#ActionFor2025

My experience with mid-sized and emerging companies over time has revealed a concerning trend: many firms administer their Code of Conduct policy only at the point of employee onboarding, with little to no ongoing yearly training or reaffirmation. For those that do conduct reaffirmations, it is often done without prior training on the policy before attestation.

Failure and Implications to reaffirm the Code of Conduct annually can lead to:

1. Misalignment with organizational values and ethical expectations.
2. Increased risk of ethical violations and regulatory non-compliance.
3. Erosion of employee accountability and organizational culture.

Benefits of Yearly Training or Refreshers Before Reaffirmation

Annual training or refreshers ensure employees are well-informed and aligned with the Code of Conduct, offering the following benefits:

• Reinforcing Core Values: Employees better understand their responsibilities in upholding the organization’s values.
• Protecting Confidentiality: Equips employees to identify risks, threats, and implications of mishandling sensitive information.
• AI Awareness: Helps employees understand the ethical use of AI systems, their role in adhering to acceptable use policies, and the importance of validating AI outputs.
• Reporting Violations: Provides a refresher on how to identify, report, and resolve potential breaches of confidentiality or ethical standards.

Minimum Requirements for a Comprehensive Code of Conduct Policy

Organizations must ensure their Code of Conduct contains the following elements, updated to address modern challenges such as AI ethics:

• Purpose and Scope: Define the objectives, applicability, and relevance to all organizational activities, including AI systems.
• Core Ethical Principles: Establish key values like integrity, fairness, respect, and accountability for both human and AI-driven processes.
• Compliance with Laws: Ensure adherence to legal, regulatory, and ethical standards, including AI governance.
• Employee Conduct Expectations: Provide clear behavioral guidelines, including responsibilities regarding AI systems.
• Conflict of Interest Management: Define rules to prevent and manage conflicts, including those related to AI decisions or vendor relationships.
• Harassment and Discrimination Policy: Prohibit misconduct and ensure AI systems do not perpetuate bias or discrimination.
• Confidentiality and Data Protection: Outline protocols for safeguarding sensitive data managed by AI systems.
• Anti-Bribery and Corruption Measures: Prevent misuse of AI systems for unethical practices.
• AI System Guidelines: Establish standards for the ethical and transparent use of AI technologies.
• Reporting Violations: Provide mechanisms for reporting unethical behavior or AI misuse, with whistleblower protections.
• Disciplinary Actions: Define consequences for breaches, including the misuse of AI systems.

Organizations without a robust Code of Conduct should adopt these elements immediately, while those with existing policies must ensure they include AI-specific guidelines to remain relevant and proactive.