Code of Conduct
A written policy document setting out behavioral standards and ethical expectations for employees, contractors, and business partners; violations can trigger contract termination.
While straightforward in theory, many businesses fail to actively track obligations tied to this concept - often resulting in missed deadlines, unintended renewals, penalties, or loss of contractual rights.
US Law · For business owners and foundersWhat is a Code of Conduct?
A code of conduct is a formal, written policy that establishes behavioral and ethical standards expected of employees, contractors, vendors, and sometimes customers or partners. It is a governing document that communicates the organization's values, legal obligations, and operational expectations.
A code of conduct goes beyond compliance with law - it sets aspirational and practical standards for how people in the organization should behave. Common sections include: anti-harassment and discrimination policies, conflicts of interest, gifts and entertainment, confidentiality and trade secrets, proper use of company property, anti-corruption and bribery provisions, data protection and privacy, and whistleblower protections.
When incorporated into employment agreements or vendor contracts, a code of conduct becomes contractually binding. Violations can trigger disciplinary action, termination, or contract termination with cause. However, the code must be reasonably clear, communicated to the affected parties, and applied consistently to be enforceable.
In practice, many teams rely on a contract expiry tracking system to stay on top of dates and obligations tied to clauses like this.
Key Elements
Clear Statement of Values and Standards
The code should state the organization's core values (integrity, respect, accountability) and translate them into specific behavioral standards. Vague language like "act ethically" is less enforceable than "do not accept gifts over $50 without disclosure."Scope of Application
The code should clearly identify who must comply: full-time employees, part-time staff, contractors, vendors, board members, etc. Different roles may have different obligations.Specific Policies and Prohibitions
The code should address key risk areas for the business: anti-harassment, conflicts of interest, confidentiality, data protection, expense reporting, use of company assets, outside employment, political activity, etc.Reporting and Enforcement Mechanisms
The code should describe how to report violations (hotline, HR, ethics officer), protections for whistleblowers, the investigation process, and potential consequences ranging from warning to termination.Acknowledgment and Training
Best practice is to require employees and contractors to sign an acknowledgment that they have read, understood, and agree to comply with the code. Regular training reinforces expectations.Real-World Example
SalesForce Inc. has a code of conduct prohibiting employees from accepting gifts over $100 from vendors without written pre-approval. Sales Manager Janet receives a $500 gift card from a key vendor. She does not disclose it and uses it for personal purchases. An internal audit discovers the violation.
Janet's conduct violates the explicit code of conduct policy. SalesForce can take disciplinary action up to and including termination, depending on whether this is Janet's first violation and how consistently SalesForce enforces the policy against other employees. If Janet's employment contract incorporates the code of conduct by reference, the violation is a breach. However, SalesForce must apply the code consistently and fairly; if other employees have received similar gifts without discipline, enforcement against Janet alone may be seen as unfair or retaliatory.
This is why many businesses adopt automated deadline tracking to ensure no critical dates are missed before they pass.
Sample Clause Language
Code of Conduct Incorporation ClauseWatch Out For
Inconsistent Enforcement
If you enforce your code of conduct selectively or against one employee but not others for the same behavior, you risk discrimination or wrongful termination claims. Document all violations and apply consequences consistently.Overly Broad Restrictions
Some code of conduct policies have been struck down as overly restrictive of free speech or outside activities. For example, restricting all outside employment or all political expression may not be enforceable. Keep restrictions narrowly tailored to legitimate business interests.Failure to Train or Communicate
If you adopt a code of conduct but do not train employees or make it accessible, courts may find it was not adequately communicated. A code buried in a handbook employees never see is not enforceable.Retaliation Claims
Be careful about disciplining someone shortly after they report a violation or make a complaint. Timing can imply retaliation, which is illegal even if you had a legitimate reason for the discipline.Don't let code of conduct deadlines catch you off guard
Key dates tied to code of conducts - renewal windows, expiry cutoffs, notice periods - can easily slip through the cracks when tracked manually. Missing them triggers automatic extensions, penalties, or lost rights. ExpiryEdge tracks every critical deadline and sends automated reminders before they're due - so nothing slips.
Instead of relying on spreadsheets or manual follow-ups, a centralized renewal reminder system ensures every deadline is visible, tracked, and actioned automatically.
How to Use This in Your Favor
Include Your Code of Conduct in All Vendor and Contractor Agreements
Make compliance with your code a condition of doing business with your company. Include a termination clause allowing you to cancel agreements if the contractor violates the code.Require Annual Acknowledgment and Training
Do not assume employees remember the code from onboarding. Require annual (or more frequent) acknowledgment and training, especially on high-risk areas like anti-harassment, anti-corruption, and data protection. Document completion.Use Your Code to Manage Risk and Liability
A well-drafted and consistently enforced code of conduct shows regulators, courts, and juries that your organization takes compliance seriously. If a violation occurs, evidence of a strong code and training program may reduce your organization's liability.Make the Code Accessible and Update It Regularly
Publish the code on the company intranet and provide it at onboarding. Review it annually for gaps based on new business risks, legal changes, or violations that have occurred. Update it and communicate changes.Related Terms
Frequently Asked Questions
Can a code of conduct override an employment contract or collective bargaining agreement?
Generally no. If the employment contract or union agreement contains conflicting terms, those take precedence over the code of conduct. The code provides supplemental guidance. However, the code can establish rules on matters the employment contract does not address.
Can an employee be fired for violating the code of conduct?
Yes, if the code is clearly written, communicated, and incorporated into the employment agreement. However, in some states, employment is "at-will" and the employee can be fired for any reason or no reason. In others, an employee cannot be fired if doing so violates public policy (e.g., firing for reporting safety violations). Always consult employment counsel.
Does a code of conduct protect the company from liability?
A code alone does not eliminate liability, but it can reduce it. If an employee harasses a coworker and the company has a strong anti-harassment code, trains on it, and investigates complaints promptly, the company shows it took reasonable steps. Courts and regulators consider these factors.
What is the difference between a code of conduct and a compliance policy?
A code of conduct is broad and covers ethical behavior, values, and general standards. A compliance policy is narrow and focuses on specific legal or regulatory requirements (e.g., HIPAA, SOX, FDA). Many organizations have both.