Effective Date: June 24, 2026
Document Version: 1.0
Target Audience: All Employees, Contractors, Advisors, and Executive Leadership
As a professional consulting and financial strategy firm, OctanesFin relies heavily on the trust and confidence of our clients. This Internal Compliance Policy establishes standard operational guardrails to ensure our team operates in absolute alignment with professional ethics, client data privacy mandates, and legal standards.
Compliance is not just a regulatory checkmark; it is an operational requirement for every individual representing OctanesFin.
Every consultant and employee must maintain total objectivity and independence when advising clients.
Identification of Conflict: A conflict of interest occurs when an employee's personal, financial, or outside professional relationships interfere—or appear to interfere—with their responsibilities to OctanesFin or its clients.
Mandatory Disclosure: Employees must proactively disclose any potential conflicts (e.g., holding shares in a client’s direct competitor, family relationships with a client executive) to the Compliance Officer prior to onboarding a new project.
Gifts and Entertainment: Employees may not accept or offer gifts, hospitality, or entertainment that exceeds a nominal value ($100 USD equivalent) or that could reasonably be construed as a bribe or an attempt to improperly influence a professional decision.
Because OctanesFin regularly handles highly sensitive business strategies and financial data, safeguarding this information is our highest compliance priority.
Information Access (Need-to-Know): Employees may only access client data that is strictly required to execute their assigned tasks under the active Statement of Work (SOW).
Data Transmission: Client-related financial models, corporate reports, or strategic briefs must never be sent to personal email accounts or via unencrypted, non-approved communication channels (e.g., personal messaging apps).
Physical Security (Clean Desk Policy):
Physical documents containing sensitive corporate info must be locked in designated filing cabinets when not in active use.
Laptops and work stations must be locked (Win + L / Cmd + Ctrl + Q) anytime an employee steps away from their desk.
All printed draft materials must be disposed of using secure office shredding bins.
Our operational integrity relies on digital hygiene. Non-compliance with IT security measures is subject to immediate disciplinary review.
Authentication: Multi-Factor Authentication (MFA) is strictly mandatory on all corporate accounts (Email, Cloud Storage, CRM). Passwords must meet complexity guidelines and be rotated every 90 days.
Public Wi-Fi Prohibited: Working on client deliverables from public, unencrypted Wi-Fi networks (e.g., coffee shops, airports) without activating the company-approved Virtual Private Network (VPN) is strictly forbidden.
Software Installation: Employees may not install third-party software, browser extensions, or unauthorized AI tools on company-issued hardware without explicit approval from the IT Security team.
OctanesFin does not facilitate, condone, or tolerate money laundering or illicit financial activities.
Client Onboarding (KYC): Before any SOW is executed, the business development team must verify the legal identity of the corporate client, its beneficial owners, and the legitimate source of their funds.
Red Flags: Employees must immediately report suspicious client behavior to the Compliance Officer. Red flags include:
Requests to route payments through unexplained third parties or tax havens.
Explicit resistance to providing standard corporate verification documents.
Structuring consulting fees in a manner that lacks obvious commercial logic.
Integrity in billing is foundational to our corporate reputation.
Accurate Timekeeping: Consultants must record hours worked on client projects accurately and honestly within the corporate tracking system. Falsifying or artificially inflating billable hours is a zero-tolerance compliance violation.
Expense Reporting: All reimbursable business expenses incurred during client travel or project delivery must be accompanied by valid itemized receipts and comply strictly with the client’s approved expense guidelines.
OctanesFin promotes a culture of open communication and accountability.
Duty to Report: If an employee observes, suspects, or becomes aware of a breach of this Compliance Policy, our Privacy Policy, or prevailing laws, they have an obligation to report it immediately.
Reporting Channels: Reports can be made directly to the Compliance Officer at compliance@jaymakfin.co.ke or submitted anonymously via the internal HR portal.
Strict Non-Retaliation: OctanesFin maintains a zero-tolerance policy for retaliation. No employee will face adverse professional consequences, discrimination, or harassment for raising a good-faith compliance concern.
Failure to adhere to this Internal Compliance Policy undermines the firm's legal standing and client trust. Violations will be investigated thoroughly by HR and the Compliance Officer. Depending on the severity of the infraction, disciplinary actions may include:
Verbal or written reprimands.
Mandatory compliance retraining.
Suspension of active client engagements.
Immediate termination of employment for cause.
Referral to law enforcement or regulatory authorities if criminal conduct is discovered.