Welcome To American Express - Kiara Cuter

DocuSign Envelope ID: 5CDE7E48-9D79-47A8-9898-9F24EFA75DD0
June 30, 2022 PERSONAL & CONFIDENTIAL
Kiara Cuter
550 Fifty Rd
Stoney Creek, Ontario
L8E 5T5
Dear Kiara,
I am pleased to offer you fixed-term employment with Amex Bank of Canada (“Amex Canada”)
on the following terms and conditions:
1. Title: You will be employed in the position of Marketing Intern reporting to me or my

delegate.
2. Location: You will report to work at our Toronto office although business travel may
be necessary to meet the requirements of your job. We reserve the right to direct you to
work from home from time to time.
Currently, the Company requires that colleagues be fully vaccinated against COVID-19 in
order to work in or visit any of our offices and to conduct in-person business, subject to
legally required exemptions. On your start date, you are not to report into our office and
must complete the Vaccination Status Form and COVID-19 Canada Employee
Acknowledgement through the Return to Office App or the Web Portal. You will only be
permitted onsite once your fully vaccinated status has been confirmed by the Amex
Medical Team. Additional details will be provided prior to your start date.
3. Start Date: This fixed-term contract is effective from September 6th 2022 and your
employment will automatically terminate on December 23rd, 2022 (the “Termination
Date”), unless terminated earlier in accordance with paragraph 7 below. You agree that
the Termination Date constitutes notice of termination and you are therefore not entitled
to any termination pay when your employment automatically ends.
4. Compensation: Your gross annual salary for this position will be $41,600.00 Employees
are paid bi-weekly on a Friday by Direct Deposit. All temporary employees are on a
retroactive pay cycle. Your first pay deposit will be based on hours worked from the
previous two weeks. As a temporary employee, you will not be eligible for paid sick time
and will not participate in any Amex Canada group benefit or retirement plans.
5. Hours of Work: Your work schedule shall be determined by your manager, although all
work schedules are subject to change from time to time without advance notice as
necessary to meet operational requirements. Amex Canada will comply with the overtime
provisions under the employment standards legislation applicable in your jurisdiction.
Employees who are eligible for overtime pay must comply strictly with the Amex Canada
overtime policy, which requires prior approval before working any overtime hours.
6. Vacation: Vacation pay in the amount of 4% of your wages will be included on each bi-
weekly pay deposit.
7. Early Termination: Your employment may be terminated without cause at any time
before the Termination Date by giving you notice in writing or pay in lieu of notice pursuant
to the employment standards legislation applicable in your jurisdiction (which, for
employees of Amex Bank of Canada, means Part III of the Canada Labour Code). If for
any reason your employment with Amex Canada continues after the Termination Date,
you agree that this paragraph 7 shall continue to form an essential term of your
employment with Amex Canada and under no circumstances will you be entitled to
reasonable notice of termination under common law. Your employment may be
terminated at any time for cause without advance notice.
8. Confidentiality: During your fixed-term employment with Amex Canada, you will have
access to confidential and proprietary information, whether in tangible or intangible form,
that may include, without limitation, information regarding products and services,
marketing strategies, business plans, cardholder or customer information (including their
identities, contact information, spending history, creditworthiness and other personal
information regarding cardholders and customers), employee personal information,
product concepts, designs, prototypes or specifications, research and development efforts,
technical data, financial information, internal procedures, techniques, forecasts, methods,
trade information, trade secrets, software programs, project requirements, inventions,
trademarks, trade names, and similar information regarding Amex Canada’s business
(collectively referred to herein as “Confidential Information”). You agree that all
Confidential Information and/or documents relating to the business of Amex Canada are
the property of Amex Canada, will be treated by you as confidential, and, except as
authorized in the course of your employment, will not be used or disclosed by you either
during your employment or anytime after your employment with Amex Canada ends for
any reason.
9. Return of Property: You agree that, when your employment with Amex Canada ends
for any reason, or if so requested by Amex Canada at any other time during the course of
your employment, you will immediately return in good condition all Amex Canada property
in your possession, whether on Amex Canada’s premises or not. Such property includes,
but is not limited to computers and computer-related equipment, security passes, keys
and any documentation, files, materials or any Confidential Information, regardless of the
format in which such confidential information is stored.
10. Work Product: All worldwide right, title and interest in and to any and all computer
programs, data, discoveries, ideas, inventions, know-how, research materials, trade-
secrets, patents, trade-marks, copyright and any other intellectual property (whether
registrable or not) produced, made, written, or designed by you, alone or jointly with
others, in the course of your employment with Amex Canada and in any way relating to
the business of Amex Canada (the “Intellectual Property”) shall vest in and be the
exclusive property of Amex Canada. You agree to co-operate in executing all necessary
deeds and documents and shall co-operate in all other such acts and things as Amex
Canada may reasonably require in order vest such Intellectual Property rights in the name
of Amex Canada. You hereby waive any and all author’s, moral, and proprietary rights
that you may in the future have in any such Intellectual Property
11. Amex Policies: All Amex policies that govern your employment are easily accessible
electronically and are located on the Company intranet referred to as the “Square”. Once
you have been given access, please take a moment to inform yourself.
The Canada policy centre can be located at:
https://square.americanexpress.com/community/policy-center
12. Safety and Security: For your safety and security, Amex Canada facilities have
controlled access to building or floor entries and will be equipped with security cameras,
which monitor open spaces such as hallways, stairwells, and parking facilities. We may
also monitor from a remote location, outside of your home country. For example, the
2225 Sheppard Avenue East, Toronto office of Amex Canada may be monitored from
American Express offices in Toronto, from Phoenix, Arizona, or elsewhere.
You are required to visibly wear your Amex Security Badge at all times while in any Amex
building. If you forget your badge you must report to and sign in at the Security office
for access.
13. Crisis Alert: As part of our commitment to keep our employees informed of any crisis
that may affect the workplace, Amex Canada has implemented a notification system called
Send Word Now (“SWN”). SWN is a notification system that we use to automatically send
alerts via text message and automated voicemail in a crisis situation. You can participate
in the program by simply providing your cell phone number upon hiring. If at any time
you wish to stop getting SWN personal mobile notifications, simply remove your cell phone
number in your myHR profile. You will be provided information on how to access myHR
shortly. For more information on SWN please see the enclosed SWN FAQ document.
14. Action Required:
For further information please see the attached:
 Code of Conduct Brochure

 Send Word Now FAQ
 Employee Data Privacy Principles
 Employee Consent Form
 Employment Standards Poster
 Amex Canada Accessibility Policy and Program
Upon successful completion of your Background Check you will be provided with the
following forms electronically that require completion prior to your start date:
 Direct Deposit Form

 Income Tax Deduction Forms
15. Conditional Offer: This offer is conditional upon:
o You signing and returning the attached Offer letter and Severance Agreement.
Please note that on your first day of employment you will be required to provide
documentation of your entitlement to work in Canada, i.e. valid Canadian passport,
Canadian citizenship, landed immigrant status or work permit. In addition, an
original Canadian photo ID will need to be provided to Security Services at time of
security badge issuance;
o Completion of satisfactory references, which could include a review of past

employment, education record, credit record and/or any record of criminal
convictions for which a pardon has not been granted. We strongly recommend
that you do not give notice of resignation to your current employer until such time
as we have advised you have satisfactorily met the criteria of the screening process
and that the offer is confirmed; and
o An attestation and valid proof of vaccination that you are fully vaccinated against
COVID-19, as defined by the vaccination series approved by Health Canada or if
permitted by the Company, the World Health Organization, and any applicable
waiting periods; and
16. Personal Information: Personal information that you provide to Amex Canada may be
transferred to and accessed by an affiliated company in the United States for purposes of
administering your employment relationship. For purposes of processing or administering
your employment relationship, Amex Canada may also transfer your personal information
to agents and contractors (such as payroll companies, insurance companies, information
technology consultants, etc.) that may provide services to Amex Canada from time to
time. Please review the American Express Data Privacy Principles for additional details.
17. Policies: You agree to comply with all Amex Canada policies and procedures in effect
and as may be amended from time to time.
18. Entire Agreement: This letter sets forth the entire agreement between you and Amex
Canada regarding the terms of your employment offer. You are not relying upon any
representations or promises that are not expressly included in this letter, nor have you
been induced by any representations whatsoever that have not been incorporated into
and made a part of this offer.
19. Statutory Compliance: All payments under this offer are subject to withholding for
income tax and applicable statutory or authorized deductions. American Express is an
equal opportunity employer and is committed to accessibility for its employees and
customers. If you have a disability and need accommodation in the workplace, please
see the Accommodation Policy on the Square or speak to your leader for more information.
If this offer is acceptable to you, please sign and return the attached copy of this letter indicating
your concurrence by no later than July 4th, 2022.
We may also accept an electronically transmitted copy of your signature or a digital signature or
other form of acceptance provided electronically and we may maintain only an electronic copy
(even of an originally signed letter) in our records and you agree that any such form of acceptance
and electronic copy of these terms and conditions is binding on you and enforceable.
May I take this opportunity to welcome you to Amex Canada and wish you the very best in your
career plans and partnership with us.
Sincerely,
June 30, 2022
Tanya Huang
Sr Analyst-Marketing
Consumer - Canada
cc: Electronic File
EMPLOYEE ACKNOWLEDGEMENT
I have read and understood this agreement and accept fixed-term employment with Amex Canada
in accordance with the above terms and conditions. I specifically confirm that I have read and
understand paragraph 7 above and agree that this contract does not guarantee that I will be
employed for any minimum term of employment.
Name Date
TO BE INCLUDED IN DOCUSIGN ENVELOPE ALONGSIDE JOB OFFER
Canada COVID-19 Vaccination Memo
The Company is committed to the highest standards of health and

safety by developing, implementing, and maintaining standards that
ensure a safe work environment. Currently, the Company requires that
colleagues be fully vaccinated against COVID-19 in order to work in or
visit any of our offices, to conduct any in-person business and to
participate in Company-sponsored events, subject to legally required
exemptions.
You will be expected to comply with the Amex Canada COVID-19
Vaccination Policy upon hire. On day one, you must complete the
vaccination status form via an American Express app or web portal
which will be made available to the Amex Medical Team, Colleague
Experience Group and appropriate leaders for the purpose of
administering the policy. If your role is designated as hybrid, onsite or
requires in-person meetings, you will be required to be fully vaccinated.
May 2018
MY COMPANY. MY CODE. 我的公司 • 我的守則

MEINE FIRMA. MEIN KODEX. MA SOCIÉTÉ.
MON CODE. MOЯ KOMПAНИЯ. MОЙ KОДEКC.
我的公司 • 我的守则 MITT FÖRETAG. MIN KOD.
บริษัทของฉัน.ระเบียบของฉัน.LA MIA AZIENDA.
IL MIO CODICE. MA COMPANIE. MON CODE.
MI COMPAÑÍA. MI CÓDIGO. MY COMPANY.
MY CODE. 我的公司 • 我的守則 MEINE FIRMA.
MEIN KODEX. MA SOCIÉTÉ. MON CODE. MOЯ
KOMПAНИЯ. MОЙ KОДEКC. 我的公司 • 我
的守则 MITT FÖRETAG. MIN KOD. บริษัทของฉัน.
ระเบียบของฉัน.MEINE FIRMA. MEIN KODEX.
MY COMPANY. MY CODE. 我的公司 • 我的守則
MI COMPAÑÍA. MI CÓDIGO. MA COMPANIE. MON
CODE. LA MIA AZIENDA. IL MIO CODICE.
INNOVATION | COLLABORATION | LEADERSHIP | RESPECT | DIVERSITY | OPPORTUNITY

STEVE J. SQUERI
CHAIRMAN AND CHIEF EXECUTIVE OFFICER
How we do our work is just as important as what we do. One of our Blue Box values is “we do what’s right” and I believe that is among the
things that makes us a great company – and charts a path to an even greater future.
To guide us, we rely on our Code of Conduct, which lays out how we conduct business at American Express. i
I expect everyone to know and follow the Code. No matter your level, where you’re located or what your role is, everyone in this company
has a voice. If a business practice doesn’t feel right, speak up. You can raise concerns to your leader, your human resources business
partner, a compliance officer or through the Amex Ethics Hotline. You can do so without fear of retaliation – we take that very seriously.
Do not allow anything to compromise your integrity – not financial targets, not competitive pressures and not even direct orders from
your leader.
Each time you take this Code of Conduct training, you renew that commitment. Know the Code. Understand it. Put it into practice every
day. Nothing could be more critical to your success and the continued success of American Express.
Thank you,
ii
AMERICAN
We’ve always been guided by strong WE WIN AS A TEAM.
principles, stood behind our promises and We view each other as colleagues – part
built our business around extraordinary of the same team, striving to deliver the
EXPRESS
service. Today, we know those principles brand promise to our customers and each
as our Blue Box Values. They’re the heart other every day. Individual performance
of our culture at Amex. is essential and valued, but never at the
BLUE BOX VALUES WE DELIVER FOR OUR

expense of the team.
CUSTOMERS. WE CARE ABOUT

We’re driven by our commitment to
deliver exceptional products, services and
COMMUNITIES.
We aim to make a difference in the
experiences to our customers. We value
communities where we work and live.
our strong customer relationships, and are
Our commitment to corporate social
defined by how well we take care of them.
responsibility makes an impact by
strengthening our connections.
WE MAKE IT GREAT.
We deliver an unparalleled standard of
excellence in everything we do, staying
focused on the biggest opportunities to
be meaningful to our customers. From
our innovative products to our world-class
customer service, our customers expect
the best — and our teams are proud to
deliver it
iii
WE DO WHAT’S RIGHT.
Customers choose us because they trust
our brand and people. We earn that trust
by ensuring everything we do is reliable,
consistent, and with the highest level of
integrity.
WE RESPECT PEOPLE.
We are a diverse and inclusive company,
and serve diverse customers. We believe
we are a better company when each of us
feels included, valued, and able to trust
colleagues who respect each of us for
who we are and what we contribute to our
collective success.
WE NEED DIFFERENT VIEWS.

By being open to different ideas from
our colleagues, customers and the world
around us, we will find more ways to win.
02
iv
American Express driver and wagon (New York, ca. 1885)

Protection of Property and Information.......................................... 21

Physical Property................................................................. 21
Intellectual Property............................................................ 21
TABLE OF Confidential Information and Trade Secrets..................... 21
CONTENTS
Third-Party Property and Information.............................. 23
Privacy.................................................................................. 24
Communicating with the Public about
American Express................................................................ 25
Operating in an Open Network Environment................... 26
Export of Encryption Items................................................ 29
Insider Trading........................................................................... 30
LETTER FROM THE CEO..................................................................i
Other Trading in American Express Securities................. 31
AMERICAN EXPRESS BLUE BOX VALUES..............................iii Disclosure of Nonpublic Information and Tipping............ 31
Communicating with Securities Market
INTRODUCTION.................................................................................1
Professionals and Shareholders........................................ 32
Our Shared Responsibilities........................................................2
Our Leaders’ Responsibilities......................................................2 OUR COMMITMENT TO OUR CUSTOMERS
Disciplinary Action........................................................................2 AND BUSINESS PARTNERS.......................................................34
WHERE TO SEEK HELP AND REPORT CONCERNS............. 4 Sales and Advertising................................................................ 34
Making Reports.............................................................................5 Gifts and Entertainment........................................................... 35
Non-Retaliation.............................................................................5 Antitrust and Fair Competition.................................................37
Training, Confirmation & Code of Conduct Disclosures..........5 Contacts with Competitors.................................................37 6

v
02
Competitor Information...................................................... 38
OUR COMMITMENT TO EACH OTHER..................................... 8 Contacts with Customers and Vendors............................ 39
Treatment of Employees and Others.........................................8 Communications................................................................. 39
Diversity and Equal Employment Opportunity..........................8
Freedom from Harassment..........................................................9 OUR COMMITMENT TO OUR COMMUNITIES......................42
Workplace Safety and Health....................................................10 Money Laundering and Terrorist Financing............................ 42
Drugs and Alcohol................................................................10 Anti-Corruption.......................................................................... 44
Violence..................................................................................11 Improper Payments............................................................. 44

Expediting Payments.......................................................... 45
OUR COMMITMENT TO OUR SHAREHOLDERS..................14 Environment............................................................................... 46
Conflicts of Interest....................................................................14 Political Activities...................................................................... 46
Outside Positions................................................................. 15 Personal Political Activities................................................ 46
Employment of Relatives.....................................................16 American Express Political Activities.................................47
Business Opportunities....................................................... 17 Charitable Contributions...........................................................47
Outside Investments............................................................ 17 Modern Slavery and Human Trafficking...................................47
Books and Records.....................................................................18
Financial Statements and Accounts..................................19 CLOSING NOTES............................................................................50
Maintenance of Documents............................................... 20 WHERE TO SEEK HELP AND REPORT CONCERNS............51
Relationships with Auditors and Government
Investigators or Regulators................................................ 20 CONTACTING THE AMEX ETHICS HOTLINE........................52
INTRODUCTION
American Express Company’s reputation is a priceless asset. Built over 160

years, it leads our customers and business partners to do business with us,
our shareholders to invest in us, and the best talent to join us in working
for American Express (“our Company”). By following the high standards of
business ethics set forth in the Code of Conduct (“Code”), we each protect and
maintain this reputation. We must uphold these standards in all of our dealings
with each other and our stakeholders—including our customers, shareholders,
vendors, other business partners and government regulators.
1 Throughout the Code, you’ll find references to important Company policies.

These policies are available on the Policy Center home page on The Square.
In addition, individual business units issue policies that provide more specific
guidance about certain business practices. If you need help finding or
understanding a policy, please speak with your leader, your Compliance Officer
or the General Counsel’s Organization.
No waivers or exceptions to the Code will be made under any circumstances for
American Express employees. Third parties can request waivers on a case by
case basis.
OUR SHARED RESPONSIBILITIES Officer or anyone listed in the “Where to in or tolerate retaliatory acts made
The Code applies to all American Express Seek Help and Report Concerns” section against anyone working on American
employees. We are all expected to of the Code. Express’ behalf, and are expected to
read, understand and comply with the clearly communicate to their teams our
Code and all Company policies. We also Company’s “no retaliation” policy.
OUR LEADERS’ RESPONSIBILITIES
must conduct business in accordance
Leaders are expected to serve as ethical
with all applicable laws and regulations
role models for all employees DISCIPLINARY ACTION
at all times. If we find ourselves in a
by exemplifying the Blue Box Values To maintain the highest standards of
situation where customary conduct is
at all times. They must also integrity, we must dedicate ourselves
at odds with the Code, Company policy
communicate the importance of the to complying with our Code, Company
or applicable laws or regulations, we
Code and ethical conduct. policies and procedures, and applicable
must comply with the more stringent
laws and regulations. Individuals who
standard. If you’re unsure which rule to Leaders must strive to create a positive fail to do so will be subject to disciplinary
follow, seek guidance from your leader, work environment in which employees feel action that may include termination. The
your Compliance Officer or the General comfortable asking for help and raising extent of any disciplinary measures will
Counsel’s Organization. concerns about compliance with the depend on the circumstances of the
Code. Leaders must also be alert to any
If you know about or suspect a violation violation. All discipline will be applied in a 2
situations or actions that may violate the manner consistent with our Company’s
of the Code, Company policy or an
letter or spirit of the Code or Company policies and practices, as well as the
applicable law or regulation, you owe it
policy, or may damage our Company’s law. In addition, applicable regulatory
to your colleagues and our Company
reputation. It is important that they authorities may impose fines and criminal
to promptly report your concerns to
take immediate action to address such or civil penalties on at-fault individuals.
your leader, your Compliance Officer or
situations. When leaders receive reports
anyone listed in the “Where to Seek Help
of a situation that is unethical or potentially Anyone who retaliates against a person
and Report Concerns” (page 4) section
damaging to our Company’s reputation, as a result of their making a good faith
of the Code.
or suspect that one exists, they must report or participating in an investigation
Our vendors and other business promptly notify their Compliance Officer will be subject to disciplinary action that
partners are also expected to uphold our and work to resolve the issue. Resolution may include termination.
Company’s ethical standards and the of the issue may also involve consultation
Blue Box Values. If you know or suspect with the appropriate subject matter expert.
that a vendor or other business partner
Leaders who know about, or should
is violating these high ethical standards
know about, misconduct and do
or applicable laws or regulations, you
not act promptly to report to their
owe it to your colleagues and our
Compliance Officer and correct the
Company to promptly report the
situation will be subject to disciplinary
situation to your leader, your Compliance
action. Leaders must never engage
3
WHERE TO
SEEK HELP AND REPORT CONCERNS
At times, we may encounter situations in which the right choice is not perfectly clear.
If you need to ask for help or voice a concern, your leader is likely the best person to
speak to because he or she knows your business unit and your situation. However,
you are always encouraged to contact any of the following resources to seek
guidance or report your concerns:
• Your business unit’s • Your business unit’s Controller

Compliance Officer • The General Counsel’s Organization
• Your business unit’s Human Resources (GCO)
representative and/or the Employee
4
• The Corporate Secretary
Relations Group (ERG)
• Internal Audit
You will find the contact information for these resources at the end of the Code. See
“Where to Seek Help and Report Concerns.”
If you prefer, you may make an anonymous (where legally permissible) or confidential
report with the Amex Ethics Hotline. You will find the Amex Ethics Hotline contact
numbers and website at Amex.ethicspoint.com.
WHERE TO
MAKING REPORTS
If you have reason to believe that any American Express employee, or anyone working
on our Company’s behalf, may have engaged in legal or unethical misconduct, you have
a duty to your colleagues and our Company to promptly report your concerns. Doing so
helps our Company to address issues and prevent future misconduct.
If you think that you may have engaged in misconduct, you should promptly report your
concerns. The Company will consider the fact that you have reported your concerns
when determining any appropriate disciplinary action.
Reports of misconduct will be treated confidentially, to the extent allowed by local law. All
5 reports will be investigated promptly and thoroughly by the appropriate parties. You are
expected to participate, when asked, in any investigations of misconduct.
If the persons to whom you report a violation are not responsive, then you should
contact the General Counsel’s Organization, Compliance, Internal Audit or the
Amex Ethics Hotline.
NON-RETALIATION
No one who suspects a violation and reports it in good faith will be subject to retaliation
for making such a report. “Good faith” means you’ve provided all the information
you have and believe it to be true. In addition, you will not face retaliation due to your
participation in an investigation of a report. Our Whistleblower Claims Policy describes
the actions our Company takes to make sure those of us who report violations or
participate in investigations are treated fairly.
TRAINING, CONFIRMATION AND CODE OF CONDUCT DISCLOSURES

We are each required to confirm, either in writing or electronically, that we have read
and understood our Code, and that we will comply with it. This confirmation is required
of all employees. You are required to update your Code of Conduct disclosures at any
time, when changes to your personal circumstances occur. For questions or specific
instructions regarding disclosures please contact codeofconductsupport@aexp.com.
6
7
OUR COMMITMENT
TO EACH OTHER
BLUE BOX VALUES TREATMENT OF EMPLOYEES AND OTHERS

We must treat each other and anyone we interact with on behalf
of our Company with respect and dignity.
WE RESPECT PEOPLE.
We are a diverse and inclusive Treating everyone in the workplace with respect is a Company value that applies to
company, and serve diverse
each of us. We are expected to treat all of our colleagues, including non-employees
customers. We believe we are a
with whom we work, with fairness and dignity.
better company when each of us
feels included, valued, and able to
trust colleagues who respect each DIVERSITY AND EQUAL EMPLOYMENT OPPORTUNITY
of us for who we are and what we We must support our Company’s commitment to diversity and
contribute to our collective success. equal employment opportunity.
8
WE WIN AS A TEAM. American Express seeks to develop and retain a diverse workforce. Our Company
We view each other as colleagues
recognizes that a mix of backgrounds, opinions and talents enriches our Company
– part of the same team, striving
and helps all of us achieve success. We are therefore committed to equal
to deliver the brand promise to
employment opportunity and fair treatment. We must make all employment
our customers and each other
every day. Individual performance decisions based on job-related qualifications and without regard to race, ethnicity,
is essential and valued, but never gender, gender identity, disability, religion, sexual orientation, marital status,
at the expense of the team. citizenship, age or any other legally protected status in each of the countries in
which we operate. Please see your local, market-specific Individual Treatment Policy,
Freedom from Harassment section in the Individual Treatment Policy or other similar
policies for more information.
If you believe you or someone else has been discriminated against, you should
report the situation to your leader or Human Resources.
OUR COMMITMENT
TO EACH OTHER
FREEDOM FROM HARASSMENT

We are expected to promote a work environment free from harassment.
To achieve a positive work environment, we must take steps to ensure that it is free
from harassment. “Harassment” includes offensive behavior that interferes with
another’s work environment or that has the purpose or effect of creating an offensive,
intimidating or hostile work environment. Conduct will be considered harassment
regardless of whether it’s done physically or verbally, whether it’s done in person or
by other means (such as harassing notes or emails), and whether it’s sexual in nature
or otherwise inappropriate. Potentially offensive behavior includes unwelcome sexual
advances or remarks. It may also include slurs, inappropriate jokes or disparaging
9 comments about subjects such as race, religion or ethnicity. Please see your local,
market-specific Individual Treatment Policy, Freedom from Harassment section in the
Individual Treatment Policy or other similar policies for more information.
If you feel that you or someone else has experienced harassment, report the
situation immediately to your leader or Human Resources.
QUESTION: Q: Sondra feels harassed by her leader, Thomas. He constantly comments

on her appearance in a way that makes her uncomfortable. He even tells
her what to wear to “really make an impression.” Sondra’s made it clear
to Thomas that his comments bother her and his suggestions make her
uncomfortable, but he has not changed his behavior. What should she do?
A: Sondra should report Thomas’s conduct to Human Resources immediately.

Thomas’s actions are unwanted and violate the Code and our Company’s policy
against harassment. Human Resources will conduct a prompt and thorough
investigation and take appropriate action. This harassing behavior will not be
tolerated.
WORKPLACE SAFETY AND HEALTH

We must work together to promote a safe and healthy workplace.
Our Company values each of us as its most important asset, and is committed to the
highest standards of safety and employee protection. We each have a responsibility
to meet this commitment by following all Company safety and security procedures,
as well as applicable laws and regulations. In so doing, we avoid risk to ourselves and
those around us. If you are aware of unsafe working conditions, report the situation to
your leader immediately.
Drugs and Alcohol

We are expected to conduct business for American Express free from the influence
10
of any substance that could impair our job performance. This includes alcohol, illegal
drugs, controlled substances and, in certain instances, prescription medication. In
addition, we may not sell, manufacture or distribute illegal drugs in our workplace.
These rules apply to all persons on Company premises at all times.
OUR COMMITMENT
TO EACH OTHER
Violence
As part of our commitment to providing a safe work environment, we must never
engage in or tolerate any form of violence. “Violence” includes threats or acts of
violence, intimidation of others or attempts to instill fear in others. If you know
of actual or potential workplace violence, you should immediately report your
concerns to your leader, Human Resources or Security. If you believe someone
is in immediate danger, please contact building security or the local authorities.
Please see your local, market-specific Individual Treatment Policy, Freedom from
Harassment section in the Individual Treatment Policy or other similar policies for
more information.
11
QUESTION: Q: Tom, a Team Leader, has observed that one of his employees, Sarah, receives
frequent phone calls at work from her husband. She seems fearful of him, and
makes excuses for his many calls to check up on her. Some of Sarah’s colleagues
have mentioned that Sarah has shared her fear of her husband with them. Tom
does not want to confront Sarah with his concerns, because he believes he should
not interfere in her personal business. In addition, he does not know who to speak
to about the situation. What should Tom do?
A: Tom should contact his business unit’s Human Resources or Employee Relations
representative and discuss the situation. That individual will reach out to the company’s
subject matter experts, if necessary, to assess any potential impact to the workplace
and will then advise Tom on next steps.
12
13
OUR COMMITMENT
TO OUR SHAREHOLDERS
BLUE BOX VALUES CONFLICTS OF INTEREST

We must avoid all real and potential conflicts between our personal interests
and those of American Express.
WE NEED DIFFERENT VIEWS.
By being open to different ideas We are all expected to act in the best interests of our Company and to exercise
from our colleagues, customers
sound judgment when working on our Company’s behalf. This means that business
and the world around us, we will
decisions should be made free from any conflict of interest. Even the appearance of a
find more ways to win.
conflict can damage your or American Express’ reputation.
WE DO WHAT’S RIGHT. A “conflict of interest” can occur when our outside activities or personal interests
Customers choose us because conflict or appear to conflict with our responsibility to our Company or when we use
they trust our brand and people. 14
our position with our Company or information we have acquired during employment
We earn that trust by ensuring
in a way that creates a conflict between our personal interests and the interests of our
everything we do is reliable,
Company or its customers.
consistent, and with the highest
level of integrity.
You are required to promptly disclose all conflicts and potential conflicts of interest
to the Corporate Secretary. This includes conflicts in which you may be involved
inadvertently, due to either business or personal relationships with customers,
suppliers, business associates or competitors of our Company, or with other
Company employees. Many real and potential conflicts of interest can be resolved.
Guidelines applicable to some of the most common conflict-of-interest situations

follow. Please remember that these guidelines also apply to members of your
“immediate family,” which includes spouses, domestic partners, parents, children,
siblings, grandparents, grandchildren, in-laws, step-relatives, aunts, uncles and other
significant relationships. If you have any questions, consult the Corporate Secretary.
OUR COMMITMENT
TO OUR SHAREHOLDERS
Outside Positions
Any position that we hold outside our Company must not interfere with our ability to
do our job at American Express and act in our company’s best interest. Our job with
American Express must always be our first priority. We cannot accept employment
from or otherwise provide services to any vendor, business partner or competitor
of our Company, without prior approval of the Corporate Secretary and, in many
cases, also a senior leader. A conflict of interest may also exist if any member of our
immediate family is employed by our Company’s competitors, business partners
or vendors. Accordingly, we should promptly disclose any such situations to the
Corporate Secretary as they arise.
15 We may not serve as a director, trustee, officer, advisory board member or

consultant or in a similar paid or unpaid position, other than with American Express
or one of its subsidiaries, without prior approval of the Corporate Secretary. This rule
does not apply to residential boards or political, non-profit or social organizations,
provided their activities do not conflict with our Company’s interests. Please consult
with the Corporate Secretary if you have any questions.
QUESTION:
Q: Jennifer is a full-time employee at American Express and her husband
works as a consultant for a variety of companies, including one of our
Company’s competitors. Does this present a conflict of interest?
A: That depends on the nature of Jennifer’s position, the consulting Jennifer’s

husband performs and his level of interaction with people who influence the
strategic direction of the competitor company. Because this creates a potential
conflict of interest, Jennifer should disclose this situation to the Corporate
Secretary.
You may join industry or trade associations with the approval of your leader and upon
compliance with AEMP07 Anti-Trust Compliance Policy and the Company’s Trade QUESTION:
Association Procedure on The Square. You should ensure that any related activities are
consistent with our Company’s interests.
Q: Bill needs to hire a printer
for an American Express
Employment of Relatives brochure as soon as possible.
If we seek to hire or engage an immediate family member, or his or her company, to He encourages his cousin, who
provide goods or services to our Company, we must first disclose the circumstances to the owns a printing company, to
Corporate Secretary. In addition, if we are directly or indirectly involved in the hiring process, apply for the contract.
we must consult Human Resources before proceeding. Bill knows he must go through
In order to avoid conflicts of interest, including the appearance of favoritism, we may not
the proper bidding process 16
before hiring his cousin’s
work directly for, work in the same chain of command as, supervise or make employment
company. Was telling his
decisions about an immediate family member. For further information, please see our
cousin about the opportunity
Employment of Relatives Policy.
an okay thing to do?
A: Most likely, yes, but Bill should

disclose this potential conflict of
interest to his leader, and to the
Corporate Secretary and consult
Human Resources. He will most
likely need to remove himself
from the vendor selection
process to avoid giving the
appearance that he’s engaging in
favoritism.
OUR COMMITMENT
TO OUR SHAREHOLDERS
Business Opportunities
We may not accept business opportunities, fees, commissions or other advantageous
financial arrangements from a customer, vendor, competitor or business partner of
our Company. In addition, we may not purchase for personal use the goods or services
of our Company’s vendors on terms other than those available to the general public
or established by Company policy. If you have any questions whether a situation is
permissible, you should contact the Corporate Secretary.
In addition, we may not take personal advantage of our Company’s corporate

opportunities unless and until our Company has had a chance to evaluate the opportunity,
and has explicitly indicated that our Company will not pursue it.
17
Outside Investments
Generally, we may freely invest in publicly traded companies. Ownership of less than one
percent (1%) of a publicly traded company generally does not present concerns. We should
be careful in the case of investments that could affect or appear to affect our decision-
making on behalf of our Company. This is especially true if we have discretionary authority
in dealing with a company as part of our job duties or if our investment in a company that
QUESTION:
Q: Fred has access to an internal database that contains aggregate credit
card sales data and can examine the sales data of publicly traded retailers.
Can Fred buy or sell the stock of a retailer if he sees the company’s sales,
through American Express’ network, are increasing or decreasing?
A: No. Fred may not trade on material nonpublic information, which violates
the Code as well as insider trading laws. When in doubt, assume information is
material and nonpublic. You must not take part in any trading that may appear
improper. See “Insider Trading” on page 30 for further information.
competes with or does business with our Company is significant to us. Such instances
should be reported to the Corporate Secretary.
We may not make or hold a significant investment in a private entity that competes with,
does business with or is seeking to do business with our Company without the approval
of the Corporate Secretary. An interest is considered “significant” if it could impair, or
reasonably appear to impair, our ability to act solely in the best interests of American
Express. If you hold such an investment or if you are involved through your job at American
Express in any business transaction with a private company in which you have an
investment or previously were employed, notify the Corporate Secretary.
Note that these restrictions on outside investments do not apply to mutual funds or
similar investments in which we do not have direct or indirect control over the particular 18
investments included in the fund.
We also may not accept any offer to participate in an initial public stock offering from a firm
doing, or seeking to do, business with our Company. If you have any further questions,
consult your Compliance Officer.
BOOKS AND RECORDS

We must ensure that our Company’s accounting and financial records
meet the highest standards of accuracy and completeness.
Reporting accurate, complete and understandable information about our Company’s

business, earnings and financial condition is one of our most important duties. We must
never make any false or artificial entries in our books and records. Transactions with no
economic substance that serve only to accelerate, postpone or otherwise manipulate the
accurate and timely recording of revenues or expenses raise the prospect of inaccurate
books and records and even proposing such transactions to third parties like customers
and vendors could be inappropriate. If you have reason to believe that any of our books or
records are being maintained in a fraudulent, inaccurate or incomplete manner, or if you feel
pressured to prepare, alter, conceal or destroy documents in violation of Company policy,
report your concerns immediately to your business unit’s Controller or Compliance Officer.
OUR COMMITMENT
TO OUR SHAREHOLDERS
Financial Statements and Accounts

We must report any financial transactions accurately, completely, fairly, and in a timely and
understandable manner. We also must ensure that the data we provide for the preparation
of financial statements, regulatory reports and publicly-filed documents complies with all
applicable accepted accounting principles and our Company’s internal control procedures.
Our shareholders rely on us to ensure that these statements fairly and completely reflect
our Company’s operations and financial condition.
Ensuring accurate and complete accounting and financial records is everyone’s

responsibility, not just a role for controllership and finance personnel. Accurate
recordkeeping and reporting reflect on the Company’s reputation and credibility, and
19 ensure that the Company meets its legal and regulatory obligations. Whatever your
part in this process, you are required to be honest and forthcoming – if you believe a
transaction or payment cannot be accurately documented without raising legal questions
or embarrassing the Company, the transaction should not be completed and you should
notify your business unit’s Controller or Compliance Officer.
QUESTION:
Q: Dave is considering approaching a vendor with a proposed contract
amendment that would move expenses from this quarter to the next without
changing the timing of the delivery of services provided by the vendor. He is
unsure of the business reason for the amendment, but figures any issue will
be caught by his unit’s Controller or GCO later in the process. Should Dave
approach the vendor with the proposed amendment?
A: No. It is Dave’s responsibility to understand the business reason for the

transaction and he should not propose any transaction or agreement lacking in
economic substance that accelerates, postpones or otherwise manipulates the
accurate and timely recording of revenues or expenses.
- Please see the “Insider Trading” section of our Code for more information.
Maintenance of Documents
We must retain all documents according to our global Records Management Policy. This policy
details how to properly retain, store and dispose of our written and electronic documents. To
appropriately retain electronic documents, we must store critical or sensitive electronic business
information securely in the appropriate databases or network storage.
It is important that we take special care to retain all documents that relate to any imminent or
ongoing investigation, lawsuit, audit or examination involving our Company. This means, in part,
that we may never destroy, conceal or alter any documents or records in order to impede a
governmental investigation, lawsuit, audit or examination. Engaging in such activity may expose
at-fault individuals or our Company to criminal liability. We must comply with all applicable
litigation hold instructions immediately and consistently. 20
Relationships with Auditors and Government Investigators or Regulators

We are expected to cooperate fully with internal and external auditors and government
investigators or regulators in connection with any audit or review of our Company. This means
that we must provide only accurate and complete information to these parties. If a government
investigator asks us to take part in an investigation of our Company or a colleague, we must
notify the GCO before complying with the request. We are required to have our financial
statements and internal controls audited by an independent registered public accounting firm
and we must not engage in activities that could have the effect of impairing our accounting firm’s
independence, either in fact or in appearance. Before entering into any relationship with an
accounting firm, obtain the appropriate approvals as per our Accounting Firm Services Request
(AFSR) process. Please see the Engagement of and Relationship with Accounting Firms Policy
(AEMP 21) for further information.
We must not attempt to improperly influence any auditor, regulator or investigator reviewing our
Company’s financial statements, nor encourage anyone else to do so. Examples of improper
influence include providing misleading information, offering anything of value or tying incentives
to the outcome of the audit. If you believe that someone has made a misleading, incomplete
or false statement to an accountant, auditor, attorney, regulator or government investigator
in connection with our Company, you must report this immediately to your business unit’s
Controller or Compliance Officer.
OUR COMMITMENT
TO OUR SHAREHOLDERS
PROTECTION OF PROPERTY AND INFORMATION

We must protect our Company’s property, which includes all tangible and
intangible assets.
American Express trusts us to respect and care for its property to the best of our ability, at
all times. We must work together to prevent and halt theft, destruction or misappropriation
of all Company property, including physical property, confidential information and
intellectual property.
Physical Property
Physical property includes Company funds, facilities, equipment and communications
21 systems. If you suspect any wrongdoing towards our Company’s physical property, please
report your concerns immediately to your local Global Security representative.
Intellectual Property
Our Company’s intellectual property (IP) is among its most valuable assets. We must
protect and, when appropriate, enforce our Company’s IP rights. “IP” refers to creations of
the human mind that are protected by law. This includes copyrights, patents, trademarks,
trade secrets, design rights, logos, know-how and other intangible industrial or commercial
property. To the extent permitted by law, the rights to all IP—whether or not patentable or
protectable by copyright, trade secret or trademark—are assigned to our Company. This
is true of any such materials we create on our Company’s time and expense or within the
scope of the duties we perform for our Company. Please see our Intellectual Property and
Licensing Policy for more information.
Confidential Information and Trade Secrets

During the course of our work, we may learn confidential information about our Company,
clients, partners or other third-parties that is not known to the general public or our
competitors. Some of this information may be trade secrets. “Trade secrets” are data that
give our Company a competitive or economic advantage over our competitors. Common
examples include:
• Customer lists or data
• Terms, discount rates or fees offered to particular customers
• Marketing or strategic plans
• Software, risk models, tools and other system or technology developments
QUESTION:
• Company policies, procedures or guidance
If you have even the slightest doubt as to whether information about our Company and its
business, or about its past, present or prospective customers, suppliers and employees, is
confidential, you should ask your leader or contact the GCO. Q: Viraj is working with
outside vendors to develop
We may not disclose confidential information or trade secrets to anyone outside our new marketing campaigns,
Company, without a business need. If a business need exists, we must first obtain and speed to market is very
authorization to disclose the information. We must be particularly careful not to important. Can he exchange
disclose any confidential information or trade secrets when we are approached by a these marketing materials
market research company, or even a student or academic, to discuss our Company or by email?
general industry developments. Where there is a business need, we may only disclose
Company confidential information and trade secrets to a third party after an appropriate
22
A: Yes, but only if the information
confidentiality or non-disclosure agreement is put in place. Please contact the GCO for is sent via secure email and is
assistance with such agreements. subject to a Company-approved
confidentiality or non-
Additionally, we may be exposed to Confidential Supervisory Information (“CSI”). CSI
disclosure agreement. If
is information produced through the supervisory process with one of our banking
Viraj has further questions,
regulators (e.g., the Board of Governors of the Federal Reserve System or the Office of
he should consult his technology
the Comptroller of the Currency), such as exam reports or supervisory ratings. American
leader or the GCO.
Express strictly prohibits the unauthorized possession, use or distribution of CSI. Please
contact the GCO for more information.
Do not share confidential information or trade secrets with friends or family and do not
discuss confidential information or trade secrets in places where you can be overheard,
such as taxis, elevators, Company cafeterias and breakrooms, or restaurants. In addition,
do not communicate or transmit confidential information or trade secrets by nonsecure
methods, such as cell phones, nonsecure email or hotel faxes. You may not download or
forward any trade secrets or confidential information learned through your employment
to your home computer or to a personal e-mail address, including in anticipation of your
resignation or the termination of your employment with the Company.
OUR COMMITMENT
TO OUR SHAREHOLDERS
These obligations apply both during and after the end of your employment with American
Express. When you leave our Company, you must return any and all confidential
information and trade secrets you received through your employment with the Company.
The restriction on disclosing confidential information does not prevent you from reporting
concerns of known or suspected violations of the Code to your leader or the Amex Ethics
Hotline, to the government or to a regulator or a court under seal. It also does not and is not
intended to prevent employees from truthfully responding to inquiries or requests from a
regulator, the government or in a court of law.
Third-Party Property and Information

23 We must respect the Intellectual Property belonging to third parties, and may never
knowingly infringe upon the IP rights of others. Be especially cautious when preparing
advertising or promotional materials, using the name or printed materials of another
company, or operating a software program on a Company computer. Only software
properly licensed by our Company is permitted on Company computers.
QUESTION: Q. Suzanne recently left a competitor to join American Express. Her leader
asks her to write a memo outlining everything she knows about the business
plans and strategies of her former employer. Should Suzanne write the
memo?
A. No. It is unethical and may be unlawful to reveal the confidential information or

trade secrets of a former employer. Suzanne’s leader shouldn’t have asked her for
this information. Suzanne should report the situation immediately.
In addition, you must not use or disclose the confidential information or trade secrets of
others, including your former employers. If anyone at American Express asks or pressures
you to do so, you should report the situation. You should not use or share any information
divulged to you by a third party (whether intentionally or unintentionally) unless you know
it is not confidential or a trade secret. If you are unsure how to use information you hold
or have received, contact your business unit’s attorney in the GCO. See our Conducting
Competitive Intelligence Activities Policy for more information.
Privacy
Protecting Customer and Employee Privacy
Our American Express Privacy Program governs the systems, processes, and procedures 24
controlling the collection, use, and sharing of customer and employee personal data,
sometimes called Personally Identifiable Information (PII). PII refers to information, in
any form, that identifies or can be used in combination with other information available
to the organization to identify an individual and includes information that is associated
with an identified individual. Protecting the privacy of our customers, third parties and
fellow employees is critical to our operations and our brand. As American Express team
members, we all share a responsibility to protect the PII of our customers, third parties
and fellow employees. We do so by complying with the American Express Data Protection
and Privacy Principles, the American Express Binding Corporate Rules as well as with
applicable law, our contracts and our other internal policies. These principles are a
commitment to employees and customers about the way our Company collects, uses,
stores, shares, transmits, deletes or otherwise processes PII. By complying with this Code,
we acknowledge our commitment to these principles.
In addition to these principles, it is important to keep in mind that we should only collect,
use or share PII if we have a legitimate business need to do so. Never share information
OUR COMMITMENT
TO OUR SHAREHOLDERS
about American Express customers, third party contacts or employees with friends or
family. Before you share or release PII to third parties, ensure that the person or vendor to
whom you are releasing the information is authorized to receive it for a legitimate business
need. In addition, that individual or company must be bound by confidentiality and vendor
agreements and have been through the third party review process, if applicable.
Many countries have their own legal requirements governing the use of personally identifiable
information. For more information on privacy-related questions, contact Global Privacy.
Communicating with the Public about American Express

To protect our Company’s information and ensure it is presented to the public accurately
25 and consistently, only official Company spokespeople can communicate on behalf of
American Express. All external speaking opportunities and presentations are limited to
employees at the Band 45 level and above, and must be approved by the Corporate Affairs
and Communications Department prior to any commitment being made. This includes
communications in all channels, including traditional media outlets as well as online channels,
such as blogs and other social media sites (eg. Facebook, Twitter, LinkedIn and YouTube).
If you receive a request from the media for comment of any kind about our Company,
you must refer it to your local Corporate Affairs & Communications group (CA&C). Only
members of the Communications Department within CA&C, or individuals they designate,
are authorized to represent or publicly discuss our Company with the media. See our
External Communications and Disclosure Policy (AEMP 18) for more information.
Comments and posts about our Company’s businesses, products or services are made
by bloggers, reporters and consumers across the internet on websites, discussion
boards, and social media sites. As with media inquiries, only employees authorized by
CA&C may respond to such comments and posts. And while you are not prohibited from
communications protected by law, you must follow the guiding principles and the Do’s and
Don’ts set forth in our Social Media Compliance Risk Management Policy.
You may also receive an invitation from groups often referred to as “expert networks” to
consult on matters relating to our business and industry. These invitations may ask you
to participate in telephone consultations, in-person meetings, or educational events
for the clients of those networks. Participation in such networks is only allowed if it has
been approved in advance by the Corporate Secretary in accordance with the conflict
of interest requirements of this Code. In addition, you are not permitted to engage in any
other form of external consultation arrangements as it relates to our industry or related
matters, unless you have been designated an official company spokesperson or such
participation is reviewed and approved in advance by the Corporate Secretary under the
conflict of interest requirements of this Code. The above applies whether you are offered
compensation or not. If you are in doubt about whether this applies to an invitation you
receive, contact your Compliance Officer or the Corporate Secretary. 26
Operating in an Open Network Environment

Our Company operates in an open network environment. We do so by licensing our brand
to third parties to issue American Express cards and acquire merchants for the American
Express Global Network (AEGN or Network). As the Network expands, we often receive
confidential information from our partners, vendors and other third parties. We have a
responsibility to protect their confidential or proprietary information that we receive in the
course of operating these business relationships as carefully as we protect our own.
The Open Network Confidentiality Operating Principles (ONCOP) listed below govern how
confidential information of issuers and acquirers on the AEGN must be handled.
Principle 1 – Legal and Contractual Obligations

The first principle states that we must comply with our legal obligations by not sharing
information in any way that would violate our contractual obligations or applicable laws.
This is an important point with our regulators. They have the authority to examine our
network and relationships with third parties to ensure that we are complying with laws that
govern both networks and banks.
Our Company protects the confidential information of our issuing and acquiring partners.
We keep such information from being viewed or used by anyone who does not need the
OUR COMMITMENT
TO OUR SHAREHOLDERS
information to help operate the Network. Antitrust and fair competition laws prohibit us
from sharing pricing and other competitive information with competitors and other third
parties. Since all issuers and acquirers compete for customers on the Network, it is critical
to the success of the Network that we uphold our obligations.
Principle 2 – Information Sharing

The second principle requires that the confidential information of one issuer or acquirer on
the Network not be shared with or used by any other issuer or acquirer. This represents the
core element of ONCOP, and reinforces the strength of and confidence in the AEGN.
To apply this principle, we must understand whether or not information is confidential to

an issuer. Generally, information that is not publicly available about an issuer or acquirer is
27
considered confidential. Specifically, such information can include:
• Business or pricing strategies
• Marketing plans
• Details of a Network Partner’s agreement or contract
• Statistics about an issuer’s or acquirer’s business
Some confidential information of our Company, though not publicly available, applies to
and affects all issuers and acquirers on the Network, such as:
• Network policies
• Network marketing campaigns
• Network operational issues
Such information can be shared among issuers and acquirers, but cannot be shared
outside the Network.
Principle 3 – Supporting the Network

The third principle covers accessing confidential information. It provides that certain
groups supporting the AEGN can view confidential information of issuers and acquirers in
order to perform Network responsibilities only. This principle is probably the most complex.
However, since most American Express employees and contractors will have access to
information about a single issuer or acquirer, either the proprietary issuer or acquirer, or
another single Network issuer or acquirer, the principle generally does not raise concerns.
Certain groups, however, require access to information about more than one issuer
or acquirer to support the Network as a whole. As employees, we can have access to
information about more than one issuer or acquirer or aggregate Network information
when: 28
• O
ur role is necessary to support the Network functions and there is a demonstrated,
specific, essential, and ongoing need for information about more than one issuer,
acquirer and/or aggregate Network information (e.g. network marketing)
• Our role is to provide advice or consultative support to various businesses and is not fully
dedicated to a single issuer or acquirer
• We support more than one Network issuer or acquirer, and therefore need access to
information about all of the Network issuers and acquirers we support. This is often the
case outside of the United States, where Global Network and International Card Services
employees are responsible for supporting more than one issuing and acquiring partner
of American Express.
These principles are set forth in the ONCOP Policy, and further details can be found on
The Policy Page. Questions about the application of these principles can be addressed to
networkinformationstrategy@aexp.com.
OUR COMMITMENT
TO OUR SHAREHOLDERS
Export of Encryption Items

We must comply with U.S. and international laws regarding the export (or transfer)
of encryption items from one country to another as well as deemed exports of
encryption technology and source code to foreign nationals within a country. Some
examples of encryption items include laptop and desktop computers with encryption
functionality, software products with telecommunications and information security
capabilities (e.g. , Microsoft Outlook and Microsoft Communicator, and GLOBEs
and Probes used by Global Network Services partners) smart phones, and iOS and
Android apps. We must comply with all applicable laws and regulations to ensure that
our Company retains its export privileges and to avoid the civil or criminal penalties
that can result from failing to comply with export laws and regulations.
29
For more information, see our Encryption Export Compliance Policy (AEMP 31).
QUESTION: Q. Hashim, who is located in Phoenix, needs to send two imaged laptop
computers to contractors who are headquartered in Shanghai, China.
Hashim is told that the image on these computers contains newly
developed encryption software that will soon be released. He knows that we
already have contracts established and non-disclosure agreements in place
with the contracting firm. Is it okay for Hashim to ship the laptops?
A. No. The encryption software might not yet be approved for export from the
United States to China as well as for import into China. Our Company must
obtain authorization from the US and Chinese governments before shipping the
laptop computers containing the encryption software. To begin this process,
Hashim should contact the Export Compliance Coordinator via email at
exportcompliancecoordinator@aexp.com
INSIDER TRADING
We may not engage in insider trading or tipping. QUESTION:
While working on behalf of American Express, we may become aware of
Q: Elizabeth has been
material nonpublic information about our Company or other companies. Material
planning to buy shares in a
nonpublic information (also known as “inside information”) is information about
certain company with her
a company that is not known to the general public and that could influence a typical
inheritance money for some
investor’s decision to buy, sell or hold that company’s securities. Information
time. However, she recently
stops being nonpublic when it has been broadly disseminated to the public and a
learned that American Express
reasonable waiting period has passed to allow the information to be absorbed by
is negotiating confidentially
the marketplace.
with this company to enter into
30
Buying or selling securities of a company while you possess material nonpublic a large contract. Can she still
information (otherwise known as “insider trading”) is a criminal offense in many buy shares in that company?
countries, including in the United States, and is prohibited by Company policy. This
applies to stock, options, debt securities or any other securities of American Express
or another company, as well as to transfers into or out of our Company stock fund A: No. Assuming that the news
under a retirement savings plan. If you have any doubt whether nonpublic information of this contract is material,
you possess is material, do not trade on that information. Rather, seek guidance from Elizabeth must wait until the
the Corporate Secretary at csotradinghelp@aexp.com or the GCO. deal is made public before she
purchases these shares. If she
Even if you trade for reasons unrelated to inside information you possess, you may trades while in possession of
be liable for insider trading. material nonpublic information,
she may be liable for insider
For more information, see our Trading Policy AEMP 72.
trading. If she is unsure if the
nonpublic information she has
is material, she should seek
guidance from the GCO or the
Corporate Secretary.
OUR COMMITMENT
TO OUR SHAREHOLDERS
Other Trading in American Express Securities

We are encouraged to be a long-term investor in American Express securities, both
directly and through our Company’s compensation plans. We may not engage in
short sales or put or call or other derivatives transactions on American Express
securities (other than exercising employee stock options). If you have any questions
about trading in our Company’s securities, please contact the Corporate Secretary
or the GCO. You may also not engage in any transactions in Company securities
that suggest you are trying to profit from short-term increases or decreases in the
Company’s stock price, such as “day trading.”
31 Disclosure of Nonpublic Information and Tipping

If you reveal material nonpublic information to anyone, including family or household
members, and that person then buys or sells securities (or passes the information on
to someone else that buys or sells securities), you may be liable for “tipping.” This is true
even if you do not personally trade on the information. Tipping is a violation of the Code
and insider trading laws, and carries steep penalties, including potential criminal liability.
QUESTION: Q. Valentina knows about a potential American Express acquisition that

will likely make our Company’s stock price rise. She knows that she cannot
trade on this information, but wants to tell her uncle this information and
encourage him to purchase American Express shares. Can she do so?
A. No. If Valentina were to share this material nonpublic information with her
uncle, she’d be engaging in tipping, which violates the Code and Company
policy. She and her uncle might also be held liable for violating insider trading
laws, and could even go to jail.
Communicating with Securities Market

Professionals and Shareholders
Generally, only designated spokespersons may speak to securities market
professionals and shareholders about our Company. We should therefore refer all
inquiries from these groups to the Investor Relations Department or the Corporate
Secretary. If you deal with securities market professionals in the ordinary course
of your business, you may interact with them as necessary without an Investor
Relations representative. However, you may not disclose material nonpublic
information. If you have any questions about such communications, including if
you are unsure if nonpublic information is material, you should review our External
Communications and Disclosure Policy or contact the GCO.
32
33
American Express Uniformed Travel Representatives assisting traveler (Paris, 1930)

OUR COMMITMENT
TO OUR CUSTOMERS AND BUSINESS PARTNERS
BLUE BOX VALUES SALES AND ADVERTISING

All of our sales, marketing and advertising activities must be done with
honesty and integrity.
WE DELIVER FOR
OUR CUSTOMERS. We are expected to compete vigorously and effectively, but never unfairly. For this
We’re driven by our commitment reason, honesty must be our guide in all of our sales, marketing and advertising
to deliver exceptional products,
pursuits. We must make only complete, factual and truthful statements about our
services and experiences to our
Company and its products and services. All advertising and marketing claims must
customers. We value our strong
be substantiated and must include all information and disclosures necessary to
customer relationships, and
are defined by how well we take make them accurate and complete. We must take care to ensure all disclosures are
care of them. written in a manner that is easily understood by the intended audience. In addition, 34
we must never make disparaging remarks about our competitors or make unfair
WE MAKE IT GREAT. comparisons between a competitor’s products and services and our own.
We deliver an unparalleled
You should be familiar with the sales, marketing and advertising review procedures
standard of excellence in
everything we do, staying that apply to your work. With new laws and regulations, as well as increased political
focused on the biggest and media focus, it is critical that you know the latest requirements on disclosures
opportunities to be meaningful and other legal constraints in this area. If you have any questions, please consult your
to our customers. From our leader, your Compliance Officer or the GCO.
innovative products to our
world-class customer service, our
customers expect the best — and
our teams are proud to deliver it.
OUR COMMITMENT
TO OUR CUSTOMERS AND BUSINESS PARTNERS
GIFTS AND ENTERTAINMENT

We must not solicit, accept or give gifts that may influence business
decisions.
We must be cautious when giving gifts or entertainment to, or accepting gifts or

entertainment from, anyone who does or seeks to do business with our Company.
Doing so may influence, or appear to influence, our ability to make objective business
decisions. In addition, we may not solicit any gifts or entertainment from current or
potential customers or other business partners.
We may never accept or offer gifts that are:

35
• Cash or monetary equivalents, such as gift cards or vouchers
• Objects that have significant value, or may appear significant to others
• Indicative of preferential treatment
In addition, we may never accept or offer entertainment that is:
• Excessive in value
• Not business-related
• In an inappropriate setting
We may accept business-related meals, entertainment, token gifts or favors that do

not have significant value and do not create a real or apparent sense of obligation. If
you are ever uncertain about the appropriateness of a gift or entertainment, please
contact your leader.
In some countries, it is traditional to present gifts to business associates to

demonstrate courtesy or appreciation. You may give gifts to non-government officials
in locations where doing so is customary, widely accepted and consistent with local
laws and regulations. Such gifts must be of reasonable value and properly reported.
HERE ARE SOME EXAMPLES OF REASONABLE AND EXCESSIVE GIFTS:
REASONABLE EXCESSIVE
A gift of a bottle of wine of reasonable value. A case of fine champagne.
Tickets to a local sporting or cultural event of Tickets to a distant sporting event or

reasonable value. golf outing, plus airfaire and/or hotel
accommodations. Including invitations to a
significant other, close relative or partner.
A book of interest related to the business 36
Weekend trip with no business purpose.
relationship.
Modest corporate gifts with engraved company Cash, monetary equivalents, stored value
logo (such as a pen or notepad). products or gift certificates (such gifts are too
similar to cash).
Modest expressions of gratitude (chocolates, A lavish personal gift such as a piece of fine
basket of fruits or flowers). jewelry.
Interacting with government agencies whether directly or indirectly is an important

part of conducting our Company’s business. We are limited in the type of gifts or
entertainment that is given to or accepted by a government official. Any gift or
entertainment provided to a government official cannot be lavish or excessive
and must be supported by a legitimate business purpose. Please see the
“Anti-Corruption” (Page 44) section of our Code for more information. Contact your
Compliance Officer, GCO, or Global Anti-Corruption for more specific guidance on
these rules.
OUR COMMITMENT
TO OUR SHAREHOLDERS
ANTITRUST AND FAIR COMPETITION

We must comply fully with the letter and spirit of laws designed
to preserve free and open competition.
American Express strongly supports vigorous yet fair competition. We must all abide
by competition laws (also referred to as “antitrust,” “monopoly” or “cartel” laws),
which are designed to preserve free and open competition. These laws vary, but their
common goal is to promote a competitive marketplace that provides consumers with
high-quality goods and services at fair prices. Failure to comply with these laws can
have serious and far-reaching consequences for our Company and each of us.
37 Contacts with Competitors

We must avoid even the appearance of agreeing with a competitor to limit how
we compete with one another. “Competitor” is broadly defined for this purpose, and
can include entities with whom we have multiple relationships, including vendors,
customers or other business partners. We should never discuss the following with
competitors:
• Pricing or pricing policy, rates, costs, margins
• Sales, marketing or other strategic business plans
• Any other nonpublic, proprietary or competitively sensitive information
• Agreeing on the prices or rates we will charge customers
• Agreeing to divide customers, markets, territories or countries
• Boycotting certain customers, vendors or competitors
Even where there is no formal written agreement, a mere conversation or exchange

of information can create the appearance of a common understanding among
competitors creating potential antitrust and fair competition risk. Be cautious when
interacting with competitors at conferences and other similar events. If a competitor

attempts to discuss any of the above topics with you, stop the conversation
immediately, even if this requires being rude or abrupt. Then, immediately report the
incident to the GCO.
If you need guidance regarding any aspect of competition laws, please reference our
Antitrust Compliance Policy (AEMP 07) or contact the GCO.
Competitor Information
Our Company needs to know what our competitors are doing in order to effectively
compete. However, we may not gather confidential, nonpublic information from
or about our competitors (e.g. pricing, competitor lists, product developments or 38
strategic plans) using deception, theft or other illegal or unethical means. In addition,
we may not retain a third party to do so on our behalf. We must be particularly careful
not to request information from new hires about their former employers. We must
also exercise caution when conducting market research (including benchmarking)
directly or through our vendors.
We may gather publicly available information about our competitors by using any
channels by which such information is available to the public. We may also gather
information about a competitor when the competitor invites the general public to
request such information. However, we may never:
• Misrepresent our identity or intent in obtaining information regarding a competitor

• Attempt to influence another person to breach an agreement of confidentiality
(including former employees of competitors or customers of competitors)
• Contact journalists directly or indirectly for any reason, unless authorized by the
Corporate Affairs and Communications Department
Consult our Conducting Competitive Intelligence Activities Policy (AEMP 03) for
additional information.
OUR COMMITMENT
TO OUR SHAREHOLDERS
Contacts with Customers and Vendors

Competition law issues may also arise when we deal with customers, vendors and
others who are not our competitors. Consult with the GCO before:
• Entering into an exclusive agreement with a customer or vendor, including

non-compete agreements and “Most Favored Nation” provisions
• Setting the price or terms under which our customers or licensees resell our
products or services
• Charging different customers different prices for the same product or service
We are also subject to strict rules and regulations regarding our ability to condition
sales, or “tie” our products together. Arrangements in which we or bank affiliates
39 tie the availability or price of one product to the purchase of another require careful
review. Consult the GCO for advice on applicable competition law restrictions.
Communications
We should carefully consider the language we use in all internal and external
business communications, including e-mail and handwritten notes. We should
avoid language that could be misinterpreted (e.g., words that have legal significance
under the antitrust laws, such as “market,” “market share,” “market power,”
“monopoly,” “dominate,” “barriers to entry,” and “leverage”). We should always label
communications that contain or solicit legal advice, or were prepared at the request
of counsel, as “Privileged and Confidential.”
40
41
OUR COMMITMENT
TO OUR COMMUNITIES
BLUE BOX VALUES MONEY LAUNDERING AND TERRORIST FINANCING

We must actively guard against the use of our Company’s products and
WE CARE ABOUT services for money laundering and the financing of terrorism.
COMMUNITIES.
American Express is committed to the fight against money laundering and
We aim to make a difference in
terrorist financing, which continues to receive considerable focus and attention by
the communities where we work
governments, international organizations and law enforcement agencies around the
and live. Our commitment to
corporate social responsibility world. This is an issue that our Company takes extremely seriously.
makes an impact by
“Money laundering” is the process by which criminal funds are moved through
strengthening our connections.
the financial system in order to hide all traces of their criminal origin. “Terrorist 42
financing,” among other things, refers to the destination and use of funds that may
come from legitimate and/or criminal sources to finance terrorist activities. It is
extremely important that we know and comply with all laws and regulations designed
to halt money laundering and terrorist financing. To mitigate such financial crimes,
the Company established the American Express Global Anti-Money Laundering Policy
(AEMP 04). This Policy describes the framework and approach for the Company and
its subsidiaries to comply with applicable money laundering laws and regulations by
implementing reasonably designed controls and standards to prevent the use of our
products and services for such activities.
As an employee, you should become familiar with the Global Anti-Money Laundering
Policy as well as your Business Unit money laundering policies and/or procedures to
fully understand those actions that may be violations of relevant money laundering
or terrorist financing laws. We must be vigilant and exercise good judgment when
dealing with unusual customer transactions and escalate any situation that seems
inappropriate or suspicious. If you have further questions or concerns, contact your
Compliance Officer immediately.
OUR COMMITMENT
TO OUR COMMUNITIES
MONEY LAUNDERING AND TERRORIST FINANCING (continued)

Our Company is also required to take reasonable steps to choose business partners
that will not use American Express’ brand, products or services to engage in illegal
activities. If you have any concerns about a business partner’s activities, report the
situation to your leader, your Compliance Officer or the GCO immediately. In addition,
if you are approached by a government agency concerning a money laundering
or terrorist financing investigation, contact the GCO or your Compliance Officer
immediately.
43
QUESTION: Q. Yoshi meets with a potential client who wants to purchase a very large
amount of travelers’ cheques. She tells Yoshi that she frequently travels
and will likely be doing this on a regular basis. The potential client wants to
give Yoshi her personal information verbally, rather than fill out paperwork
that must be verified. Yoshi’s leader recognizes the woman as someone who
has regularly purchased travelers’ cheques, and tells Yoshi her name, which
matches her identification. Can Yoshi rely on his leader’s knowledge to skip
some steps in checking the client’s identification and the source of payment?
A. No. Regardless of whether his leader knows a potential client, Yoshi is obligated
to complete all identification and documentation requirements. Such rules are
designed to help our Company combat money laundering and the financing of
terrorism.
ANTI-CORRUPTION
We may not offer or accept any improper payments, gratuities or gifts
that are given (or may appear to be given) with the intent to obtain or retain
business or secure services.
Bribery harms not only our Company, but also the communities where we do QUESTION:
business. Governments are taking steps to combat bribery, and many of the
countries in which we do business have specific stringent laws against it. For these
reasons, our Company has adopted a zero tolerance policy for bribery, regardless Q: James’ department uses a
of where we are located. This means we may not engage in any form of bribery, third-party vendor to verify
including offering, soliciting or accepting anything of value, directly or indirectly, that information provided by
is given with the intent to obtain or retain business or secure services. There is no card applicants. This vendor
exception for small amounts. It is important to remember that engaging in bribery, recently raised its prices,
or even appearing to engage in such activity, can expose at-fault individuals and our claiming that it needs to hire
Company to criminal liability. government officials to verify
the tax documents provided 44
American Express National Bank (AENB) also adheres to the Bank Bribery Act. The by applicants. James suspects
Bank Bribery Act applies to directors, officers, employees, agents (which may include that the vendor plans to
employees of Bank affiliates), and attorneys of AENB. In-scope parties are expected give the extra money to the
to comply with the provisions of the Bank Bribery Policy. For more information, government officials to obtain
please refer to our Bank Bribery Policy or contact the Bank Bribery Team. confidential information. What
should he do?
Improper Payments
We must be especially cautious to avoid bribery when dealing with government A: James has an obligation
officials, including officials of international organizations and political parties, as to report his suspicions
well as employees of state-owned companies. This can even include employees of immediately to his Compliance
companies and joint venture partners that have been nationalized or have significant Officer or the GCO. This way,
government ownership stakes. We may not offer or promise anything of value to our Company can investigate
influence the actions or decisions of, or to obtain any improper advantage with, whether the vendor
government employees or the government bodies they may influence. If you have is making improper payments to
any questions about improper payments to government employees, contact Global a government official and halt
Anti- Corruption as well as your Compliance Officer or the GCO. any improper payments as soon
as possible.
Please refer to our Global Anti-Corruption Policy and The Square for more
information.
OUR COMMITMENT
TO OUR COMMUNITIES
Expediting Payments
Expediting payments (also known as “facilitating” or “grease” payments) are payments
made to speed up or secure the performance of a routine government action, such as
visa processing or customs clearance. Many countries around the world treat these
payments as illegal bribes. We are prohibited from making any expediting payments
to government employees, no matter where we are doing business. This is true
regardless of local customs in the locations where we do business.
45
QUESTION: Q. While traveling abroad on business, Myra needs to secure a service

from a local government. If she doesn’t secure it quickly, the project she’s
working on won’t meet its deadline. A government worker tells Myra that
a small cash payment will ensure timely service. Can she just make the
payment and obtain approval later, since it’s a small amount?
A. No, absolutely not. Expediting payments are strictly prohibited.

ENVIRONMENT
We are expected to act as environmental stewards when conducting
business on our Company’s behalf.
Our commitment to our communities means that we all must strive to minimize
any negative effects our work might have on the environment. This means that we
must comply with all applicable environmental laws and regulations, as well as any
guidelines set forth by our Company or Business Unit. We must all operate with
respect for the environment by working to minimize any environmental hazards,
conserve and protect natural resources, and manage our energy usage.
46
POLITICAL ACTIVITIES
Our involvement in political activities must be at our
own expense and on our own time.
Personal Political Activities

American Express encourages us to positively support the well-being of our
communities by participating in the political activities that interest us. However, we
must be careful to uphold our Company’s reputation by only participating in such
activities on our own time and at our own expense. We may not allow any campaign
or candidate to use any Company funds or assets, including facilities, equipment or
trademarks. In addition, we should never use our Company’s name while taking part
in these activities.
OUR COMMITMENT
TO OUR COMMUNITIES
American Express Political Activities

In certain locations, we are permitted by local law to represent our Company in a
political forum. For example, in the United States, we may pool personal funds in the
American Express Company Political Action Committee (AXP PAC). Participation is
always purely voluntary. Through the AXP PAC, we can support candidates running
for elective office who share our Company’s views on important public policy issues.
From time to time, the AXP PAC may host policy forums with candidates or elected
officials on Company property.
We must never use our position of authority to make another employee feel
compelled or pressured to participate in any way in any political event or cause, or for
47 any political purpose.
For more information on Company political activities, including the AXP PAC and
lobbying requirements, please see our Political Contributions, Lobbying Activities and
Provision of Gifts or Entertainment to Public Officials Policy.
CHARITABLE CONTRIBUTIONS POLICY

American Express supports various charities in the communities where we live
and work, and encourages our personal involvement through several Company-
run programs. However, only the Office of Corporate Social Responsibility and the
Chairman’s Office may make charitable contributions on behalf of our Company.
Please see our Charitable Contributions Policy, for more information.
MODERN SLAVERY AND HUMAN TRAFFICKING

American Express is, and has always been, committed to preventing acts of modern
slavery and human trafficking from occurring both within our business and our
supply chain by ensuring we only work with suppliers of the highest standard and
by running rigorous employment checks. Our Company strives to provide a safe,
diverse and equal opportunity workplace, and inhumane practices of modern
slavery within both our and partner organizations will not be tolerated. If you have
any concerns, please contact your Compliance Officer.
48
49
CLOSING
NOTES
While we each strive to uphold the Blue Box Values and act ethically at all times, it is
not always clear how we should do so. At times, you may face situations in which you
must make tough decisions about what is ethical and proper. These dilemmas don’t
always have obvious answers. While this Code and the resources it provides will help
us make the right choice, they may not always answer all of our questions. Before
acting or making a decision, ask yourself:
• Is it consistent with the Blue Box Values and the Code?

• How would I feel if my friends and family found out about it?
• How would I feel if it were broadcast on the nightly news?
• Could it be viewed or interpreted as inappropriate, unethical or threatening? 50
If you are still uncertain about what to do after asking yourself these questions,
always seek guidance from your leader, your Compliance Officer or anyone listed in
“Where to Seek Help and Report Concerns” before you act.
WHERE TO
If you have any questions or concerns related to the Code or wish to report
any unethical or illegal situations, you should contact:
Within Your Business

Generally, your leader will be in the best position to help you with any questions or
concerns that you may have regarding the Code.
Corporate Secretary’s Office

To disclose potential conflicts of interest or other Code matters, contact the
Corporate Secretary’s Office.
51 Here is an example of when you would contact the Corporate Secretary’s Office:
A vice president in Corporate Planning has a wife who was just offered a
job as a vice president of Marketing at another card company. He’s unsure
if this presents a conflict of interest.
General Counsel’s Organization

If your question is legal in nature, you may wish to contact the legal counsel that
works with your business unit. You can find contact information for people in the
General Counsel’s Organization on The Square.
Here is an example of when you would contact the General Counsel’s Organization:
An executive assistant working at a remote office receives a court order
from a local magistrate demanding that she provide detailed business
information. She doesn’t know if she should provide the information.
Compliance & Ethics

Contact your business unit’s Compliance Officer or your Regional Compliance
Officer. You can find contact information for people in Compliance & Ethics on The
Square.
Here is an example of when you would contact Compliance & Ethics:

An employee who works in one of the operating centers notices that his leader
checks the personal American Express accounts of his coworkers when they call
in sick. He thinks this is unethical.
Human Resources/Employee Relations

For employee or other human resources matters, you can contact your unit’s Human
Resources representative and/or Employee Relations representative:
HR Self Service
Here is an example of when you would contact Human Resources/Employee

Relations:
An employee feels harassed by her leader, but isn’t certain whether his conduct
constitutes harassment. She would like to speak with someone to determine
whether she should make a report.
52
The Amex Ethics Hotline
If you prefer, you may contact the Amex Ethics Hotline and make an anonymous (where
legally permissible) or confidential report either by telephone or online.
Here is an example of when you would contact the Amex Ethics Hotline:
An employee discovers that a new contract for outside services is with a company
that is owned by a close relative of her senior leader. The employee suspects that
the appropriate procurement process may have been circumvented and that
required disclosures were not made. She would like to report it, but is fearful her
career will be negatively affected. She may contact the Amex Ethics Hotline to make
an anonymous (where legally permissible) or confidential report.
All reports of violations of the Code will be treated confidentially, to the extent
possible. No one who suspects a violation and reports it in good faith will be subject
to retaliation for making such a report.
FAQs: Send Word Now (SWN) Crisis Alert System
INTRODUCTION
What is Send Word Now?

Send Word Now (“SWN”) is a notification system that automatically sends alerts via text message and
automated voicemail. In a crisis situation, Global Security may decide to use SWN to send real-time
updates and instructions to employees’ and contractors’ personal and work phone numbers. Alerts will
not be pushed out to your home phone number. – Move to the Launch Letter
What is considered a “crisis”?

In general, a crisis is any situation at or near an Amex office that poses an immediate threat to
employees’ and contractors’ safety or security. The SWN system will not be used to send general
communications or non-critical facility updates.
Examples of crisis situations that would likely result in SWN alerts include but are not limited to:
• Fire
• Natural disaster (such as a hurricane, tornado or earthquake)
• Civil unrest (such as a riot)
• Hazardous materials (such as a toxic spill)
• Bomb/explosives
• Terrorism/violent situation
To ensure compliance and system effectiveness, periodically SWN TESTING messages will be sent out to
a sample of employees. You will be provided with advance notice of the testing and the message will
clearly state that it is a test.
Do I need to “opt in” to receive SWN alerts?

You will receive SWN alerts as a text or voicemail on company-issued and personal devices. We
encourage you to check your myHR profile and ensure your work and personal details are up to date.
Instructions are below under “Contact Information.”
Can I opt out?

You cannot opt out of receiving alerts on company-issued devices, such as Blackberrys, or through
company communication channels, such as your AXP phone number or email.
While it is ultimately your decision, we do not recommend opting out of receiving these alerts on your
personal mobile device, whether or not you are part of BYOD (“Bring Your Own Device”). Our desire is to
communicate essential information to help keep you safe in the event of a crisis. If you decide to opt out
on your personal device, please text STOP to 82104. To opt back in, text START to 38671.
Can I sign up my family to receive these alerts, too?

No, SWN is for employees and contractors only. The system will be used to keep you informed in the
event of a crisis in or near an Amex facility and to advise what you must do to stay safe.
Who is the SWN vendor?

We have partnered with Send Word Now, one of the leading providers of crisis notification systems.
Send Word Now is used by more than 1,700 public and private sector organizations, and was named
“Notification System of the Year” by the Disaster Recovery Institute. After extensive vetting, Amex
determined that Send Word Now delivered the best system for our crisis communication needs.
CONTACT INFORMATION
How do I ensure my contact information is correct/up to date?

To ensure your contact information is up to date, please visit your myHR profile. To edit or add a
number, select the “Personal Details” tab under “My Profile.” Click “Phone Numbers” and then the
“Change” button. You can add up to four different numbers, including personal mobile, business mobile
and business.
You have the option of adding your home phone number to your myHR profile. Alerts will not be
pushed out to your home number even if it is included in your profile.
Who will have access to my personal contact information?

We are committed to safeguarding your personally identifiable information (PII). Therefore, Global
Security team members will have access to your personal data (name and phone numbers provided in
your myHR profile) only when a crisis requires them to send an alert. Employees of Send Word Now will
not have access to your data.
How do I ensure my building location is correct/up to date?

To ensure your building location is up to date, please visit your myHR profile. Select “Public Profile” tab
under “My Profile.” You will be redirected to your public profile on The Square. Verify your “Building
Name” is correct on the right hand side of the page. If the “Building Name” is inaccurate, please contact
your leader to update.
RECEIVING AN ALERT
Who will the alerts come from (e.g., AXP security, police/fire department)?
SWN alerts will be sent by a Global Security team member.
How will I know when I receive a SWN alert?

Each SWN alert will be clearly labeled “AXP GLOBAL SECURITY ALERT.”
What level of detail will these alerts provide?

As you know, crisis situations are fluid and information changes rapidly. Therefore, alerts will include the
most accurate and essential facts and instructions available at the time. Depending on the situation,
local or federal law enforcement will be on the scene and may dictate what instructions or information
the alerts should include.
Will alerts be sent for crisis situations that happen only in an Amex office or will we also receive alerts
for events occurring in the surrounding area?
The Global Security team continually assesses employees’ and contractors’ safety and security by
monitoring activity in and around the company’s offices, as well as updates it receives from building
management and local/federal law enforcement. Therefore, an alert will be sent if a crisis occurs in or
near an Amex facility and/or Global Security deems an event poses an immediate threat to your safety
or security.
CRISIS COMMUNICATION CHANNELS
Will SWN replace the Business Resumption Line (BRL)?

No, SWN will not replace the BRL.
Will SWN replace announcements over the PA?

No, SWN will not replace announcements made by the fire safety director over the PA. This new
notification system will enhance the Global Security team’s ability to quickly communicate facts and
instructions to you in the event of a crisis.
Will SWN replace emails sent by Employee Communications/senior leaders?

No, SWN will not replace emails sent by Employee Communications or senior leaders. Alerts will be sent
during the height of a crisis, when it is critical to quickly communicate essential information to
employees and contractors to ensure their safety and security.
SWN will complement our current crisis response communication channels, which include emails sent by
Employee Communications/senior leaders as well as announcements made on the PA system and
updates posted on The Square.
Will I be able to text crisis personnel, such as the police or fire department, using SWN?
No, the system is not connected to 911 operators/dispatching system.
MISCELLANEUOUS
Who do I contact if I still have questions?

Please email your questions to Dave Symington, Manager, Security Services at
dave.s.symington@aexp.com.
EMPLOYEE CONSENT FORM
CONFIDENTIALITY AGREEMENT
The nature of our work at Amex Canada Inc. and Amex Bank of Canada (collectively “Amex Canada”)
involves confidential information, files, records and forms. Confidential information requires strict
security measures. Confidential information and trade secrets are defined to include but are not limited
to records, data, systems, lists of customers, information concerning Cardmembers and Merchants,
information and documents which give Amex Canada an opportunity to obtain an advantage over its
competitors who do not know or use it.
Amex Canada must take steps to protect its investment and confidential information. Amex Canada
also desires to ensure that our customers’ right to privacy is not violated and therefore requires that
you agree to the following as a condition of your employment with us:
 You agree and understand that it is your responsibility not to reveal Amex Canada’ confidential
or trade secret information to your fellow employees except to the extent required by your
normal job duties.
 You agree not to discuss confidential Amex Canada business or customer business with
unauthorized sources outside Amex Canada.
 You agree to help safeguard our customers’ right to privacy by exercising diligence and care in
the handling of confidential information relating to them.
 You agree not to use in any manner, or take advantage of, for your own benefit or the benefit
of a third party, any confidential or trade secret information.
Please indicate your understanding and acceptance of the obligations described herein by signing and
returning a copy of this memorandum.
I understand the above are conditions of my employment and agree to adhere to them.
BONDING PROVISIONS
I understand that employees of Amex Canada and its subsidiaries may be bonded. I agree that all
information contained in my employment application or otherwise available to Amex Canada may be
disclosed to the bonding company for the purpose of processing my coverage under the Amex Canada
insurance policy. I agree to provide whatever additional information the bonding company may
request from time to time to ensure my continued insurability. I understand that if for any reason the
bonding company refuses to bond me, my employment may be automatically terminated or I may be
reassigned or transferred to a different position. I also understand that should the bonding company
ever have to pay a loss on my account, I am obliged to reimburse the bonding company.
SANCTIONS SCREENING
For compliance and security reasons, including protecting public safety and protecting the privacy of
Amex Canada cardholders, I consent to Amex Canada checking my name during the course of my
employment against a number of publically available lists published by regulators, government
agencies and international organizations that track certain unlawful activity on a global basis
(“Sanctions Screening”). I authorize Amex Canada to disclose a positive match from the Sanctions
Screening to appropriate authorities and I further authorize Amex Canada to provide reasonable co-
CAN_GPA_ECF
Page 1 of 2
operation, including disclosing relevant personal information, to such authorities with respect to any
related inquiries that may be made at any time during the course of my employment.
In response to any reasonable concerns during the course of my employment regarding my compliance
with Amex Canada policies relating to the security of its cardmembers, merchants and customers, I
consent to Amex Canada undertaking a criminal record check and I agree to provide any
documentation as may be required to undertake such record check.
EMPLOYEE CONSENT
I understand it is the policy of Amex Canada to assist employees in attaining high levels of job
performance through training and to ensure that high levels of service are provided to Cardmembers,
Merchants, and other clients and customers.
I understand that to achieve these ends, telephone calls made or received at the Amex Canada offices
may be monitored and /or recorded.
I consent to such monitoring and recording while I occupy my current position or a position that
requires service to Cardmembers, Merchants and other clients and customers or until such time as I
am advised by Amex Canada that such monitoring shall cease or until Amex Canada has received my
notification in writing that this consent is withdrawn.
I acknowledge that Amex Canada monitors it premises, including parking lots, by video camera for
purposes of safety, security and incident investigation.
I agree that any personal information that Amex Canada may collect in my capacity as an Amex
Canada cardholder or customer of Amex Canada products or services may be used to assess
compliance with the terms and conditions of my employment.
To assist me to perform my employment duties and responsibilities with efficiency and timeliness,
Amex Canada may provide me with personal electronic devices such as a laptop computer, Blackberry,
smart phone, tablet or other handheld/wireless devices (singularly, a “PED”, collectively, “PEDs”). All
communications and data composed, sent, received or saved through any PED are the property of
Amex Canada and/or may be reviewed by Amex Canada. I therefore agree to use a PED solely for the
purpose for which it is made available to me and, to ensure compliance with any terms of usage and
the Amex Canada Information Security Electronic Communications Requirements Guideline, I consent
to Amex Canada monitoring my use of any Amex Canada computer and any PED, including reviewing,
reading or downloading any document, message or data created, filed or saved on or by an Amex
Canada computer or PED. I agree to reimburse Amex Canada for any costs incurred in connection with
my use personal or unauthorized use of a PED.
Kiara Cuter
Employee Name: _______________________________ Employee ID:
Employee Signature: _______________________________ Date:
CAN_GPA_ECF
Page 2 of 2
DocuSign Envelope ID: 71F6FAC6-0BB0-40A7-AD85-FD6B8EC0C64F
Global Employee Data Protection & Privacy Principles
Effective Date: January 13, 2021
The following Data Protection and Privacy Principles (“Principles”) set out the way that
American Express Company and its wholly owned direct and indirect subsidiaries (“American
Express”) will collect, use, store, share, transmit, delete or otherwise process (collectively
“process”) your personal data. Personal data means any information that relates to an
identified or identifiable individual. The standard of personal data protection set out in these
Principles will be used by American Express globally, providing adequate and consistent
protection for the processing of your personal data. In these Principles, “you” and “your”
means any individual customer or employee of American Express and any other individual
whose personal data we process and “we”, “us”, “our” and “American Express Group” means
American Express.
Description and Purpose

It is the policy of American Express (“the Company”) to abide by the Employee Data Protection
and Privacy Principles (Principles). These Principles set out the way that the Company will
collect, use, store, share, transmit, delete, or otherwise process (collectively “process”)
employee personal data. The content of this policy is reflective of the American Express Data
Protection and Privacy Principles (herein after Privacy Principles or Principles) that apply to
consumer and employee data. Any changes to the content are the result of changes to the core
enterprise version of the Privacy Principles.
Scope
The standard of personal data protection set out in these Principles is used by the Company
globally, providing adequate and consistent protection for the processing of employee personal
data. Nothing in these Principles is intended to form a contract of employment or otherwise.
We may amend these Principles from time to time, should we consider it necessary to do so,
and we will update you on any changes.
Key Definitions
Personal Data: Sometimes called personally identifiable information (PII), refers to information,
in any form, that identifies or can be used in combination with other information available to
the Company to identify an individual and includes any information that is associated with an
identified individual. See relevant market data protection policies for market-specific
interpretations and requirements.
CAN_GPA_DPP Page 1 of 4
The information classification of Personal Data is subject to AXP Information Security Standards.
The Company: American Express (“AXP” or the “Company”)
Processing: Refers to any action taken in relation to personal data and includes collecting,
storing, altering, accessing, using, transferring, receiving, sharing or destroying personal data.
Colleague: Employee (Amex verbiage) (Covers Employment Candidate and Colleague personal
data)
American Express Data Protection and Privacy Principles
1- Collection
We will only collect personal data that is needed and by lawful and fair means.
2- Notice and Processing

Where it is not apparent from the employee relationship, we will tell employees how their
personal data will be processed and which companies in the American Express Group are
responsible for that processing. We will process employee personal data fairly and only for
those purposes it has told employees about, for purposes permitted by employees, or as
permitted by applicable law. In addition, employees may object to certain types of processing
as expressly permitted by applicable law.
3- Choice
We collect personal data for employment related business purposes. Where law or contract
requires your consent (a.k.a. choice) or the consent of an employee representative, we will
comply with the law or contract.
4- Data Quality
We use appropriate technology and well-defined employee practices to process employee
personal data promptly and accurately. We will not keep personal data longer than is
necessary, except as otherwise required by applicable law.
5- Security and Confidentiality

We will keep your personal data confidential and limit access to your personal data to those
who specifically need it to conduct their business activities, except as otherwise permitted by
applicable law. We refer to industry standards and use reasonable administrative, technical,
and physical security measures to protect your personal data from unauthorized access,
destruction, use, modification, or disclosure. We require industry standard data security
measures from those third parties who are authorized by us to process your personal data on
our behalf.
6- Data Sharing
We only share your personal data with third parties where it is necessary to provide you with
products or services or as part of our relationship with you, where we have previously informed
or been authorized by you, in connection with our efforts to reduce fraud or criminal activity, or
as permitted by law.
7- Openness and Data Access

If asked, we will inform you about how employee personal data is processed and the rights and
remedies employees have under these Principles. You may inquire as to the nature of the
personal data stored or processed about you by American Express. You will be provided access
as is required by law in your country, regardless of the location of the data processing and
storage. If any data is inaccurate or incomplete, you may request that the data be amended.
8- International Transfer
Where it is not apparent from the international products or services you require or the nature
of your relationship with us, we will inform you if your personal data may be transferred
outside of your country and ensure that such transfer is only performed in accordance with
applicable law. Regardless of where your personal data is transferred, it is protected by these
Principles.
9- Responsibility
Each company in the American Express Group and their employees may only process your
personal data in accordance with these Principles. We conduct training and reviews of our
compliance with these Principles. Employees who violate these Principles may be subject to
disciplinary action, up to and including dismissal.
Employees are expected to report violations of these Principles and may do so to their leaders
or Colleague Experience Group (CEG), to their business unit's compliance officer, to the General
Counsel’s Organization (GCO), to the Global Privacy Office, to the Global Compliance & Ethics or
to the Amex Ethics Hotline (https://amex.ethicspoint.com/).
10- Accountability
You may enforce these Principles in your country against any company in the American Express
Group that is responsible for your personal data, as a third party contractual beneficiary to
these Principles. If you have a complaint that we have breached these Principles and have
attempted in good faith to resolve the complaint through the employee complaints process,
but the complaint was not resolved by us within a reasonable amount of time, then you may
enforce these Principles against us. If you complain to your local data protection authority and
the data protection authority finds that we have breached these Principles, we will abide by the
findings of the data protection authority, but we reserve the right to challenge or appeal such
findings. These Principles do not affect any rights you have under applicable law, the
requirements of any applicable regulatory data protection authority, or any other type of
agreement that you may have with us.
For policies and guidance supporting our enterprise wide Global Privacy framework, please
consult the Privacy Information Center via The Square.
I have read and understand the above noted Global Employee Data Protection & Privacy
Principles.
Kiara Cuter
Employee ID
Name (if available)
____________________________ ______________________________
Signature Date
Workplace Harassment and Violence Prevention

Policy Name :
Policy and Program
Country : Canada
Policy Reference # : E – 36.07

Effective Date : November 25, 2019
Responsible Functional Group : Colleague and Labour Relations
1.0 HIGH-LEVEL DESCRIPTION AND PURPOSE

The purpose of this policy is to make all employees aware of the Company’s position on harassment and
violence in the workplace. This policy is available electronically on The Square and will be posted on the
Health & Safety communication board. This policy will be applied in accordance with applicable legislation.
All employees are entitled to employment free from violence and harassment (including sexual harassment and
bullying). It is the policy of the Company to provide a safe environment for employees, customers and visitors.
The Company is firmly committed to preventing and protecting against harassment and violence in the
workplace. It is the responsibility of each member of staff and management to foster and encourage a safe and
healthy work environment, and to take appropriate steps in the event of a contravention of this policy.
The Company will not tolerate any harassing or violent behaviour by or against its employees. Employees who
have been subjected to, or who have otherwise been made aware of, harassment or violence by another
employee or a third party such as a vendor or customer must report the incident under this policy. The
Company will investigate and respond to all complaints of workplace harassment and/or violence as required
by applicable legislation, and will take remedial action as necessary to address any such incidents.
This policy is not intended to discourage or prevent anyone from exercising any other legal rights under any
other law, including filing a complaint with the applicable human rights tribunal / commission. For example,
employees may seek redress for discriminatory harassment, including sexual harassment, under the
discriminatory practices provisions of applicable human rights legislation.
2.0 SCOPE
This policy and its related practices apply to all employees, including full-time, part-time, and temporary
employees, as well as agency contractors, and any third parties attending at the Company's workplace.
CAN_GPA_WHP AXP Internal Page 1 of 16 1

The workplace is not confined to the offices and building of the Company. It also includes any other location
where Company business is being conducted, as well as off-site meetings and conferences. This policy also
applies where harassment or violence arises outside of the workplace or outside of working hours, but where it
has repercussions in the work environment, adversely affects employee relationships, or leads to adverse job-
related consequences for the victim.
3.0 KEY DEFINITIONS
i. General
Workplace Harassment and Violence means any action, conduct or comment, including of a sexual nature,
that can reasonably be expected to cause offence, humiliation or other physical or psychological injury or illness
to an employee.
Principal Party means an individual who is the object of an alleged incident of workplace harassment and/or
violence.
Responding Party means the individual who is identified as responsible for an alleged incident of workplace
harassment and/or violence.
Third Party means an individual who witnessed an alleged incident of workplace harassment and/or violence,
or who is informed of an alleged incident of workplace harassment and/or violence by a Principal or Responding
Party.
Designated Recipient means the individual designated by the Company to whom a report of an incident of
workplace harassment or violence may be given. The Company’s Designated Recipient is Annette Kingsley,
Director, Colleague and Labour Relations who will assign and monitor the investigation and outcome.
ii. Workplace Harassment

Workplace harassment includes:
a) any vexatious action, conduct or comment against a worker in a workplace that is known or ought
reasonably to be known to be unwelcome;
b) workplace sexual harassment;
c) workplace discriminatory harassment;
d) workplace bullying; and
2
CAN_GPA_WHP AXP Internal Page 2 of 16
e) workplace psychological harassment.
Workplace sexual harassment includes:
a) any action, conduct, comment, gesture, or contact of a sexual nature that is likely to cause offence
or humiliate any employee, or that might, on reasonable grounds, be perceived by that employee as
placing a condition of a sexual nature on employment or on any employment opportunity, including
for training or promotion, or
b) any action, comment or conduct against a worker in a workplace because of sex, sexual orientation,
gender identity or gender expression, where the course of comment or conduct is known or ought
reasonably to be known to be unwelcome, or
c) making a sexual solicitation or advance where the person making the solicitation or advance is in a
position to confer, grant or deny a benefit or advancement to the worker and the person knows or
ought reasonably to know that the solicitation or advance is unwelcome.
Examples of sexual harassment include but are not limited to:
remarks, jokes, innuendoes, or taunting of a sexual nature about a person's body, attire, age or marital
status which causes or is intended to cause awkwardness or embarrassment;
the display of pornographic pictures or other offensive material;
comments or conduct made because of an employee's sex, e.g. comments implying sexual
unattractiveness;
unwelcome conduct such as leering, touching, patting, or pinching;
requesting sexual favours from an employee, hinting that a promotion might be delayed or denied if
refused; or conversely, promising a promotion or other advantage if granted;
threatening or instituting a reprisal against a person who rejects a sexual advance.
Workplace bullying is a form of workplace harassment, and includes any inappropriate conduct or
comment by a person towards a worker that the person knew or reasonably ought to have known would
cause that worker to be humiliated or intimidated.
Workplace psychological harassment is a form of workplace harassment, and includes any vexatious behavior
in the form of hostile or unwanted conduct, verbal comments, actions or gestures, that affects an employee’s
dignity, or psychological or physical integrity, and results in a harmful work environment for the employee.
Poisoned work environment

Even where insulting, degrading, or discriminatory comments or conduct are not directed at any one person,
someone may still experience a poisoned work environment. The Company will not tolerate a workplace that is
hostile or unwelcoming because of insulting, degrading or discriminatory comments or actions that have been
made about others. Comments or conduct of this kind can have a negative influence on others and how they are
treated.
3
Workplace discriminatory harassment

Workplace harassment may also constitute a form of discrimination. Discriminatory harassment targets an
individual or group of individuals based upon characteristics protected under human rights legislation. The
Company will not tolerate any form of discrimination or harassment based on race, ancestry, place of origin,
national or ethnic origin, colour, religion, creed, citizenship, sex, age, marital status, family status, disability,
sexual orientation, gender identity or expression, political belief, or any other ground prohibited by law.
For example, harassment may be of a religious, racial or ethnic nature, involving action, comment, or conduct
against an employee or group of employees which is intimidating, humiliating, or malicious. Religious,
racial, or ethnic harassment may include but is not limited to:
unwelcome remarks, jokes, innuendoes or taunting about a person's racial or ethnic background, religion,
colour, place of birth, citizenship or ancestry;
the displaying of racist, derogatory, or offensive pictures or material; or
refusing to work with an employee because of his or her racial or ethnic background.
Harassment does not include a reasonable action taken by an employer or supervisor relating to the
management and direction of workers or the workplace, including:
changes in work assignment, schedules, job evaluation;
conducting workplace inspections;
managing performance, including disciplinary actions related to performance, attendance or behavioural
problems which are dealt with in accordance with the Company Performance Management Guidelines.
iii. Workplace Violence

Workplace violence includes any action, conduct, attempted conduct, threat or gesture of a person towards
an employee in their workplace that can reasonably be expected to cause harm, injury or illness to that
employee. Workplace violence includes harassment and psychological harassment towards an employee that
can be expected to cause harm, injury, or illness to that employee.
Examples of workplace violence include (but are not limited to) the following behaviours:
• causing physical injury to another person;
• making threatening remarks;
• behaving in a hostile or aggressive manner that creates a reasonable fear of injury to another person or
subjects another individual to emotional distress;
• intentionally damaging Company property or property of another employee;
• possessing a weapon while on Company property or while on Company business;
• committing acts motivated by, or related to, sexual harassment or domestic violence.
Domestic violence is a pattern of behaviour used by one person to gain power or control over another with whom
he or she has an intimate relationship. This pattern of behaviour may include physical violence, sexual, emotional
and psychological intimidation, verbal abuse, stalking and using electronic devices to harass and control.
4
iv. Factors that Contribute to Workplace Harassment and Violence

Factors that contribute to workplace harassment and violence include:
• Working with the public;

• Handling money or valuables;
• Providing service, care, advice or education;
• Working alone or in small numbers;
• Working in isolated or low traffic areas;
• Working during periods of intense organizational change (e.g. downsizing);
• Low morale or lack of communication; and,
• Lack of awareness regarding reporting procedures for incidents of workplace harassment and violence.
4.0 POLICY REQUIREMENTS / ELIGIBILITY

i. Commitment
The Company is committed to:
providing a safe, healthy, harassment-free and violence-free workplace;

minimizing or eliminating the risk of workplace harassment and violence;
dedicating sufficient attention, resources and time to address factors that contribute to workplace
harassment and violence including, but not limited to, bullying, teasing, and abusive and other aggressive
behaviour, and to prevent and protect against it;
communicating to its employees information in its possession about factors contributing to workplace
harassment and violence;
providing a training program for employees on workplace violence, including on factors that contribute
to workplace harassment and violence; and
assisting employees who have been exposed to workplace harassment and violence.
ii. Workplace Harassment and Violence Prohibited

Employees are strictly prohibited from engaging in workplace harassment and/or violence against another
employee, customer, or member of the public. Such conduct will not be tolerated and will be subject to prompt
disciplinary action up to and including termination of employment with cause.
It is important to respect the rights, opinions, and dignity of every individual. Every individual has the right to
work in a professional atmosphere that is free from any form of workplace harassment or violence, and that is
in keeping with the Company's Blue Box Values.
5
Some employees may be at risk of exposure to workplace harassment and/or violence by customers or visitors.
Should such incidents occur, the Company is committed to responding in a timely and sensitive manner.
We appreciate the highly charged circumstances of a customer focused environment, but the Company will not
tolerate situations of intentional abuse to employees. The Company will not tolerate and will take every
reasonable effort to prevent workplace harassment and/or workplace violence by a person against an employee.
All employees, including leaders and temporary employees, should be treated with courtesy and respect at all
times. Employees are expected to refrain from fighting, “horseplay”, practical jokes, unnecessary running or
jumping, or other conduct that may be dangerous to others. Firearms, weapons, and other dangerous or
hazardous devices or substances are prohibited from the premises of the Company without prior authorization.
All acts of workplace harassment or violence (including threats), both direct and indirect, should be reported
following the reporting procedures documented in this policy. This includes acts by employees, as well as by
customers, vendors, solicitors, or other member of the public. When making a report, the employee should be
as specific and detailed as possible.
iii. Training
All employees will receive training on the elements of this policy and program, the relationship between
workplace harassment and violence and the prohibited grounds of discrimination set out in applicable
human rights legislation, how to recognize, minimize and prevent workplace harassment and violence, crisis
prevention, personal safety and de-escalation techniques, and how to appropriately respond to various types
of occurrences of workplace harassment or violence.
iv. Workplace Harassment and Violence Risk Assessment

a) Identification of Risks
The Company and, where required by applicable legislation, the health and safety committee, have
conducted a workplace harassment and violence risk assessment to assess the risks of workplace harassment
and violence that may arise in the workplace, by taking into account such factors as:
the nature of the workplace;
the type of work performed;
the culture, conditions, and activities of the workplace;
any reports, records and data that are related to harassment and violence in the workplace; and,
any other factors prescribed by applicable legislation.
Where required by applicable legislation, the results of the risk assessment were communicated to
employees, employee representatives, and the health and safety committee, as applicable, in the form of a
written report.
6
The Company shall reassess the risks of and preventive measures for workplace harassment and violence
and, if necessary, update this assessment as often as is necessary and as required by applicable legislation to
ensure that the Company continues to protect employees from workplace harassment and violence.
The assessment will also be reviewed and, if necessary, updated if a report of an occurrence of workplace
harassment or violence has been made and the resolution process cannot proceed because: i) the Principal
Party chooses to remain anonymous or, at any time before an occurrence of workplace harassment or
violence is investigated, the Principal Party chooses not to proceed with the Resolution Process below; or,
ii) the Responding Party is not an employee or the employer.
b) Measures to Eliminate/Minimize the Risk of Workplace Harassment and Violence
Safe work procedures and preventive measures have been developed and implemented to inform and instruct
employees about the risks of workplace harassment and violence identified in the risk assessment conducted
by the workplace risk assessment team.
As a result of the risks identified in the assessment, the following changes have been made in the workplace:
• increased lighting;
• decreased sources of occupational stress, such as noise and overcrowding;
• increased site security inside and outside the building (including parking lot);
Hiring Practices
The Company takes reasonable measures to review candidates' backgrounds to reduce the risk of hiring
individuals with a history of harassing or violent behaviour.
Notification of Workers at Risk

If (1) the Company (including managers and supervisors) is aware that an employee can be expected to
encounter a person with a history of violent behaviour, and the risk of workplace violence by that person is
likely to expose the employee to harm, injury, or illness, or (2) an actual incident of workplace violence has
occurred, or (3) an incident of workplace violence is reasonably expected to occur, the Company will take
the appropriate steps to ensure the safety of all employees, including the following:
1. Management will advise the employees who are at risk. They will also coordinate a review of current
procedures to minimize risk.
2. Information about the source of workplace violence will be provided to the employees who are at risk
and their supervisors.
In doing so, the Company will limit its disclosure of personal information to what is necessary to protect
employees from harm, injury, or illness.
Domestic Violence or other External Dangers
7
Any employee who believes that external dangers such as domestic violence may give rise to an incident of
harassment or violence in the workplace that would likely expose the employee or another employee to
harm, injury, or illness, should report the matter to Colleague and Labour Relations, Security, or the
Designated Recipient. The Company recognizes and respects the sensitivity and confidential nature of such
information. The Company is committed to reducing the risk of external dangers giving rise to an incident of
harassment or violence in the workplace, but we need the help of all employees. Employees who believe
that they are at risk of being subjected to external dangers, such as domestic violence, will be supported by
Colleague and Labour Relations and will be provided with appropriate and confidential outside support, as
appropriate.
If the Company is aware or made aware of external dangers that could give rise to an incident of harassment
or violence in the workplace that would likely expose the employee or another employee to harm, injury, or
illness, it will take every precaution reasonable under the circumstances for the protection of the employee.
Measures that may be implemented include increased monitoring/security, special notification procedures,
and a review of specific risks in relation to a person identified as a threat, including recent separation,
violation of restraining orders, alcohol/drug abuse, and acquisition of weapons.
Recommendation to Get Medical Help

Employees who have been the victim of workplace harassment and violence will be:
• encouraged to get medical help;
• encouraged to contact the confidential and free counselling services of Healthy Minds
• given the opportunity to be examined by or consult with a physician of his or her choice for treatment or
referral for post-incident counseling; and
• provided with transportation if required.
The Company will review the incident and its effects and take reasonable steps to accommodate employees
involved in the incident.
An employee who is subjected to workplace harassment and violence will keep existing benefits coverage
while under treatment or counseling, subject to plan terms, and in accordance with applicable law.
If an employee is subject to workplace harassment or violence that necessitates medical care or results in
the employee not being able to earn full wages, both the Company and the employee must file a report of
injury with the applicable workers’ compensation board where required by applicable legislation or apply
for short term disability benefits. The Company will comply with any reporting procedures required by
applicable occupational health and safety legislation and/or workers’ compensation legislation.
Summoning Immediate Assistance in an Emergency
If an incident of workplace harassment or violence poses an immediate danger to the health and safety of an
employee, or there is a threat of such an incident, employees are required to contact 911 and immediately advise
Global Security 437-836-5555 of the call so that they are prepared for their arrival and can direct them
accordingly.
8
Employees who are subjected to workplace harassment and violence and who need immediate assistance should
yell “help”.
Any employee who reasonably believes that he is she is in immediate danger has the right to make use of
his or her “work refusal” entitlements under occupational health and safety legislation, where applicable.
All suspicious individuals or activities should also be reported as soon as possible. Do not place yourself in
peril. If you see or hear a commotion or disturbance near your workstation, do not try to intercede or see
what is happening. Immediately alert your supervisor.
v. Reporting and Response Procedures

Workplace Violence
Any employee who is the subject of workplace violence or who otherwise becomes aware of an incident
of workplace violence, must report the matter, as soon as possible, to their Leader, Colleague and Labour
Relations, Security, or the Designated Recipient. Reports may be made anonymously, and may be made
orally or in writing.
Any potentially dangerous situation must be reported immediately and, if required, 911 or your local
emergency response service notified.
The employee and/or his or her Leader, Colleague and Labour Relations, Security, or the Designated
Recipient should assess the risk associated with the situation and document the incident. Details of the
incident or incidents, names of the individuals involved, and the names of any witnesses should be included.
It is the responsibility of the Leader or Security to contact Colleague and Labour Relations immediately
if they have witnessed violent behavior or if a member of their team has come to them with concerns
about workplace violence.
The Leader, Colleague and Labour Relations, Security, and/or the Designated Recipient will take steps
to ensure the safety of parties involved.
While we do not expect employees to be skilled in identifying potentially dangerous persons, employees
are expected to exercise good judgment. If an employee is faced with a critical or immediate incident of
workplace violence or if any employee exhibits behaviour which could be a sign of a potentially
dangerous situation, they should immediately inform Amex Global Security at 437-836-5555. Such
behaviour includes:
discussing weapons or bringing them to the workplace;
displaying overt signs of extreme stress, resentment, hostility, or anger;
making threatening remarks;
sudden or significant deterioration of performance;
displaying irrational or inappropriate behaviour.
9
Workplace Harassment
The following steps outline the Company's reporting process if workplace harassment occurs. If for any
reason, an employee does not wish to follow these steps, he or she is encouraged to discuss the matter
directly with Colleague and Labour Relations or the Designated Recipient, in confidence.
Step 1 – Ask the harasser to stop
Employees are encouraged to explain to the person who is harassing them that the conduct is unwelcome
and against Company policy. An individual may not realize that he or she is being offensive, and bringing
it to his or her attention may stop the behaviour. Please note that employees are not required to confront the
person harassing or bullying them if they do not feel comfortable doing so.
Step 2 – Keep a record
The employee should attempt to document specific instances of harassment or bullying that occurred, e.g.
when did the harassment occur (dates, times, location). What happened? Were there any witnesses? Were
there any threats or reprisal? (While failure to keep a diary of the events will not invalidate an employee's
complaint, such a diary will be helpful in supporting a complaint).
Step 3 – Make a complaint
If the harassment persists despite an employee having made it known to the person harassing them that the
conduct is unwelcome, or if the employee is not comfortable confronting the person, he or she, or a Third
Party, should report the problem in confidence to his or her Leader, Colleague and Labour Relations, the
Designated Recipient, or the Amex Ethics Hotline at 1 844 439 4696, amex.ethicspoint.com. Reports may
be made anonymously, and either orally or in writing.
At this point in the process, Colleague and Labour Relations should be notified by the Leader of the situation
if that has not already occurred. Details of the incident should be documented by the employee and/or his
or her Leader, Colleague and Labour Relations, or the Designated Recipient.
Confidentiality
Once a complaint of workplace harassment or violence is received, it will be kept confidential and the Company
will not disclose the names of a Principal Party, Third Party, or Responding Party, or any other persons involved
in the complaint, or the circumstances related to the complaint, unless the disclosure is necessary for the purposes
of investigating or taking corrective action or is otherwise required by law. Any information which must be
disclosed will be limited to the minimum amount necessary.
Response to a Report of Workplace Violence or Harassment
Within five days after receiving a report of an incident of workplace violence or harassment, the Company
or Designated Recipient will contact the Principal Party and:

Confirm the report has been received, or inform them a report has been made by a Third Party;
Advise them how to access this policy;
Explain the resolution process in this policy; and,
Inform them that they may, at any time, be represented during the resolution process.
On the first occasion that the Company or the Designated Recipient contacts the Responding Party, the
Company will:
Advise them how to access this policy;

Explain the resolution process in this policy;
Inform them that they may, at any time, be represented during the resolution process.
Within five days after receiving a report of an occurrence of workplace violence or harassment from a Third
Party who is not anonymous, the Company or Designated Recipient will confirm receipt with the Third
Party.
Note: Pursuant to the applicable legislation employees can request the assistance of an Occupational Health
Officer to resolve a complaint.
vi. Resolution Process

a) Early Resolution and Conciliation (where required by applicable legislation)
The Company or Designated Recipient, as the case may be, will make every reasonable effort to resolve the
reported incident of workplace harassment or violence informally. Where it is not resolved, the Principal Party
may choose to proceed by means of either conciliation or investigation.
Conciliation may only proceed if: an investigation has not begun, and the Principal and Responding Parties agree
to conciliation and on who will facilitate the conciliation. If conciliation cannot proceed or it is unsuccessful, and
if the Principal Party chooses to proceed, the incident must be investigated.
b) Investigations
The Company or the Designated Recipient will provide the Principal and Responding Parties with notice that
an investigation is to be carried out. In order to maintain workplace safety and the integrity of its investigation,
the Company may suspend employees, either with or without pay, pending investigation. The Company will
actively intervene at any indication of a possibly hostile or violent situation.
A qualified investigator will be selected in accordance with applicable legislation. Both the Principal Party and
the Responding Party will be interviewed, as will individuals who have information necessary to investigate the
allegation(s). All workplace parties are expected to cooperate with investigators and provide any details of
incidents they have witnessed. Any employee participating in an investigation is required to keep the
investigation confidential both during and after the investigation.

The investigator will prepare any written report(s) required by applicable legislation containing his or her
conclusions and recommendations. Where required by applicable legislation, the Company will provide the
report(s) to the Company, the Principal Party and the Responding Party. Any report will not directly or
indirectly disclose the identity of a third party or witness.
If the investigator finds that workplace harassment or violence has occurred, appropriate remedial action will
be taken, as well as steps to prevent any recurrence. The Responding Party will be disciplined appropriately.
Discipline may include suspension without pay or dismissal, and the incident will be documented in the
Responding Party’s file.
Following the investigation, the Principal Party and the Responding Party (if he or she is also an employee)
will be informed in writing of the results of the investigation and of any corrective action that has been taken.
The investigator’s report(s) (if any) will remain confidential and will not be disclosed, except to the extent
required by law. The Company will keep a written record of investigations, including the findings and, if
applicable, the report.
The Company will review all incidents that pose a risk of future workplace harassment and violence. The
current procedures will be reviewed and revised as necessary, and additional steps may be taken to prevent
future workplace harassment and violence.
vii. Support Available

The Healthy Minds Global Employee Assistance Program Employee Assistance Program is a free and
confidential service that is available to all employees and their household members. Support can be through
telephone consultation or face to face counseling sessions. Additional information is available on the Square –
search Healthy Minds.
.
viii. Consequences
Workplace harassment and violence, including threats, threatening conduct, or any other acts of aggression
will not be tolerated. Anyone determined to be responsible for such conduct will be in violation of this policy
and will be subject to prompt disciplinary action up to and including termination of employment.
Non-employees engaged in harassing and/or violent acts on the Company's premises will be reported to the
proper authorities and fully prosecuted.
The Company may also implement non-disciplinary measures such as training, coaching, counseling
and workplace mediation.
5.0 ROLES AND RESPONSIBILITIES

Employees are responsible for complying with this policy in their dealings with their coworkers and third
parties while in the course of their employment. This applies to conduct while at work, during business
meetings, on business trips and at company events. Every employee has the duty to report any incident of
workplace harassment or violence against any employee to the proper managerial authority, Colleague
and Labour Relations, the Designated Recipient, or Amex Ethics Hotline to remedy the problem.
Health and safety committees are partners with the Company in its effort to prevent and protect against
workplace harassment and violence, including in developing and updating this policy and training, identifying
risks, and developing preventive measures and emergency procedures.
The above-noted complaint and reporting procedures have been developed to ensure rapid Company response
to, and resolution of, incidents of alleged harassment and/or violence.
The Company will not knowingly tolerate or condone any observed or reported cases of harassment and/or
violence in the workplace, and will take appropriate disciplinary action against any employee guilty of such an
offence.
All complaints will be dealt with in a timely and confidential manner, unless disclosure is necessary for the
purposes of investigating or taking corrective action or is otherwise required by law. Workplace harassment
and violence can be unpleasant, intimidating and embarrassing, making employees reluctant to come forward
and report situations. However, it is essential for the benefit of the victim and his or her colleagues, that the
complaint be made.
6.0 APPROVAL REQUIREMENTS

Not applicable.
7.0 EXCEPTION / CONFLICT / ESCALATION RESOLUTION
Employees who wish to request escalations should contact Colleague and Labour Relations at 437-836-5201
or the Amex Ethics Hotline at 1 844 439 4696, amex.ethicspoint.com.
8.0 ENFORCEMENT OF ISSUED POLICIES AND PROCEDURES

No Reprisal or Retaliation
No employee shall be penalized or receive any negative treatment of any kind whatsoever in retaliation for
having reported an incident of workplace harassment or violence.

Employees are encouraged to come forward without fear of reprisal if they believe that they have been subjected
to or have otherwise become aware of harassment or violence in the workplace. Regardless of the outcome of a
complaint made in good faith, the employee lodging the complaint, as well as anyone providing information,
will be protected from any form of reprisal.
Employees who make a malicious complaint may be subject to disciplinary action.
9.0 RELATED POLICIES, PROCEDURES, REGULATORY GUIDELINES AND

SUPPORTING DOCUMENTS OR LINKS
Related policies
Search Healthy Minds on The Square

Search Amex Ethics Hotline on The Square
Important note
The Company policies, plans, and programs govern the employment relationship. The Company reserves the
right to make changes to or discontinue Company policies, compensation plans, benefits, and programs as it
deems appropriate, with or without notice to the employee.
If this document refers to any Company benefit program, it does not supersede the actual provisions of the
applicable plan documents, which in all cases are the final authority. The applicable plan administrator has the
sole authority and discretion in determining eligibility and interpretation and administration of the plans.
American Express takes reasonable effort to ensure the accuracy of the contents of policy documents and in the
administration of its policies and programs. The Company does not assume responsibility for consequential
damages caused by administrative or clerical errors.
10.0 REVISION / APPROVAL HISTORY
Version Effective Revision Revision Policy Owner Title and Next Review
Date Date Description Functional Group Date
1.0 January 1, July 1, 2016 Policy format Manager – Global Employee January 1,
2015 and refresh and Labour Relations 2017
2.0 November 1, November 1, Biennial Policy Director – Global Employee November 1,
2017 2017 Review and and Labour Relations Canada 2019
updates
2.1 November 1, October 5, Policy link Director – Global Employee November 1,
2017 2018 updates and Labour Relations Canada 2019

3.0 November November 25, Biennial Policy Director – Global Employee November
25, 2019 2019 Review and and Labour Relations Canada 25, 2021
updates
3.1 November December 12, Added Canadian Director – Global Employee November
25, 2019 2019 French and Labour Relations Canada 25, 2021
translation
3.2 November 25, February 3, Business name Director – Colleague and November 25,
2019 2020 change Labour Relations Canada 2021
11.0 KEY CONTACTS

For additional information and explanation concerning this policy, employees should contact their Leaders or
Colleague and Labour Relations at 437-836-5201 or Amex Ethics Hotline at 1 844 439 4696, amex.ethicspoint.com.
If an employee is faced with a critical or immediate incident of workplace violence or if any employee exhibits
behaviour which could be a sign of a potentially dangerous situation, they should immediately inform Amex
Global Security at 437-836-5555. If the employee feels they are in imminent danger they are required to
contact 911 and advise Global Security so that they are prepared for their arrival and can direct them
accordingly.

ACKNOWLEDGEMENT
I hereby acknowledge that I have received and reviewed the full text of this Workplace Harassment and
Violence Prevention Policy and Program. I further understand that if I violate this policy, I will be subject to
appropriate disciplinary action, up to and including termination of employment for cause.
__________________________________ ___________________________________
Signature Employee I.D. Number
Kiara Cuter
__________________________________ ___________________________________
Print Name Date

TRS COMPUTER SECURITY REGULATIONS
POLICY
All employees of American Express must comply with the procedures pertaining to the security of the
computer network. Any employee who violates the procedures set forth below is subject to disciplinary action,
up to and including termination and legal action, where appropriate.
SECURITY SYSTEM
The security system is designed to provide access to the computer network via the use of your password.
PASSWORD
The password is your personal identification code giving you access the computer network. Your
password is highly confidential and should never be given to anyone including your supervisor,
manager, director, etc.
SIGN OFF
When leaving your workstation for any period of time, including breaks, lunch, phone calls, etc., you
must "sign-off" the computer network, unless you are working in a testing environment.
VIEWING ACCOUNTS
In accordance with the "American Express Privacy Principles", access to consumer information is
limited to those with a business need to see it. This commitment prohibits you from viewing accounts
which, in the normal course of business operations, you have no reason to view. As such, you are
never to view the following types of accounts:
1. A card account held by another employee

2. A card account held by anyone you know outside of work
3. Any account which you have no business need or reason to access, such as those of V.I.P.'s
and public figures.
MAINTENANCE CHANGES/FINANCIAL ADJUSTMENTS
You are not permitted to make any type of maintenance change or financial adjustments to American Express
accounts that belong to you or any other relatives, friends or other employees. If such an adjustment is
necessary, you must contact the person designated to handle such changes or take the request to your
manager, unless working in a testing environment.
Kiara Cuter
Employee Name: _______________________________ Employee ID:
Employee Signature: _______________________________ Date:
CAN_GPA_TRS Page 1 of 1
Digital Communications Requirements Summary

American Express Information Security Summary
Contents
1. INTRODUCTION ...................................................................................................................................................... 2
2. SCOPE ..................................................................................................................................................................... 2
3. RESPONSIBILITY FOR COMPLIANCE ................................................................................................................. 2
4. CONSEQUENCES FOR NONCOMPLIANCE ......................................................................................................... 2
5. REQUIREMENTS DESCRIPTION ........................................................................................................................... 3
5.1 MONITORING....................................................................................................................................................... 3
5.2 COMMUNICATING AXP INFORMATION ................................................................................................................... 3
5.3 ADHERING TO AMERICAN EXPRESS CODE OF CONDUCT AND BLUE BOX VALUES.................................................... 3
5.4 BROADCAST COMMUNICATIONS ........................................................................................................................... 4
5.5 COMMUNICATING WITH THE MEDIA OR PUBLIC ...................................................................................................... 4
5.6 SOCIAL MEDIA .................................................................................................................................................... 4
5.7 INTERNET USE .................................................................................................................................................... 5
5.8 INSTANT MESSAGING........................................................................................................................................... 6
5.9 EMAIL ................................................................................................................................................................. 7
5.10 MOBILE DEVICES .............................................................................................................................................. 8
5.11 W IRELESS NETWORK USAGE ........................................................................................................................... 10
5.12 PHYSICAL MEDIA............................................................................................................................................. 10
5.13 ACCESS MANAGEMENT ................................................................................................................................... 11
5.14 LEGAL RESPONSIBILITIES ................................................................................................................................ 11
6. LEADERSHIP BEHAVIORS .................................................................................................................................. 12
7. RELATED CONTENT ............................................................................................................................................ 12
8. RECENT CHANGES .............................................................................................................................................. 13
IMPORTANT NOTE: ...................................................................................................................................................

13
7-Dec-2016 23-Dec-2016 AXP Internal Page 1 of 13

CAN_GPA_DCP
1. Introduction
The American Express (AXP) digital communications network serves as a valuable tool for
conducting business across, and external to, the Company. This document provides a collective
view of requirements and expectations with respect to acceptable use of digital communication
resources. It is comprised of content from the policies, standards and references listed
throughout the document. For questions about Information Security Policies and Standards
please contact Information Security Services.
AXP has established these requirements to ensure the proper use of the network. Personal use
of the AXP network is a privilege that may be revoked at any time. AXP reserves the right to
monitor, access, review and disclose all messages, documents and information transmitted or
received on the network.
The “network” consists of the following AXP assets, including but not limited to:
• Internal electronic mail systems.
• Instant messaging.
• AXP-owned equipment, including laptops, desktops, phones, etc.
• Personal mobile and wireless devices enrolled in the Bring Your Own Device (BYOD)
program.
• AXP intranets, SharePoint sites and other online repositories.
• Internal and external communications channels when using AXP-owned equipment or
personal devices enrolled in BYOD o Access to the internet and wireless networks. o
Interactive applications (app), such as blogs, wikis, discussion boards, etc.
2. Scope
Digital communications transmitted (sent and received) through or stored on the AXP network.
3. Responsibility for Compliance

AXP employees, contractors and third parties are responsible for complying with the
requirements and expectations established in the policies and standards referenced in this
document, subject to legal requirements in local jurisdictions.
4. Consequences for Noncompliance

Adherence to the policies and standards referenced in this document is mandatory. Disciplinary
actions for violation(s) of these policies and standards may include, but are not limited to:
• Loss of access privileges to AXP’s network.
• Counseling up to and including termination of employment, subject to legal requirements
in local jurisdictions.

CAN_GPA_DCP
• Termination of contractors, consultants and third party assignments.

• Other actions as deemed appropriate by AXP.
5. Requirements Description
5.1 Monitoring
AXP reserves the right to monitor, access, review and disclose all messages, documents and
information transmitted or stored on the network.
The use of the network by AXP employees, contractors and third parties implies consent for
AXP to access and monitor business and personal communications and activities conducted
through or stored on the network. Users must not assume that communications sent by an
individual over the AXP network are private to that individual. Documents printed/stored off
network are addressed by the Information Classification, Labeling and Handling Reference
Guide. Related Content: Global Records Management Policy (AEMP08), Login Message
Standard (AXP-IT04.06).
5.2 Communicating AXP Information

AXP information, regardless of its classification, must be kept secure and protected from
misuse, unauthorized disclosure and corruption. Special emphasis is placed on information
that is classified as AXP Restricted or AXP Secret.
Precautions must be taken when communicating AXP information. Information must be:
Labeled in compliance with the Information Labeling Standard (AXP-IS04.02)
• Communicated in compliance with the Information Handling and Disposal Standard
(AXP-IS04.03)
• Secured in compliance with the Cryptographic Usage Standard (AXP-IS12.03)
Information owners should also note on AXP Restricted and AXP Secret documents, as
appropriate, “DO NOT FORWARD, COPY, OR DISTRIBUTE.” Related Content: Information
Labeling Standard (AXP-IS04.02), Information Handling and Disposal Standard (AXP-
IS04.03), Cryptographic Usage Standard (AXP-IS12.03), Information Classification, Labeling
and Handling Reference Guide
5.3 Adhering to American Express Code of Conduct and Blue Box Values
Communications over the AXP network must be professional and in compliance with the Blue
Box Values, the Individual Treatment Policy (ITP) and the American Express Company Code
of Conduct. Information transmitted over or stored on the network, including correspondence,
attachments, discussion forums, blogs or reference databases and archives, are AXP property.
The use of language or references that could be viewed as obscene; derogatory; or racially,
sexually or otherwise offensive is prohibited. Contacts: Employee Relations Group (ERG) via

CAN_GPA_DCP
the American Express Human Resource (HR) Service Center 855-783-4772 or HR Service
Center Global Online Directory.
5.4 Broadcast Communications

The Employee Communications team must approve and send all electronic “mass
communications” intended for all AXP employees, all employees in a particular region or
business unit, or any other large group of employees (individuals across one or more band
levels globally, for example). If you have information you believe needs to be shared with a
mass audience, please contact your business unit’s Corporate Affairs and Communications
(CA&C) lead for assistance.
5.5 Communicating with the Media or Public

Only individuals from the Corporate Affairs and Communications department are authorized to
communicate with the media or to publicly discuss AXP on the internet (i.e., discuss or post
information about AXP on public web sites including blogs, discussion boards or any other
publicly available online resources). Please contact your business unit’s Public Affairs lead for
more information. Related Content: External Communications & Disclosure Policy (AEMP
18).
5.6 Social Media

The External Communications & Disclosure Policy (AEMP 18), including the Social Media
Communications Policy, addresses the company’s official social media presence, which is
managed by Corporate Affairs and Communications. It also addresses employees’ personal
use of social media when an individual’s relationship with American Express is known,
identifiable or can be presumed. Social media can take many forms, including but not limited to
blogs, online forums, ratings/review sites and wikis.
As an American Express employee participating in social media activities (whether you are
working or not working, and regardless of whether or not you are using a company device to
engage) it is important that you follow these guiding principles at all times:
• Uphold the Blue Box Values and follow the Code of Conduct
• Protect the company’s reputation, information and assets
• Maintain a clear distinction between you and the Company
• Maintain proper work environment and relationships
• Use common sense and good judgment
Examples of Appropriate Usage:

• Becoming a fan, follower or friend of any of the company’s official Facebook pages.
• Following any of the official American Express Twitter or Instagram feeds.

CAN_GPA_DCP
• Sharing (or forwarding) publicly available company-generated articles, posts or

materials (e.g., a press release housed on americanexpress.com, a post on the
American Express OPEN Forum, a video on the official American Express YouTube
channel).
• Sharing (or forwarding) articles and posts about the company generated by a third
party (e.g., an article from The New York Times praising American Express).
• Using social media to personally use or take advantage of company offers or social
media programs for which you are eligible (e.g., Amex Offers).
• Sharing (or forwarding) a job opening at the company which is open to external
candidates.
Examples of Prohibited Usage include, but are not limited to:

• Posting content on a personal social media account that looks, feels, sounds like or
could be mistaken for an official company statement.
• Discussing or communicating non-public, proprietary or confidential information about
the company (e.g., checking in to a physical location that inadvertently could reveal a
potential acquisition target or deal partner, or inadvertently violate a non-disclosure
agreement).
• Using your company email address to register for or otherwise use social media, blogs
or other online platforms, tools or services for personal use.
• Attempting to manipulate a rating site’s review of American Express products and
services (e.g., by engaging in multiple, single-person voting).
• Requiring employees, vendors or contractors you supervise to be a fan, follower or
friend of an official American Express social media site, or mandating they like, share
or forward an article about a product or service your business unit is launching.
• Using company logos and trademarks in your avatars, handles, user names, signature
blocks, hash tags or profile pictures for personal use.
Further examples of permitted and prohibited social media activities can be found in related
content and the policy guidance on The Square. Related Content: External Communications
& Disclosure Policy (AEMP 18) including the Social Media Communications Policy and Social
Media Do’s and Don’ts.
5.7 Internet Use

Personal use of the internet is a privilege that may be revoked at any time. Users are
responsible at all times for using AXP’s computer resources in a professional, ethical and
lawful manner. Online activities that interfere with or impact the work performance of the user,
their colleagues or Company resources are prohibited. Access to the internet using Company

CAN_GPA_DCP
devices must be through the AXP network, since the controls to protect the AXP network, such
as the firewalls and proxies, are embedded in the AXP network. Related Content: Acceptable
Use Standard (AXP-IS10.01).

• Reviewing your online banking statement during a break. Viewing your AXP personal
card statement during lunch.

• Downloading information from a questionable or prohibited internet site, which would
potentially introduce viruses or malware into the AXP network.
• Accessing personal webmail accounts (e.g., Gmail, Yahoo!, Hotmail).
• Copying or transmitting software and/or documents protected by copyrights.
• Downloading or uploading material that could be viewed as obscene; derogatory; or
racially, sexually or otherwise offensive.
• Accessing pornographic or hate sites.
• Accessing online gaming or gambling sites.
• Using an open proxy to access the internet.
5.8 Instant Messaging

Only AXP approved Instant Messaging (IM) systems may be used to perform AXP business.
IM systems that do not appropriately retain messages (such as the standard AXP Skype for
Business implementation) must not be used to create Official Records (as defined in the Global
Records Management policy (AEMP 08)) and may only be used for casual communications.
Users are responsible at all times to converse through IM in a professional manner, compliant
with AXP requirements and subject to legal requirements in local jurisdictions. The use of
public or consumer IM or Group Chat tools or services is prohibited. Related Content:
Messaging and Collaboration Standard (AXP-IT05.47), Skype for Business Guides; Global
Records Management Policy (AEMP08).

• IM a colleague to ask a question.
• IM a team member to request the location of a meeting.
• IM a team member to finalize lunch plans.

• Communicating AXP Restricted or AXP Secret information through IM.
• Providing approval on a contract change.
• Providing approval for committee minutes.

CAN_GPA_DCP
• Generating a record of a transaction.

• Using language that could be viewed as obscene; derogatory; or racially, sexually or
otherwise offensive.
• Expressing personal beliefs or philosophies that violate Blue Box Values, ITP and Code of
Conduct.
5.9 Email
An AXP-approved email system must be used to perform AXP business. Emails must be
handled in compliance with the Information Handling and Disposal Standard (AXP-IS04.03)
and labeled in compliance with the Information Labeling Standard (AXP-IS04.02) . Avoid large
attachments to protect the Company’s network bandwidth. Ensure business records are
retained in compliance with the Global Records Management Policy (AEMP08). Automatically
forwarding email messages to other internal or external email accounts is strictly prohibited.
Only internal AXP email addresses (@aexp.com) should be used to perform official company
business.
Scrutinize email messages from unknown sources with extra caution and delete suspicious
messages without opening attachments or clicking on links. Sending, replying to, or forwarding
chain, spam, phishing, or other emails containing libelous, defamatory, offensive, racist or
obscene language or references is prohibited. If a phishing email is received, it should be
reported using the Report Phishing button in Outlook or by forwarding to spam@aexp.com.
Other suspicious emails should be either forwarded to spam@aexp.com and/or
spoof@americanexpress.com (used specifically to report suspicious emails sent to external
customers purporting to be from American Express). Related Content: Messaging and
Collaboration Standard (AXP-IT05.47).
Phishing
As part of the Company’s internal Phishing Education Program, American Express
Technologies (AET) expects all users of the AXP digital communications network, including
employees, contractors and third parties, to guard against phishing attacks. To this end, AET
periodically emails phishing simulations to network users, which are designed to assess, train
and raise awareness about the importance of preventing data theft.
AXP network users who repeatedly fail phishing simulations and/or fall victim to real phishing
attacks may be subject to consequences that might, as determined by local policy, include
notifications to their leader; mandatory training and/or coaching; loss of online privileges; email
monitoring and restriction; and further disciplinary action. In instances where the company
determines the failure was indicative of mal-intent and/or other aggravating circumstances
exist, summary dismissal or, where local legal requirements allow, immediate termination may
result.

CAN_GPA_DCP

• Sending an email to a peer to request information about a joint project.
• Sending a request for team building or approved volunteer event participation.
• Deleting unnecessary emails, especially ones with attachments, as long as they are outside
the scope of any “Document Hold” or “Litigation Hold” notice or any other regulatory,
compliance or legal record retention obligations.

• Sending personal or non-AXP affiliated fundraiser requests to your colleagues. Sending
AXP information to personal webmail accounts.
• Expressing personal beliefs or philosophies that violate AXP’s Blue Box Values, Code of
Conduct, policies or any government laws, ordinances or regulations.
• Transmitting AXP Restricted or AXP Secret data via email without a business justification.
• Copying or transmitting software or clips from publications that are protected by copyright
laws.
• Viewing, storing, processing or transmitting pornographic or sexually offensive material as
well as other material that violates AXP’s Code of Conduct, unless required for litigation or
investigation purposes.
• Sending client account information or employee compensation information unencrypted to
external email addresses.
• Sharing your own password and other authentication information.
• Using any means to disguise identities when sending email or altering original attribute
information (known as spoofing).
• Setting up automatic forwarding of AXP emails outside of the AXP network.
5.10 Mobile Devices

AXP-owned mobile devices must be obtained through established AXP purchasing processes.
AXP-purchased devices are property of the Company and must be recovered in the event of
employee terminations and transfers. Company-owned mobile devices and personal mobile
devices that store AXP information must be kept in the employee’s possession at all times.
When travelling, these devices should be transported as carry-on items. Travel with such
devices to restricted countries that are deemed high risk in terms of intellectual property theft,
may require additional precautions.
Devices must be compliant with the Password Management Standard (AXP-IS09.04).

Synchronization software must only synchronize with an approved device and not with any
other device without requiring a password. Related Content: End User Computing Standard
(AXP-IT05.14), Use of Personal Electronic Devices, Global Travel, Meetings & Expense Policy
(AEMP 26), High IP Theft Risk FAQs.

CAN_GPA_DCP
Personal mobile devices can be used to access workplace email, calendar and contacts
through the Bring Your Own Device (BYOD) program. The app features built-in security to
maintain a permanent separation between your work and personal data. No jail-broken, rooted
or similarly modified personal mobile devices will be accepted for use in the BYOD program.
American Express will only collect personal information that is necessary to manage your
participation in the BYOD program. A list of apps currently approved for use within the BYOD
program is available here. Related Content: BYOD Program Terms; BYOD Program Policy.

• Purchasing Company mobile devices through an approved supplier.
• Requiring authentication to use a mobile device.
• Keeping mobile devices on your person while traveling.
• Approving/rejecting requests submitted in Concur, Reward Blue, IdentityIQ access
management and IT Service Catalog.
• Taking pictures of AXP information using AXP owned or approved devices with
appropriate business justification.

• Storing AXP Restricted or AXP Secret data on a personal device not registered in the
BYOD program.
• Storing AXP Restricted or AXP Secret information off of the AXP network without
encrypting it and/or without prior approval from your leader.
• Viewing, storing, processing or transmitting pornographic or sexually offensive
material as well as other material that violates AXP’s ITP, unless required for litigation
or investigation purposes.
• Attaching a corporate-owned mobile device, physically or wirelessly, to a personal
device such as a laptop.
• Attaching a personal mobile device to an AXP workstation and transferring information
to it.
• Taking photographs of co-workers in the workplace or at Company-sponsored events
without their express consent and without appropriate business justification.

CAN_GPA_DCP
5.11 Wireless Network Usage

All AXP wireless-capable devices have been enabled to provide seamless and secure wireless
access to the AXP Wireless Network. Enabled AXP devices will automatically connect to the
AXP Wireless Network whenever they do not have a "wired" connection and the individual is
working in an AXP building with an approved AXP Wireless Access Point.
Visitors coming to an AXP building will be able to access the internet through Visitor WiFi. This
service is not for AXP employees or contractors to connect their personal devices to the
internet. By approving guest access, employees agree the person is here on official business
and requires wireless internet access for business purposes while on AXP premises.
Personal WiFi is an open wireless network only available to American Express employees that
provides access to the internet through personal devices. Employees can access content on
the internet, personal apps, personal email, and workplace mobile apps (like those associated
with the Bring Your Own Device program) on their personal devices. Non-employees are
prohibited from using Personal WiFi (except where access by contingent workers is
permissible under local jurisdictions). Contact: American Express Wireless Services.

• Employees connecting their personal mobile devices to Personal WiFi to check their
personal email.
• Virtual employees using their personal wireless networks in conjunction with their AXP
laptops to connect through VPN to the AXP network.
• Vendors using Visitor WiFi to give a product demonstration which requires internet
access.

• Employees using Visitor WiFi to update their mobile apps.
• Contractors connecting to Personal WiFi to check their email.
• Personal laptops connecting to any AXP wireless networks.
5.12 Physical Media

The use of removable media (i.e., Universal Serial Bus (USB)/thumb drives, Compact Disc
(CD), Digital Versatile Disc (DVD)) is prohibited unless approved through the Data Loss
Prevention Removable Media Exception Process managed by the Data Loss Prevention
Governance team. Business must be conducted only on AXP-owned or -approved equipment.
Digital equipment should be disposed of using an approved Company process. Related
Content: Information Handling and Disposal Standard (AXP-IS04.03), Secure Work Area
Standard (AXP-IS03.03).
Lost or stolen company devices should be immediately reported to a leader, the local
technology Help Desk, and the Enterprise Incident Response Program (EIRP) team. Each
individual is responsible for reporting unauthorized access, tampering with or prohibited activity

related to AXP information. Incidents may be reported by completing the Incident Reporting
Online Intake Form, emailing EIRP or calling (888) 732-3750 (U.S.) or (602) 537-
3021(International). Related Content: Security Incident Reporting Standard (AXP-IS06.01).

• Activating your screensaver when walking away from your workstation.
• Locking your laptop, physically, to the docking station, or securing it in a cabinet or
your desk when away from your work space.
• Storing AXP Restricted and AXP Secret information in a locked location.
• Shredding or incinerating documents that are to be disposed from a remote work
environment, in a timely manner.

• Leaving AXP information on a printer in a common area.
• Saving AXP information to a USB drive so an employee can work on it at home.
5.13 Access Management

For all AXP employees, contractors and third parties, one of the most important responsibilities
continues to be the protection of customer, shareholder and employee information. Keep in
mind:
• Individuals are responsible for the actions carried out under their user identifier (ID).
• Passwords must be kept confidential and private.
When an employee is terminated, the employee’s access must be removed immediately.

Appropriate channels must be used when employees transfer. The same applies to status
changes involving any third-party relationships including but not limited to contractors,
consultants and independent contractors. The transfer of an ID to another AXP employee,
contractor or third party is prohibited. Related Content: User Access Management Procedure,
Password Management Standard (AXP-IS09.04).

• Using memorable phrases or songs as passwords so they are easy to remember.
• Changing passwords regularly.

Sharing their passwords with other individuals.
• Failing to change a password within its required timeframe.
5.14 Legal Responsibilities

In the event of litigation proceedings, notify the General Counsel's Office concerning all
currently existing digital information that may be relevant to the lawsuit. Related Content:
Legal Hold situations.

If a communication contains a request for legal advice or is in response to a communication

from the General Counsel’s Office (GCO), prominently label the beginning of the documents
"Privileged Attorney-Client Communication -- Do Not Copy or Distribute." For communications
with the GCO regarding threatened or pending litigation, prominently label the beginning of the
document as "Privileged Attorney-Client Communication and Work Product -- Do Not Copy or
Distribute." Such communications may not be retransmitted, forwarded or disclosed to anyone,
inside or outside AXP, without prior authorization from GCO. Related Contacts: Global
Regulatory Affairs, Privacy Compliance.
6. Leadership Behaviors
Leaders are responsible for the following:
• Ensuring 100% participation in the annual Information Security Awareness and Privacy
Awareness courses and other Enterprise Essential Training.
• Maintaining compliance to AXP policies and standards.
• Enforcing consequences for noncompliance as noted in section 4 of this document.
7. Related Content
The content listed below has key linkages with the requirements in this document and should
be reviewed for a holistic understanding of related compliance requirements.
• Information Security Management Policy (AEMP64)
• Acceptable Use Policy (AXP-IS10)
• Acceptable Use Standard (AXP-IS10.01)
• Secure Work Area Standard (AXP-IS03.03)
• Information Classification Standard (AXP-IS04.01)
• Information Labeling Standard (AXP-IS04.02)
• Information Handling and Disposal Standard (AXP-IS04.03)
• Security Incident Reporting Standard (AXP-IS06.01)
• Security Incident Response Standard (AXP-IS06.02)
• Access Control Standard (AXP-IS09.01)
• ID Management Standard (AXP-IS09.02)
• Password Management Standard (AXP-IS09.04)
• Cryptographic Usage Standard (AXP-IS12.03)
• Login Message Standard (AXP-IT04.06)
• End User Computing Standard (AXP-IT05.14)
• Messaging and Collaboration Standard (AXP-IT05.47)
• Blue Box Values
• Code of Conduct
• Individual Treatment Policy
• Use of Personal Electronic Devices
• Global Records Management Policy (AEMP08)

• External Communications & Disclosure Policy (AEMP18) including the Social Media
Communications Policy
• Investigations Policy (AEMP32)
• Global Travel, Meeting & Expense Policy (AEMP26)
• High IP Theft Risk FAQs
8. Recent Changes
Change Applied Date
Non material updates – updated links, spelled out acronyms; removed 7-Dec-2016
‘agents’ from compliance requirements; added Phishing section
Modification section 5.13 updating Data Loss Prevention name and 27-May-2016
hyperlinks throughout. Updated wording from Guest Wireless Network to
Visitor WiFi. Clarification in section 5.14.
Modification non material publication, updated wording, links, added 10-Jul-2015
wireless, mobile, and legal sections, removed contacts section
Moving content to the Acceptable Use Policy Area AXP-IS10.01, updated 25-Sept-2015
broken links, replaced references to the business communications policy
with references to the Acceptable Use Policy.
Important Note: This document does not create a contract of employment or a contract for
any specific term or condition of employment between American Express and an employee. The
relationship between American Express and US employees is at-will, meaning that either the
employee or the company may terminate it at any time for any reason, with or without advance
notice or progressive disciplinary action. The company reserves the right to make changes in or
discontinue company policies and programs as it deems appropriate, and these changes may be
implemented even if they have not been communicated in this document.
American Express takes reasonable effort to ensure the accuracy of the contents of policy
documents and of the administration of its policies and programs. The company does not
assume responsibility for consequential damages caused by administrative or clerical errors.
For questions about the intent of content in this document please contact Information Security
Services.


Acknowledgment Form
The extensive digital communications network (“Network) at American Express Company, and each of its
subsidiaries and affiliates (collectively the “Company”), serves as a valuable tool for conducting business across,
and external to, the Company. American Express has established this Requirements Summary to ensure the proper
use of this digital communication network and to safeguard all information that is transmitted or received on it. The
Network includes, but is not limited to, internal electronic mail systems, instant messaging, Company laptops,
desktops, handheld/wireless devices, Company Intranets, as well as internal and external communication channels
(such as access to the Internet and wireless networks and interactive applications such as blogs ). All
communications conveyed by or contained within these communications systems are subject to this Requirements
Summary.
All digital communication messages must be professional in nature and in compliance with the Blue Box Values and
the American Express Company Code of Conduct.
The Company reserves the right to monitor, access, and review and disclose all messages, documents and
information transmitted or received on the Network, as deemed appropriate by American Express. Individuals who
supervise others who have access to American Express’ Network are responsible for ensuring that those individuals
are aware of this Requirements Summary.
All messages, documents and information conveyed by or contained within the American Express Digital
Communications Network in any form – including correspondence, attachments, bulletin boards, discussion forums,
wikis, blogs or reference databases and archives are considered to be Company property. Use of the Network by
employees, agents and any other authorized third parties implies consent for the Company to access and monitor all
digital communications and other activities on the Network. This includes but is not limited to business and personal
messages transmitted on the Network. Do not assume that an e-mail or other digital communication sent over the
network is private. Personal use of the American Express Network is a privilege that may be revoked at any time.
I hereby acknowledge that I have received a copy of the full text of the Digital Communications Requirements
Summary. I understand that no users are exempt from this Requirements Summary and that I must comply with it as
a condition my employment. I further understand that if I violate these Network requirements, I will be subject to
appropriate disciplinary action, up to and including termination of employment.
______________________________
Signature Employee I.D. Number
Kiara Cuter
Print Name Date
Rev. 08/01/2016 DCR
CAN_GPA-DCR
Policy Name/Title : Accommodation Policy
Market/Country : Canada
Policy Code : E – 98.07
Effective Date : 1 July 2020
Next Review Date : 1 July 2023
Responsible Functional Group : Colleague & Labour Relations
1.0 HIGH-LEVEL DESCRIPTION AND PURPOSE

American Express is committed to providing an inclusive and accessible work environment in which all people
who apply for positions or who work for or on behalf of Amex are treated with dignity and respect and are
provided with equal treatment with respect to employment, regardless of that person’s age, sex, sexual
orientation, gender identity, gender expression, race, colour, ancestry, ethnic or national origin, citizenship,
religion or creed, marital status, family status, pregnancy, disability, record of offences, social condition or
origin, political beliefs, association or activity or other factors prohibited under applicable Human Rights
legislation (the “Prohibited Grounds”).
From time to time, it may be necessary to amend or alter the requirements or expectations of a job to ensure
that a person is not precluded from employment or employment opportunities as a result of falling under one of
the Prohibited Grounds. This is known as accommodation.
2.0 SCOPE
This policy applies to all employees, contingency workers and contractors of American Express and its various
legal entities in Canada.
3.0 KEY DEFINITIONS

Not applicable
4.0 POLICY REQUIREMENTS / ELIGIBILITY

Persons Requiring Assistance to Evacuate
Amex recognizes that employees with a permanent or temporary disability may need individualized assistance
with alerting and evacuation in the event of an emergency. Employees or contractors who require such
Canada – Lignes directrices sur AXP Internal Page 1 of 5

l’accommodement
assistance must identify themselves by completing an Emergency Plan Worksheet. This form is available on
the Square.
If there are any changes to an employee’s condition or workplace location that require a change to the Persons
Requiring Assistance to Evacuate plan, the employee must provide an updated form.
Work Accommodation
Amex will take all necessary reasonable steps to provide employees with modified work, hours, additional
breaks, and/or assistive devices (and furniture) to enable the employee to perform their job. This includes
medical accommodation and other accommodations required under the applicable Human Rights legislation.
Return to Work from Medical Leave

Accommodation is based on substantiated medical needs not individual preference. Amex is committed to
facilitating a safe return to work following a medical leave of absence, where the employee remains unable to
perform the essential duties of the job due to a medically substantiated illness, injury or disability.
Leaders are expected to provide modified work or hours, in accordance with medically documented restrictions
as may be necessary and available, to allow the employee to gradually return to full duties and hours where
possible. Every effort must be made to facilitate such accommodations.
When medical information substantiates that the employee is capable of returning to full duties without posing
a risk to the health of the employee or that of other employees, the employee is to be returned to his or her
original position or if not available, to an alternate comparable position.
An employee must accept a reasonable offer of suitable work that meets any medical limitations. Any
continued unjustified refusal of such work will result in the termination of employment in accordance with the
applicable employment standards legislation.
Where Amex is unable to accommodate an employee’s medical restriction without undue hardship or if the
employee refuses suitable work, the matter should be referred to Colleague & Labour Relations to determine
the impact on the continued employment relationship.
5.0 ROLES AND RESPONSIBILITIES

Upon request, Amex will take such steps as may be deemed necessary to provide suitable accommodation to
the point of undue hardship so that a person is able to perform the essential duties of their job.
Accommodation may include, but is not limited to:
 Modification of role requirement if possible
 A change in duties, hours of work, additional breaks, or location
 Work station modification
 Job aids, permitting the use of service animals onsite, alternative communication methods or assistive
devices
 Transfer to another suitable position that meets the medical restrictions if one is available and for which the
employee has the credentials
Responses to accommodation requests will be developed on an individualized case-by-case basis. Amex, the
person requesting the accommodation and where applicable Sun Life, the Company’s 3 rd party Disability

l’accommodement
Management specialists, will work together to identify and implement and document the appropriate
accommodation. Amex will be responsible for modifications to the work environment and business tools but
will not bear the cost of personal assistive devices or medical supports.
The Person Requesting an Accommodation is required to:

 Identify any relevant work-related restrictions or limitations and advise their leader of the need for
accommodation
 Provide appropriate medical documentation regarding relevant restrictions or limitations to support need
for accommodation
 The request for accommodation should be sent to Canada Disability Team at CanadaDisability@aexp.com.
The employee will be required to submit medical documentation to Sun Life for review and will provide
the recommendation. The Canada Disability Team will work with the employee’s leader to implement the
recommended accommodation if possible.
 Participate in development and implementing a suitable accommodation
 Participate in discussions or meetings regarding any accommodation options
 Cooperate with any third party experts whose assistance may be required to identify or manage the
accommodation process
 Accept a suitable accommodation that meets the limitations imposed by condition and or/the Prohibited
Ground, even where that accommodation may not be the person’s preferred option
 Meet and maintain agreed upon performance and job standards once the accommodation is provided
 Work with Amex on an ongoing basis to manage the accommodation
The Manager of a Job Applicant or Person requesting an Accommodation is required to:

 Ensure the Accommodation request is clearly documented
 Send the Accommodation request to the Canada Disability Team at CanadaDisability@aexp.com in a
timely manner for approval and advise the Safety Specialist if required
 Work with the appropriate Amex representatives to develop a response to the accommodation request
 Monitor the implementation and operation of any accommodation as appropriate to ensure it remains
suitable for the circumstances
 Discuss any accommodation concerns with the person and involve the Canada Disability Team where
necessary to resolve such concerns
 Maintain confidentiality regarding the accommodation request, except to the extent as may be necessary to
implement, maintain and monitor the accommodation
 If an employee identifies they have a disability through the Performance Management Process, they are to
contact the Canada Disability Team to initiate the process.
Amex Recruitment is required to:

 Make a copy of this policy available to job applicants upon request
 A copy of this policy will be provided with all external job offers
 Respond to any accommodation requests in a timely manner
 Contact Canada Disability Team / Safety Specialist to discuss any implementation concerns
Canada Disability is required to:

 Make a copy of this policy available to employee or contractors upon request
 Respond to any accommodation requests in a timely manner

l’accommodement
 Work with the person, the person’s manager, and any relevant third parties to identify, implement and
monitor the appropriate accommodation
 Obtain additional internal or external expertise as required such as Health & Safety, Colleague & Labour
Relations, Compliance or to request an independent medical assessment
 Determine the cost of any accommodation and how it will be funded
 Keep any information obtained regarding the accommodation confidential
 Maintain records of any accommodation request and actions taken
6.0 APPROVAL REQUIREMENTS

Emergency plan accommodation requests should be directed to canada.safety@aexp.com.
Work related accommodation requests should be directed to the employee’s leader who will work with the
Canada Disability Team, CanadaDisability@aexp.com to get approval for the accommodation.
7.0 EXCEPTION / CONFLICT / ESCALATION RESOLUTION

Employees who wish to request exceptions or escalations should contact Colleauge & Labour Relations,
Colleague Experience Group.
8.0 ENFORCEMENT OF ISSUED POLICIES AND PROCEDURES

No employee shall be penalized or receive any negative treatment of any kind whatsoever in retaliation for
requesting accommodation.
The summary of provincial legislated requirements in section 9.0 of this document is to be reviewed against
government legislation yearly to ensure accuracy. When government legislation has been revised to provide a
greater benefit, the revised legislation will prevail.
9.0 RELATED POLICIES, PROCEDURES, REGULATORY GUIDELINES AND

SUPPORTING DOCUMENTS OR LINKS
Related documents (if applies)
Manitoba: http://www.gov.mb.ca/labour/standards/index.html
New Brunswick: http://www.gnb.ca/LEB-CTE/index-e.asp
Newfoundland and Labrador: http://www.gov.nl.ca/lra/faq/labourstandards.html
Nova Scotia: http://novascotia.ca/lae/employmentrights/
Ontario: http://www.labour.gov.on.ca/english/es/
Prince Edward Island: http://www.gov.pe.ca/labour/index.php3?number=1004723&lang=E
Quebec: http://www.gouv.qc.ca/portail/quebec/pgs/commun/portrait/emploi/?lang=en
Saskatchewan: https://www.saskatchewan.ca/business/employment-standards
Canada Federal: https://www.canada.ca/en/employment-social-development/programs/employment-
standards.html

l’accommodement
Related policies
Search The Square for the following:
Workplace Harassment, Sexual Harassment, Bullying, and Violence Prevention Program and Policy
Employee Plan Worksheet
Important note
The Company policies, plans, and programs govern the employment relationship. The Company reserves
the right to make changes to or discontinue Company policies, compensation plans, benefits, and programs
as it deems appropriate, with or without notice to the employee.
If this document refers to any Company benefit program, it does not supersede the actual provisions of the
applicable plan documents, which in all cases are the final authority. The applicable plan administrator has
the sole authority and discretion in determining eligibility and interpretation and administration of the
plans.
American Express takes reasonable effort to ensure the accuracy of the contents of policy documents and in the
administration of its policies and programs. The Company does not assume responsibility for consequential
damages caused by administrative or clerical errors.
10.0 REVISION / APPROVAL HISTORY

Version Final Revision / Revision Type: Revision Description CEG Policy Owner
# Approved Date* Material or Title and Function
Non-Material
6 20 July 2020 Material Policy format and other updates. Full Director, Colleague
review conducted & Labour Relations
Canada
*Note – This new version supersedes all prior Final Approved/AXP Published versions
11.0 KEY CONTACTS

For additional information and explanation concerning this policy, employees should contact their leaders or
the Colleague Service Centre via the applicable country phone number or other contact options.
Feedback/Alternative Format
Employees can provide feedback with respect to the accessible process by contacting the Accessibility Officer
at 1-888-301-5312, TTY: 1-866-529-1344 or by email AccessibilityCanada@aexp.com. Employees can also
request a copy of this policy in an alternative format by contacting the Accessibility Officer as outlined above.

l’accommodement
Certificate Of Completion
Envelope Id: 5CDE7E489D7947A898989F24EFA75DD0 Status: Delivered
Subject: Welcome to American Express - Kiara Cuter
Source Envelope:
Document Pages: 112 Signatures: 1 Envelope Originator:
Certificate Pages: 5 Initials: 0 Vanessa Disalvo
AutoNav: Enabled 200 Vesey St.
EnvelopeId Stamping: Enabled New York, NY 10285
Time Zone: (UTC-08:00) Pacific Time (US & Canada) vanessa.disalvo@aexp.com
IP Address: 148.173.101.246
Record Tracking
Status: Original Holder: Vanessa Disalvo Location: DocuSign
6/30/2022 12:23:32 PM vanessa.disalvo@aexp.com
Signer Events Signature Timestamp

Tanya Huang Sent: 6/30/2022 12:32:10 PM
tanya.huang1@aexp.com Viewed: 6/30/2022 12:33:22 PM
Security Level: Email, Account Authentication Signed: 6/30/2022 12:33:39 PM
(None)
Signature Adoption: Pre-selected Style
Signed by link sent to tanya.huang1@aexp.com
Using IP Address: 148.173.101.243
Electronic Record and Signature Disclosure:

Accepted: 6/30/2022 12:33:22 PM
ID: ac8a5643-f0ed-4f07-b692-e62cfa046a8f
Company Name: American Express
Kiara Cuter Sent: 6/30/2022 12:33:43 PM

cuterkiara@gmail.com Viewed: 7/1/2022 9:49:50 AM
Security Level: Email, Account Authentication
(None)
Electronic Record and Signature Disclosure:
Accepted: 7/1/2022 9:49:50 AM
ID: 44ad9fda-e86d-4c7a-b7ef-b809e3c14c04
Company Name: American Express
In Person Signer Events Signature Timestamp
Editor Delivery Events Status Timestamp
Agent Delivery Events Status Timestamp
Intermediary Delivery Events Status Timestamp
Certified Delivery Events Status Timestamp
Carbon Copy Events Status Timestamp
Witness Events Signature Timestamp
Notary Events Signature Timestamp
Envelope Summary Events Status Timestamps

Envelope Sent Hashed/Encrypted 6/30/2022 12:32:10 PM
Certified Delivered Security Checked 7/1/2022 9:49:50 AM
Payment Events Status Timestamps
Electronic Record and Signature Disclosure
Electronic Record and Signature Disclosure created on: 8/22/2018 11:25:56 AM
Parties agreed to: Tanya Huang, Kiara Cuter
ELECTRONIC RECORD AND SIGNATURE DISCLOSURE

From time to time, American Express (we, us or Company) may be required by law to provide to
you certain written notices or disclosures. Described below are the terms and conditions for
providing to you such notices and disclosures electronically through your DocuSign, Inc.
(DocuSign) Express user account. Please read the information below carefully and thoroughly,
and if you can access this information electronically to your satisfaction and agree to these terms
and conditions, please confirm your agreement by clicking the 'I agree' button at the bottom of
this document.
Getting paper copies
At any time, you may request from us a paper copy of any record provided or made available
electronically to you by us. For such copies, as long as you are an authorized user of the
DocuSign system you will have the ability to download and print any documents we send to you
through your DocuSign user account for a limited period of time (usually 30 days) after such
documents are first sent to you. After such time, if you wish for us to send you paper copies of
any such documents from our office to you, you will be charged a $0.00 per-page fee. You may
request delivery of such paper copies from us by following the procedure described below.
Withdrawing your consent
If you decide to receive notices and disclosures from us electronically, you may at any time
change your mind and tell us that thereafter you want to receive required notices and disclosures
only in paper format. How you must inform us of your decision to receive future notices and
disclosure in paper format and withdraw your consent to receive notices and disclosures
electronically is described below.
Consequences of changing your mind
If you elect to receive required notices and disclosures only in paper format, it will slow the
speed at which we can complete certain steps in transactions with you and delivering services to
you because we will need first to send the required notices or disclosures to you in paper format,
and then wait until we receive back from you your acknowledgment of your receipt of such
paper notices or disclosures. To indicate to us that you are changing your mind, you must
withdraw your consent using the DocuSign 'Withdraw Consent' form on the signing page of your
DocuSign account. This will indicate to us that you have withdrawn your consent to receive
required notices and disclosures electronically from us and you will no longer be able to use your
DocuSign Express user account to receive required notices and consents electronically from us
or to sign electronically documents from us.
All notices and disclosures will be sent to you electronically
Unless you tell us otherwise in accordance with the procedures described herein, we will provide
electronically to you through your DocuSign user account all required notices, disclosures,
authorizations, acknowledgements, and other documents that are required to be provided or made
available to you during the course of our relationship with you. To reduce the chance of you
inadvertently not receiving any notice or disclosure, we prefer to provide all of the required
notices and disclosures to you by the same method and to the same address that you have given
us. Thus, you can receive all the disclosures and notices electronically or in paper format through
the paper mail delivery system. If you do not agree with this process, please let us know as
described below. Please also see the paragraph immediately above that describes the
consequences of your electing not to receive delivery of the notices and disclosures
electronically from us.
How to contact American Express:
You may contact us to let us know of your changes as to how we may contact you electronically,
to request paper copies of certain information from us, and to withdraw your prior consent to
receive notices and disclosures electronically as follows:
To contact us by email send messages to: axp.docusign.support.canada@aexp.com
To advise American Express of your new e-mail address
To let us know of a change in your e-mail address where we should send notices and disclosures
electronically to you, you must send an email message to us at
axp.docusign.support.canada@aexp.com and in the body of such request you must state: your
previous e-mail address, your new e-mail address. We do not require any other information from
you to change your email address..
In addition, you must notify DocuSign, Inc to arrange for your new email address to be reflected
in your DocuSign account by following the process for changing e-mail in DocuSign.
To request paper copies from American Express

To request delivery from us of paper copies of the notices and disclosures previously provided
by us to you electronically, you must send us an e-mail to
axp.docusign.support.canada@aexp.com and in the body of such request you must state your e-
mail address, full name, US Postal address, and telephone number. We will bill you for any fees
at that time, if any.
To withdraw your consent with American Express
To inform us that you no longer want to receive future notices and disclosures in electronic
format you may:
i. decline to sign a document from within your DocuSign account, and on the subsequent
page, select the check-box indicating you wish to withdraw your consent, or you may;
ii. send us an e-mail to axp.docusign.support.canada@aexp.com and in the body of such

request you must state your e-mail, full name, IS Postal Address, telephone number, and
account number. We do not need any other information from you to withdraw
consent.. The consequences of your withdrawing consent for online documents will be
that transactions may take a longer time to process..
Required hardware and software

Operating Systems: Windows2000? or WindowsXP?
Browsers (for
Internet Explorer 6.0? or above
SENDERS):
Browsers (for
Internet Explorer 6.0?, Mozilla FireFox 1.0, NetScape 7.2 (or above)
SIGNERS):
Email: Access to a valid email account
Screen Resolution: 800 x 600 minimum
 Allow per session cookies
Enabled Security
 Users accessing the internet behind a Proxy Server must enable HTTP
Settings:
1.1 settings via proxy connection
** These minimum requirements are subject to change. If these requirements change, we will
provide you with an email message at the email address we have on file for you at that time
providing you with the revised hardware and software requirements, at which time you will have
the right to withdraw your consent.
Acknowledging your access and consent to receive materials electronically
To confirm to us that you can access this information electronically, which will be similar to
other electronic notices and disclosures that we will provide to you, please verify that you were
able to read this electronic disclosure and that you also were able to print on paper or
electronically save this page for your future reference and access or that you were able to e-mail
this disclosure and consent to an address where you will be able to print on paper or save it for
your future reference and access. Further, if you consent to receiving notices and disclosures
exclusively in electronic format on the terms and conditions described above, please let us know
by clicking the 'I agree' button below.
By checking the 'I Agree' box, I confirm that:
 I can access and read this Electronic CONSENT TO ELECTRONIC RECEIPT OF

ELECTRONIC RECORD AND SIGNATURE DISCLOSURES document; and
 I can print on paper the disclosure or save or send the disclosure to a place where I can
print it, for future reference and access; and
 Until or unless I notify American Express as described above, I consent to receive from
exclusively through electronic means all notices, disclosures, authorizations,
acknowledgements, and other documents that are required to be provided or made
available to me by American Express during the course of my relationship with you.

Welcome To American Express - Kiara Cuter

Uploaded by

Copyright:

Available Formats

You might also like

Welcome To American Express - Kiara Cuter

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Welcome To American Express - Kiara Cuter

Uploaded by

Copyright:

Available Formats

DocuSign Envelope ID: 5CDE7E48-9D79-47A8-9898-9F24EFA75DD0

June 30, 2022 PERSONAL & CONFIDENTIAL

1. Title: You will be employed in the position of Marketing Intern reporting to me or my

14. Action Required:

For further information please see the attached:

 Code of Conduct Brochure

 Direct Deposit Form

15. Conditional Offer: This offer is conditional upon:

o Completion of satisfactory references, which could include a review of past

June 30, 2022

TO BE INCLUDED IN DOCUSIGN ENVELOPE ALONGSIDE JOB OFFER

Canada COVID-19 Vaccination Memo

The Company is committed to the highest standards of health and

MY COMPANY. MY CODE. 我的公司 • 我的守則

INNOVATION | COLLABORATION | LEADERSHIP | RESPECT | DIVERSITY | OPPORTUNITY

BLUE BOX VALUES WE DELIVER FOR OUR

CUSTOMERS. WE CARE ABOUT

WE NEED DIFFERENT VIEWS.

American Express driver and wagon (New York, ca. 1885)

Protection of Property and Information.......................................... 21

TABLE OF Confidential Information and Trade Secrets..................... 21

Making Reports.............................................................................5 Gifts and Entertainment........................................................... 35

Non-Retaliation.............................................................................5 Antitrust and Fair Competition.................................................37

Training, Confirmation & Code of Conduct Disclosures..........5 Contacts with Competitors.................................................37 6

Drugs and Alcohol................................................................10 Anti-Corruption.......................................................................... 44

Violence..................................................................................11 Improper Payments............................................................. 44

American Express Company’s reputation is a priceless asset. Built over 160

1 Throughout the Code, you’ll find references to important Company policies.

• Your business unit’s • Your business unit’s Controller

TRAINING, CONFIRMATION AND CODE OF CONDUCT DISCLOSURES

BLUE BOX VALUES TREATMENT OF EMPLOYEES AND OTHERS

FREEDOM FROM HARASSMENT

QUESTION: Q: Sondra feels harassed by her leader, Thomas. He constantly comments

A: Sondra should report Thomas’s conduct to Human Resources immediately.

WORKPLACE SAFETY AND HEALTH

Drugs and Alcohol

BLUE BOX VALUES CONFLICTS OF INTEREST

Guidelines applicable to some of the most common conflict-of-interest situations

15 We may not serve as a director, trustee, officer, advisory board member or

A: That depends on the nature of Jennifer’s position, the consulting Jennifer’s

A: Most likely, yes, but Bill should

In addition, we may not take personal advantage of our Company’s corporate

BOOKS AND RECORDS

Reporting accurate, complete and understandable information about our Company’s

Financial Statements and Accounts

Ensuring accurate and complete accounting and financial records is everyone’s

A: No. It is Dave’s responsibility to understand the business reason for the

Relationships with Auditors and Government Investigators or Regulators

PROTECTION OF PROPERTY AND INFORMATION

Confidential Information and Trade Secrets

Third-Party Property and Information

A. No. It is unethical and may be unlawful to reveal the confidential information or

Communicating with the Public about American Express

Operating in an Open Network Environment

Principle 1 – Legal and Contractual Obligations

Principle 2 – Information Sharing

To apply this principle, we must understand whether or not information is confidential to