McKinsey River Capital Management Policies & Statements
General Privacy Notice
Code of Ethics
Conflicts of Interest Policy
Finance Policy
Governance Policy
Information and Trading Policy
Information Security and Data Privacy Policy
McKinsey River Capital Management Responsible Investment & Ownership Policy
Modern Slavery Act Statement (where applicable)
Global Workplace Health and Safety Guidelines
Anti-Bribery & Corruption Guidelines
Diversity and No-Harassment Guidelines
Tax Guidelines
Business Partner Code of Conduct
Remuneration Public Disclosure Statements (where applicable)
Risk Management Guidelines
Anti-Bribery & Corruption
McKinsey River Capital Management is committed to complying with applicable anti-corruption and anti-bribery laws wherever it conducts business. McKinsey River Capital Management does not accept, offer, request, or authorize bribes in any form.
Political contributions, gifts, and business entertainment may be considered forms of bribery depending on local law and context. McKinsey River Capital Management maintains internal guidelines governing gifts, hospitality, and interactions with public officials. All gifts or business entertainment offered or received by staff must comply with applicable internal approval processes and documentation requirements.
These guidelines apply to all staff and are designed to prevent improper influence, including where interactions involve public sector counterparties or state-owned entities, and to ensure that McKinsey River Capital Management does not obtain business or favorable treatment in exchange for political contributions, fundraising assistance, or any improper benefit.
To promote sustainability in our industry and support constructive public discourse, McKinsey River Capital Management may participate in industry associations, working groups, and related initiatives.
Trade associations & partnerships (disclosure):
McKinsey River Capital Management’s contributions to trade associations and partnerships are disclosed in accordance with applicable transparency expectations and internal governance practices.
The contributions primarily consist of membership fees and dedicated studies. The three largest contributions during 2024 were made to:
[Partner 1], [Partner 2], [Partner 3].
Political contributions:
McKinsey River Capital Management does not make political contributions to political parties, political organizations, or election candidates. No such donations have been made from [Year] to date.
While McKinsey River Capital Management does not participate in party political activities, we may engage in policy discussions on subjects that affect our mission, stakeholders, and the communities in which we operate.
Disclaimer regarding historical data:
Where disclosures include historical information, earlier periods may reflect different structures, subsidiaries, or reporting boundaries.
Because contributions consist mainly of membership fees, detailed lobbying disclosure may not always be feasible.
Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF)
McKinsey River Capital Management is committed to preventing money laundering and terrorist financing and to complying with applicable AML/CTF laws relevant to our activities and business relationships.
We maintain an AML/CTF program comprised of appropriate policies, procedures, training, and controls to help prevent, detect, and manage risks relating to financial crime, sanctions breaches, money laundering, and related risks.
To ensure proper oversight, McKinsey River Capital Management designates responsible compliance personnel to manage due diligence processes and program governance.
We apply a risk-based approach to determine:
the scope of due diligence,
the level of ongoing monitoring, and
whether enhanced measures are required.
Enhanced due diligence may be applied where relationships involve:
High-risk jurisdictions
Complex ownership structures
Politically exposed persons (PEPs)
Correspondent relationships (where applicable)
Other elevated risk indicators
Relationships involving PEPs are subject to dedicated monitoring and appropriate approvals.
Screening may include:
UN & EU sanctions lists
OFAC (U.S. Treasury Department)
PEP databases
Other risk intelligence sources
All AML/CTF documentation is retained for at least five (5) years or longer as required.
Global Disciplinary Misconduct Framework
McKinsey River Capital Management maintains a Global Disciplinary Misconduct Framework covering conduct that materially conflicts with our values, policies, and procedures. This includes misconduct related to:
Fraud
Financial crime
Legal or regulatory breaches
Data incidents
Employment practice violations
The framework ensures:
Proper escalation
Consistent case assessment
Clear documentation
Structured resolution process
Cases may involve HR, Legal, Compliance, and relevant governance bodies (e.g., an audit committee).
Periodic reporting (e.g., quarterly) may be provided to oversight functions.
Shareholder Rights Directive (SRD II) – Where Applicable
Where applicable, McKinsey River Capital Management or affiliated entities may assess the applicability of SRD II and evaluate whether to develop and publish a shareholder engagement policy.
Whistleblowing
McKinsey River Capital Management maintains:
External whistleblowing instructions
External whistleblowing channels
Details are available here: [Whistleblowing Link Placeholder]
Information Security Governance
McKinsey River Capital Management recognizes that cybersecurity and information security are strategic enablers of trust and resilience. We are committed to protecting stakeholders, partners, and systems from cyber and operational risks.
Security governance supports:
Digital infrastructure resilience
Stakeholder confidence
Long-term value creation
Information Security Management Program
Our Information Security Management Program includes:
Business continuity
ICT risk management
Vulnerability management
Internal controls
ICT resilience strategy
Risk identification and classification
Incident escalation procedures
Designated approval paths
Tabletop exercises
Our program is informed by global frameworks, including:
ISO/IEC 27001
NIST Cybersecurity Framework
EU DORA (where applicable)
Vulnerability Management
Includes:
Automated scanning
Manual penetration testing
Risk-based prioritization
Documented remediation timelines
Enterprise Risk Management (ERM) Integration
Cybersecurity is embedded into ERM.
Control effectiveness is evaluated through assessments, evidence, and analytics.
Training
All staff undergo annual security awareness training.
Independent Review
Selected systems may undergo external audits or certifications.
Transparency and Breach Disclosure
McKinsey River Capital Management confirms that there were no material information security breaches in FY2024.
