Code of Business Conduct and Ethics
Drafts a Code of Business Conduct and Ethics satisfying SEC, SOX §406, and exchange listing requirements. Incorporates company-specific values and regulatory context into an enforceable ethical framework. Use when drafting corporate governance documents, ethics codes, compliance policies, or business ethics frameworks for public companies or regulated industries.
Code of Business Conduct and Ethics
Drafts a governance-grade Code of Business Conduct and Ethics that satisfies SEC, SOX §406, NYSE §303A.10, and NASDAQ Rule 5610 requirements while providing actionable ethical guidance organization-wide.
Prerequisites
- Company identification — legal name, jurisdiction, public/private status, exchange listing
- Existing governance documents — current codes, ethics policies, board resolutions, mission/values
- Operational scope — geographic footprint, industry sectors, subsidiaries, regulated activities
- Regulatory profile — industry-specific requirements (healthcare, financial services, government contracting, defense)
Quick Start
- Gather company identification, existing governance documents, and regulatory profile
- Search uploaded documents for existing codes, mission statements, compliance commitments, and org structure
- Draft the Code following the required sections below, tailoring to the company's industry and listing requirements
- Validate against the SOX §406 and exchange listing checklists
- Include reporting channels, acknowledgment form, and waiver procedures
Required Sections
| # | Section | Key Content |
|---|---|---|
| 1 | Leadership Statement | CEO/Board Chair message; tone from the top; shared responsibility |
| 2 | Scope & Applicability | Covered persons (employees, officers, directors, contractors); enhanced SOX §406 provisions for senior financial officers |
| 3 | Relationship to Other Policies | Policy hierarchy; most-stringent-standard conflict resolution |
| 4 | Legal Compliance | Baseline obligation; multi-jurisdiction compliance; conflicts of law |
| 5 | Conflicts of Interest | Definition, examples, disclosure obligations, approval process; actual AND apparent conflicts |
| 6 | Corporate Opportunities | Delaware law framework; no personal exploitation without board approval |
| 7 | Confidentiality | Protected information scope; third-party obligations; post-employment survival; whistleblower carve-outs |
| 8 | Protection of Company Assets | Physical, IP, informational, financial assets; personal use policy |
| 9 | Fair Dealing | No unfair advantage via manipulation, concealment, or misrepresentation |
| 10 | Reporting Procedures | Multiple channels: supervisor, HR, Legal, Compliance Officer, Ethics Hotline (anonymous if applicable), Audit Committee |
| 11 | Non-Retaliation | Broad retaliation definition; good-faith standard; consequences for retaliators |
| 12 | Enforcement & Discipline | Proportionate sanctions (counseling → termination → criminal referral); secondary liability for failure to report |
| 13 | Waivers | Extraordinary circumstances only; Board/committee approval for officers and directors; SEC/exchange public disclosure |
| 14 | Acknowledgment | Receipt, understanding, compliance commitment; annual re-certification option |
SOX §406 Checklist (Public Companies — Senior Financial Officers)
- [ ] Honest and ethical conduct, including handling actual/apparent conflicts
- [ ] Full, fair, accurate, timely, understandable disclosure in SEC filings
- [ ] Compliance with applicable governmental laws, rules, and regulations
- [ ] Prompt internal reporting of Code violations
- [ ] Accountability for adherence
Exchange Listing Requirements
| Requirement | NYSE §303A.10 | NASDAQ Rule 5610 |
|---|---|---|
| Covered persons | Directors, officers, employees | All employees |
| Conflicts of interest | Required | Required |
| Corporate opportunities | Required | Required |
| Confidentiality | Required | Required |
| Fair dealing | Required | Not explicitly required |
| Asset protection | Required | Not explicitly required |
| Compliance with law | Required | Required |
| Reporting mechanism | Required | Required |
| Waiver disclosure | Required (Form 8-K or website) | Required (Form 8-K or website) |
| Public availability | Website posting required | Website posting required |
Industry-Specific Additions
| Industry | Additional Provisions |
|---|---|
| Healthcare | Anti-Kickback Statute; Stark Law; HIPAA; research integrity |
| Financial Services | Insider trading; fiduciary duties; customer privacy; BSA/AML |
| Government Contracting | Procurement integrity; cost accounting standards; security clearances |
| Defense | ITAR/EAR export controls; classified information; DFARS compliance |
| Technology | Data ethics; AI governance; open source compliance |
Common Pitfalls
- Missing SOX §406 enhanced provisions — public company codes must include specific provisions for senior financial officers; omitting these creates a disclosure gap
- Single reporting channel — regulators expect multiple independent channels including anonymous options; provide at minimum supervisor, Legal, Compliance Officer, and Ethics Hotline
- No waiver disclosure process — SEC and exchange rules require public disclosure of officer/director waivers via Form 8-K or website posting
- Overly legalistic tone — the Code must be comprehensible from entry-level employees to board members; avoid unnecessary jargon while maintaining precision
- Ignoring cross-border issues — for international operations, address conflicts of law, translation requirements, and local works council consultation
- Missing employment disclaimer — include jurisdiction-appropriate language that the Code does not create an employment contract
- No version control — include effective date, version number, and annual review cadence
Drafting Guidelines
- Professional but accessible tone; aspirational yet practical
- Include concrete scenarios illustrating real business application
- Address ESG/emerging issues (AI ethics, data governance, sustainability) where relevant
- Establish Board reporting expectations to Audit Committee or Ethics & Compliance Committee
No additional documents ship with this skill.
Related Skills
United States
·
corporate
Amended and Restated Certificate of Incorporation (DE)
Drafts a Delaware Amended and Restated Certificate of Incorporation implementing VC term sheet economics and governance into DGCL-compliant charter p…
United States
·
corporate
Amended and Restated Certificate of Incorporation (Delaware)
Drafts filing-ready Delaware Amended and Restated Certificates of Incorporation for venture-financing rounds. Converts term-sheet economics and gover…
United States
·
corporate
Notice of Annual Shareholders Meeting
Drafts legally compliant Notice of Annual Shareholders Meeting for US corporations, covering state-specific notice periods, record dates, quorum and …
United States
·
corporate
Articles of Dissolution
Drafts Articles of Dissolution (Certificate of Dissolution) for U.S. corporations to terminate legal existence via state filing. Reviews articles of …
United States
·
corporate
Articles of Incorporation
Drafts jurisdiction-compliant U.S. Articles of Incorporation for corporate entity formation. Analyzes formation documents, term sheets, and cap table…