GOVERNANCE

 

LEGAL ENTITY
As a Company Limited by Guarantee, Ray of Hope (RoH) formally adopted its Constitution on 30th November 2012, most recently amended in July 2025 (e-filing completed on 16th July, pending ACRA’s approval). The organisation has established a voting membership and appointed a Board of Directors responsible for oversight and governance, ensuring robust management and accountability.

WHISTLE-BLOWING POLICY
RoH has a Whistle Blowing Policy that provides an avenue for employees, volunteers and external parties to raise concerns and report of any suspected fraud, corruption, dishonest practices or other related matters. The policy promotes responsible and secure whistleblowing without fear of adverse consequences.

All whistle-blower reports will be reviewed by the Audit Chairman immediately to ensure independent and thorough investigation and adequate follow-up.

GOVERNING INSTRUMENT
RoH is governed by its Constitution, which serves as the foundational document guiding the charity’s objectives, governance structure, and operational conduct. The Constitution outlines the responsibilities of the Board, the process for appointments, and the framework through which the organisation ensures accountability and transparency. It is reviewed periodically to ensure continued alignment with best practices in the charitable sector.

DISCLOSURE AND TRANSPARENCY
The Board and Committee adhere to regular evaluation of its performance and effectiveness and ensure compliance with requirements in the Code of Governance. RoH makes available to its stakeholders an annual report that includes information on its corporate governance, programmes, activities, and audited financial statements. The annual report is also published on RoH’s website: https://rayofhope.sg/

POLICY ON LOANS
Any loans, donations, grants, or financial assistance made to RoH for purposes outside the scope of its approved programmes shall be approved by the Board. We have not exercised this.

CONFLICT OF INTEREST POLICY

The policy aims to protect RoH and its members from any appearance of impropriety. It mandates that all Board Members and Staff must exercise the highest duty of care and judgment when dealing with matters relating to RoH, and to disclose all interests (commitment, investment, relationship, obligation, involvement, financial, or otherwise), which may be a potential conflict of interest.

The policy provides procedures and guidelines on how conflict of interest situations are to be handled. All Board Members and Staff are to complete a declaration at the beginning of their service, as well as make a new declaration on an annual basis or when there are any changes.

HUMAN RESOURCE POLICY

At Ray of Hope, we believe that a strong, values-driven team is key to building a more inclusive and giving community. Our Human Resource Policy sets out clear guidelines on recruitment, performance management, staff development, grievance handling, and workplace conduct. It ensures fair and transparent employment practices while nurturing a safe and respectful work environment. Our HR policies are reviewed regularly to stay aligned with evolving needs and sector standards.

RESERVE POLICY
Ray of Hope’s crowdfunding focuses on raising funds directly tailored to the genuine, verified needs of our clients. Guided by our commitment to responsible stewardship, we actively maintain a prudent financial reserve consisting of unrestricted funds. This allows us to swiftly respond to emerging community needs.

Our reserves are reviewed annually alongside our budget to uphold transparency and accountability. As of 31 December 2024, our reserve ratio stands at 0.28 years.

GOVERNANCE EVALUATION CHECKLIST
RoH has complied with the Code of Governance for Charities and IPCs. RoH’S Governance Evaluation Checklist for the period of 1st January 2024 to 31st December 2024 can be viewed at the Charity Portal, www.charities.gov.sg.

PERSONAL DATA PROTECTION (PDPA)
The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. RoH recognises the rights of our clients, donors and partners to protect their personal data, including rights of access and correction. RoH has implemented policies and processes reviewed to ensure compliance and data integrity is not compromised.

All employees are required to undergo PDPA training on an annual basis and additional security arrangements have been adopted to prevent unauthorised access, collection, use, disclosure, copying, modification or disposal or personal data.

TECHNOLOGY
RoH’s crowdfunding platforms (rayofhope.sg and events.rayofhope.sg) undergo monthly security penetration and vulnerability tests by Xfers Pte. Ltd. a licensed cybersecurity vendor by the Singapore government’s CYBERSECURITY SERVICES REGULATION OFFICE, with certificate number CS/PTS/C-2023-0350

Both platforms are on the Sucuri CDN and Security Firewall that complies with the following standards: 

• SSAE16 COMPLIANCE ISO 9001:2008
• OHSAS 18001:2007 ISO 14001:2004
• PCIDSS PAYMENT CARD
• INDUSTRY STANDARD
• ISO / IEC 27001:2005 AND 27001:2013
• ISO CERTIFICATION ISO 50001:2011

All donations/payments are handled by Stripe and Acme. No donor credit card information nor bank account information is stored by RoH. Stripe and ACME security compliance are as follows: 

Stripe:

• PCI Service Provider Level 1
• SOC1, SOC2 Type2, SOC3
• AES-256 Encryption
• NIST Cybersecurity Framework

ACME:

• ISO/IEC 27001:2022

INTERNAL CONTROL SYSTEMS AND RISK MANAGEMENT
RoH has established robust internal control systems to safeguard our assets, ensure financial integrity, and uphold donor trust. These systems are designed to support sound decision-making, accountability, and compliance with legal and regulatory requirements.

We adopt a risk-based approach in identifying, assessing, and mitigating potential risks across our operations, including financial, reputational, cyber, and programme-related risks. Risk areas are regularly reviewed by the Board and management to ensure timely response and controls.

Key measures include:

• Segregation of duties in financial processes
• Dual authorisation for payments and approvals
• Regular internal checks and audit processes
• A documented financial policy
• Policies for conflict of interest and whistle-blowing

These frameworks enable us to operate with integrity while adapting proactively to emerging challenges.

AUDITORS
RSM Chio Lim LLP

CORPORATE BANK
DBS Bank Ltd
Maybank Singapore Limited

Additional Notes:

• No directors will receive remuneration unless for professional services rendered as approved by the Board.
• None of RoH’s employees serve on the Board or is a close member of the family of the Board.
• None of Ray of Hope’s staff members received annual remuneration exceeding $100,000 during the financial year. This includes all forms of compensation such as wages, bonuses, allowances, benefits, and remuneration from subsidiaries.