Beruflich Dokumente
Kultur Dokumente
The contents of this document are protected by U.S. and international law. ALL RIGHTS RESERVED.
Any other use of information in this document, including reproduction, modification, distribution, or
republication without prior written permission from Corpedia, Inc. is strictly prohibited.
Contents
Executive Summary 2
Planning 4
Stakeholder Selection 4
Project Timeline Development 5
Planning Considerations for International Organizations 7
Developing the Code 8
Tone from the Top 8
Readability and Tone 10
Non-Retaliation and Reporting 12
Values Statements and Stakeholder Commitments 15
Risk Topic Coverage 16
Learning Aids 18
Presentation, Style and Organization 19
Communicating the Code 21
Translations 21
Distribution 21
Certification and Disclosure 22
Bringing the Code 3.0 to Life 23
The Genesis of the Code Meeting Requirements 23
Cultural Reawakening Adopting a User-Friendly Code 23
Code 3.0 Engaging the Audience 23
Maintaining the Code 24
Appendix A: Selected Requirements for Codes of Conduct 25
Federal Sentencing Guidelines 25
Sarbanes-Oxley Act of 2002, Section 406 25
Securities and Exchange Commission 33
New York Stock Exchange 40
NASDAQ 41
Appendix B: About Corpedia 44
Acknowledgments 44
However, organizations often view the code of conduct as a necessary evil, mandated
by various regulatory and governmental agencies (see the Appendix for a listing of
select requirements), rather than an opportunity to educate employees about the
standards to which they are held. The resulting document is frequently formal and
difficult to read, having clearly been written by a team of lawyers. Organizations that
take this approach miss a prime opportunity to pronounce their values, standards and
expectations to both internal and external constituents. Studies show that companies
exhibiting a pronounced emphasis on ethics and trust have higher employee retention
rates and attract more prospective employees.1 Therefore, taking time to relate your
companys values, reputation and success with compliance in a meaningful way not
only helps your organization fulfill the FSG, but is also a shrewd business decision.
The code serves as the primary means for your organization to communicate its
commitment to ethical and legal conduct to both internal and external stakeholders:
employees as well as vendors, customers, agents, shareholders, and the communities
in which you do business. While a single document cannot anticipate every possible
situation that an employee might face, your code should provide proper and effective
guideposts for behavior. To achieve this, tie the codes guidelines to your companys
values and ethical commitments. Do so in a manner that facilitates employees grasp of
the critical nature of compliance and ethical decision making, consistent with the code.
In addition, the code should enable employees to quickly recognize when to seek
guidance, encourage them to report concerns, and provide various avenues through
which they can do both.
When revising or creating the code, consider the audience to which the code is directed.
Ensure that the language is at such a level that your largest employee base will fully
comprehend the content. Take into account the locations in which your employees
conduct business and ensure that all code content is applicable to all of the audiences
receiving it. Scrub this content to ensure that it will resonate with employees in foreign
jurisdictions, and be sure to provide translated versions of the code in these locations,
as appropriate. Furthermore, in order to reach your employees in an effective and
engaging manner, allocate proper resources to layout and graphic design.
1
The New ROE: Return On Ethics, at http://www.forbes.com/2009/07/21/business-culture-corporate-
citizenship-leadership-ethics.html, and a recent Stanford business school study, at
http://www.gsb.stanford.edu/news/research/montgomery_mba.html.
The code-creation or -revision process is a daunting task and can quickly become
overwhelming without proper planning and knowledge of the issues at hand. Corpedia,
with its team of attorneys, analysts, subject matter experts, writers and editors, has
provided this article as a useful reference guide for those embarking on or considering
the code of conduct revision or development process.
Stakeholder Selection
Decide whether you will engage a vendor or create the code in-house
First, you will need to consider whether you will engage an external vendor to handle
the code-creation process. Working with an external vendor that has a dedicated focus
on writing, editing and designing compliance- and ethics-related documents can
significantly benefit the average organization. Generally, engaging outside vendors to
develop the code is more cost- and time-effective than creating or revising in-house.
The right vendor will bring to the table the collective view of expert attorneys and subject
matter experts on applicable compliance risks as well as a team of writers, editors and
designers with expertise on best practices for code drafting, language selection,
formatting and graphic design. A vendor should also be able to provide project
management resources to guide you through the process from inception to completion.
Ensure that the process of engaging a vendor is thoughtful and carefully planned; failure
to do so can result in unmet expectations and strained relationships on one or both
sides.
Furthermore, you will need to establish a review team. Whether you are engaging an
external vendor or writing the code in-house, it is important to involve all applicable
internal stakeholders at the outset of the process. If these individuals share a cohesive
view of the final products look and are apprised of the timeline for code drafting, they
will be more likely to provide effective and timely feedback. The input and involvement
provided by key internal stakeholders will also translate into increased buy-in from these
groups when it comes time to roll out the codean invaluable asset.
While it can be difficult to involve international reviewers before the code has been
translated, keep in mind that engaging these stakeholders at the earliest possible
juncture will help your company avoid future difficulties (particularly when seeking
approval from works councils). Often, it is helpful to provide these groups with a
summary list of the pertinent risk topics addressed and policies cited (in the case of a
code creation) or of the major revisions made (in the case of a code rewrite). Doing so
allows international reviewers to formulate an understanding of the final products look
and feel, and gives them a sense of ownership in the project.
1. Project Initiation During the initiation phase, establish the project scope and
assign resources and stakeholders. Holding a project kickoff meeting is generally
advisable. The primary purpose of this phase is to identify project goals, intended
audience and communication objectives. Gather all necessary content material at
this point, such as relevant policies, any Company values language, and internal
style or communication guides.
3. Code Drafting Once the outline is finalized, the development of code content
should begin. The drafting process should follow the communication objectives
and outline approved in the previous stages. Generally, two to three drafts of the
code are necessary.
5. Quality Control The final draft must be comprehensively reviewed for quality
control by a legal expert and an editor, as well as by subject matter experts, if
applicable.
This process should take approximately 1416 weeks from the Project Initiation phase
to the Quality Control stage; of course, this is merely an approximation and will vary
from one organization to the next.
In addition, it is important to account for the design, layout and publication phases of the
code creation process. These phases typically include the following:
1. Project Initiation During this phase, identify the principal design contacts and
determine whether you will design the code in-house or engage an external
vendor. If developing the design in-house, your organization may wish to enlist
your marketing or communications team in the design process. Schedule a
design kick-off meeting to discuss and agree upon design goals. At this point,
collect all content material, including photography and other graphic design
elements.
2. Determine Theme and Layout Whether you are working with an external
vendor or designing in-house, you will need to develop a design theme and
layout for your code of conduct. This will involve deciding on color scheme,
pictorials, graphic design, and the like. Typically, external vendors will provide
layout mock-ups that include spread samples for several different pages. If
designing in-house, you may wish to assign your design team this task.
3. Code Layout The design team will follow the layout objectives decided upon in
the previous stage. This process generally consists of two drafts, but may require
more.
Generally, this process will take around eight to ten weeks, depending on your
organization and the design team you have chosen (whether internal or external).
However, keep in mind that much of the design process can be done concurrently with
certain stages of the code drafting process. For instance, if the design team is
developing layout mock-ups, this can be done during the Outline Development or Code
Drafting stages.
There are several considerations to keep in mind when deciding whether to draft a
global code. The most common obstacle that discourages companies from developing a
single, global code is the challenge of ensuring that the code complies with all
applicable laws and regulations in all jurisdictions. For example, navigating the murky
waters of EU data protection laws and avoiding the pitfalls associated with discussing
non-discrimination and harassment laws can certainly pose difficulties. While such
dilemmas can normally be solved with relative ease during the drafting phase, it is
important that you give such matters strong consideration and consult with legal experts
before initiating and throughout the code-drafting process.
In addition, international organizations must ensure that the code provides accessible
contact information that is relevant and useful for all readers. Oftentimes, companies
worry that this will be an impossible feat, considering the inevitable variation in
international contacts and various laws prohibiting corporations from requiring that their
constituents report to foreign contacts. There are several solutions to this seeming
dilemma, however, as discussed in the Non-Retaliation and Reporting section of this
whitepaper.
Since the code is often one of the first documents new hires read when they join a
company, this introduction by a high-level executive should also serve as a welcoming
smile and handshake. Consider including a photograph and/or signature of the
executive in question to provide a visual connection between the executive team and
the code.
In keeping the code topical and relevant, the executive introduction piece will often
provide an update as to how the code document has changed since its predecessor.
You may also wish to discuss the general status of the compliance and ethics program,
including any recent improvements that have been made and any awards or accolades
it has earned.
Explain the code's role within the broader ethics and compliance program
The introductory letter should speak to the role of the code and its relation to the overall
ethics and compliance program. This provides an excellent opportunity for companies to
sell the code and the program in one fell swoop. Show employees why the code is
important by clearly stating its purpose. Explain that, while the code cannot address
every conceivable issue employees might face, it sets forth guidelines for proper
business conduct that will help employees make ethical decisions consistent with the
companys values and the way it does business. Link ethical behavior to the success of
employees as individuals and that of the company as a whole.
Keep in mind that rules about how an individual may report, maintaining the anonymity
of a reporters identity, as well as the method by which a hotline is maintained (i.e.,
whether it is safe harbor certified) may be subject to different laws, depending on the
locations of the particular business. It is imperative that you checkand accessibly
communicatethe applicable laws to ensure that employees fully understand how
reports are conducted and investigated.
To achieve an engaging and inviting tone, it is important that you pay ample attention to
voice during the drafting phase. Generally speaking, avoid the third-person voice, as
this tone can appear condescending. Instead, use a warm, first-person voice. An
inclusive voice allows employees to feel a sense of ownership of the code.
You may also wish to use the second-person you in areas in which you would like to
provide more direct guidance. For example, You should contact the General Counsel if
you have concerns about auditing or accounting matters. The second-person voice is
quite appropriate in such situations, but it is important that you ensure that such usage
Creating an engaging tone also involves limiting the amount of passive language in the
document. While passive language can be employed to soften the tone in certain
instances, the active voice delivers content in a much more compelling and lively
manner. Oftentimes, the reduction of passive language will naturally occur as you avoid
the third person and implement the first. For example, instead of saying, It is Company
policy that all Company employees be cautious to avoid the appearance of impropriety,
consider saying, We must all avoid the appearance of impropriety. This more direct
statement is far more likely to maintain readers interest and inspire employees to
ethical behavior.
In order to align the code language to an appropriate grade level, work to reduce the
average sentence length and replace long words with shorter synonyms. Use of
complex jargon and a plethora of lengthy, complicated sentences tend to cloud the
codes message and may discourage employees from reading the material altogether.
While long words such as discrimination and harassment are par for the course in all
codes of conduct, replacing terms such as furthermore, moreover and additionally
will serve you well in terms of reducing the grade level and eliminating legalese from the
document. In addition, take definition clauses out of long sentences and instead
introduce definitions in the succeeding sentence. Doing so will reduce the number of
times employees will have to re-read sentences, thereby increasing the likelihood that
they will comprehend and retain code content. Finally, when designing your code, you
Because global codes will likely be translated into several languages, it is important to
avoid colloquialisms that may be difficult to translate. Engage culture experts to scrub
the code for such inconsistencies as part of the quality control review.
This section should discuss in detail the process of asking questions or reporting actual
or potential misconduct. It should provide specific avenues through which employees
may raise ethical concerns, as well as contact information for each avenue. This
reporting chain may be hierarchical in nature, or it may simply take the form of a list. If
your organization maintains an open-door policy, take the opportunity to provide an in-
depth explanation of that policy here. Encourage employees to seek face-to-face
guidance first, but give them reporting options for situations in which they are
uncomfortable talking to (or unable to talk to) their supervisor or manager. Provide any
other applicable resources, including a member of the human resources department,
the general counsel or corporate secretary, the legal department and/or the board of
In addition to providing employees the above reporting resources, your company should
give strong consideration to establishing a hotline by which employees can
anonymously and confidentiallywhere allowed by local lawsreport misconduct.
Maintaining such a hotline has been an increasing trend for companies in recent years,
and is now the standard rather than the exception. Indeed, SOX 301 requires U.S.
publicly traded companies to maintain one for reporting audit or financial concerns. In
addition, amendments to the Federal Acquisition Regulations require that certain
government contractors2 display a government agency hotline poster. Commonly, such
hotlines are run by independent third parties and are set up to accommodate upwards
of 150 local languages via phone and/or website. If your company maintains such a
service, provide employees with contact information for the hotline in the dedicated
reporting section and elsewhere throughout the code. If you have international
operations, be sure to include local access numbers for the hotline. Often, companies
will opt to embed a chart within the code text or at the end of the code to house these
numbers. You may also wish to create internet or intranet landing pages for the
hotline. Such landing pages can be set up to provide local access codes for specific
locations and country-specific reporting guidelines for those locations.
2
Those companies that have engaged in work on a government contract (as a contractor or
subcontractor) which is expected to exceed $5 million with a performance period of 120 days or more.
In addition, communicate that all concerns will be investigated promptly and thoroughly,
allowing employees to know that their report will adhere to a structured and documented
process. Assure employees that all possible steps will be taken to ensure their
confidentiality, consistent with applicable laws (see Ensure compliance with
international reporting laws, below) and proper resolution of the concern.
Emphasize that by reporting concerns, employees are doing the right thing and
helping the company halt and/or prevent misconduct
It is important to create a link between ethical conduct and reporting, rather than to
simply emphasize that reporting violations is mandatory and that failing to do so violates
company policy. While the latter can have its intended effect, the former method is more
likely to inspire employees to overall ethical behavior and is therefore more effective.
Elucidate the ways in which reporting concerns allows your company to halt or prevent
misconduct, and thus contributes to the ethical culture at your company.
Given the whistleblower provisions of Dodd-Frank3 that provide lucrative incentives for
those who report wrongdoing to the government in furtherance of its investigations, it is
more important than ever to encourage employees to report internally rather than
reporting to a government agency firstor worse, not speaking up at all.
3
Dodd-Frank Wall Street Reform and Consumer Protection Act, 12 USC 5301 (2010).
It is also important to note that some jurisdictions require not only that the company
protect good faith reports, but also that it expressly inform employees that making
reports not in good faith is a behavior that is not protected from retaliation and will result
in disciplinary action.
Finally, if you have EU subsidiaries, it is generally recommended that you check for
possible conflicts with local labor legislation. For example, in Germany if the subsidiary
has established a works council, you need to obtain prior approval from this body before
adopting the code. In France, you will likely need to request the non-binding opinion of
the works council before proliferating any reporting requirements to local employees via
the code or other document. While challenging, satisfying the requirements of these and
other laws is feasible without necessitating country-specific codes of conduct.
4
Anonymous Reporting Procedures and Codes of Ethical Conduct in the European Union, at
http://www.gibsondunn.com/Publications/Pages/AnonymousReportingProceduresandCodesofEthicalCon
ductintheEuropeanUnion.aspx
5
Ibid.
6
Ibid.
If your organization does have a widely disseminated values statement that employees
will recognize and associate with your ethics and compliance program, you may also
wish to organize your code around these values. This can provide an excellent method
of organization and further link the code to your corporate values.
Regardless of how you introduce your companys values, what is most important is that
you clearly and passionately communicate them. So doing will energize your employee
base by explaining the why of compliance, rather than providing a tedious list of rules
and regulations. Clearly illustrate at the beginning of each risk area what is expected of
employees by tying behavioral expectations to values or ethical commitments. Codes
that fail to do so often sound like laundry lists of prohibitions.
In recent years, the trend for organizing the code document around stakeholder
commitments has been evident. If your company chooses to utilize this organization,
group sections of risk topics by their corresponding stakeholder group. For example,
Our Commitments to Each Other might house Workplace Safety and Diversity, and
Our Commitments to Our Communities might discuss Environmental Responsibility
and Political Activities. This method of organization can prove an effective way to
introduce these obligations in a positive light, ensuring that readers will associate
upholding these commitments with ethical conduct.
Determining the substance of the code is the most important step in the code
development process. Obviously, you will need to consider factors such as the size and
structure of your company when determining what risk topics to include and the depth of
coverage each will receive. In addition, you should consider the industry in which your
company operates. Many organizations are subject to myriad industry-specific
regulatory obligations. For example, organizations in the pharmaceuticals industry must
be particularly cautious to ensure that their employees are abiding by the various
regulations established by the PhRMA Code, the FDA and international regulatory
agencies, such as those supporting international product registrations.
Consider the risks your organization faces, looking to those risks that are both systemic
to your organization and unique to your industry. Leveraging recently completed internal
audits and/or compliance risk assessment results will provide focus as to which topic
areas to cover. If no such risk assessment or audit information exists, give serious
consideration to the deployment of resources to further identify, prioritize and mitigate
your companys ethics and compliance risks. Referencing the codes of peer companies
will provide additional insight into applicable risk areas.
You will also need to consider the geographic areas in which your company operates.
There are several risk topics that pose drafting difficulties for U.S. organizations looking
to adopt a single, global code. For example, a U.S. company operating in certain Middle
Eastern countries will need to take care when discussing discrimination in terms of
gender and religion. Keep in mind that making employment-related decisions based
on gender or religion may be perfectly permissible in these locations. In addition, some
Asian countries have laws in place that preclude women from working as many hours
as men, and Germany requires employers to take into account an employees age and
disability when making workforce reduction decisions. Therefore, when discussing non-
discrimination in an international code, you may wish to use rather general language
when discussing these issues.
Define the terms and concepts used within each risk area
Codes frequently utilize concepts and terms that are not often heard in everyday
conversation, or are often misused in common parlance. When drafting your code, be
sure to define all potentially confusing terminology, such as harassment, insider
trading, material, nonpublic information and antitrust. In addition, clarify any
concepts that may have slightly different meanings within the code than they would
normally have, including conflict of interest, retaliation, relative or good faith.
Communicate how the code relates to U.S. and international laws and
regulations, local laws and other company policies
It is also important to establish how the code relates to the various laws, regulations,
policies and procedures that employees might encounter in their work. Doing so will
provide a proper framework and context for employees, who may encounter conflicts
between local laws and business practices, the code and/or other company policies. It is
important to specify which standard shall govern; if this is fact-specific, it is generally
best to direct employees at the outset of the code to seek guidance from your legal
department in such situations.
Learning Aids
Supplement the code content with learning aids
Keep in mind that, while codes aim to break down policy material into a more digestible
and direct format, some readers are less skilled than others at comprehending the
written word. While the codes text should explain difficult-to-understand concepts and
terms, you can further ensure comprehension of these by embedding learning aids,
which supplement these explanations and bring theoretical and abstract concepts into
the realm of practical advice. Learning aids can take many forms, including question-
and-answer segments, real-life scenarios and vignettes that demonstrate the
implications for certain courses of action.
Consider placing learning aids with the risk topics that are most important for your
organization or among those that are fact-specific. For example, you may wish to
When designing the look and feel of your organizations code, adopt a visual style that
fits with existing internal and external company communications. For example, employ
the same design resources responsible for your companys annual report. Keeping a
design aesthetic consistent with existing company branding will convey that this code is
unique to your organization. A code that is branded in this manner can serve not only as
To allow for a user-friendly reading experience, limit the width of the text to
approximately 10 to 12 words across. In addition, migrate long lists of information (such
as lists of examples and sets of guidelines) into bulleted lists where appropriate. These
white-space-maximizing techniques will increase comprehension for your average
reader, who generally finds dense walls of text daunting and difficult to digest.
Whatever the structure, a code should be organized in a way that fits your
organizations culture and makes sense for your business.
In addition, consider concluding the document with an index and a glossary of terms.
Distribution
Determine the method of distribution
You will also need to consider how you will disseminate the code to your employees.
Organizations are increasingly choosing to distribute fewer and fewer printed copies of
their codes. Providing the code to employees primarily in electronic format is both a
cost-effective and an environmentally friendly solution. However, if a segment of your
companys employee base does not have access to a computer or the internet, this is
not a feasible option.
Code documents should be provided in a logical location on your website, such as the
Investor Relations (for publicly traded companies), Corporate Governance, About
Us, Company Values or Corporate Social Responsibility pages of the site. You may
also wish to maintain the code in multiple places on the website.
7
Transparency Internationals 2012 Corruption Perception Index
http://cpi.transparency.org/cpi2012/results/
In the past, many companies could feasibly require annual certification of only certain
employee groups. As these forms are increasingly distributed in electronic format,
however, acquiring certification from your entire employee base on an annual basis is a
more viable option. If you are providing training on the code via e-learning courseware,
you may wish to forego the acknowledgement and certification in the code itself, and
instead utilize a certification and disclosure option in the course, which is then stored on
your companys learning management system (LMS). You may also choose to combine
this process with your annual conflict of interest certifications.
Refreshing the code does not necessarily require changing the precepts of the code,
and can be as simple as updating the presentation to ensure that readers remain
engaged. Better yet, add new examples, comprehension aids and other attention-
getters, or migrate to Code 3.0. A static code will quickly lead to perfunctory review on
the part of employees, and such review undercuts the purposes of the code and the
annual certification process.
CELC ADVISORY SERVICES POWERED BY CORPEDIA | BEST PRACTICES IN CODE OF CONDUCT DEVELOPMENT | 24
Appendix A: Selected
Requirements for Codes of
Conduct
Federal Sentencing Guidelines
Chapter 8 - PART B - REMEDYING HARM FROM CRIMINAL CONDUCT, AND
EFFECTIVE COMPLIANCE AND ETHICS PROGRAM
8B2.1. Effective Compliance and Ethics Program
b) Due diligence and the promotion of an organizational culture that encourages
ethical conduct and a commitment to compliance with the law within the meaning
of subsection (a) minimally require the following:
(1) The organization shall establish standards and procedures to prevent and
detect criminal conduct.
***
(4) (A) The organization shall take reasonable steps to communicate periodically
and in a practical manner its standards and procedures, and other aspects of
the compliance and ethics program, to the individuals referred to in subdivision
(B) by conducting effective training programs and otherwise disseminating
information appropriate to such individuals respective roles and
responsibilities.
United States, means the 50 States, the District of Columbia, and outlying areas.
(1) A relevant commercial organisation (C) is guilty of an offence under this section if a
person (A) associated with C bribes another person intending
(a) to obtain or retain business for C, or
(b) to obtain or retain an advantage in the conduct of business for C.
(2) But it is a defence for C to prove that C had in place adequate procedures designed
to prevent persons associated with C from undertaking such conduct.
(3) For the purposes of this section, A bribes another person if, and only if, A
(a) is, or would be, guilty of an offence under section 1 or 6 (whether or not A has been
prosecuted for such an offence), or
(b) would be guilty of such an offence if section 12(2)(c) and (4) were omitted.
(4) See section 8 for the meaning of a person associated with C and see section 9 for a
duty on the Secretary of State to publish guidance.
(5) In this section partnership means
(a) a partnership within the Partnership Act 1890, or
(b) a limited partnership registered under the Limited Partnerships Act 1907, or a firm or
entity of a similar character formed under the law of a country or territory outside the
United Kingdom,
relevant commercial organisation means
(a) a body which is incorporated under the law of any part of the United Kingdom and
which carries on a business (whether there or elsewhere),
(b) any other body corporate (wherever incorporated) which carries on a business, or
part of a business, in any part of the United Kingdom,
(c) a partnership which is formed under the law of any part of the United Kingdom and
which carries on a business (whether there or elsewhere), or
(d) any other partnership (wherever formed) which carries on a business, or part of a
business, in any part of the United Kingdom, and, for the purposes of this section, a
trade or profession is a business.
17 CFR 228.406
Sec. 228.406 (Item 406) Code of ethics.
(a) Disclose whether the small business issuer has adopted a code of ethics that
applies to the small business issuer's principal executive officer, principal financial
officer, principal accounting officer or controller, or persons performing similar
functions. If the small business issuer has not adopted such a code of ethics,
explain why it has not done so.
(b) For purposes of this Item 406, the term code of ethics means written standards
that are reasonably designed to deter wrongdoing and to promote:
(1) Honest and ethical conduct, including the ethical handling of actual or
apparent conflicts of interest between personal and professional relationships;
(2) Full, fair, accurate, timely, and understandable disclosure in reports and
documents that a small business issuer files with, or submits to, the
Commission and in other public communications made by the small business
issuer;
(3) Compliance with applicable governmental laws, rules and regulations;
(4) The prompt internal reporting of violations of the code to an appropriate
person or persons identified in the code; and
(5) Accountability for adherence to the code.
(c) The small business issuer must:
(1) File with the Commission a copy of its code of ethics that applies to the small
business issuer's principal executive officer, principal financial officer,
principal accounting officer or controller, or persons performing similar
functions, as an exhibit to its annual report;
(2) Post the text of such code of ethics on its Internet website and disclose, in its
annual report, its Internet address and the fact that it has posted such code of
ethics on its Internet website; or
NASDAQ
Market Rule 4350(n)
(n) Code of Conduct
Each issuer shall adopt a code of conduct applicable to all directors, officers and
employees, which shall be publicly available. A code of conduct satisfying this rule must
comply with the definition of a code of ethics set out in Section 406(c) of the Sarbanes-
Oxley Act of 2002 (the Sarbanes-Oxley Act) and any regulations promulgated
thereunder by the Commission. See 17 C.F.R. 228.406 and 17 C.F.R. 229.406. In
addition, the code must provide for an enforcement mechanism. Any waivers of the
Developed and implemented by a team of experts with years of experience and industry
insight, our compliance risk assessment solutions identify, quantify and provide
actionable plans for mitigating and preventing compliance breakdowns. Our e-learning
programs bolster these assessments by familiarizing employees with all facets of
regulations affecting their company and offering the most measurable outcomes for their
compliance and ethics initiatives.
With over 500 customers in more than 150 countries, including Wal-Mart, Time Warner,
OfficeMax, Dun & Bradstreet and PepsiCo, Corpedia delivers the right compliance and
ethics solutions to the right people at the right timeevery time. For more information,
call 877.629.8724.
Acknowledgments
Corpedia Contributors
Jennifer Campisano
Compliance Counsel
Advisory Services