Effective May 26, 2022 Version 4.0

Canopy Growth Corporation and its subsidiaries (collectively “Canopy”) pride themselves on being good corporate citizens and are committed to complying with all applicable requirements concerning corporate accounting practices, accounting controls and auditing practices and with its Code of Business Conduct and Ethics (“Code”), which requires the observation of high standards of business practices and personal ethics by Canopy’s employees, officers and directors (“Employees”).


To establish a whistleblower protection policy for Canopy Growth Corporation and all its subsidiaries (collectively, the “Company”); the procedure for reporting of concerns about illegal activities or other wrongdoings by the Company’s employees or business partners.


Canopy is committed to providing a work environment where Employees are dedicated to working with integrity and supporting ethical behavior.

Canopy provides a confidential and anonymous avenue for Employees to report concerns that may lead to accounting irregularity, illegal activity, or a violation of company policies.

Canopy will also ensure that Employees will be treated fairly and appropriately throughout an investigation and will ensure that the Company favors transparency and accountability.

Accordingly, it is the Company policy to ensure that when an Employee has reasonable grounds to believe that another Employee has committed or is about to commit a wrongdoing, the expectation and process are as follows:

a. The Employee discloses this information through a safe and clearly defined process;

b. The matter will be reviewed and, if warranted, investigated by appropriate personnel;

c. The Employee will be protected from reprisals;

d. All parties to an investigation will be treated fairly;

e. Confidentiality will be maintained to the greatest extent possible; and

f. If a wrongdoing is found, appropriate remedial and disciplinary actions will be taken.


This Policy applies to all employees and consultants (hereinafter collectively referred to as “employees”) of the Company, suppliers, and customers of the Company. In the event of a question of interpretation of this policy vis-à-vis employees, the Chief Financial Officer shall have final discretion.


“Accounting Irregularity” means all accounting, auditing, or other financial matters which are the subject of alleged wrongdoing.

“Compliance Committee” refers to the Committee and is comprised of the Chief Financial Officer, Chief Legal Officer, Chief Human Resources Officer and Chief Audit Executive.

“Discloser” means an Employee who makes a Disclosure under this policy. “Disclosure” means either a Protected Disclosure or an Improper Disclosure.

“Improper Disclosure” means a disclosure made in bad faith by a Discloser. Examples could include providing false information, making disclosures that are baseless, or making repeated disclosure concerning matters that have previously been examined or investigated.

“Incident” means, for purposes of this policy, any possible concern that is identified and reported upon.

“Protected Disclosure” means a disclosure that is made in good faith by a Discloser in accordance with this policy.

“Reprisal” means that no action or measures be taken against a Discloser if the Discloser has, in good faith, made a Protected Disclosure or has cooperated in an investigation carried out under this policy. Examples of Reprisal could include demotion, suspension, disciplinary action, denial of compensation or benefits, suspension of promotion or termination.

“Subject” means the person(s) whom the Discloser believes has committed or is about to commit a wrongdoing that is covered by this policy.

“Whistleblower program” refer to the external service provider (NAVEX) providing telephone hotline and web-based incident reporting intake services. NAVEX is an independent organization which operates on an arm’s-length basis; and

“Wrongdoing” means, for purposes of this policy, any accounting irregularity, illegal act, or a violation of company policies. Examples of wrongdoings could include a misuse of company assets or funds; a breach of the Code or any other company policy; or knowingly directing or counselling another Employee to commit a wrongdoing.


Employees need to be dedicated to preventing workplace wrongdoings. It is the responsibility of all Employees to:

  • adhere to the Code;
  • report any suspected or alleged incidents that may lead to incorrect financial reporting, illegal activities, acts that are inconsistent with the Code or are improper;
  • report the incident as early as possible to reduce the risk; and
  • keep information relating to any process under this policy strictly


It is Canopy’s responsibility to:

  • investigate the incident;
  • determine the accuracy of the incident;
  • determine if the reported act is a wrongdoing;
  • administer corrective actions as appropriate;
  • retain records of complaints for an appropriate period;
  • timely report any allegations of accounting irregularities, including suspected fraud or securities law violations to the Audit Committee of the Board of


The Whistleblower Program is administered by Canopy’s Internal Audit group, and reports on incidents received and status of respective investigations to Canopy’s Audit Committee of the Board of Directors and select members of Senior Leadership.

Nothing contained in Section 5.0 of this policy limits Employees’ ability to file a charge or complaint with a governmental regulatory agency and nothing herein limits their ability to communicate with any such agencies or otherwise participate in any investigation or proceeding that may be conducted by any such agency, including providing documents or other information, without notice to Canopy.

All Employees are responsible to immediately report any incident that they believe constitute wrongdoings to their immediate supervisor and/or Human Resources. If the supervisor is involved or the cause of the incident, the employee should report the incident to the next level of management and/or Human Resources, or to any member of the Compliance Committee. If the employee is not comfortable reporting through any of the above means, the Employee may report such incidents through the Whistleblower program. Matters involving possible violation of laws or regulations may also be brought to a relevant governmental regulatory authority.

However, Canopy is committed to taking internal action in response to employee concerns, and would appreciate the opportunity to do so, if appropriate.

The Whistleblower program can be accessed:

Via web-based reporting:


By telephone as follows:

  • In North America: (888) 475-0051
  • In Germany: 0800 7327347
  • All other Countries: Telephone access codes for all other countries are reflected on the Whistleblower

Disclosers may report an incident either on-the-record or anonymously. Disclosers may refrain from discussing any of the facts of their involvement, except to the extent required for the purposes of any investigation and resolution. Disclosers and Subjects have the right to be represented or accompanied by another person of their choice (including legal counsel, at their own cost).

Canopy is committed to investigating and dealing with all concerns, complaints, or incidents of wrongdoings in a fair and timely manner while respecting the confidences and sensitivities of all persons involved; except where disclosure is required to investigate the incident or to take appropriate action, including disciplinary measures.

Canopy will inform the Discloser of the investigation results and will take appropriate remedial or disciplinary action up to and including termination of any Employee who is in breach of applicable human rights legislation, federal or provincial laws and/or company policies.

Allegations that are not made in good faith will be viewed as a serious offence and may be subject to discipline up to and including termination.

Canopy will not permit any employees to harass, retaliate or discriminate against those other employees, who, in good faith, report an incident. Retaliation in any form will not be tolerated.




4 May 26, 2022 Board of Directors Review & non-material updates
3 August 31, 2020 New Process and Service Provider
2 September 24,


Policy Review by Board of Directors
1 April 30, 2018 Policy Origination