Employer-/Organization-Driven Codes of Conduct

Companies listed on public stock exchanges are, in many cases, required to adopt a code of conduct. Both the NASDAQ and the New York Stock Exchange (NYSE) require this. Specifically, they require that listed companies implement and make available to the public their code of conduct for all directors, officers, and employees.

Requirements aside, a code of conduct provides organizations with several benefits. First, it enhances the organization’s values and beliefs, and it helps establish a strong culture based on the vision and mission of the organization. Next, a well-implemented code of conduct will build respect as well as enhance the organization’s reputation. Finally, it will help guide the organization and its people away from unethical and illegal behavior.

An organizational code of conduct might be included in the employee handbook. Additionally, policy should establish that employees confirm they have read and will comply with the code of conduct. Organizations should reinforce the code occasionally. Many organizations accomplish this through annual verification as well as ongoing training.

For example, KPMG is one of the largest auditing firms in the world. The company’s Global Code of Conduct states that it “sets forth our core values, shared responsibilities, global commitments and promises. Additionally, the code provides you with general guidance about the firm’s expectations, situations that may require particular attention, additional resources and channels of communication, as well as illustrative questions and answers.” The guide is a colorful, easy-to-read pamphlet available for download from kpmgs-code-of-conduct.pdf (home.kpmg). The code of conduct dated October 2021 contains 64 pages and an exhausted list of ethical standards that an employee must adhere too. Below are key highlights:

• Message from Chair and CEO—This introduces KPMG’s goal of being regarded as the one of the best Big Four public accounting firm. It further reiterates the strong corporate commitment to an ethics and compliance program to achieve that goal.

• Core Values—This describes the KPMG approach to do the “right thing” which defines the company’s culture by identifying values that reflect who it is, what it does, and how it does it. It emphasizes the importance of integrity, excellence, working together, and how the work makes things better.

• Responsibilities—This provides key policies and responsibilities for which individuals and management are held accountable. This section describes personal values and integrity as the foundation of business conduct.

• Getting Help—This section explains the importance of speaking up, preventing retaliation, and how to open up channels of communication.

• Our People—This reiterates the importance and value of people and the need to embrace diversity and treat each other with respect.

• Our Clients—This describes commitments and standards around behaving lawfully and ethically and delivering quality service. It also includes other important expectations of conduct, including the importance of maintaining independence and client confidentiality.

• Our Community and Marketplace—This describes the expectation that all employees behave as responsible corporate citizens and the importance of building strong communities and achieving the firm’s goal through fair competition.

• Our Firm—This section outlines expected behaviors to safeguard information and the firm’s reputation through honest dealing, accurate reporting, and responding to regulators.

Employee Handbook and Employment Policies

Many organizations also convey expected standards of conduct through corporate policies such as acceptable use policies. The organization may also include these expectations within an employee handbook. In many cases, an organization’s code of conduct and acceptable use policies also apply to vendors or other organizations with which they do business. In fact, in describing the “KPMG Way” from the previous section, KPMG describes its core values as representative of “We do our best work when we do it together: in teams, across teams, and by working with others outside our organization..” This also means that IT auditors, who may spend a considerable amount of time at a client organization, not only must represent themselves consistently with their own code, but also must be aware of their client’s expectations.