators, partners, suppliers, customers and others, obtained by Company personnel during the course of his or her service to or employment by the Company.
Transactions that may be necessary or justifiable for independent reasons (such as the need to raise money for an emergency expenditure) are no exception. Even the appearance of an improper transaction must be avoided to preserve our reputation for adhering to the highest standards of conduct.
Policy Administrator. This Policy shall be administered by the “Policy Administrator,” who shall initially be the Chief Financial and Operating Officer. The Policy Administrator may, however, change from time to time, and you are encouraged to consult the copy of this Policy that is included on the Company’s website to obtain current information concerning the Policy Administrator.
Material Non-Public Information. Material non-public information (i.e., “inside information”) is any information that:
| · | is not generally known to the public, and |
| · | which, if publicly known, would likely affect either the market price of the Company’s securities or a person’s decision to buy, sell or hold the Company’s securities. |
Information “generally known to the public” is information released to the press or the industry and after public investors and the market have had a reasonable period of time to evaluate and react to the information. All other information is regarded as non-public.
Examples of Material Information. Common examples of information that will frequently be regarded as material are:
| · | quarterly or annual earnings results; |
| · | projections of future results or sales; |
| · | news of a pending or proposed merger, acquisition or tender offer; |
| · | an important financing transaction; |
| · | significant clinical or regulatory developments; |
| · | the entry into or termination of a significant collaboration, joint venture or strategic alliance; |
| · | significant new products or discoveries; |
| · | plans regarding strategy or significant capital investments; |
| · | impending bankruptcy or financial liquidity problems; |
| · | criminal charge or government investigations; |
| · | internal financial information which departs from what the market would expect; and |
| · | the gain or loss of any significant contract or agreement. |
Either positive or negative information may be material. We emphasize that this list is merely illustrative.
Twenty-Twenty Hindsight. Remember, if your securities transactions become the subject of scrutiny, they will be viewed after-the-fact with the benefit of hindsight. As a result, before engaging in any transaction, you should carefully consider how regulators and others might view your transaction in hindsight.
Transactions by Family Membersand Others in Your Household. These restrictions also apply to your “immediate family members” – that is, a spouse, parent, child or sibling and any other family member who shares the same address as, or is financially dependent on you. Employees are expected to be responsible for the compliance of all family members with this Policy. Employees are also expected to be responsible for the compliance of other persons who live in their household, whether or not related, with this Policy.
Tipping Information to Others. Whether the information is proprietary information about the Company or information that could have an impact on our stock price, Company personnel must not pass the information on to others. The above penalties apply, whether or not you derive any monetary benefit from another person’s actions. Inside information is often inadvertently disclosed or overheard in casual, social conversations. Care must be taken to avoid such disclosures.
When Information is Public. As you can appreciate, it is also improper for Company personnel to trade the Company’s securities immediately after the Company has made a public announcement of material information. Since the Company’s shareholders and the investing public should be afforded time to receive information and to act upon it, as a general rule you should not engage in any transactions until the beginning of the second business day after the information has been released. Thus, if an announcement is made on a Monday, Wednesday generally would be the first day on which you should trade. If an announcement is made on a Friday, Tuesday generally would be the first day on which you should trade. However, if the information released is complex, such as a prospective major financing or other transaction, it may be necessary to allow additional time for the information to be absorbed by investors. In such circumstances, you will be notified by the Policy Administrator regarding a suitable waiting period before trading.
Prevention of Insider Trading by Others. If you become aware of a potential insider trading violation, you must immediately advise the Policy Administrator. You should also take steps, where appropriate, to prevent persons under your supervision or control from using inside information for trading purposes.
Confidentiality. Serious problems could be caused for the Company by the unauthorized disclosure of internal information about the Company, whether or not for the purpose of facilitating improper trading in the securities of the Company. Company employees should not discuss internal company matters or developments with anyone outside of the Company, except as required in the performance of regular corporate duties.
This prohibition applies specifically (but not exclusively) to inquiries about the Company that may be made by the financial press, investment analysts or others in the financial community. It is important that all such communications on behalf of the Company be through an appropriately designated officer under carefully controlled circumstances. Unless you are expressly authorized to the contrary, if you receive any inquiries of this nature, you should decline comment and refer the inquirer to the Chief Financial and Operating Officer.
Nothing in this Policy is meant to limit or change the obligations of confidentiality and non-use of non-public information that directors, officers, employees and consultants of the Company by virtue of their positions or their agreements with the Company. Such obligations also apply in the context of any electronic chat room or electronic bulletin board, including participation under a pseudonym.
Additional Prohibited Transactions
Since we believe it is generally improper and inappropriate for Company personnel to engage in short-term or speculative transactions involving the Company’s securities, it is our policy that such personnel should not engage in any of the following activities with respect to the Company’s securities:
| · | Trading in the Company’s securities on a short-term basis. Any ordinary shares of the Company purchased in the open market should be held for a minimum of 60 days. |
| · | Short sales of the Company’s securities. |
| · | Use of the Company’s securities to secure a margin or other loan, except in limited cases with the prior approval of the Policy Administrator. |
| · | Transactions in straddles, collars, or other similar risk reduction devices, except in limited cases with the prior approval of the Policy Administrator. |
| · | Transactions in publicly-traded options relating to the Company’s securities (i.e., options that are not granted by the Company), except in limited cases with the prior approval of the Policy Administrator. |
Trading Blackouts Applicable to all Company Personnel
While it is never permissible to trade based on material non-public information, we are implementing procedures to help prevent inadvertent violations and avoid even the appearance of an improper transaction (which could result, for example, where Company personnel engage in a trade while unaware of a pending major development).
Prohibited Periods for Trading. No person to whom this Policy is applicable may trade in the Company’s securities during the following periods:
| · | the periods starting on the 15th day after the close of each fiscal quarter and ending at the beginning of the second business day after the release of the Company’s financial results for each quarter and, in the case of the fourth quarter, financial results for the year end; and |
| · | any other periods as determined by the Company. You will be notified by e-mail when you may not trade in the Company’s securities during such periods, and you will also be notified when trading restrictions are lifted. |
There are no restrictions on exercising options without a sale. Selling the shares held as a result of exercising options is subject to the restrictions set forth above.
Pre-Clearance of Trades
In order to ensure and maintain compliance with this Policy, all transactions in the Company’s securities (acquisitions, dispositions, transfers, etc.), including the execution of Trading Plans (as defined below), by directors, members of Executive Management, financial team members and designated employees must be pre-cleared in advance by the Policy Administrator. If you are a member of one of the groups listed above and you contemplate a transaction in the Company’s securities, you must contact the Policy Administrator or other designated individual prior to executing the transaction. The Policy Administrator will use his reasonable best efforts to provide approval or disapproval as soon as practicable. You must wait until receiving pre-clearance to execute the transaction. Neither the Company nor the Policy Administrator shall be liable for any delays that may occur due to the pre-clearance process. If the transaction is pre-cleared by the Policy Administrator, it must be executed by the end of the second business day after receipt of pre-clearance. Notwithstanding receipt of pre-clearance of a transaction, if you become aware of material nonpublic information after receiving the pre-clearance but prior to the execution of the transaction, you may not execute the transaction.
Please note that such pre-clearance does not provide the insider with immunity from investigation or suit; it is the responsibility of the individual to comply with the applicable securities laws and regulations.
Exception for Trading Plans
Notwithstanding the restrictions and prohibitions on trading in the Company securities as set forth in this Policy, persons subject to this Policy are permitted to effect transactions in Company securities pursuant to approved trading plans established under Rule 10b5-1 under the Securities Exchange Act of 1934 (“Trading Plans”), including transactions during the prohibited periods discussed above. Rule 10b5-1 requires that these transactions be made pursuant to a plan that was established while the person was not in possession of material non-public information. In order to comply with this Policy, the Company must pre-approve any such Trading Plan prior to its effectiveness. Company personnel seeking to establish a Trading Plan should contact the Policy Administrator.
Application of this Policy to Persons Who Cease to be Associated with the Company
The laws against insider trading continue to apply to anyone who has material non-public information about the Company. Therefore, even if an individual ceases to be employed by or associated with the Company, that person is prohibited by law from trading any securities of the Company for so long as he or she possesses material non-public information.
Company Assistance
Any person who has any questions about specific transactions or this Policy in general may obtain additional guidance from the Policy Administrator. Remember, however, the ultimate responsibility for adhering to the Policy and avoiding improper transactions rests with you. In this regard, it is imperative that you use your best judgment.
Certifications
As a condition to continuing employment, all employees will be required to certify their understanding of and intent to comply with this Policy. Members of the Board of Directors, Senior Management and other personnel may be required to certify compliance on an annual basis.
Certification
The undersigned hereby certifies that he/she has read and understands, and agrees to comply with, the Company’s Statement of Company Policy regarding Securities Trades by Company Personnel, a copy of which was distributed with this Certification.
| Date: __________________________ | Signature ________________________ Name: ____________________________ (Please Print) |
Exhibit F
BIOLINERX LTD.
Intra-Organizational Enforcement Plan
Pursuant to and in accordance with the Law for the Improvement of Internal Enforcement Proceedings in the Israel Securities Authority, 5770-2010
This plan was approved by the Board of Directors of the Company on December 22, 2012 and has been updated as of October 2013.
| 2. | Senior officer declaration |
| 3. | General information on an administrative enforcement plan |
| 4. | Organizational structure and division of functions and responsibility |
| 5. | Guiding principles/issues addressed |
| 6. | Appointment of an internal enforcement officer |
| 8. | Sanctions in events of violations and failure to report |
| 9. | Findings of mapping of the existing situation |
| 2. | Senior officer declaration |
The status of BioLineRx as a public company confers on it both advantages and responsibility. The main market for trading the Company’s shares is the Tel Aviv Stock Exchange. Therefore, we are subject to the Israeli Securities Law and the enforcement thereof by the Israel Securities Authority (“ISA”). When the ISA learns of breaches of the law, it has the power to sue companies and individuals in criminal proceedings and (after amendments to the law from 2011) to impose fines and other sanctions without the need to apply to the courts.
The administrative enforcement plan is intended to help us comply with the law, to correctly address violations and to demonstrate to the ISA that we treat seriously anything that is related to the offering of our shares. Understanding the plan and enforcing it in day-to-day life provides a solid basis for the investors’ trust in particular and for the Company’s public reputation in general.
Similarly to our code of business and ethics, this plan is intended for each and every Company employee, manager and Board member.
I request and expect your personal commitment to the enforcement of the procedure and full cooperation in its application.
This procedure is a living procedure which may change from time to time pursuant to relevant laws and regulations and according to the lessons learned during the assimilation of the plan.
I trust each and every one of you to comply with both the written plan and its spirit.
Dr. Kinneret Savitsky
CEO
| 3. | General information on an administrative enforcement plan |
| 3.1 | Improvement of Internal Enforcement Proceedings in the ISA Law, 5770-2010 |
The Law for the Improvement of Internal Enforcement Proceedings in the Israel Securities Authority, 5770-2010 (the “Law”), which was approved by the Knesset in January 2011, constitutes a significant change that requires reporting companies to immediately address the requirements of the new Law. The main parts of the Law regulate the establishment of an administrative committee that will deal with violations in the area of securities. If the committee reaches the conclusion that it was proven at the level of proof which is customary in civil law (a probability of more than 50%) that a violation was committed, it will be authorized to institute various means of enforcement against the violating party.
The committee will deal with various violations that are related to the Securities Law, 5728-1968 (the “Securities Law”) and other relevant laws. The common feature of such violations is that the mens rea that is set forth therein is at most that of negligence.
The means of enforcement that the committee will be authorized to impose will be significant fines, a demand to pay damages to the party injured by the violation, a payment to the State treasury which derives from profits that were generated as a result of the violation, a demand to institute acts to remedy the violation and prevent its recurrence, a prohibition on holding office in certain bodies, a suspension or revocation of a license and suspended punishment.
As is known, the Law establishes, inter alia, the strict responsibility of the CEO, due to which enforcement measures can be imposed as set forth in the Law.
| | (a) | “The CEO of the corporation and a partner other than a limited partner, are obligated to supervise and institute any and all reasonable means under the circumstances of the case to prevent the commission of a violation by the corporation or partnership, as the case may be, or by any of their employees.” |
| | (b) | If a violation is committed the presumption is that the CEO of the corporation or a partner other than a limited partner in the partnership, as the case may be, has breached his obligation pursuant to Subsection (a) and may be subject to one or more of the means of enforcement as specified below…unless he proves that he has fulfilled his obligation pursuant to Subsection (a): |
| | (c) | If the corporation has established adequate procedures to prevent a violation as provided in Subsection (b), appointed an officer on its behalf to supervise the compliance therewith, including with regard to providing guidance to the corporation’s employees for the compliance therewith, and instituted reasonable steps to remedy the violation and prevent the recurrence thereof, the presumption is that the CEO or the partner, as the case may be, has fulfilled his obligation as provided in Subsection (a). |
According to commentators, all the provisions of Subsection (c) lead to an internal enforcement plan. So, too, thought the Israel Securities Authority (the “ISA”), when in August 2011 it released a Document on criteria for recognition of an internal enforcement plan in the area of securities and investment management (the “ISA Document”) and set forth that:
“The application in practice of an efficient enforcement plan by the corporation may be viewed favorably by the ISA with respect to the corporation or individuals therein in the context of its discretion in respect of the exercise of its powers of enforcement pursuant to the law.”
The ISA’s Document sets forth the standards that will be examined by the ISA when deliberating and deciding whether an efficient enforcement plan exists at a corporation. Based on the requirements of the Law, the ISA’s Document and the understanding of the Company’s management, the relevant information and instructions have been incorporated into the enforcement plan document that is set forth below.
| 3.2 | What is an enforcement plan |
This internal enforcement plan document is a document that is unique to the Company which set forth the activities to be undertaken in order to prevent the violations listed in the schedule to the administrative enforcement law.
| 3.3 | Objectives of an enforcement plan |
The creation, implementation and assimilation of a correct and suitable enforcement plan can constitute a dual safety mechanism for the Company and the individuals therein:
| ü | Minimization of the possibility of the occurrence of a violation |
Through the establishment of clear procedures, presentation of standards for conduct and implementation of controls for the application thereof in the day-to-day activity, ensuring that any and all individuals taking part in the Company’s relevant activity are aware of their obligation and the manner of their compliance therewith.
| ü | Immediate effect on the examining entity in the event that a violation occurs |
As stated in the Law and in the ISA’s Document, an enforcement plan is an indication that the Company (its managers and directors) has done everything within its power to try to prevent violations. Such a plan will provide a defense to their benefit whereby they have instituted any and all reasonable measures to prevent the offence for a body which is examining and/or dealing with an occurrence of a violation.
The primary objective of the enforcement plan is to ensure the proper activity of the Company in accordance with any and all regulatory obligations and desired standard of conduct insofar as the same are relevant to the Securities Law and the regulations promulgated thereunder.
The plan intends to establish existing proper conduct, to create a compilation of information and procedures that are relevant to the organization and to assimilate the conduct which is desired and required of each and every one of the Company’s employees and officers and to promote an organizational culture of compliance with and respect for the Law.
All employees and/or officers should be able to consult the document if and when they encounter an issue pertaining to the content of the plan and to find answers with regard to the conduct that is appropriate and expected of them, whether it is a procedure which offers guidance on how to act or a referral to consultation with a relevant body.
| 3.4 | Applicability of the enforcement plan |
This plan applies to BioLineRx (the “Company”) by virtue of its being a public company whose shares are listed on the Tel Aviv Stock Exchange. The plan applies to all of the Company’s echelons, i.e. the Company’s employees, senior officers, managers and directors. It is important to emphasize that the plan also applies to the employees of any and all subsidiaries of the Company in view of their involvement with the operations of the parent company.
| 3.5 | Prohibition on insurance and indemnification |
The Law explicitly contains a prohibition on insurance and/or indemnification in respect of violations of the Law.
The Law establishes that a proceeding to impose a pecuniary sanction, an administrative proceeding or an arrangement proceeding cannot be insured. A pecuniary sanction imposed on a corporation, its controlling shareholder or an employee in a proceeding as aforesaid cannot be indemnified or paid, either directly or indirectly.
However, an employee can be indemnified or insured for payment to the party injured by the violation and additionally for expenses that he shall have incurred in relation to a proceeding that was conducted in the matter of the employee, irrespective of the results of the proceeding.
In November 2011, the Company’s articles of association and letters of insurance and indemnification of the officers were updated accordingly, such that a provision was set forth that permits the insurance and/or indemnification pursuant to the provisions of the Securities Law.
| 3.6 | Documentation and provision of documents for inspection and storing of documents |
The Law and the schedules include a reference to the issue of providing documents for inspection. As part of the enforcement plan and its procedures, the Company is obligated to make available for inspection any and all relevant documents (for example, a prospectus that was authorized for publication, a registration document or any and all reports, opinions, approvals, reports or notices that were filed) at its head office.
Relevant procedures shall specify the responsibility for the fulfillment of the right of inspection insofar as will be required.
| 4. | Organizational structure and division of functions and responsibility |
| 4.1 | Organizational structure for the issue of administrative enforcement (areas of responsibility, reporting chain, decision making, etc.) |
| 4.1.1 | Responsibility of the Board of Directors and its committees |
| 4.1.1.1 | Formulation and adoption of the Company’s internal enforcement plan |
As the body responsible for outlining the Company’s policy and supervising its performance and acts, the Board of Directors (including its committees) plays a central and decisive role in the formulation and adoption of the Company’s internal enforcement plan and it bears the overall responsibility for the supervision over the actual performance thereof.
Pursuant to the ISA’s requirement that the Board of Directors determine which body is responsible for the supervision over the performance of the enforcement plan (the “Responsible Body”), whether the Board of Directors itself or the Audit Committee or any other committee thereof, the Board of Directors determined that the Audit Committee shall be the Responsible Body as aforesaid.*
Such responsibility of the Audit Committee as the Responsible Body shall be applied through:
| 1. | Special-purpose meetings for the presentation of the subject. |
| 2. | Presentation, discussion and approval of the outline of the enforcement plan project. |
| 3. | Presentation of the findings of the mapping of the existing situation (compliance survey) and deliberation on the recommendations deriving therefrom. |
| 4. | Presentation, discussion and approval of the procedures comprising the internal enforcement plan. |
| 5. | Approval of the final plan. |
The Audit Committee shall be involved in the implementation of the plan during the usual conduct of business as specified below.
The Audit Committee, including all of the members thereof, will take an active part in all stages of the formulation and adoption of the plan:
| · | Setting the enforcement plan into motion |
| · | Mapping of the existing situation |
| · | Formulation of the plan and its procedures |
| · | Formulation of the assimilation plan |
This Plan was approved by the Audit Committee on March 21, 2012 and by the Board of Directors on March 22, 2012.
| 4.1.1.2 | Implementation of the plan |
The Responsible Body shall oversee the enforcement plan and ensure that it is executed by way of receiving periodic reports from the Enforcement Officer and management, discussing them same and examining the means of action employed by the Company as arising therefrom. The Audit Committee shall ensure that the Audit Committee and management review the need to update and refresh the plan once a year.
The implementation of the plan shall be performed inter alia through ongoing reporting as specified above and through the assimilation plan as the same is specified in Chapter 11 of this plan.
| 4.1.1.3 | Supervision of the enforcement plan |
The Responsible Body, i.e. the Audit Committee, shall supervise the plan’s performance. To this end, the internal auditor’s audit plan for 2013, includes follow-up of the implementation of the administrative enforcement plan.
| 4.1.1.4 | Handling violations of the enforcement proceedings |
The Responsible Body shall ensure that the provisions of the enforcement procedures are applied in practice. In addition, the Responsible Body shall ensure that violations of the plan will be appropriately handled, the deficiencies corrected, conclusions drawn, and in the appropriate cases, measures taken against the violating parties.
(*) Relevant quotations from the minutes of the Board of Directors and Audit Committee are attached hereto, marked as Annex A.
The manner of contact and reporting is specified in Chapter 7 of this plan and was approved by the Audit Committee and Board of Directors as part of the plan’s approval. The Company shall approve in each procedure separately, insofar as necessary, the required sanctions and disciplinary action.
| 4.1.1.5 | Reporting to the Board of Directors and the Audit Committee |
The Audit Committee as the Responsible Body or a body authorized thereby shall report as needed and at least annually to the Board of Directors on the implementation of the enforcement plan and related issues at the Committee’s discretion.
A report to the Board of Directors may include but is not limited to supervision of the implementation of the plan through demanding periodic reports on the approval of the enforcement plan, updating the plan and its procedures, appointing relevant bodies, and the results of the supervision of the implementation and effectiveness of the plan.
| 4.1.2 | Responsibility of the CEO/management – steering committee |
The ISA’s Document provided that the CEO is the officer with supervisory responsibility to ensure the compliance of the Company and its employees with the securities laws through the shaping of the internal enforcement mechanisms.
Management is responsible for the shaping and formulation of the enforcement plan and its presentation for the Audit Committee’s approval. In addition it is responsible for the ongoing implementation of the plan.
Management shall act through the Enforcement Officer, Adv. Norman Kotler, as appointed on February 5, 2012, and through the Chief Financial & Operating Officer, Philip Serlin, CPA.
As part of the fulfillment of such obligation, the CEO has appointed a steering committee to shape the internal enforcement mechanisms. The steering committee includes the following:
Chief Financial & Operating Officer
Executive Director of Finance and Reporting
General Counsel and Internal Enforcement Officer
The steering committee is responsible for shaping the enforcement mechanisms, performing the compliance survey, writing the enforcement and assimilation plan and obtaining the suitable approvals from the relevant bodies.
| 4.1.3 | Responsibility of the Chief Financial & Operating Officer |
The Chief Financial & Operating Officer, as management’s representative, is responsible for leading and managing the process of writing the enforcement plan and determining the mechanisms included therein.
Such power includes review and approval of the compliance survey, the enforcement plan and the procedures included therein.
The Chief Financial & Operating Officer as the direct supervisor of the Enforcement Officer shall supervise his activity as the officer responsible for internal enforcement.
| 4.1.4 | Responsibility of the General Counsel and Internal Enforcement Officer |
The General Counsel of the Company, as the officer in charge of the compliance culture and proper corporate governance in the Company and as the officer responsible for the compliance of the Company, its officers, managers and employee with the laws and regulations that apply to them, is involved in shaping, implementing and ensuring the compliance with the enforcement plan and examining the suitability of the mechanisms set forth in the enforcement plan and its procedures to the laws that apply to the Company.
The General Counsel shall take an active part in the deliberations of the steering committee of which he is a member, and by virtue of his appointment as the Internal Enforcement Officer (also to be referred to in this plan as the “Officer”) at the Company shall act to fulfill his obligations.
Responsibility
The Officer shall in practice lead the implementation of the enforcement plan. Powers shall be conferred on the Officer, enabling him to carry out the processes and mechanisms included in the enforcement plan and that are inter alia specified in the standards in the ISA Document and in Chapter 6 of this plan, “Appointment of the Enforcement Officer”.
The Officer’s responsibilities and the acts for the implementation of the enforcement plan are specified in the assimilation plan in Chapter 11.
For any question or query on the issue of the enforcement plan, please contact the Officer:
Adv. Norman Kotler
E-mail: normank@biolinerx.com
Tel. 02-5489139
Determination of a work plan for the fulfillment of all of his obligations pursuant to this plan
The Officer shall be responsible to add as an annex
| 4.1.5 | Internal auditor’s responsibility |
The Internal Audit Law, 5752-1992, provides that the internal auditor of the Company is, inter alia, the body responsible for the examination of issues such as: the propriety of the actions of the Company and the officers, the fulfillment of the provisions that are binding on the Company and the carrying out of decision-making processes according to proper procedures and, consequently, contributes to the Company’s compliance and enforcement mechanisms.
In accordance with his or her in-depth familiarity with internal control at the Company, the internal auditor shall take an active part in the deliberations and shaping of the enforcement plan insofar as will be required.
Ongoing supervision:
One of the roles of the internal auditor in the context of an enforcement plan is supervising the activity of the Officer and the enforcement plan (as defined in the ISA Document).
In order to perform such role, the auditor shall set include a periodic audit in his or her work plan, which may include:
Examining the relevance and effectiveness of the enforcement plan, the effectiveness of the Officer’s actions, examining the compliance with the enforcement plan and its procedures once every four years, handling irregular cases that were identified, completing the acts required in the enforcement plan within the required timelines.
| 5. | Guiding principles/issues addressed |
BioLine is a dual-listed company that is listed on the Tel Aviv Stock Exchange and on NASDAQ in the U.S.
The Company’s reporting obligations derive mainly from the requirements of the U.S. Securities and Exchange Commission (“SEC”), and the reports deriving from its compliance with SEC’s requirements are also published in the ISA’s reporting system.
Pursuant to an examination of the violations in the Fifth and Seventh Schedules to the Law, and an examination of the relevance to the Company by the General Counsel and the Officer, the following issues were found to be relevant to the enforcement plan.
| 5.1 | Prospectus/annual report process |
Corporations publish a prospectus as part of the process of offering securities or bonds. In addition, under U.S. law, the Company is required to file an annual report with the SEC. The process of preparation of the annual report is similar to the one related to the preparation of a prospectus. The purpose of the prospectus and the annual report is to provide to the general public and to the reasonable investor in particular information that is essential to the decision to purchase the Company’s securities.
In view of the Company’s dual listing, it is obligated to institute a process with regard to a prospectus or annual report (and which is relevant to the process at the main stock exchange) upon the completion of which, the Company shall be able to publish a full, reliable and up-to-date prospectus or report that is approved by any and all relevant bodies and meets all of the regulatory requirements.
The process shall be regulated in the context of a procedure or a checklist, specifying the acts that are required and which shall be updated from time to time and as necessary.
| 5.2 | Reports to the SEC and ISA |
The purpose of the reports to the ISA is to update the investors and supervisory bodies on the Company’s condition and on developments or changes in its activity that may be relevant to the investing public. The Company’s reports are based on the reports to the SEC and which are required thereby.
All of the reports must include full, reliable and current information and to fulfill any and all relevant regulatory requirements.
A reporting obligation exists in various cases which affects the content and manner of reporting. This plan deals with three issues that arise from the obligations that apply as a result of the Fifth and Seventh Schedules
5.2.1 Periodic reports – In addition to an extensive annual report, a public company is required to release financial statements on a quarterly basis. In the Company’s case, the structure and content of the reports are audited and supervised according to international accounting standards and the rules of the SEC.
Establishing an internal procedure regarding periodic reporting will assist the Company in minimizing the risks related to the deadline for and appropriateness of the periodic reporting, and the fulfillment and enforcement thereof will assist in the prevention of failures on the part of employees and officers with regard to the subject, directly or indirectly.
5.2.2 Immediate reports – BioLine, as a dual public company, is required to immediately report (according to SEC’s reporting rules) material events which may have an effect on the price of the Company’s securities. The identification of the need to report, the decision on the need to report, the weighing of conflicting interests, the timing and content of the report, requires the Company to have an orderly process, which includes the identification of information which may have to be reported, the consultation with regard to the need to report, and the actual reporting, all within the timeframes prescribed in by applicable regulations.
The purpose of establishing a process and determining rules of activity and conduct is to provide current, accurate and full reporting to the SEC, the ISA and the public, on issues that are regulated in the securities laws and the regulations thereunder.
Establishing an internal procedure regarding immediate reports will assist the Company in minimizing the risks related to the deadline for and appropriateness of the periodic reporting, and the fulfillment and enforcement thereof will assist in the prevention of failures on the part of employees and officers with regard to the subject, directly or indirectly.
| 5.3 | Prohibition on the use of inside information |
Inside information is “information on developments in the company, changes in its condition, expected developments or changes, or other information about the company, which is unknown to the public and which, were it to become known to the public, would result in a material change in the price of the Company’s security or the price of another security of which the Company’s security is a basic asset.” It was determined in the legislation that the use of inside information for the purpose of a securities transaction or its transmission to another, are prohibited by law.
Each corporation is required to adopt rules and guidelines in order to fulfill Chapter H1 of the Securities Law including all of its provisions, as well as the U.S. laws which relate to such issue, all in order to prevent the use of inside information by the Company’s employees and other bodies.
It is necessary to put in place a process to cover the identification of the sensitive information, clarify the prohibition to use the same and assimilate it among any and all persons who come into contact with such information.
Establishing an internal procedure regarding the use of inside information will assist the Company in minimizing the risks related to the deadline for and appropriateness of the periodic reporting, and the fulfillment and enforcement thereof will assist in the prevention of failures on the part of employees and officers with regard to the subject, directly or indirectly.
| 5.4 | Transactions with interested parties |
Interested party transactions are transactions entered into between one of the interested parties of the company (or between a company affiliated with that party or a person related to it) and the company. Such transactions contain a potential for a conflict of interests that is higher than in ordinary transactions. Therefore, applicable laws and regulations set forth conditions to the approval of such type of transactions, inter alia, the manner of approval thereof by various organs of the corporation (including, under circumstances set forth in the law, an approval by a general meeting of a majority of the shareholders of the company from among the those shareholders who do not have a personal interest in relation to the transaction), and the disclosure to the public of the terms and conditions of the transaction.
In view of the regulatory requirements concerning the identification of such transactions, the manner of approval thereof and reporting thereon, a controlled process should be put in place concerning the subject, in order to reduce the related risks and assist in the prevention of failures in the matter.
| 5.5 | Procedure for period end closing |
In accordance with the Companies Law, 5759-1999, the Securities Law and U.S. securities laws, public companies must abide by all disclosure rules and prepare proper financial statements covering all accounting operations. Companies must therefore operate in accordance with orderly and well-defined work procedures, and generate reports conform to accepted accounting practices, according to the provisions of the law. The procedure for period end closing, which is in the advanced stage of drafting, intended to set in order the preparation of the Company’s financial statements.
| 6. | Appointment of an Internal Enforcement Officer |
| 6.1 | Appointment of an Officer |
The Officer shall have the skills, knowledge and experience that are appropriate for his position and areas of responsibility and shall be a manager in the Company who is familiar with the Company’s activity and the business and regulatory environment in which it operates.
The Company’s management and the Audit Committee shall ensure that the Officer is given the powers and provided with suitable resources such that they will enable him to fulfill his duties and exercise his powers (as will be specified below) in an optimal manner.
| 6.2 | The appointment and approval (and change) process |
The candidacy of the Officer shall be presented to the Audit Committee together with management’s recommendation to appoint him as the Officer, after the presentation of his skills and experience. For the purpose of management and implementation of the internal enforcement plan, on February 5, 2012, the Audit Committee appointed Adv. Norman Kotler for the position of Internal Enforcement Officer.1
As set forth in the ISA Document, it was determined that the appointment of a new officer and/or removal of the Officer from his position require the management’s recommendation and the approval of the Audit Committee.
The Officer’s first and foremost authority is to implement the internal enforcement plan and lead the actual acts of enforcement pursuant to the plan,the requirements of the Law and the recommendations of the ISA and/or any other relevant body.
The Officer’s powers include but are not limited to the powers listed in the ISA Document:
| 6.3.1 | Ongoing supervision: |
The Company, through the Officer, shall ensure on an ongoing basis that the plan is actually implemented in order to achieve its goals as specified above.
Such supervision shall be performed through:
Formulation of periodic reports which include the means and actions that were taken in order to ensure the implementation of the plan, suspicionsof violations that were raised and how they were addressed, examination of relevance, updates and progress of assimilation of the plan, etc.
Presentation of the reports to the Company’s management and/or Audit Committee and/or Board of Directors and deliberation on the data reported by the forum to be determined.
Reporting of issues requiring immediate attention to the Company’s management and/or Audit Committee and/or Board of Directors.
Documentation of the processes related to formulation of the plan, and the means that were instituted to implement the plan and to handle violations, as well as documentation, provision of documents for inspection and preservation of documents pursuant to the provisions of the Law.
| 6.3.2 | Investigating suspected violations: |
In any case of a suspected violation brought to his knowledge, the Officer shall act to investigate the facts together with a special-purpose team to be appointed by the Chief Financial & Operating Officer, and if it transpires that there was a failure and a violation has occurred, he shall examine the reasons for the failure.
| 6.3.3 | Remedying the violation: |
The Officer shall act to remedy the discovered violation or failure as soon as possible and in accordance with the guidelines and approvals of the relevant bodies (the committee, managers and officers that are affected by the change, etc.)
| 6.3.4 | Reporting the violation: |
The Officer shall report the failure to the CEO, Chief Financial & Operating Officer, and according to the severity of the case, also to the chairman of the Audit Committee/Board of Directors, all according to the reporting requirements in this plan.
Insofar as the CEO and/or Chief Financial & Operating Officer are involved in the failure, the Officer shall contact the chairman of the Audit Committee. Insofar as the members of the Committee are involved in the matter, the Officer shall contact the internal auditor.
1See quote from the minutes of an Audit Committee meeting dated February 5, 2012, which appears in Annex A.
| 6.3.5 | Preventing the recurrence of the violation |
The Officer shall introduce new procedures or amendments to existing procedures, as well as controls over them, and approve the same with the relevant bodies. For the sake of clarity, by virtue of his position as the General Counsel of the Company, and for the purpose of performing his role as the Officer, the Officer shall have direct access at all times to any and all offices and documents of the Company and to any and all records and information at the Company, all as required, in his discretion, for his work.
Naturally, any and all inquiries and actions performed at the Company as part of the enforcement plan shall be performed in accordance with the law and without harming or disrupting any investigation or inquiry by law of which the Company is aware.
In any case of doubt whether or not an issue is within the Officer’s jurisdiction, the Officer or any other party shall consult with the Audit Committee.
| 6.4 | Supervision over the Officer |
As stated above, and as will be further specified below, the Audit Committee is responsible for the appointment and the termination of the appointment of the Officer.
The Chief Financial & Operating Officer is the direct supervisor of the General Counsel and Officer, and authority is conferred on him accordingly.
The supervision over the Officer’s activity and the implementation of the enforcement plan is within the responsibility of the internal auditor in the context of his or her ongoing work and at the request of the Audit Committee (such supervision shall be performed pursuant to the audit plan to be approved by the Audit Committee).
| 6.5 | Officer’s reporting responsibility |
The Officer shall report a failure to the CEO, Chief Financial & Operating Officer, and according to the severity of the case, also to the chairman of the Audit Committee/Board of Directors, all according to the reporting requirements in this plan.
The report to the Chief Financial & Operating Officer shall be performed after an initial inquiry proceeding by the Officer that shall include an initial factual inquiry.
The report to the Chief Financial & Operating Officer shall be performed no later than two working days after having first learned of the suspected violation, and in any event, no later than four days from the date on which the report shall have been made to him.
Insofar as the Chief Financial & Operating Officer and/or CEO are involved in the failing, the Officer shall contact the chairman of the Board of Directors or the Audit Committee. Insofar as members of the Audit Committee are involved in the matter, the Officer shall contact the internal auditor.
| 7.1 | Possibilities of contact and reporting in the event of a suspected violation |
According to requirements and expectations, the Company has set forth internal mechanisms which enable the officers, directors, employees and service providers of the Company to report and warn about deficiencies and failures in relation to the fulfillment of the provisions of the securities laws or violations of the plan.
The reporting mechanisms for administrative enforcement issues shall be identical to those prevailing at the Company (reporting mechanisms upon a breach of the code of ethics, contacting and reporting to the internal auditor, etc.).
| a. | Employees, officers and directors |
In any case of a suspected violation or improper conduct, the Company’s employees, officers and directors have the possibility (and sometimes the obligation) to contact their direct supervisor, the internal auditor and/or the chairman of the Audit Committee.
| | Internal Auditor, Linur Dloomy, CPA | Audit Committee Chairperson, Nurit Binyamini |
| | | |
| | E-mail: ldloomy@deloitte.co.il | E-mail: Nurit378@gmail.com |
| | | |
| | Tel. 052-5838635 | 052-6440745 |
The Officer is responsible for adding a method of reporting by external parties.
In order that all relevant parties shall be aware of their reporting obligation and of the various possibilities of reporting a possible suspected violation, this information shall be passed on to all relevant parties in the context of this document, the training programs, the Company’s website, engagement agreements, employment documents, etc.
All of the relevant parties shall be familiar with the existence of the enforcement plan, the main parts of the plan and where it may be inspected, as well as the method of reporting and the rights of the reporting party (anonymity/confidentiality/favorable consideration in the event that he is the violating party, etc.).
The Officer shall confirm that once a year the aforesaid information is communicated to relevant bodies in an initiated manner (for example a dedicated e-mail)
The Officer shall confirm that the manner of approaching him is available at all times.
| 7.2 | [intentionally omitted] |
There are situations in which a violation or a suspected violation of the securities laws requires reporting to the competent authorities (the ISA or the Israeli Police, as the case may require).
Even in those cases in which there is no reporting obligation, voluntary disclosure should be considered, since the ISA Document states that the ISA’s enforcement considerations in exercising its powers in respect of corporations and individuals include the factors of voluntary disclosure by the corporation and the corporation’s cooperation with the ISA.
Situations where there is a legal obligation to report to the ISA include among others situations in which an item was published which may mislead a reasonable investor or trading was done based on inside information.
In all situations in which there is no reporting obligation, the Officer shall discuss the need to report with the Chief Financial & Operating Officer and outside legal advisors. Their conclusion and the considerations that led thereto shall be brought for deliberation by the Audit Committee which shall be convened for such purpose.
General Counsel together with the Chief Financial & Operating Officer shall report to the competent authorities in accordance with the Company’s decision and soon after the date of the decision.
| 8. | Sanctions in events of violation and failure to report |
As mentioned above, one of the functions of an enforcement plan is to encourage an organizational culture of compliance with, and respect for, the law. The ISA Document makes clear that “a culture of compliance means that the corporation is obligated to prevent violations of the law and to handle violations and violating parties with the appropriate measures.”
| 8.1 | Determination of sanctions in events of violation |
In view of the ISA determination that “the Company shall institute suitable measures against violating parties, including, in appropriate cases, disciplinary action in respect of anyone violating the provisions of the securities laws or the provisions of the enforcement plan”, the Company shall set forth in each procedure separately, insofar as necessary, the disciplinary action that is required.
| 9. | Findings of a mapping of the existing situation |
Pursuant to Chapter 7 in the ISA Document: “Adjustment of the plan to the corporation and the unique circumstances thereof, after the performance of a compliance survey in the area of the securities laws”.
A summary of the first survey that was performed by Deloitte – Brightman Almagor Zohar, the Company’s consultants for the enforcement plan project, is available in the Officer’s files.
Pursuant to the compliance survey, the Company has formulated the internal procedures that are specified below, while considering the Company’s structure, its unique features, and the potential risks and deficiencies in the area of the compliance with the securities laws to which it is exposed. The role of the procedures is to regulate and determine rules of activity and conduct, the purpose of which is to prevent violations of securities laws as well as to create work processes which will address and control such processes.
| 10.1 | Statement of Company Policy – Securities Trades by BioLineRx Ltd. personnel |
The draft procedure was approved by the Board of Directors on May 15, 2012. The procedure in its final form was approved by the Company’s management on June 6, 2012. The Chief Financial and Operating Officer was appointed as the officer responsible for the procedure.
The procedure is relevant to all of the Company’s employees and to those who come into contact with information which may constitute inside information.
| 10.2 | Transactions involving interested and related parties |
The procedure was approved for the first time in December 2010. An amendment to the procedure was approved by the Company’s management on July 3, 2012 and by the Audit Committee and Board of Directors in November 2012.
The Executive Director of Finance and Reporting and the General Counsel were appointed as the officers responsible for the procedure.
The procedure is mainly relevant to directors, other officers, the finance department and the General Counsel.
| 10.3 | Procedure for prospectus/annual report/other reports to the SEC and ISA (Disclosure Controls) |
The procedure was approved by Company management in September 2012 and by the Audit Committee and Board of Directors in November 2012.
The Chief Financial and Operating Officer and the General Counsel were appointed as the officers responsible for the procedure.
The procedure is relevant primarily to the Finance Department and the General Counsel
| 10.4 | Period end closing procedure |
(in progress)
Approved on ____________
Appointed as procedure officer: Manager of Reporting and Control
The procedure is relevant to the Chief Financial and Operating Officer and the Finance Department
11.1 Background
An enforcement plan is a mechanism to encourage compliance which is binding on all of a company’s employees, managers and officers.
This document is not intended just for display and the familiarity with its content and the implementation hereof are material to the Company.
Therefore, the Company examined various possible mechanisms for the purpose of assimilation of the enforcement plan and the procedures related hereto, and established the selected mechanisms in an assimilation plan that is brought below.
The purpose of the assimilation plan is to promote and ensure the commitment of all of the relevant parties to the plan, their knowledge of the main parts hereof and the actual implementation hereof in all of their activity.
11.2 Presentation of the enforcement plan
After the completion of the enforcement plan and its approval by the relevant bodies, the plan shall be presented to all of the employees and managers at a Company meeting. At such meeting, the CEO of the Company shall present the main parts of the plan, the importance of compliance herewith, the role of the Enforcement Officer and the manner of publication of the plan.
Following the presentation of the plan, the plan and the procedures related hereto shall be posted on the Company’s website (path/link) and be sent via e-mail to the distribution list of all of the Company’s employees and managers.
A printed copy is to be kept at the offices of the Company’s CEO, Enforcement Officer and the Company’s auditor.
The Enforcement Officer shall examine the need for updating the general documents of the Company (like, for example, disciplinary code, the employment agreements, code of conduct, etc., as well as specific related procedures – employee initiation procedure, inside information procedure, etc.) in order that they include a reference to the subject of administrative enforcement.
From the ISA Document: Measures shall be taken in order to ensure the commitment of all echelons of the corporation to the aforesaid procedures, for example, through the establishment of such commitment in the disciplinary code or employment agreements. |
11.3 Implementation and assimilation of the enforcement plan
Publication of the enforcement plan
The enforcement plan shall be published on the Company’s portal/website and distributed via e-mail to all of the Company’s employees.
Following any updates of the enforcement plan, an e-mail shall be sent with a summary of the changes to all of the Company’s employees.
Team/forum of assimilation of the administrative enforcement plan
The steering committee referred to in Section 4.1.2 shall arrange for the implementation of the internal enforcement assimilation plan and the approval of any updates or modifications that will be performed.
New employee
Each new employee, upon his or her arrival at the Company and in the context of the employee’s initiation process as conducted by HR, shall be given access to the enforcement plan, be required to read the main parts hereof and sign that he or she has read the plan.
During the first month of his employment, the new employee will be required to participate in training by the Internal Enforcement Officer on the subject of administrative enforcement.
New officer
Each new officer shall participate in a talk with the Administrative Enforcement Officer at which the internal enforcement plan will be presented to him. At the end of the meeting, the officer shall sign a document in which he declares that he has read the plan and undertakes to comply with all provisions hereof that are relevant to him. The officer shall also receive a copy of the plan via e-mail or a link to its location on the Company’s website.
Assimilation and periodic communication – Company employees and managers
In order to ensure that all employees are aware of the obligations that apply to them by virtue of the Improvement of Internal Enforcement Proceedings in the ISA Law and the enforcement plan, a training session procedure shall be assimilated for all of the Company’s employees and managers as well as the Company’s officers.
Alternatives:
| a. | Frontal training sessions shall be held by the Officer on behalf of the Company or by an outside body. The training sessions shall be performed at least once a year. The training sessions shall include a review of the enforcement plan, possible violations and reporting methods. |
| b. | Written training sessions. At least once a year the Officer shall send a presentation via e-mail to the employees that will include an employee guide – a review of the enforcement plan, possible violations and reporting methods. The employee shall be required to send a return e-mail to the Officer in which he confirms that he has read the content of the guide and undertakes to act according thereto. |
The course presentation shall be attached as an annex.
Each employee shall complete the course at least once a year.
Every November the Officer shall distribute a request via e-mail to all of the Company’s employees and managers to complete the course within one month from the e-mail’s distribution date.
Toward the expiration of such period (about one week before the target date) the Officer shall distribute a reminder e-mail to all of the Company’s employees and managers. At the end of the period the Officer shall examine the response rate. In each case where an employee/manager shall have failed to fulfill the request, the Officer shall send an e-mail to the aforesaid employees and their managers, informing that they are required to complete the course and the proficiency test within 5 working days. Employees and managers who will fail to fulfill such demand shall be liable for sanctions by the Company pursuant to Chapter 8 of the enforcement plan.
The Enforcement Officer shall confirm that 100% of the Company’s employees and managers have participated in the course over the year. At the end of the year, the Enforcement Officer shall issue a report with regard to the administrative enforcement which shall include the percentage of the employees who shall have participated in training in such year.
The course shall be maintained and updated by the Enforcement Officer pursuant to changes in the enforcement plan and/or the assimilation plan.
Assimilation and periodic communication – officers/Board of Directors
The officers and Board of Directors shall participate in frontal training sessions held by the Officer on behalf of the Company or an outside body. The training sessions shall be held at least once a year. The training sessions shall include a review of the enforcement plan, possible violations, reporting methods.
The Enforcement Officer shall confirm that 100% of the Company’s officers/Board of Directors have participated in frontal training sessions over the year and if not, he shall arrange to make up the missing sessions towards the end of the year.
11.4 Implementation and assimilation of the related procedures in the enforcement plan
The Enforcement Officer, in collaboration with the relevant bodies (such as HR), shall map the populations that are relevant to the procedures related to the enforcement plan and determine which employees are required to participate in an assimilation process for each of the procedures (the “Mapping and Classification Process”).
Such process shall be performed at least once a year.
According to the Mapping and Classification Process, the employee shall receive the procedures that are relevant to his areas of responsibility and be required to sign a document whereby he understands their content and is committed to act according thereto. After the signing by him, the direct supervisor and the Officer shall sign in confirmation and receipt of the document. The Enforcement Officer shall also monitor the employees’ aforesaid signatures of the procedures to confirm that they comply with the Mapping and Classification Process and that all of the relevant employees have signed their commitment to all of the procedures that are relevant to their functions and areas of responsibility.
The steering committee responsible for the implementation of the enforcement plan shall confirm that 100% of the employees have signed the procedures that were sent to them.
11.5 Assimilation among parties external to the Company
As part of his work plan, the Officer shall define parties external to the Company that are obligated to comply with the enforcement plan and/or the related procedures, and have them sign the relevant procedures to attest that they have read and understood the obligations that apply to them by virtue of the Law, the enforcement plan and the procedures.
Existing engagements
Insofar as necessary, an annex to the contract shall be added to existing engagements in which the external party undertakes to information security and prevention of misuse of inside information in particular, and to the fulfillment of any and all regulatory obligations that apply to such party, including the Improvement of Internal Enforcement Proceedings in the ISA Law in general.
New engagements
Any new engagements with an external party shall be performed after the signing by such party of a confidentiality and engagement agreements. As part of such agreements, the external party shall undertake to maintain information security, prevent misuse of inside information in particular, and in general fulfill any and all regulatory obligations that apply to such party including the Improvement of Internal Enforcement Proceedings in the ISA Law.
11.6 Monitoring of and reporting on the assimilation of the enforcement plan and the related procedures
The Officer shall examine the fulfillment of the assimilation plan and report to the relevant bodies as set forth in Chapter 4 of the enforcement plan.
11.7 Assimilation acts pursuant to the updating of the enforcement plan
Once a year and as necessary the Officer shall examine the need for updating the assimilation plan as it is presented below.
The plan’s update shall be approved by the steering committee in the course of a meeting that will be convened to deliberate on the matter.
In respect of each update of the enforcement plan, the Officer shall examine the need to inform all parties about the main changes or the full, updated enforcement plan and shall choose the best suited means of assimilation in order to communicate the changes and/or the updated enforcement plan.
In addition, in respect of each change the Officer shall examine the need for updating the existing assimilation plan and assimilation tools.
The essential elements of the assimilation plan were approved by the Audit Committee and Board of Directors as part of the approval of the enforcement plan.
ANNEX A
Decisions of the Board of Directors and Audit Committee
Audit Committee decision from February 5, 2012:
“RESOLVED, that Norman Kotler, Adv., be appointed the person responsible for implementation of the Company’s Administrative Enforcement Plan.”
Audit Committee decision from March 21, 2012:
“RESOLVED, to approve the Administrative Enforcement Plan as presented to the Committee and to recommend approval of the Plan by the Board of Directors.”
Board of Directors decision from March 22, 2012:
“RESOLVED, to approve the Administrative Enforcement Plan as presented to the Board, with such non-substantive changes that may be subsequently made after further review by management and Deloitte.”
Board of Directors decision from November 13, 2013:
“RESOLVED, to ratify the appointment and authorization of the Audit Committee as the “responsible entity” for supervising the implementation of the Company’s Internal Enforcement Plan beginning November 24, 2011.”
