Message from CEO Steve Hasker

Dear Colleagues,

Thomson Reuters is on an exciting journey to becoming the leading content-driven AI technology company, informing the way forward for professionals around the globe.

That Reuters shall at no time pass into the hands of any one interest, group or faction;

That the integrity, independence and freedom from bias of Thomson Reuters shall at all times be fully preserved;

That Reuters shall supply unbiased and reliable news services to newspapers, news agencies, broadcasters and other media subscribers and to businesses, governments, institutions, individuals and others with whom Reuters has or may have contracts;

That Thomson Reuters shall pay due regard to the many interests which it serves in addition to those of the media; and

That no effort shall be spared to expand, develop and adapt the news and other services and products of Thomson Reuters so as to maintain its leading position in the international news and information business.

Learn about, understand and comply with the laws, rules, regulations and policies that apply to our specific positions

Seek Help if we have questions about the applicability or interpretation of any law, rule, regulation or policy

Speak up if we see or suspect unethical behavior or a violation — whether of laws, policies or this Code

Complete mandatory compliance training

Respect local customs of countries where we do business, as long as doing so does not violate laws or this Code

Acknowledge on the Intranet that we have received and read this Code and understand our obligations to comply with it

Listen and take action when team members raise concerns — whether big or small

Be knowledgeable about the laws, rules, regulations and policies that apply to their teams

Personally handle or escalate compliance issues appropriately

Highlight and recognize decisions that honor our values and long-term success over short-term gain

Demonstrate accountability and a willingness to listen to all points of view

Make time to discuss the importance of ethics and compliance regularly with their teams

Encourage colleagues and others to contact their manager, Human Resources or the Enterprise Compliance team for help when issues or questions arise and to be timely and candid in reporting any unethical or illegal conduct or compliance issues

Am I following applicable laws and regulations? Is the action ethical?

Am I following the Code, Trust Principles and other company policies?

Have I considered the wider implications of my decision?

Would I feel comfortable if my decision were made public?

Does my decision take all stakeholders into account?

 Ethics Hotline

  QR Code

We all have an obligation to speak up to report unethical or illegal conduct or if we reasonably believe that a violation of this Code has occurred. Our willingness to Seek Help and to accurately and truthfully describe the situation in a timely manner is of the utmost importance. Thomson Reuters values open communication.

Reporting fraud or suspected fraud

Report suspected fraudulent activities by current or former employees, directors, officers, contractors or third parties to Internal Audit. In addition, attempts to inappropriately influence external auditors should be reported to Internal Audit.

Knowingly providing false or misleading information

Refusing to be available for a meeting or discussion during an investigation

Knowingly withholding, destroying, altering or deleting pertinent information

Connecting the dots

 Q  I’m considering two job candidates who have similar qualifications on paper. One has a physical disability that may hamper the ability to get around the office. Am I allowed to factor this trait into my evaluation of the candidates?

 A  You should not assume that a disability will limit someone’s ability to perform his or her job. However, if you reasonably believe the disability would legitimately affect the individual’s ability to perform the essential functions of the job, you should contact human resources to discuss whether reasonable accommodations could be made.

Has the purpose or effect of creating an intimidating, hostile or offensive work environment or otherwise adversely affects an individual’s employment opportunities

Explicitly or implicitly links submission to sexual conduct as a term or condition of employment or promotion decisions

 Connecting the dots

Q   I’ve noticed that one of our customers keeps making mildly sexual comments that seem to make one of my colleagues uncomfortable. If that colleague never makes a complaint to the company, is there anything I can do? Do we have to accept the behavior to maintain the customer relationship?

A   Even if an apparent target of the behavior does not make a complaint, the individual still may be uncomfortable. You should talk to Human Resources. While Thomson Reuters is always mindful of customer relationships, we never want our employees to be in an uncomfortable work environment. The company will take appropriate steps to address the behavior.

Comply with both the letter and the spirit of all applicable occupational and environmental health and safety laws and regulations

Develop, implement, continually improve and follow policies, procedures, and guidelines to ensure compliance with applicable regulations and support our values, commitments and expectations

Provide EHS training, instruction, information, and effective communication to all TR staff and those performing work at our locations relevant to their role and responsibilities

Develop management processes and solutions that mitigate risks, protect our people and environment, and demonstrate value to our customers and stakeholders

Require that all contractors, vendors and colleagues abide by safety and environmental regulations

Perform assessments to identify safety hazards or potential regulatory non-compliance and take action to remedy these situations

Maintain accurate and up-to-date environmental and safety records

Following all required security procedures and access controls in our facilities

Speaking up when we see something that seems suspicious or threatening

Participating in safety-related drills and preparations

Weapons or hazardous devices at any facilities leased or owned by Thomson Reuters, at Thomson Reuters– sponsored functions, or on company business unless legally allowed and cleared with prior written approval from the Global/Regional Head of Security

Behavior that injures or is likely to injure another person

The making or sending of harassing or threatening statements (regardless of how these messages are delivered)

Behavior that damages or is likely to damage property

Stalking or surveillance of another person

Committing or threatening to commit violent acts

 Connect the dots

Q  I have a domestic issue at home that affects my personal safety. Do I need to disclose it at work?

A  If you have a domestic or personal issue that may apply to or affect safety in the workplace (e.g., an order of protection or a restraining order), you should report it to Human Resources and SOC. That is the best way to help ensure not only your safety but also that of your colleagues. Also see the Workplace Violence Prevention Policy

Do not report for work while impaired by drugs or alcohol

Do not possess or consume alcohol on Thomson Reuters premises or while working without specific prior authorization from Thomson Reuters

Use good judgment when consuming alcohol at an event sponsored by Thomson Reuters, a customer or an organization that we’re supporting

 Connecting the dots

 Q  If I have a problem with substance abuse, does the company offer any help?

 A  Thomson Reuters offers a number of employee programs that may provide assistance. Please ask Human Resources about available services in your location.

Take responsibility for identifying situations that could compromise or appear to compromise our judgment

Seek Help if we suspect a potential conflict

Disclose any potential conflicts in writing to the appropriate manager or to Human Resources to resolve the conflict and/or pre-clear it in writing with the Enterprise Compliance team and act consistently with whatever decision is made

Put the company’s interest in any business transaction ahead of any personal interest or gain

Directly or indirectly supervising colleagues with whom we have a close relationship

Taking part in hiring or promoting those with whom we have a close relationship or influencing their compensation, benefits or opportunities if they work at the company

Participating in transactions between Thomson Reuters and businesses that are owned by or that employ someone with whom we have a close relationship. It may be a conflict of interest if you or someone with whom you have a close relationship owns more than 1% of a customer, supplier or competitor

 Q  How does the Code define a “close” relationship?

 A  For the purposes of the Code, people with whom you have a “close” relationship may include any person that could influence or appear to influence your judgment such as:

●  A spouse, partner, parent or person you are dating

●  Immediate family members (parents, offspring, siblings, grandparents or grandchildren)

●  Mothers and fathers in-law, sons and daughters-in-law, brothers and sisters-in-law

●  Cousins, uncles, aunts, nieces, nephews

●  Any person living in the same home as you

 Q  I think my manager is dating a coworker. Is that allowed?

 A  It is inappropriate for a manager to date one of his or her direct reports or another person who is a subordinate in his or her group. Even if the relationship appears to be consensual, having one individual in a position of power over the other could result in a conflict of interest. Any concerns should be addressed to Human Resources.

Use company property, company information and our position only to advance the company’s interests and not for personal gain

Recognize when a product, service, invention or business connection might be of interest to Thomson Reuters and communicate it to the company

Ensure our employment or engagement with another company does not affect our work at Thomson Reuters

Do not accept work if it would cause us to improperly disclose the company’s confidential or proprietary information

Do not compete with Thomson Reuters or work for our competitors

Do not use company resources or time to perform work for second jobs, personal businesses, board memberships or civic positions, or the like

Establish an attorney-client relationship on behalf of Thomson Reuters

Provide legal advice or guidance where specialized legal skills are required, such that there is an implicit representation of authority or competence to practice law

Hold themselves out as a Thomson Reuters lawyer, which means to indicate in any manner to any other person that they are competent, authorized or available to practice law on behalf of the company

Follow all requirements of the Federal Acquisition Regulation (FAR) in the United States and similar regulations in all the other countries where we do business

Work in good faith to address and resolve any claims of organizational conflicts of interest

Comply with the letter and spirit of applicable laws

Recommend only products, services and solutions that we believe are the proper fit for each customer’s needs

Remain transparent and forthright in all contracting

Award contracts based on merit and clearly defined benchmarks

Provide accurate and timely documentation

Deliver on what we promise

Are honest and accurate in advertising and marketing claims, avoiding exaggeration, misrepresentation, and ambiguity

Take special care when making comparative claims and do not disparage or unfairly criticize a competitor’s products or services

Do not gather competitive intelligence in unlawful or unethical ways (see Competitive Intelligence in the Code)

Seek advice before you act

We often negotiate agreements with customers, suppliers and distributors. To avoid antitrust issues, seek advice from the General Counsel’s Office before you:

● Use customer pricing (such as deep discounts) or licensing terms to keep out or unduly hinder competitors

● Sell anything below cost

● Tie the sale of any product, service or discount to another product

● Enter an exclusive dealing or lock-in agreement

● Treat customers, suppliers or distributors inequitably for the same products

● Restrict a distributor in terms of whom they can sell to and at what price or agree to a similar restriction on Thomson Reuters where we resell third-party products or services

● Impose any non-compete or other similar restriction, or accept a similar restriction on Thomson Reuters

Fix prices

Divide sales opportunities or territories

Agree not to solicit each other’s customers

Boycott or refuse to sell a particular product to a certain customer, supplier or vendor

Rig bids

Share confidential information about pricing, profits, costs, sale terms, credit terms, customers, discounts, promotions, marketing or strategic plans, mergers and acquisitions or any other sensitive information

Connecting the dots

Q  I attended a conference recently, and an employee of a competitor struck up a conversation with me about a new product they just launched. She didn’t say anything about pricing or profits, but I felt uncomfortable. What should I do in this situation?

A  If you feel uncomfortable about any conversation with a competitor, it’s best to exit that conversation as quickly and as gracefully as possible. Remember, even if the employee didn’t reveal pricing or other sensitive information, she may have said something that could appear to violate antitrust laws to some-one listening. Contact the General Counsel’s Office if you need more clarification or want to confirm that nothing happened that could be or could appear to be a violation.

●   Do not offer or accept bribes or kickbacks

●   Do not make facilitation or “grease” payments, even if they are legal in the country where requested

●   Report it to our manager and the Enterprise Compliance team if we are offered a bribe, asked for a bribe or asked to make a facilitation payment

●   Offer or accept only reasonable hospitality and business expenses

●   Record all payments and receipts honestly and accurately

●   Carry out a level of due diligence appropriate to the risk before we engage business partners

●   Communicate our Anti-Bribery & Anti-Corruption Policy to business partners at the outset of our business relationship and as appropriate thereafter

●   Watch out for red flags, including vague descriptions of payments or services, payment requests in exchange for approvals or signs of over-invoicing or false invoicing

●   Mitigate or terminate business relationships as appropriate if we learn that a business partner may have violated our standards

The many forms of bribery

Bribes can take the form of anything of value being offered or given in exchange for, or as a reward for, favorable treatment. There are many business interactions that can go from legitimate to corrupt when motivated by an intention to obtain favorable treatment, including providing or accepting:

● Cash or cash equivalents

● Facilitation payments

● Unreasonable gifts, entertainment or hospitality

● Unexplained or excessive rebates, discounts or commissions

● Loans

● Invoices for disguised expenses

● Excessive goods or services for personal use

● Free use of Thomson Reuters services or facilities

● Favors (such as the hiring of a relative)

● Charitable donations

● Paid or unpaid internships

● Job offers or promises of future employment

●   Report any known or suspected violations or concerns to the Enterprise Team or the Ethics Hotline

Connecting the dots

Q  What is a facilitation or “grease” payment?

A  A facilitation or “grease” payment is a small payment made to a government official to secure what should be a routine action, such as processing a visa, issuing a permit or providing a utility service. This does not include official payments, such as those where a government agency has a published fee schedule for a service equally available to anyone and provides a receipt. Thomson Reuters prohibits its employees and representatives from making facilitation payments, even if doing so is legal in the country where the payment is taking place. If you are unsure whether something qualifies as a facilitation payment or if you believe such a payment is necessary to advance legitimate business goals, you must Seek Help. Similarly, if you must make a facilitation payment to protect your liberty or safety, you must notify your manager as soon as possible, and know that such extraordinary events will not be treated as policy violations.

Identifying government officials

Our policy on bribery and corruption applies to both the public and private sectors. However, dealing with government officials poses a particularly high risk due to the strict rules and regulations that often apply to giving anything of value to a government official. Some government officials are easy to identify, but others may not be. Government officials can include:

● Employees at government facilities

● Elected officials

● Law enforcement officers

● Customs officials

● Inspectors

● Military personnel and support teams

● Public utility employees

● Employees of state-owned or controlled entities, such as some oil firms, universities and media companies

Ensure all gifts, meals, services and entertainment we give or receive are infrequent and not excessive in value

Refuse to give or accept certain cash equivalents (e.g., shares, gift cards, gift certificates or honorariums) that exceed $100.00 (USD) unless approved by your manager, Human Resources or the Enterprise Compliance team

Refuse to give or accept cash gifts

Do not give or accept anything of value if it would appear to improperly obligate someone to act a certain way or if it would embarrass either party if made public

Know that when a government official is involved, we may not offer or accept gifts, meals, services or entertainment without prior approval from the Enterprise Compliance team

Will in no case connect an item of value, including gifts and travel, to an official act by a government official

Know the relevant gift policies that govern our businesses (and remember some may have more restrictive policies) and the policies of anyone who might receive a gift from us and ensure that those policies are not violated

Understand that in some countries, it would be offensive to return or refuse a gift and that in such situations, we may accept the gift on behalf of Thomson Reuters and consult our manager about how the gift should be treated

Comply with applicable laws and regulations wherever we do business

Determining what is “not excessive in value” requires your good faith judgment. It may change depending on the situation.

Acceptable gifts and entertainment generally
include:

Unacceptable gifts and entertainment generally include:

● Promotional items with company logos

● Meals and entertainment of modest value when business is being conducted

● Routine tickets to a local sporting or cultural event

● Gifts of nominal value that are customarily given on national holidays

● Prizes randomly given or received through raffles, contests or industry events

● Cash or certain cash equivalents

● Luxury goods

● Events, trips or meals where there is no clear business purpose being conducted

● Anything of value given to or received from a government official

What is the intention behind the gift? For example, does either party expect something in return, such as an advantage or a favor?

Do you feel uncomfortable or embarrassed if anyone else found out about it?

Is the gift being given outside of the workplace so others will not know about it?

Does the recipient have a policy that would prohibit it?

Is the gift supported by documentation?

Does it feel right? Or does something feel off?

 Connecting the dots

Q  We engaged a local agent with good connections to help us secure a government contract. He wants to give a bottle of expensive liquor to the government official who signed off on the contract and insists that it’s customary to do so. Could we get in trouble for that?

A  Yes, Thomson Reuters can be held responsible for the actions of the agents we hire. You must tell the agent from the start not to give gifts to a public official. More importantly, before engaging such a person, it’s important to conduct due diligence on the agent and get a contractual assurance that no improper payments will be made on behalf of Thomson Reuters.

Understand our individual roles when doing business in various parts of the world and with potential customers and business partners, including understanding which trade laws apply to our business activities and business partners

Remain aware of embargoed countries and global sanctions requirements (see Trade Controls and Sanctions on the Intranet)

Conduct due diligence on customers, prospective customers, and other business partners.

Screen customers, prospective customers, and other business partners, on a recurring basis, against sanctions lists, including those of the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) (and lists maintained by other countries, using leading tools and technology

Do not conduct unauthorized business with a sanctioned organization or individual

Know the requirements and procedures for products or services we are exporting

 Connecting the dots

Q  Recently, one of my customers asked whether some employees in their organization who work in a sanctioned country could subscribe to one of our online software products. Can we add them as subscribers since we wouldn’t be exporting a physical product?

A  Most likely not. Export controls cover software as well as hardware and equipment. It also appears your customer may be representing individuals or entities from that sanctioned country Seek Help before taking any action.

Emphasize the importance of knowing and understanding whom we deal with (“know your customer”), remain alert for possible instances of money laundering and immediately notify the Enterprise Compliance team of any suspicious activity (without informing the third party in question). Suspicious activity by customers or prospects may include:

Reluctance to provide basic information or documentation or providing false information or documentation

Using shell companies (companies without a business purpose) or complex or unusual structures, particularly within multiple high-risk jurisdictions

Requesting Thomson Reuters to provide them secrecy

Recognize that our regulated entities have enhanced obligations and those of us working in or on behalf of those businesses must make sure we understand and comply with these obligations.

That Thomson Reuters use of data and AI are informed by our Trust Principles.

That Thomson Reuters will strive to partner with individuals and organizations who share similar ethical approaches to our own regarding the use of data, content, and AI.

That Thomson Reuters will prioritize security and privacy in our use of data and throughout the design, development and deployment of our data and AI products and services.

That Thomson Reuters will strive to maintain meaningful human involvement, and design, develop and deploy AI products and services and use data in a manner that treats people fairly.

That Thomson Reuters aims to use data and to design, develop and deploy AI products and services that are reliable, consistent and empower socially responsible decisions.

That Thomson Reuters will implement and maintain appropriate accountability measures for our use of data and our AI products and services.

That Thomson Reuters will implement practices intended to make the use of data and AI in our products and services understandable.

Thomson Reuters will use employee data to ensure a safe and inclusive work environment and to ensure employee compliance with regulations and company policies.

When designing, developing, deploying or using AI solutions, it is your responsibility to follow our AI principles, policies, and guidelines.

For more information, visit Data and Model Governance, Data & Model Governance Policies & Standards and All Things AI on the Intranet.

Reuters

Reuters uses AI in several ways to improve its news reporting and delivery.

AI Guidance for Reuters Journalists

AI Journalism Handbook entry

AI @ Reuters on the Intranet

Agree, to the extent permitted by law, that Thomson Reuters owns all intellectual property (and related rights) that we create during the course of our employment, whether we create them in the office, at home or elsewhere, if they are related to company business or created with company resources

Waive or assign to Thomson Reuters all moral rights we may have under applicable law to intellectual property that we create as employees

Promptly disclose any methods, systems, processes, designs, ideas or other patentable works we create as employees so the company can take steps to protect them

Ensure that any methods, systems, processes, designs, ideas or other patentable works we create as employees are not disclosed to third parties prior the company taking steps to protect them

Report any unauthorized use of company copyrighted works, patents, trademarks or other intellectual property of which we become aware to the General Counsel’s Office

Put copyright notices on all Thomson Reuters materials, information, services or other products intended for public distribution

 Connecting the dots

Q  My team would like to use information held in a public database for an upcoming project. Is this allowed under Thomson Reuters policy?

A  Even if it appears to be accessible by the public, some information still may be subject to intellectual property protection. Contact the General Counsel’s Office for guidance.

What are moral rights?

Moral rights are rights relating to intellectual property, and they include the right to be recognized as the creator and the right to the integrity of any works created. The waiver or assignment in this Code is designed to ensure that Thomson Reuters can take any action concerning works created by you during your employment with Thomson Reuters.

●   When necessary, get written permission to use or copy a third party’s copyrights, patents, trademarks or other intellectual property, obtain licenses or, if the circumstances require it, purchase the intellectual property outright

●   Ensure licensing agreements permit copying or distribution where necessary and do not impair the company’s rights before we copy or distribute third- party content, data, software or technologies

●   Ensure intellectual property belongs to and is assigned to Thomson Reuters when it is created for us by third parties or contractors, where allowable by law

●   Check with the General Counsel’s Office if we are in doubt about any intellectual property question

What is intellectual property?

Examples include:

● The Thomson Reuters name and brand names that we use

● Copyrights, patents, service marks

● Trade secrets

● Innovations

● Software

● Processes

● Designs

● Ideas

● Images

● Data

 Connecting the dots

 Q   I was driving home from work the other day and came up with an idea to improve one of our products. Does it ultimately belong to me or to Thomson Reuters?

 A   This idea is the intellectual property of Thomson Reuters, as it likely was the result of knowledge, resources and opportunities obtained through your employment with the company. If you think it’s a viable idea, you should share it with your manager.

●   Understand and follow all applicable laws and regulations before engaging in competitive intelligence gathering

●   Do not distribute data or other sensitive information about a competitor if it was received or accessed in circumstances that may breach any of our Competitive Intelligence Guidelines

Never misrepresent our personal or company identity to gain access to a competitor’s product or service

Do not breach contract terms or encourage third parties to do so in order to help Thomson Reuters obtain competitive intelligence

 Connecting the dots

 Q I recently joined Thomson Reuters from a competitor, and I have knowledge about some of this competitor’s processes. Some of this information is confidential, and some, I believe, is not. What can I use in my work or share with my Thomson Reuters colleagues?

 A You must not keep or share documents — in any format — related to the competitor’s business that you possessed as an employee of that competitor. Even in the case of information you simply remember, if the information is confidential, you have a personal legal obligation to your former employer to protect it from disclosure, just as you would with Thomson Reuters confidential information if you left the company for a competitor. Sharing such information with Thomson Reuters could also put you and us at risk legally. For the information you recall that you believe is not confidential, it is best to contact the Enterprise Compliance team before revealing it to anyone.

Strictly Confidential and Confidential information includes some of our most valuable assets, such as the following examples:

●   Trade secrets

●   Pricing information

●   Nonpublic financial information and customer information

●   Legal documents and privileged communications

●   Information about our IT systems and infrastructure

Reuters journalists

should follow the policies and requirements of the Handbook of Journalism and seek guidance from their manager or the General Counsel’s Office.

Handbook of Journalism on the Intranet

●   Customer and product information, including contact details, subscription lists and contracts

●   Business plans and outlooks, including mergers, acquisitions or divestitures

Important information security practices

 There are many ways to protect data effectively. For example:

● Remember that public instant messaging services including, but not limited to, WhatsApp and Signal are unapproved for conducting TR business

● Put sensitive documents in locked files or drawers

● Use shredders or secure shred bins when discarding confidential information

● Use password protection on computers, other devices and sensitive documents

● Use encryption when storing and transmitting confidential information

● Take care when accessing information in areas where members of the public or other unauthorized persons, including other colleagues, might see it

● Securely back up devices on a regular basis

● Use caution when connecting to public Wi-Fi and utilize a virtual private network (VPN)

Report damaged or lost laptops and other devices, security incidents and personal data breaches immediately to security@thomsonreuters.com

Reporting data breaches

Any time we know or suspect that a breach of data security has occurred, whether accidental or intentional, we must report it immediately to security@thomsonreuters.com. Doing so promptly can mitigate the effects of the breach and help us take the right actions quickly to manage the incident, secure the data and reduce the risk of future breaches.

Understand privacy and data protection laws relevant to their role

Adhere to internal privacy and information security policies

Classify data correctly and handle it accordingly

Use company-approved information storage devices

Comply with our Privacy Statement, Internal Privacy Policy, and all applicable laws when managing personal data

Obtain authorization before sharing any confidential or personal information

Protect Thomson Reuters confidential information even after we leave the company

 Connecting the dots

 Q A customer recently told me he doesn’t want to receive marketing e-mails from Thomson Reuters. What should I do?

 A Immediately contact the Enterprise Compliance & Privacy Office. Privacy laws granting individuals the right to opt-out of or unsubscribe from marketing emails may give us a short timeframe in which to honor those requests.

 Q I received a request from an individual seeking access to the personal data we hold about them and asking us to delete/correct/complete that data. What should I do?

 A Immediately contact the Enterprise Compliance & Privacy Office. Privacy laws granting individuals certain rights over their personal data may give us a short timeframe in which to honor those requests.

Do not trade in or encourage another person to trade in Thomson Reuters securities or securities of other public companies while in possession of material nonpublic information

Do not engage in “tipping” — the disclosure of material nonpublic information about Thomson Reuters or other public companies to other people, such as relatives or friends, who may trade on the basis of the information or disclose it to others

Insiders

We have designated certain people as “Thomson Reuters Insiders” because of their position, managerial responsibilities, or access or potential access to material nonpublic information about the company. Thomson Reuters Insiders are subject to additional restrictions related to trading in securities of our company.

Inside information

Whether information is “material” and “nonpublic” depends on the facts and circumstances. Information is material if it would, if generally available, reasonably be expected to result in a significant change in, or have a significant effect on, the market price or value of any securities. Information also is material if it would have a significant influence on a reasonable investor’s investment decisions. Information is nonpublic if it is not generally known or available to the public through an official company communication, such as a press release, website posting, securities filing or distribution to shareholders or through widely reported media coverage. Examples of material nonpublic information may include:

● Earnings results and any future financial forecasts or outlooks that have not been publicly disclosed

● Significant changes in business operations or strategies

● Significant potential acquisitions or sales

● Cybersecurity or other technology-related risks and incidents, including vulnerabilities and breaches

● Gains or losses of major suppliers or customers

● Introductions or launches of new, significant products or services

● Changes in senior management or our Board of Directors

● Actual or threatened significant lawsuits or material government or regulatory investigation

●   Limit personal use of e-mail, the internet and phones

●   When sending e-mail or opening attachments, follow the process of “think before you click”

●   Do not access, download or send material that is offensive, harassing, explicit or otherwise inappropriate for work

●   Never use, download or redistribute personal, unauthorized or copyrighted software on work devices

●   Never share user IDs, passwords, access details, software, services or authentication devices (e.g., SecureID tokens) that are intended for individual use to gain access to a system

●   You must only use Thomson Reuters authorized collaboration tools and devices for official Thomson Reuters business

Monitoring and recording

Where permitted by applicable law, Thomson Reuters reserves the right to monitor and record your use of information, communications, technology or infrastructure owned or supplied by Thomson Reuters.

●   Third party instant messaging solutions such as WhatsApp and Signal are unapproved for Thomson Reuters business purposes

●   Respect company security controls and access information only within our authorized level

●   Never use personal devices to store or access company data

●   Never share data classified as Strictly Confidential, Confidential or Internal Use with 3rd parties

●   Avoid careless, exaggerated or inaccurate statements that could be easily misunderstood or used against Thomson Reuters in legal proceedings

We recognize some guidelines may run counter to specific job duties performed by some of you. To request a business exception to any of these policies or guidelines, contact the TR Global Service Desk for instructions

Report any suspected breaches or incidents to security@thomsonreuters.com

 Connecting the dots

Q  Can I use my company e-mail address to send personal e-mails to my friends?

A  Yes, as long as you limit this practice, follow our guidelines about dangerous, illegal and inappropriate material, and do not let it interfere with your work. It’s important to remember when discussing personal matters on company systems that any message you send or receive through company communications systems and devices — including e-mails, social media posts, and text or SMS messages — may be the property of Thomson Reuters and may be accessed by the company.

Access company systems or information only when we are authorized and enabled to do so

Never use company assets for illegal activities

Limit personal use of company assets to when it does not interfere with our work and does not violate this Code

Prevent improper third-party use of company property

Immediately report any loss, theft, misuse, damage or waste

Stop using all Thomson Reuters assets in our possession or that we have access to and return them if we leave the company

Take personal responsibility for ensuring all transactions, books, and records — including time sheets, sales records and expense reports — are complete, accurate, documented and recorded in a timely manner

Never falsify or distort the facts of any transaction, or keep unrecorded, undisclosed or off- the-books records

Exercise reasonable diligence when approving transactions and expenditures or signing documents

Understand the importance of internal controls and consistently comply with them

Provide full, fair, accurate, timely and understandable disclosures in public communications and in reports or documents that we file with, or submit to, securities regulatory authorities and stock exchanges

Pay business-related expenses with company funds only if we have authorization from our manager

Prepare disclosures in accordance with Thomson Reuters disclosure controls and procedures and other internal policies

 Connecting the dots

 Q  A contractor has asked us to make a payment to a company for his services instead of to him personally. We previously engaged the contractor in his own name. Is this permissible?

 A  No. Payments to vendors and contractors must be supported by appropriate documentation. They also must be accurate and complete, which includes making payments to the same person or company that we engaged.

Reportable fraud

Report any other types of fraud or dishonest activity that you have seen or suspect, including:

● Questionable transactions with customers, agents, vendors or other consultants

● Forgeries or other alterations of documents

● Billings that are higher or lower than agreed-upon prices for products or services

● Payments made for any reason other than described in a contract

● Payments made through intermediaries that deviate from everyday business transactions

● Transfers or deposits in the bank account of an individual instead of the company we contracted with

● Embezzlement, theft or misappropriation of company or customer assets

● Verbal arrangements with customers or unauthorized written agreements that are outside of an official contract

● Any activity intended to unfairly influence commission payments

Reportable auditing and accounting issues

Promptly report complaints or concerns involving:

● Fraud or deliberate errors in preparation, maintenance, or review of any Thomson Reuters financial statement or
record

● Deficiencies or noncompliance with internal accounting controls

● Misrepresentation or false statements to or by a senior officer or accountant regarding financial audits or records

● Deviations from full and fair reporting of the company’s financial condition

●   Consistently organize our filing, storage and retrieval of electronic and physical recorded information

●   Use the proper storage method specified by legal, fiscal, regulatory or operational requirements

●   Protect records from loss, damage or deletion

●   Retain all records related to any pending or threatened litigation or government investigation until otherwise directed by the General Counsel’s Office

What is a record?

A record is any recorded information (electronic or physical) made or received and retained by an organization in pursuance of legal obligations or value to the government or in the transaction of business.

●   Dispose of all records (electronic and physical) according to retention and disposal schedules

Connecting the dots

Q  How long do I need to retain emails and other messaging?

A  If an email is not part of a business record and has served its business purpose and there is no legal or regulatory obligation to retain it, it should be deleted. If an email is part of a business record or there is a legal or regulatory obligation to retain it, you should remove it from your personal work email account and store it in an appropriate manner for future reference by the company (e.g., in a cloud folder related to the record). If you are subject to a “legal hold,” you should always retain emails until you’ve been notified by the General Counsel’s Office that the hold has ended.

●   Consult the Procurement department (Global Services) for third-party vendor or supplier contracts and follow Procurement policies

●   Ensure that any contract or proposal is carefully reviewed and properly authorized and executed by the appropriate signatories and legal entities

●   Do not provide or agree to unapproved non-standard terms or unauthorized “side letters” to customers or business partners

●   Ensure complete, accurate documentation of contracts, related orders and customer status in applications to process customer accounts

Government contracting

Government contracting laws and regulations can be complex and are often subject to change. The Thomson Reuters Government Contract Compliance Policy provides guidance on contracting with governments. For guidance specific to your location, consult the General Counsel’s Office to verify that you are complying with applicable laws, policies and standards.

●   Follow the rules that govern public procurement when providing products and services to governments and ensure compliance with the Government Contract Compliance Policy

Connecting the dots

Q  I received a vendor invoice for an amount that exceeds my authority limit. Can I split the amount into two separate payments that I am authorized to approve?

A  No. Splitting an invoice into separate payments in order to meet an authorization level is considered a circumvention of our internal controls. If the vendor payment amount exceeds your authorization level, the next-level approver in your management chain must approve the payment.

Unauthorized side letters

Unauthorized side letters are undisclosed, unapproved letters, e-mails, notes or oral agreements that vary contract terms. They may bind us to something we cannot deliver or expose us to unwanted liability They can include:

● Early outs, or the ability for the customer to terminate before the contract expires

● Guarantees that the customer will achieve certain milestones

● Statements that directly contradict parts of the contract, including payment terms

● Commitments for products or services Thomson Reuters is unable or unwilling to provide or perform

● Offers of free or discounted products or services

Handle requests from media, shareholders, financial analysts and government authorities

Disclose information according to the requirements of securities regulatory authorities and stock exchanges

Ensure that the information disclosed is accurate and is appropriate to be communicated publicly

Are transparent and, if writing about Thomson Reuters or its products, services or industry, always disclose that we are employees, whether talking on behalf of the company or in a personal capacity;

If writing personally and there is any risk of confusion, however slight, make it clear that the views expressed are personal and not the company’s views;

Unless authorized by the company to do so, do not reveal confidential data or sensitive information about the company or its customers, vendors or suppliers

Are careful to not discuss company trade secrets, contracting, upcoming product releases or any other proprietary information

Act sensibly and follow the Social Media Guidelines if posting about fellow employees, customers, vendors, suppliers or partner organizations

Do not create Thomson Reuters–branded social media channels without Digital Oversight Committee approval;

Make sure the time and effort we spend independently on social media do not interfere with our job duties

Are mindful of what is posted, even when it’s not related to Thomson Reuters

 Connecting the dots

 Q  I saw an article online that had incorrect claims about a Thomson Reuters service. Can I correct it in a comment on the article if I make it clear that I’m speaking as myself and not as an official company spokesperson?

 A  Please refer this situation to the Communications department so they can properly investigate the issue and address it if needed. In general, you should avoid posting any information about Thomson Reuters products, stock, strategies, customers or competitors, even if you’re trying to clear up confusion or false claims. This is managed by our company’s communications specialists.

 Q  I am active on social media and have several different accounts. Sometimes I want to post content that overlaps with the interests of Thomson Reuters. Am I allowed to?

 A  Before posting such content, it is important to make sure that it doesn’t reveal confidential or nonpublic information about the company, our customers, our colleagues or other people or companies that we do business with. You shouldn’t cite or reference customers or business associates without their approval. Also, if you are commenting on products and services we sell or those sold or offered by our competitors, you should be mindful of the Trust Principles and make it clear that you are employed by the company. In any event, you should make it clear that any opinions are your own and not those of Thomson Reuters. See the Social Media Guidelines, and if in doubt, talk to your manager or Corporate Communications first.

Comply with local labor laws and practices and maintain our own high ethical standards of worker treatment

Do not condone or use forced or child labor or engage in human trafficking or slavery

Do not condone human rights violations

Engage workers on the basis of recognized employment or independent contractor relationships in accordance with local law

Provide clear information about wages and benefits to workers before they’re hired

Ensure wages and benefits comply with applicable laws

Respect workers’ rights to associate freely, join or form unions or works councils and bargain collectively in accordance with local law

Work with high-quality suppliers and other partners that have committed to operating under ethical standards equivalent to our own

Perform due diligence on third-party suppliers, partners and other third parties acting on our behalf

Include renewable energy, pollution control and sustainability among the factors in our process of choosing suppliers

Seek a supply chain that reflects our employee base, customers and partners around the world

Make prospective and current suppliers aware of our Supply Chain Ethical Code and seek their commitment in following it

Comply with all applicable environmental laws and regulations, meeting or exceeding their requirements

Know and follow all company policies and procedures aimed at ensuring environmental safety and resource efficiency

Understand the potential dangers and safe practices of any hazardous and/or regulated materials before allowing them into our workplaces

Seek opportunities to support conservation and recycling in our workplaces

Take responsibility as individuals to find new ways to make our workplaces more sustainable

For more information on our sustainability efforts, please see the Social Impact Report

Listen to the concerns of community members and work together on solutions

Connect Thomson Reuters employees to vetted and approved charitable causes for philanthropic opportunities

Offer all regular employees paid time off for volunteering consistent with regional or other policies that govern volunteering

Ensure all in-kind donations, such as equipment and products, are approved by our Tax and Finance departments

Offer a Corporate Matching program that matches employees’ qualifying personal charitable donations to vetted and approved causes

Offer a Volunteer Rewards program to employees who volunteer 20+ hours per year with vetted and approved causes

Donate on behalf of Thomson Reuters only to charitable causes and organizations that have been approved in My Giving and adhere to our Program Guidelines

Never makes contributions to any political cause as a company

Never requires any employee to contribute to, support or oppose any cause

Does not express a preference for or support, directly or indirectly, any political cause or take sides in international conflicts or disputes

Is careful not to align Thomson Reuters or its businesses with any political cause or with a particular side in any dispute

Obtains prior approval from the Enterprise Compliance team before taking an external position on advocacy — for example, joining a business consortium on a particular initiative

Notify the Enterprise Compliance team about plans to run for office and excuse ourselves from any political matters involving Thomson Reuters

Do not pressure or influence co-workers, customers or business partners whom we know through our job at Thomson Reuters in ways related to our own personal political activity

Do not reimburse employees or increase compensation to make up for personal political contributions

●   Abide by laws and regulations in those states and countries that limit political contributions by employees or their family members

Supplemental policies

Be aware that some of us in certain jobs may have supplemental policies regarding lobbying and personal political activity.

●   Take special care to make it clear that our political activities and expressed political views are personal and not those of Thomson Reuters — especially if our business works with a governmental entity

TR.com: https://ir.thomsonreuters.com/corporate- governance/code-conduct

TR Intranet: https://trten.sharepoint.com/sites/intr-code-of-business-conduct-and-ethics

Ethics Hotline

Webform:

Security Operations Center (SOC) for Security Emergencies

TR Intranet:

https://trten.sharepoint.com/sites/intr-business-conduct-and-ethics-hotline

SecurityOps@thomsonreuters.com

+1 651 848 8835

https://thomsonreuters.ethicspointvp.com/custo m/thomsonreuters/en/sec/

General Counsel’s Office - Legal Front Door

Enterprise Compliance

echelp@thomsonreuters.com

TR Global Service Desk

https://thomsonreuters.service- now.com/sp/?id=index

Information Security Risk Management (ISRM)