DefectDojo DefectDojo
Trust Center

Anti-Corruption & Bribery Policy

1. Purpose

DefectDojo, Inc. is committed to conducting its business ethically and in compliance with all applicable laws and regulations, including the U.S. Foreign Corrupt Practices Act (FCPA), the United Kingdom Bribery Act (UKBA) and similar laws in other countries that prohibit improper payments to obtain a business advantage. This document describes DefectDojo, Inc.’s Policy prohibiting bribery and other improper payments in the conduct of DefectDojo, Inc. business operations and employee responsibilities for ensuring implementation of the Policy. Questions about the Policy or its applicability to particular circumstances should be directed to the Head of HR or Chief Executive Officer.

2. Policy Overview

DefectDojo, Inc. strictly prohibits bribery or other improper payments in any of its business operations. This prohibition applies to all business activities, anywhere in the world, whether involving government officials or other commercial enterprises. A bribe or other improper payment to secure a business advantage is never acceptable and can expose individuals and DefectDojo, Inc. to possible criminal prosecution, reputational harm or other serious consequences.

This Policy applies to everyone at DefectDojo, Inc., including all officers, employees, agents, or other intermediaries acting on DefectDojo, Inc.’s behalf. Each officer and employee of DefectDojo, Inc. has a personal responsibility and obligation to conduct DefectDojo, Inc.’s business activities ethically and in compliance with all applicable laws based on the countries wherein DefectDojo, Inc. does business. Failure to do so may result in disciplinary action, up to and including dismissal.

Improper payments prohibited by this policy include bribes, kickbacks, excessive gifts or entertainment, or any other payment made or offered to obtain an undue business advantage. These payments should not be confused with reasonable and limited expenditures for gifts, business entertainment and other legitimate activities directly related to the conduct of DefectDojo, Inc.’s business.

DefectDojo, Inc. has developed a comprehensive program for implementing this Policy through appropriate guidance, training, investigation, and oversight. The Head of HR and Chief Executive Officer has overall responsibility for the program, supported by the executive leadership of DefectDojo, Inc.

The Head of HR or Chief Executive Officer is responsible for giving advice on the interpretation and application of this policy, supporting training and education, and responding to reported concerns. The prohibition on bribery and other improper payments applies to all business activities, but is particularly important when dealing with government officials.

The U.S. Foreign Corrupt Practices Act and similar laws in other countries strictly prohibit improper payments to gain a business advantage and impose severe penalties for violations. The following summary is intended to provide personnel engaged in international activities a basic familiarity with applicable rules so that inadvertent violations can be avoided and potential issues recognized in time to be properly addressed.

3. Common Questions

What do anti-bribery laws prohibit?

The FCPA, UKBA, and other anti-bribery laws make it unlawful to bribe a foreign official to gain an “improper business advantage.” An improper business advantage may involve efforts to obtain or retain business, as in the awarding of a government contract, but also can involve regulatory actions such as licensing or approvals.

Examples of prohibited regulatory bribery include paying a foreign official to ignore an applicable customs requirement. A violation can occur even if:

  • An improper payment is only offered or promised and not actually made.
  • It is made but fails to achieve the desired result.
  • The result benefits someone other than the giver (e.g., directing business to a third party).

Also, it does not matter that the foreign official may have suggested or demanded the bribe, or that a company feels that it is already entitled to the government action.

Who is a “foreign official”?

A “foreign official” can be essentially anyone who exercises governmental authority. This includes:

  • Any officer or employee of a foreign government department or agency, in the executive, legislative, or judicial branch of government, at national, state, or local level.
  • Officials and employees of government-owned or controlled enterprises.
  • Private citizens who act in an official governmental capacity.

Personnel engaged in international activities are responsible under this Policy for inquiring whether a proposed activity could involve a foreign official or an entity owned or controlled by a foreign government, and should consult with the Head of HR or Chief Executive Officer when questions about status arise.

What types of payments are prohibited?

The FCPA prohibits offering, promising, or giving “anything of value” to a foreign official to gain an improper business advantage. This includes:

  • Gifts, entertainment, or other business promotional activities.
  • Covering or reimbursing an official’s expenses.
  • Offers of employment or other benefits to a family member or friend of a foreign official.
  • Political party and candidate contributions.
  • Charitable contributions and sponsorships.

Other less obvious items provided to a foreign official can also violate anti-bribery laws, such as in-kind contributions, investment opportunities, stock options or positions in joint ventures, and favorable or steered subcontracts. The prohibition applies whether an item benefits the official directly or another person, such as a family member, friend, or business associate.

DefectDojo, Inc. and individual officials or employees may be held liable for improper payments by an agent or intermediary if there is actual knowledge or reason to know that a bribe will be paid. Willful ignorance, including not making reasonable inquiries when suspicious circumstances exist, is not a defense.

DefectDojo, Inc. and its affiliates must keep accurate books and records reflecting transactions and asset dispositions in reasonable detail, supported by a proper system of internal accounting controls. Special care must be exercised when transactions may involve payments to foreign officials. Off-the-books accounts should never be used. Facilitation or other payments to foreign officials should be promptly reported and properly recorded. Requests for false invoices or payment of unusual, excessive, or inadequately described expenses must be rejected and promptly reported. Misleading, incomplete, or false entries in DefectDojo, Inc.’s books and records are never acceptable.

DefectDojo, Inc. has established detailed standards and procedures for the selection, appointment, and monitoring of agents, consultants, and other third parties. These standards must be followed in all cases, with particular attention to “red flags” that may indicate possible legal or ethical violations. Due diligence generally includes reference and background checks, written contract provisions confirming the business partner’s responsibilities, and monitoring controls. Appointment of an agent or other third party ordinarily requires prior approval by a senior manager, a written description of services, and contractual safeguards against potential violations.

This Policy imposes on all personnel specific responsibilities and obligations, enforced through disciplinary measures and reflected in personnel evaluations.

All officers, employees, and agents are responsible for understanding and complying with the Policy as it relates to their jobs. Every employee has an obligation to:

  • Be familiar with applicable aspects of the Policy and communicate them to subordinates.
  • Ask questions if the Policy or required action is unclear.
  • Properly manage and monitor business activities conducted through third parties.
  • Be alert to indications or evidence of possible wrongdoing.
  • Promptly report violations or suspected violations through appropriate channels.

Retaliation against an employee who, in good faith, reports a violation or possible violation of this Policy is strictly prohibited.

4. Non-Compliance

Any DefectDojo Staff who violate this Policy will be subject to disciplinary action, up to and including dismissal. Violations can also result in prosecution by law enforcement authorities and serious criminal and civil penalties.

5. Continual Improvement

This document is updated and reviewed as part of the continual improvement process.

Prev
Anti Virus Policy
Next
API Security Policy