Operating with Integrity
We are comitted to operating with integrity at every level.
We are dedicated to fostering a culture of compliance, ethical conduct and strong corporate governance. Our Boards determine our corporate governance arrangements, ensuring alignment with Atlas Arteria’s long-term interests and the interests of our investors and other key stakeholders.
Corporate governance
View Atlas Arteria's various corporate governance documents by expanding the boxes below.
- Atlas Arteria - People and Remuneration Committee Charter
- Atlas Arteria - Nomination and Governance Committee Charter
- Atlas Arteria - Audit and Risk Committee Charter
- Atlas Arteria - Safety and Sustainability Committee Charter
- Anti Bribery and Corruption Policy
- Auditor Independence Policy
- Candidate Privacy Notice (AUS)
- Candidate Privacy Notice (EU)
- Code of Conduct
- Conflicts of Interest (Directors) Policy (ATLAX)
- Conflicts of Interest (Directors) Policy (ATLIX)
- Continuous Disclosure Policy
- Diversity and Belonging Policy
- Sustainability Policy
- External Communications Policy
- Risk Management Policy
- Securities Trading (Windows) Policy
- Supplier Code of Conduct
- Vision & Values Statement
- Whistleblower Policy
- Work Health and Safety Policy
- Human Rights Commitment Statement (2024)
How we operate
We always strive to operate with the highest level of integrity and have the same high expectations from everyone we do business with.
Our Code of Conduct and Supplier Code of Conduct are aligned with our values and outline our expectations of our employees, contractors and suppliers.
We commit to always operating within the laws of all jurisdictions in which we do business. We have a robust framework to deter and prevent bribery and corruption, along with an Anti-Bribery and Corruption Policy which we expect our people and suppliers to comply with.
We encourage a culture of openness, where people feel supported to speak up. Employees and staff of our wholly owned business may report misconduct or other improper conduct through our multi-lingual whistleblower service, FairCall.
Oversight of cybersecurity
Cybersecurity is an important part of Atlas Arteria’s governance and risk management frameworks, with a focus on cyber resilience, data protection and minimising operational impacts. Cybersecurity risks are managed through the Cyber Risk Management Plan (CRMP), which is applied across Atlas Arteria and our wholly and majority-owned businesses to identify, assess, mitigate and monitor cyber risks. The ARC oversees the CRMP and reviews the effectiveness of the plan at least annually, which is then reported to the Boards.
During 2025, a key focus of the CRMP was the implementation and verification of recommendations arising from an internal audit of cybersecurity practices completed in 2024. The audit included a maturity assessment aligned with recognised industry standards, including ISO 27001/27002 and NIST 800-53. All cybersecurity recommendations scheduled for 2025 were completed.
Continuous development of our employees’ cybersecurity awareness training, supported by simulated cyber-attack testing, continues to reinforce cybersecurity fundamentals across the organisation. In addition, during September 2025, management facilitated cybersecurity workshops across selected portfolio businesses to support the sharing of best-practice experiences and enhance technical capability.
Respecting and upholding Human Rights
We recognise that inherent dignity and equal rights are fundamental for every individual. As a responsible member of the global business community, we are steadfast in our commitment to upholding and respecting internationally recognised human rights across all facets of our operations, supply chains and business relationships.
As a member of the UNGC, we have publicly committed to upholding the UNGC Ten Principles relating to Human Rights, Labour, Environment and Anti-Corruption, which are foundational to advancing the UN Sustainable Development Goals.
In 2024, we published our Human Rights Commitment Statement (in alignment with the UNGC Ten Principles). Our Modern Slavery Statement has received an A rating every year since 2023 in the Monash University Modern Slavery Statement Quality Ratings.
Our approach to Human Rights due diligence in our supply chains
Supplier due diligence and engagements
Our due diligence and supplier engagement process follows the ‘Know Your Suppliers’ framework based on the United Nations Guiding Principles’ guidelines: Atlas Arteria’s controlled subsidiaries operate under the guidance and management of their respective local executive teams. They have implemented measures to evaluate the risks associated with human rights violations, such as modern slavery, in their operations and supply chains. Although practices may differ between businesses, our aim is to achieve standardisation of practices and processes throughout our operations.
1. Identify
The first step is to identify potential risks associated with the supplier. This includes assessing the supplier’s geographic location, business practices and reputation.
2. Assess
Once potential risks have been identified, the supplier’s level of compliance with relevant laws, regulations and industry standards is assessed. This includes assessing the supplier’s human rights record and any potential risks to workers, communities, or the environment. This may include conducting a desktop audit of the supplier and its stance on modem slavery and other factors relevant to human rights risks, asking suppliers to respond to further questions in relation to their operations.
3. Mitigate
After assessing the supplier’s risk profile, we determine whether any additional measures need to be taken to better understand the relevant risk and, where that risk is not remote, to mitigate such risk. This may include setting standards for suppliers, requiring them to adopt specific policies and procedures, or engaging in ongoing dialogue with suppliers to address any concerns.
4. Monitor
Finally, we monitor the supplier’s situation on an ongoing basis to identify any emerging risks or incidents that may impact them.
Internal audit process
Atlas Arteria utilises an internal audit process, provided by an external party, to provide independent assurance over the control and management of its key risks. Internal Audit projects are conducted in accordance with the Annual Internal Audit Plan which is approved by Atlas Arteria’s Audit and Risk Committee each year. As part of the 2023 Internal Audit Plan, an internal audit review of cybersecurity practices was completed across our Corporate offices. The scope of the audit included a maturity assessment against the auditor’s framework aligned with industry standards including from International Organisation for Standardisation (ISO) 27001/2, National Institute of Standards and Technology (NIST) 800-53 and Control Objectives for Information and Related Technologies (COBIT).
The 2024 Internal Audit Plan included the same review across our wholly and majority-owned businesses. The review, completed in early 2024, found that each of the businesses demonstrated strong awareness of the importance of implementing effective technology and process controls to manage and mitigate their cybersecurity risks, and a willingness to apply a continuous improvement approach to strengthening cybersecurity controls.
Recommendations were identified for each business, outlining opportunities to implement additional prevention practices and enhance response preparedness.
