Modern Slavery Statement

For the Year Ended 30 June 2020

Who we are

The Citadel Group Limited (Citadel) is a listed technology company that specializes in secure enterprise information management in complex environments. Citadel is the ‘reporting entity’ required to produce this Modern Slavery Statement (Statement). Until December 2020, Citadel was listed on the Australian Securities Exchange, but is now privately owned.

About this Statement

Citadel is proudly Australian, with offices in Canberra, Brisbane, Melbourne, Sydney and Adelaide. It has an obligation under the Modern Slavery Act 2018 (Cth) (Act) to report to the Department of Home Affairs on the risks of modern slavery in its operations and supply chains, and the actions it is taking to address those risks.

This Statement covers Citadel’s financial year ending 30 June 2020 (Period).

Citadel’s structure and operations

Structure

Citadel is an Australian public company limited by shares. Its securities were listed on the Australian Securities Exchange (ASX) in 2014 and at the date of this Statement, it remains almost entirely Australian-owned.

Due in part to its growth, but also its historic operations, Citadel is both an operating and a holding company. However, through acquisition and expansion, Citadel also operates through a number of subsidiary companies which, until April 2020 were all located in Australia. In April 2020, Citadel acquired the Wellbeing Software group, based in the UK. Wellbeing was not a reporting entity under the Modern Slavery Act 2015 (UK) (UK Act), and Citadel has not completed its modern slavery assessment of Wellbeing prior to the preparation of this Statement.

Citadel wholly-owns all its subsidiaries except one – filosoph-e Pty Ltd (filosoph-e). A chart showing the relationship between Citadel and its subsidiaries can be found in Appendix 1 to this Report, together with the key Citadel group company brands.

Each subsidiary is registered at Citadel’s head office in Canberra. Those details can be found at the end of this Report.

This Statement is made on behalf of Citadel, each of its wholly-owned subsidiaries, and filosoph-e.

How this statement is prepared

Under its constitution, Citadel’ s Board of Directors is ultimately responsible for Citadel’s management, and by virtue of its ability to control the boards of each of its subsidiaries, it is able to influence the conduct of activities by the subsidiaries.

The Board of each of Citadel’s wholly-owned subsidiaries have directed that those subsidiaries co-operate fully in the preparation and approval of this Statement, and to participate in the activities it describes. Filosoph-e’s Board has separately consented to the preparation and approval of this Statement, and to participate in the activities it describes.

The Company Secretary, with assistance from outside counsel, has managed the process of preparing this Statement, and has in doing so has:

drawn information from the finance function to identify all current suppliers for the Period;
interviewed the leaders of each business unit to:
- identify (or confirm) the products and services procured from each supplier; and
- ascertain the supply chain and origin of those goods or services;
identified which of Citadel’s key suppliers have made modern slavery statements pursuant to the UK Act, and also identified that a number of such suppliers have made disclosures under the California Transparency in Supply Chains Act of 2010;
assessed, through desk-top review, the adequacy of the modern slavery statements prepared by Citadel’s key suppliers pursuant to the UK Act; and
conducted a desk-top review of the Responsible Business Alliance, a non-profit entity the membership of which includes many of Citadel’s key suppliers of electronics equipment, and the members of which are committed to continual improvement in the social, environmental and ethical responsibility of their supply chains.

Citadel’s operations and supply chain

At the time of preparation of this Statement, Citadel arranged itself into four distinct operating units. These are:

Enterprise Software;
Professional Services;
Technology; and
Health

Some of these units have distinct areas of responsibility that combine to make up the unit, and all call upon the Citadel Corporate Centre for support services. Each operating unit’s operations are described below.

Citadel Health

Citadel Health (Health) primarily contracts through the Citadel Health Pty Ltd and Charm Health Pty Ltd companies. Health is a software owner and developer, and a managed service provider in the health technology field. Its key software products are CHARM^® and Auslab™, including its next generation product Auslab Evolution™. Approximately 53 people work in the Health business, primarily spread across its Brisbane and Melbourne offices.

Operationally, Health is responsible for its own supply chain activities. In respect of goods and services sold, this involves acquiring:

computer hardware from Australian vendors for installation at customer premises;
telecommunications services from Australian telecommunications service providers;
Australian private cloud data centre services;
physical security services from local companies;
cloud storage services from US parent vendors with operations in Australia; and
cloud software services from US parent vendors with local operations.

In respect of other activities, Health procures:

employee education services;
marketing services (conferences etc);
travel and accommodation services (travel agent, flights, car hire and hotels); and
contracts with specialist service providers (fax and sms message services, helpdesk software and development software licences).

Health also uses Citadel Corporate Services.

Citadel Technology

Citadel Technology’s (Citadel Tech’s) key business operations are the supply, installation, maintenance and servicing of audio visual and video collaboration technologies across its key verticals of defence, health, government, & higher education.

Its key trading entity is Citadel Technology Solutions Pty Ltd. Operationally, Citadel Tech is responsible for its own supply chain activities. In respect of goods and services sold, this involves acquiring:

software licensing for video and audio conferencing;
audio-visual hardware (screens, projectors, speakers, microphones, computing hardware, switchgear etc), from local suppliers, sourced from global manufacturers;
cabling, connectors, brackets & other ancillary hardware required for audio-visual equipment;
vehicles for delivery of goods and transport of technicians;
qualified trades people for project or longer-term engagements;
warehousing and storage services; and
uniforms and promotional materials.

Citadel Tech also procures travel and accommodation services (travel agent, flights, car hire and hotels), and uses Citadel Corporate Services.

Enterprise Software

The primary trading entities in Citadel’s Enterprise Software division (Enterprise) are Citadel, Gruden Pty Ltd (Gruden) and Kapish Services Pty Ltd (Kapish).Citadel’s Enterprise Software division (Enterprise) is primarily a software, SaaS and PaaS business, supported by some professional technology services. It develops and maintains its own software that operates either independently, or as part of other software packages. Good examples of our Enterprise software are the Kapish^® Productivity Suite, and goTrimPro^™, both of which provide productivity enhancements to a third-party product, Micro Focus Content Manager (Content Manager). Support and maintenance is also provided for its own and third-party licensed products.

Kapish also markets Citadel-IX^™ – a unique secure cloud platform for Content Manager. Kapish can deliver Citadel-IX^™ in a number of combinations to suit the customer’s needs, but common services include establishing the Citadel-IX cloud instance, setup or migration of Content Manager to the Citadel‑IX^™ cloud, as well as Content Manager training.

Gruden has historically specialized in the creation and maintenance of products, like AusTender^™ and GrantConnect^™. Gruden also contracts with certain government panel members to supply services within the specialities of its related companies, like JBS.

Operationally, Enterprise is responsible for its own supply chain. This involves the following typical acquisitions for C&D:

cloud storage services from international vendors;
onshore and offshore programming and coding services;
software for resale;
software components;
graphic design services;
contract professional services; and
uniform and promotional materials.

With the consent of Enterprises’ clients, some coding services from carefully selected suppliers based in Hong Kong, China and Vietnam are utilised.

Cloud services are procured from US vendors or their local subsidiaries, using services located in Australia.

Software is primarily licensed from the US and Europe.

Professional Services

The primary trading entities in Citadel’s Professional Services division are Citadel, Jakeman Business Solutions Pty Ltd (JBS), Noventus Pty Ltd (Noventus) and filosoph-e. Professional Services provides specialist consulting and personnel services directly or indirectly to Australian government agencies. Citadel also provides certain managed services to government. These services align with Citadel’s core values of keeping people and information safe.

Operationally, Professional Services is responsible for its own supply chain. This involves the following typical acquisitions:

contract professional services; and
uniform and promotional materials.

Citadel Corporate

‘Citadel Corporate’ describes three parts of Citadel’s business.

The first is the Office of the CEO and the Board. This element of Citadel Corporate manages Citadel’s relationship with its owners (the shareholders), and the activities of its governing body (the Board of Directors and its Committees).

The second is the Corporate Centre, which means the shared services that support the other business units. This includes personnel, finance, legal, audit, risk and compliance, security, property management, and corporate IT. In this Statement, we refer to the second category of services as Citadel Corporate Services. All of Citadel’s employees and direct contractors are employed through Citadel Group Services Australia Pty Ltd.

The third part of Citadel Corporate is customer facing. Because of the structure of many government panel and procurement arrangements, The Citadel Group Limited is a contracting party providing services to customers. It does not provide these services itself, but does so through its operating subsidiaries described above.

The Office of the CEO and Board, and Citadel Corporate are responsible for their own supply chain. This involves the following typical acquisitions:

employee benefits programme expenses;
recruitment services;
marketing services (corporate website) and corporate functions;
investor management services (including share registry management);
travel and accommodation services (travel agent, flights, car hire and hotels);
professional services (non-executive director fees, audit, tax, external legal, other consultancy services);
enterprise and Corporate Centre specialist cloud software services;
enterprise software licensing;
accommodation services (leasehold property) including fitouts;
utilities (commercial rates; heating, cooling, data connectivity and voice, water and sewerage; cleaning (although some cleaning is conducted by landlords);
postal and courier services;
archiving and secure document destruction;
security and alarm services;
computer hardware (laptops, desktops, mobile devices, printer/copier leases);
tea, coffee, catering, (including vending machines); and
office supplies.

These services are predominantly obtained through Australia-based suppliers, though in the case of certain services, the goods are sourced from overseas manufacturers based in China, Malaysia and Vietnam.

The risks of modern slavery practices in citadel’s operations and supply chain

What modern slavery risks has citadel identified?

Citadel’s professional services, consulting and advisory operations are primarily conducted through the personal efforts of our employees and specialist contractors. For those team-members working on-site, we procure for them office space, communications and technology devices, and associated office-related products and services including cleaning, catering and beverages such as tea and coffee. Some contractors and employees work at client sites, and clients are responsible for some of these services.

Modern slavery risks exist in both our operations and our supply chains, but we consider that the key risks are in our supply chains, particularly the supply chains of the manufacturers of electronic equipment that we purchase for our own operations or that we procure for our clients directly from manufacturers or from distributors.

Citadel has identified in Appendix 2 the key risks of Modern Slavery facing Citadel.

Citadel has also identified the key business unit or subsidiary with the most direct connection to these risks, and the categorisation.

In assessing its Modern Slavery risks, Citadel has had reference to Table 6 of the Guidance for Reporting Entities issued by the Australian Department of Home Affairs (Guidance), and has drawn upon published literature from non-government organisations relating to specific risk areas, such as electronics. In particular, Citadel has reviewed reports and benchmarks prepared by KnowTheChain, a not for profit organisation that has significant expertise in addressing forced labour worldwide, including the following:

Eradicating Forced Labor in Electronics: What do company statements under the UK Modern Slavery Act tell us? (March 2018);
2018 Information and Communications Technology Benchmark Findings Report; and
Three Sectors, Three Years Later: Progress and Gaps in the Fight Against Forced Labor (April 2019).

Citadel notes that KnowTheChain publishes sector-specific benchmarks every two years. Companies are assessed using a methodology which is based on the UN Guiding Principles on Business and Human Rights and which covers themes such as recruitment and worker voice. Citadel will continue to review such benchmarking reports in order to assess the progress of its key suppliers in addressing modern slavery risks in their supply chain.

The actions Citadel has taken to access and address these risks.

During the Period, the Company has implemented a number of due diligence elements to its operations.

The primary due diligence objective has been awareness raising amongst Citadel staff of the risks of modern slavery in the Company’s supply chain, the Company’s assessment of the treatment of those risks and the objectives of the Company in remediating those risks. Citadel has also given its employees access to the underlying due diligence materials used in preparing this Statement, so that there is transparency of information at all levels of the company.

The secondary due diligence objective has been to introduce a modern slavery assessment in its supply chain activities. Being a relatively small company, Citadel has not had a centralised procurement policy or supplier management policy. Citadel is part-way through implementing these projects and anticipates completing those in the next reporting period. Both will contain an obligation to identify and manage modern slavery risk, and to report on those risks. A process has been established to progressively conduct a supplier risk assessment for each current supplier, as well as for each prospective new supplier.

The final piece of the due diligence process will be to establish a reporting process so each business unit can report each 6 months on the results of its due diligence for incorporation into the next report.

Remediation priorities

As a technology company specialising in the delivery of (relatively) large quantities of electronic equipment, Citadel has focussed on Risks 1-3 in its analysis of its deep electronics supply chain. Citadel has identified equipment vendors and their own public statements regarding modern slavery risks in their operations. Citadel considers that the statements made by those vendors are, on the whole, comprehensive and demonstrate a serious attempt to address the risks of modern slavery in both the suppliers’ own operations and their respective supply chains. Large global electronic equipment manufacturers, and other large technology companies such as Microsoft, through their own efforts and through groups such as the Responsible Business Alliance, have demonstrated goodwill and concrete actions in relation to modern slavery risks.

Citadel recognises that it has a choice in selecting its own IT equipment, and that it can and should weigh the value to company of selecting a vendor who demonstrates progress toward addressing the issues of modern slavery in their own operations.

Where Citadel is purchasing equipment on behalf of clients, it recognises that it can assist those organisations with their own modern slavery compliance by including in its quotes and tenders, reference to its views on the modern slavery practices of different equipment manufacturers. Citadel is pleased to note that a number of Citadel Technology’s clients are already undertaking their own modern slavery journey, and that Citadel has a part to play in that journey.

During the Period, Citadel has also:

delivered mandatory modern slavery awareness training to all staff;
introduced a Supplier Code of Conduct, including requirements focused on modern slavery compliance; and
amended its purchase order terms and conditions to include modern slavery compliance requirements.

How Citadel assesses the effectiveness of these actions

Citadel will assess the following indicators in order to assess the efficacy of its actions:

training and awareness-raising programs – % completion by staff;
the number of supply contracts that include modern slavery clauses and/or apply the Supplier Code;
the number of actions (including questionnaire responses) taken to work with suppliers to improve their capacity to respond to modern slavery risks.

The process of consultation with the entities Citadel owns or controls

As described in section 1 of this Statement, under its constitution, Citadel’ s Board of Directors is ultimately responsible for Citadel’s management, and by virtue of its ability to control the boards of each of its subsidiaries, it is able to influence the conduct of activities by the subsidiaries.

APPENDIX 1 – Citadel Group Structure

The Citadel Group Limited Company Structure and Subsidiaries (excluding Wellbeing Software Group Holdings Limited) at the expiry of the Period

Citadel Brands

APPENDIX 2 – Citadel’s key Supply Chain Risks

[1] Due to the acquisition of the Wellbeing Software group late in the reporting period, although the management has been fully cooperative, the approach of those subsidiaries will not be reported until the following reporting period.

[2] Such as copper, aluminium, titanium and gold mining.

[3] Other countries such as Cote d’Ivoire, Costa Rica, Guatemala, Guinea, Honduras also have issues that require monitoring.