About Us

  • line-element
    Vendor Code of Conduct (VCOC)


The Vendor Code of Conduct (VCOC) establishes a set of standards on business and ethical practices, and professional conduct expected of all Vendor(s) working with the Bank. The VCOC shall apply to all suppliers appointed by any EXIM Function, business or individual working on behalf of EXIM, contractors of the Bank and to any person(s) appointed by them in any capacity to deliver the goods or perform any part of the services, including their employees, agents, suppliers and sub-contractors (“their representative”). The Bank expects its Vendor(s) to comply with the VCOC when engaging with the Bank and in conducting business with the Bank. It is the responsibility of every vendor to ensure that its representatives understand and comply with this Vendor Code. Vendors are expected to self-monitor and enforce compliance with this Vendor Code by their representatives. In the event of any unintended contradiction between this VCOC and the law or EXIM internal policies, the stricter provisions shall be used. This VCOC will be updated from time to time, when necessary. Copies of this Vendor Code can be found at our website at www.exim.com.my.


  1. EXIM Bank, may from time to time, require the Vendor(s) to provide attestation in writing of its compliance with this VCOC.
  2. EXIM Bank expects that all Vendor(s) will cooperate with the Bank in any investigation the Bank may conduct. The Vendor(s) must provide additional information to facilitate the Bank’s investigation into allegation of inappropriate or unethical behaviour involving the Bank’s employee or the Vendor’s representative(s).
  3. The EXIM Bank reserves the right to take any action that the Bank deems fit against the Vendor for breaching the VCOC, such as:
    1. Suspension or termination of contract;
    2. Deduction of any amount of money paid or promised to be paid;
    3. Requiring the Vendor to substitute any representative who breaches the VCOC or acting unlawful/inconsistent with the VCOC. The replacement representative must be equipped with equal or better skills and knowledge, and must be agreed to in writing by the Bank; or
    4. Disqualify the Vendor from participating in any tender or procurement exercise.
  4. The Bank has the right at any point in time to request information from the Vendor(s) to verify the Vendor’s reliability in order to ensure that the Bank’s interest is protected at all times.


The Vendor must uphold the highest standard of integrity and ethical conduct in all
business interactions and dealings with the EXIM Bank and these include:

  1. Compliance with laws and internal policies
    1. All Vendor(s) and their representative(s) must conduct their business activities in full compliance with the applicable laws and regulations of their respective countries while conducting business with the Bank.
    2. All Vendor(s) must comply with the applicable laws, rules and regulations of the jurisdictions in which they operate in and obtain all necessary licenses and permits to conduct the activities for which they have been contracted by the Bank.
    3. Vendors shall not engage or be involved in any forms of money laundering and terrorism financing activities.
    4. The Vendor(s) and their representative(s) must also comply with relevant internal policies and procedures established by the Bank.
  2. Conflict of Interest
    1. The Vendor(s) must exercise due diligence to avoid situations/act which may give rise to a potential or an actual conflict of interest.
    2. The Bank prohibits Vendor(s) from gaining improper advantage or preferential treatment in their relationship with the Bank’s employee(s). The Vendor(s) is required to disclose to the Bank in writing if they have any family connection* with any of the Bank’s staff. Please refer to Appendix 1 for the declaration form.
    3. If at any point of time, a situation of actual or potential conflict of interest arises, the Vendor(s) must inform the Bank in writing of such situation as soon as they become aware of the situation.

    Note: * Family connection refers to spouse and dependents of the spouse; child (including step
    children and adopted children) and spouse of the child; parent; and brother or sister and their

  3. Anti-bribery and anti-corruption
    The Bank prohibits the Vendor(s) from:
    1. directly or indirectly soliciting or accepting any form of bribery.
    2. being involved in activities such as extortion, embezzlement or requesting for, receiving or facilitating kickback.
  4. Gift and entertainment
    The Vendor(s) and its representative(s) must not offer gifts or entertainment or
    other incentives to the Bank’s employee(s) or their family members, in order to
    obtain or retain the business, secure preferential treatment to influence the
    Bank’s business decision.
  5. Misrepresentation
    1. The Vendor(s) is strictly prohibited at all times of misrepresenting its
      capabilities to the Bank in order to gain procurement contract(s) with the
    2. In securing contracts with other organisations, the Vendor(s) is prohibited
      from misrepresenting its capabilities in delivering goods and services to the


Vendor(s) must be accountable and honour its commitment in accordance with the terms and conditions of the contract which has been agreed between the Vendor and the EXIM Bank.


  1. Confidentiality obligation and data protection
    1. The Vendor(s) must treat with confidentiality all information related to the business and affairs of the Bank which is not generally available to the public.
    2. The Vendor(s) must not disclose or share any of the Bank’s confidential information to any person without obtaining the Bank’s permission in writing, unless required by law.
    3. The Vendor(s) must not disclose the EXIM Bank’s confidential information for any purpose except to the extent necessary to exercise its rights and perform its obligations for the procurement.
    4. The Vendor(s) must have appropriate policies, procedures and security controls in place to protect the EXIM Bank’s confidential information and prevent any information leakage.
    5. The Vendor(s) must comply with the Bank’s policies and the applicable laws on the protection of personal privacy, including personal data.
    6. The Vendor(s) is not allowed to access any of the Bank’s information technology environment and infrastructure and transfer of any information without obtaining written approval from the Bank.
    7. The Vendor(s) must not plagiarise information from the Bank or from other sources in delivering their services to the Bank.
    8. The Vendor(s) must provide proper citations or references of its sources of information, to avoid concerns over plagiarism.
    9. Vendor’s obligation of confidentiality shall survive even after the termination or expiration of the engagement period.

    If a vendor believes it is appropriate for business reasons, or required by law or
    regulation, to disclose or use Confidential Information other than as described in
    this Vendor Code, and if the situation is not covered by the section of this Vendor
    Code, the EXIM Bank must be consulted prior to such disclosure.

    Violation of any law or regulation relating to obtaining or using another person’s or entity’s proprietary or confidential information, or misuse of EXIM Bank’s confidential Information, may result in EXIM’s termination of a vendor’s engagement and may be reported to appropriate authorities.

  2. Publication of materials
    1. Unless stated otherwise, all information or material/content disclosed to the vendors or obtained by the vendors during the contract with the Bank is deemed confidential.
    2. The Vendor(s) must not publish the Bank’s confidential information or material/ content owned by the Bank.
    3. The Vendor(s) must obtain the Bank’s prior permission in writing if it intends to publish any material/content owned by the Bank.
    4. Proper citations and references to the Bank are to be made where the Vendor(s) publishes material/content owned by the Bank.


  3. Giving of reference
    The Bank may provide references to the Vendor(s) or its representative(s) upon the vendor’s request and on a case-to-case basis, subject to the discretion and the approval of the Bank.
  4. Restriction on making public statement(s)
    Vendor(s) is prohibited from making or circulating any public statement on content related to the business or affairs of the EXIM Bank including making reference of the EXIM Bank’s name for marketing purposes.
  5. Protection of intellectual property
    1. The vendors in its dealings with the Bank must respect all intellectual property (IP) rights. The Bank views the infringement of its IP seriously and will take legal action to protect its IP rights.
    2. The vendor must only use software and information technology that have been legitimately acquired and licensed, while providing services to the Bank. Such software and information technology must be used in accordance with their terms of use or license.
    3. The vendor is required to comply with the Bank’s information technology and security policies and procedures, to ensure maintenance and protection of the confidentiality, security and privacy of the Bank’s assets and information.
    4. In the event the vendors or its representatives are given permission to use the Bank’s resources such as systems and e-mails, it is to be used exclusively for the Bank’s official business. The Bank strictly prohibits the vendors from using the Bank’s resources for any unauthorised, illegal or malicious acts.
    5. The vendor must comply with the IP rights of the Bank and all other third parties and manage all such transfers to or from the Bank, in a manner that protects the Bank’s IP rights.


Vendor must comply with all applicable laws, regulations and the EXIM‘s policies relating to work practices and environment including the following:

  1. Professional workplace culture and behaviour
    1. The Vendor(s) must behave and dress in a professional manner which reflects the Bank’s professional image at all times when dealing with the Bank and while on the Bank’s premises.
    2. The Bank does not tolerate harsh, inhumane treatment of any of the EXIM or the Vendor’s employees, child labour, any form of discrimination and any substance abuse on the EXIM’s premises or during the performance of the Vendor’s contractual obligation.
    3. The Vendor(s) must use the Bank’s infrastructures and facilities responsibly at all times.
    4. The Bank views forming of cartels and/or collusion with other vendors to gain procurement advantage as a serious offence.
    5. The Vendor(s) or its representative(s) is strictly prohibited from engaging with the staff of the Bank during the procurement process. Any such engagement will be seen as an attempt to influence the tender/procurement process, and the Bank reserves the right to penalise the Vendor(s) or its representative(s) in any way deemed necessary during the evaluation process.
  2. Security and Access
    1. The Vendor(s) must ensure compliance with the Bank’s security policies and procedures while operating in any of the Bank’s premises.
    2. The Vendor(s) must provide sufficient information for the Bank to perform security vetting of its representative and comply with all reasonable requests for further documents or information.
    3. The Vendors(s) must display the Bank’s security pass at all times while on the Bank’s premises.
    4. Vendor(s) are only permitted to access areas for which they have been authorised to access and which are necessary for the performance of their work or services.


EXIM Bank is fully committed to ensuring safe, injury-free workplaces. Achieving this goal requires the support, commitment and dedication of all of EXIM’s business partners, including all vendors. To achieve these goals, all vendors are required to:

  1. Comply with all relevant health and safety laws and regulations, as well as all standards established by EXIM Bank and/or industry requirements.
  2. Demonstrate a cultural commitment to maintaining a safe working environment.
  3. Ensure that all employees and contractors are qualified and equipped to perform activities safely.
  4. Develop and enforce health and safety procedures that are applicable to each vendor’s operations and consistent with industry best practices.
  5. Provide adequate resources to manage workplace safety and to ensure that all personnel understand and properly exercise safety practices and procedures.
  6. Promptly inform EXIM of any health and safety incidents that occur while performing services for or on behalf of, or delivering goods to, EXIM or its clients.
  7. Prohibit the possession of unauthorized firearms or other weapons while on EXIM’s premises.


Subject to the terms of any specific contractual provisions that apply, each vendor engaged by EXIM Bank is required to have adequate business continuity plans in place to continue to provide its services to a reasonable degree in the aftermath of an operational interruption, whether caused by a natural disaster, equipment malfunction, power failure, communications and/ or data network failure or disruption, terrorist act, cyber-attack, or other such exigency. Each vendor shall, upon request, disclose to EXIM Bank in reasonable detail the elements of its business continuity plans and its information security systems and controls.


  1. EXIM Bank expects each vendor to promptly report to EXIM Bank any violation of this Vendor Code. If a vendor has reason to believe that such vendor or any of its representatives, or an employee of EXIM Bank or its representatives, may have violated this Vendor Code or any applicable law, rule or regulation, or otherwise engaged in unethical behaviour, it is such vendor’s responsibility under this Vendor Code to promptly report the violation to:
    1. EXIM Bank Whistleblowing Channel at:
      1. Send an email to whistleblower@exim.com.my
      2. Fill in the online e-form
      3. Write to : Whistleblowing Designated Officer, Export-Import Bank of Malaysia Berhad, P.O Box 10176, Pejabat Pos Besar, 50706, Kuala Lumpur
    2. Lodge a report to the Malaysia Anti Corruption Commission (MACC)’s office or the nearest police station.
  2. All reports and inquiries will be handled confidentially to the greatest extent appropriate under the circumstances. The identity of the reporting party will be treated with the strictest confidentiality at all times.
  3. The Bank will not tolerate any retribution or retaliation by anyone against any individual who has, in good faith, sought out advice or has reported questionable behaviour and/or a possible violation.

Follow Us

This website is mobile responsive and best viewed in Google Chrome and Safari.

Latest Update

Success Stories

Credit Takaful & Insurance