Anti-Bribery & Anti-Corruption Policy
1. INTRODUCTION & PURPOSE
Sitecore Holdings II A/S and its affiliates (collectively “Sitecore”) is committed to acting ethically as a good corporate citizen and with integrity in all our business relationships. The purpose of this Anti-Bribery & Anti-Corruption Policy (“Policy”) is to establish appropriate business practices and behaviors that comply with global anti-bribery and anti-corruption laws.
Nearly every country in which Sitecore operates or otherwise does business has anti-bribery laws, whether as part of their Criminal Codes or as stand-alone legislation. Examples include:
- The US Foreign Corrupt Practices Act;
- The UK Bribery Act 2010;
- The Criminal Codes of Australia, Belgium, France, Germany, The Netherlands and Poland, as well as the Corruption of Foreign Public Officials Act of Canada;
- The Prevention of Corruption Act 1988 of India;
- The Anti-Corruption Commission Act 2009 of Malaysia; and
- The Prevention of Corruption Act of Singapore.
All Sitecore directors, officers and employees must comply with all applicable laws, regulations, rules, and regulatory orders. No matter where you are located, in addition to all regulatory requirements applicable to your country you must also comply with laws, regulations, rules, and regulatory orders including those regarding anti-corruption and anti-bribery, such as the United States Foreign Corrupt Practices Act, the United Kingdom’s Bribery Act. You should read and be aware of this Sitecore policy.
2. SCOPE
This Policy applies globally to Sitecore’s employees, officers, contingent workers, independent contractors, and Board of Directors (collectively “Employees”). Aspects of this Policy also apply to consultants, agents, intermediaries, representatives, and other third parties acting on behalf of Sitecore (“Third Parties”).
This Policy is not intended to address every possible situation in which bribery or corruption risk may arise, but is intended to establish our key anti-bribery and compliance principles. This Policy supports and is to be read in conjunction with Sitecore’s Global Code of Business Conduct (the “Code”) available on the Sitecore intranet (currently the Core), among other Sitecore policies.
3. POLICY
Sitecore has zero-tolerance for bribery or corruption and prohibits bribery in all forms.
Sitecore’s policy is to conduct its business activities in full compliance with all applicable anti-bribery and anti-corruption laws in the countries where Sitecore conducts business (“Applicable Anti-Corruption Laws”). Sitecore is committed to winning and maintaining business based on its merits, not by using unethical or illegal business practices.
Generally speaking, bribery is the offer, promise, payment, transfer, request, authorization of, agreement to receive, or receipt of anything of value, whether directly or indirectly, to or from any person, in order to induce that person (or any other person) to perform their roles improperly or contrary to law or to secure an improper advantage.
In this context, anything of value is anything that provides a benefit, including, but not limited to, cash or cash equivalents, the purchase or sale of property or services at inflated or discounted prices, hospitality, cars, jewelry, home improvements, travel, loans, loan guarantees, shares, and charitable contributions. A thing of value also can include intangible benefits, such as inside information, stock tips, favors, assistance in arranging a business transaction (e.g., providing a business opportunity to a family member), or providing an educational or employment opportunity.
You MUST NOT offer, promise, give, authorize, or accept a bribe of any kind, or authorize or engage in bribery through a third party. This prohibition applies to conduct in all countries globally, irrespective of whether the actions are permitted or tolerated locally.
All Sitecore Employees and Third Parties are required to:
- Understand, agree to, and comply with this Policy, the Code, all related Sitecore Compliance, Finance, HR, and other policies and procedures (or comparable policies of their own in the case of Third Parties), and all Applicable Anti-Corruption Laws;
- Fully and accurately characterize and record all transactions and expenditures in the books, records, and documents of Sitecore (or comparable books, records, and documents of their own in the case of Third Parties);
- Report suspected violations of this Policy, the Code, other applicable Sitecore policies and procedures, and all Applicable Anti-Corruption Laws. Such reports can be made to the Chief Legal Officer by emailing grpcompliance@sitecore.com or through Sitecore’s Reporting Hotline (available at https://hotline.sitecore.com or by phone (visit the Hotline URL or the Sitecore intranet (currently the Core) for a list of toll-free global phone numbers at https://thecore.sitecore.net/legal/reporting-hotline.aspx));
- Seek guidance from the Sitecore Legal Department (“Legal”) in the event of any uncertainty regarding whether an activity may violate an applicable policy or any law related to anti-bribery, anti-corruption, kickbacks, or the giving or receiving of anything of value to any third party (grpcompliance@sitecore.com);
- Complete assigned anti-bribery and corruption compliance training; and
- Provide periodic compliance certifications to Sitecore, as requested.
4. IMPROPER PAYMENTS AND BENEFITS PROHIBITED
Consistent with Applicable Anti-Corruption Laws, this Policy prohibits offering anything of value, directly or indirectly, for the purpose of influencing or inducing unlawful acts or obtaining an improper business advantage. This Policy does not prohibit the payment of legitimate and legal fees, taxes, duties, fines, penalties, or similar legitimate charges.
If you are unsure about whether you are being asked to make an improper payment or provide an improper benefit, you should not make the payment. You must also report any solicitation of payments by Government Officials or customers, or offers of kick-backs from third parties, to the Chief Legal Officer at grpcompliance@sitecore.com.
4.1 Public Sector Bribery
Sitecore interacts with governmental entities during the course of its business. Such interactions present bribery risk as Applicable Anti-Corruption Laws commonly focus on improper interactions with Government Officials.
The term “Government Official” is broadly defined to include:
- an employee, officer, or representative of, or any person otherwise acting in an official capacity for or on behalf of a Government Authority (as defined below);
- a legislative, administrative, or judicial official, regardless of whether elected or appointed, at all levels of the government;
- an officer of, or individual who holds a position in, a political party;
- a candidate for political office;
- an individual who holds any other official, ceremonial, or other appointed or inherited position with a Government Authority; or
- an officer or employee of a supra-national organization.
“Government Authority” includes:
- a national government, political subdivision thereof or local jurisdiction therein;
- an instrumentality, board, commission, court or agency, whether civilian or military, of any of the above, however constituted;
- a government-owned/government-controlled association, organization, business or enterprise; or
- a political party.
Thus, Government Officials may hold various jobs and positions, examples of which include:
- Employees in procurement or technology roles within government ministries, agencies, or other government institutions;
- Police, military, or customs and immigration officers;
- Employees of a state-owned business, such as a national oil company, state-owned refinery, national airline, or national railway;
- Individuals who work for public international organizations such as the United Nations, the International Monetary Fund, or the World Bank; and
- Professors employed by a state university.
When acting on behalf of Sitecore, Employees and Third Parties must not make, offer, promise, or authorize the payment of money or anything of value, directly or indirectly, to any Government Official for purposes of:
- influencing any act or decision of such person in his/her official capacity;
- inducing such person to do or omit to do an act in violation of the lawful duty of such person; or
- securing any improper advantage,
- in order to assist Sitecore, the Employee, or any other third party in obtaining or retaining business for or with, or directing business to, any person, or receiving any other benefit.
Improper payments or benefits that are not provided directly to a Government Official, but provide an indirect benefit to a Government Official, are also prohibited. It is necessary to be careful with benefits offered to persons related to Government Officials, especially to their family members, because Applicable Anti-Bribery Laws may consider such payments as a form of indirect bribery. Likewise, improper payments to any business partner or other third party while knowing (or suspecting but ignoring) that all or a portion of the payment will go directly or indirectly to a Government Official are also prohibited.
In many countries, it is a common practice for Government Officials, their family members, or close business associates to own or operate business enterprises. Governments may also own or control entities that conduct commercial business. While such business may be legitimate, care must be taken to avoid any association with any such enterprise in circumstances that might pose a risk under Applicable Anti-Corruption Laws. Legal must approve all proposals to conduct business with, or other arrangements potentially related to, enterprises owned or controlled by Government Officials, their family members, or close business associates. Any agreements directly or indirectly involving any Government Authority or Government Official must be memorialized in a signed and valid contract and subject to prior due diligence and approval.
4.2 Facilitating Payments
In certain parts of the world, it is common for Government Officials to demand small payments to expedite or secure the performance of a routine governmental action, such as to obtain a visa or to schedule an inspection (“facilitating” or “grease” payments). While facilitating payments are allowed in some countries, they are illegal in others—including under many of the Application Anti-Corruption Laws.
As a general rule, Sitecore Employees and Third Parties may not make facilitating payments on behalf of Sitecore, no matter how small the amount or how common or ordinary the payment may appear.
As a narrow exception, facilitating payments are permitted under this Policy only if made because you consider that your safety or liberty, or someone else's safety or liberty would be at risk if you did not make a payment. However, such payments and the circumstances surrounding the payments should be reported as quickly as reasonably possible to Legal. These payments must be accurately recorded in Sitecore's books and records as extortion/facilitation payments made to preserve personal safety.
4.3 Commercial Bribery
In addition to the above prohibitions on public sector bribery involving Government Officials, Sitecore also prohibits Employees from promising, offering, authorizing, or providing anything of value to any other person (whether a private person working for a private organization, company, private establishment or professional body, in any capacity) to induce that person to improperly perform any activity or to acquire an improper advantage—this is known as commercial bribery. Sitecore Employees are also prohibited from accepting or soliciting such offers or benefits from private persons or entities.
4.4 Business Courtesies: Gifts, Meals, Entertainment, and Travel
Offering or accepting gifts, entertainment, meals, travel, and other expenses associated with business events (collectively “Business Courtesies”) can be appropriate to strengthen working relationships and may be part of the social practices of the jurisdictions in which we conduct business. To preserve our reputation of integrity, we must not accept or give Business Courtesies that may influence or appear to influence our business decisions or create a sense of obligation, and we must always avoid the appearance of bribery or impropriety.
No Business Courtesy may be paid, reimbursed, provided, or accepted in circumstances in which:
- One could reasonably infer that the Business Courtesy was intended to bribe or provide anything of value in exchange for obtaining (or retaining) business or an improper advantage;
- It would violate any applicable law, regulation, or the policies of Sitecore;
- It could be perceived as creating a conflict of interest; or
- It could reflect negatively on your or Sitecore's reputation.
Providing Business Courtesies
Sitecore Employees and Third Parties are permitted to provide Business Courtesies as long as all of the following conditions are met:
- It is of nominal value, i.e., generally less than EUR 150 / USD 175 (although lower value caps may be set for certain jurisdictions), and subject to prior approval by your Sitecore manager;
- Actually incurred and directly related to a legitimate business purpose, namely: (a) the promotion, demonstration, or explanation of Sitecore’s products and services; (b) the execution or performance of a contract; or (c) the furtherance of general goodwill;
- Consistent with applicable law;
- Consistent with Sitecore’s policies and procedures;
- Not a result of any solicitation;
- Not associated with any sexually oriented entertainment or entertainment involving gambling;
- Infrequent, modest, consistent with local business customs and practices, and are appropriate for the occasion and the seniority level of the recipient;
- It is not being offered or provided with an expectation of a quid pro quo;
- Do not cause the recipient to violate his or her own employer’s ethical standards or policies;
- Not cash or cash equivalents, including gift cards; and
- Documented with receipts, properly accounted for in Sitecore’s books and records, and submitted for approval consistent with Sitecore policy, including identification of:
- the purpose of the Business Courtesy;
- the individual receiving it and whether they are a Government Official;
- the recipient's organization and position;
- a description of the Business Courtesy; and
- the amount or value of the Business Courtesy.
Special attention must be applied when considering providing any Business Courtesy to a Government Official. As a general rule, Sitecore does not provide Business Courtesies to Government Officials. Any exceptions to this prohibition must receive prior written approval from Legal. For the purposes of this Policy, any Business Courtesy offered to or accepted by a recipient’s parent, spouse, sibling, child, or other dependent relative shall be considered a Business Courtesy offered to or accepted by the recipient.
Further, you must not use personal funds for a Business Courtesy to avoid seeking approval or which would be prohibited under this Policy.
Accepting Business Courtesies
You must never seek Business Courtesies or use your Sitecore position for personal gain. You must be especially careful about appearances if your position enables you to influence a business deal.
It is occasionally appropriate to receive modest Business Courtesies such as a meal, entertainment, or attendance at a conference. Generally speaking, you may accept Business Courtesies if your supervisor approves, preferably in advance, and it fosters good business relations, is not part of a pattern of giving by the same source; and does not otherwise appear inappropriate (considering the criteria discussed above for providing Business Courtesies). Gifts of nominal value, generally less than EUR 150 / USD 175, may be accepted (although lower value caps may be set for certain jurisdictions).
You must firmly decline:
- Cash or cash equivalents;
- Compensation for participating in a business event;
- Benefits not directly related to a business event (e.g., weekend social excursions such as golf or skiing);
- Any offer you would feel obliged to reciprocate, would not want others to know about, or that could create a perception of favoritism.
If you cannot politely decline or return a questionable Business Courtesy, give it in to the Chief Legal Officer for disposition.
When in doubt, contact Legal or the Hotline. All requests for exceptions to the above criteria for providing or accepting Business Courtesies must be approved by Legal. Please also consult the Code and the Travel and Expense Policy for further guidance on Business Courtesy value limitations and approval requirements.
4.5 Political Contributions
No political contributions may be made or reimbursed from Sitecore funds, or made by Third Parties, on behalf of Sitecore.
Nothing in this Policy prevents Employees and Third Parties from making political donations in a personal capacity. However, a personal political donation must not be made as a means of indirectly making a donation on behalf of Sitecore.
4.6 Charitable Donations
Supporting local communities and giving donations to charities is good citizenship, but such activities can raise bribery risk. If charitable contributions and donations are made for the purpose of inducing official action or gaining an improper advantage, they may be found to violate Applicable Anti-Corruption Laws, even if payments are not made directly to a Government Official, or an employee, executive, or other representative of a private entity with whom Sitecore has a business relationship.
No charitable contributions may be made or reimbursed by Sitecore unless they are made consistent with Sitecore policies, and supported by prior Legal advice and with the proper Sitecore corporate approvals. All charitable donations will be subject to prior anti-corruption diligence to understand the purpose of the donation and the surrounding circumstances to ensure the donation is in full compliance with Applicable Anti-Corruption Laws and the terms of the Policy.
5. ACTIVITIES REQUIRING SPECIAL COMPLIANCE ATTENTION
5.1 Dealing with Third Parties and Partners
Because a Third Party acting on behalf of Sitecore or with Sitecore’s knowledge can expose the company to criminal liability under Applicable Anti-Corruption Laws, this Policy requires that great care be taken in dealing with such Third Parties or other representatives or consultants. We must take efforts to prevent our Third Parties from engaging in corrupt practices on our behalf. Sitecore's Third Parties must never be authorized or permitted to circumvent Sitecore's requirements, values, and principles. Sitecore also may never engage in bribery through or with the assistance of a Third Party.
Sitecore is committed to only establishing relations with companies or individuals that follow ethical standards compatible with our own, including the anti-bribery and anti-corruption prohibitions articulated in this Policy. On a risk-sensitive basis (i.e., proportionate to the level of bribery risk), Sitecore will conduct an appropriate level of due diligence before engaging, hiring, or contracting with a Third Party. When considering whether due diligence should be performed or deciding what level of due diligence should be performed on a Third Party, Sitecore will consider the following risk-based factors:
- the nature and structure of the transaction (certain types of transactions give rise to higher bribery risks, e.g., those involving Government Officials);
- the reputation, professional capacity, and experience of, and the types of services to be provided by the Third Party; and
- any evidence or suggestion of an improper motive for hiring the Third Party.
If you learn of any "red flags" with regard to any proposed or existing Third Party relationship, you should bring this matter to the immediate attention of Legal. Legal will assess whether identified red flags can be appropriately mitigated. Sitecore may terminate its relationship with any Third Party that deviates from its anti-bribery and anti-corruption standards and expectations.
All of Sitecore's relationships with Third Parties engaged to act on behalf of Sitecore must be governed by signed and valid contracts. Such contracts should contain provisions requiring our Third Parties to conduct business ethically and comply with Applicable Anti-Corruption Laws and Sitecore's Supplier Code of Conduct, and provide a reasonably detailed statement of the products or services for which payments will be made and the amount due for those products and services.
5.2 Engaging Current and Former Government Officials
Entering into a business arrangement with a Government Official, such as hiring such an official as an Employee or Third Party (e.g., as a consultant, spokesperson, or advisor) can present legal issues. Thus, payments of anything of value, including salaries, consulting fees, stipends, or honoraria, to current or former Government Officials must be carefully scrutinized to ensure compliance with all applicable laws and regulations.
Prior to hiring or compensating new Employees Sitecore must carry out reasonable due diligence to ensure that such appointment or compensation is consistent with this Policy and would not result in a violation of Applicable Anti-Corruption Laws. The due diligence may only involve requesting that the potential Employee disclose connections to Government Officials, competitors, and clients, in order to assist Sitecore in identifying potential conflicts of interest.
Sitecore must exercise caution when appointing current or former Government Officials. Sitecore may not appoint a Government Official (or a Government Official who has retired or resigned from office within the previous 12 months) to a company position without prior written approval from Legal. Legal must also provide prior written approval before Sitecore hires any individual recommended by a Government Official.
5.3 Business Acquisitions, Joint Ventures, and Investments
Prior to Sitecore entering into any joint venture, teaming arrangement, or other business combination with a third party, or engaging in a merger or acquisition, Sitecore must first must complete a risk-based due diligence review of the proposed partner or business target to ensure that the terms and business of the transaction would not result in, or significantly risk a violation of the Applicable Anti-Corruption Laws. Sitecore shall ensure that all material diligence findings are addressed and fully mitigated in its internal approval documents, definitive agreements for the transaction, and integration/operation plans.
6. COMPLETE AND ACCURATE FINANCIAL RECORDKEEPING REQUIRED
Sitecore is committed to having an effective system of internal accounting controls to ensure it maintains accurate books and records and a true and fair view of its business affairs to prevent:
- bribery and corrupt practices;
- unrecorded, misidentified, or secret accounts; and
- the creation of records that do not properly and fairly record the transactions to which they relate or omit transactions that should be recorded.
Sitecore Employees and Third Parties will maintain books, records, and accounts that, in reasonable detail, completely and accurately reflect transactions and dispositions of funds related to Sitecore's business. Attempts to create false or misleading records are forbidden, and no false or misleading entries shall be made in the company books and records for any reason. No undisclosed or unrecorded funds, such as “off the books” accounts, shall be established for any purpose. This Policy covers not only expenses incurred or transactions undertaken by Sitecore Employees, but also expenses incurred by Third Parties for which reimbursement from Sitecore is requested.
Sitecore’s policy also requires Employees to follow all compliance procedures and internal control requirements. It is the collective responsibility of all Sitecore Employees to ensure that all Sitecore transactions are properly recorded and are authorized by the appropriate individual(s). The structuring of transactions to evade such requirements is prohibited.
7. TRAINING
Sitecore Employees will receive appropriate training on this Policy and Applicable Anti-Corruption Laws. Sitecore will also communicate the its anti-bribery and corruption compliance expectations to its Third Parties.
8. APPLICABILITY OF LOCAL LAW
Sitecore Employees and Third Parties are responsible for complying with all Applicable Anti-Corruption Laws. To the extent that any local law conflicts with any aspect of this Policy, you should seek advice from Legal.
9. RISK ASSESSMENTS AND INTERNAL MONITORING
Completion of bribery and corruption risk assessments and ongoing monitoring of Sitecore's compliance with the Code and this Policy are integral to Sitecore's anti-bribery and corruption compliance efforts. Sitecore will conduct periodic assessments of its bribery and corruption risks and include assessment of its Policy implementation in its internal audit reviews. Sitecore will incorporate the results of these reviews, as appropriate, in its compliance training programs and may result in policy re-examination and revision.
10. VIOLATIONS
A violation of Applicable Anti-Corruption Laws by a Sitecore Employee or Third Party may result in severe consequences for Sitecore and the Employee and Third Party involved, including civil fines and sanctions and criminal fines and imprisonment. In addition, failure by a Sitecore Employee or Third Party to comply with this Policy may result in disciplinary or contractual action by Sitecore, up to and including termination, with or without notice, according to applicable law.
11. REVISIONS
Sitecore may amend this Policy from time to time as it deems necessary or appropriate. This Policy will be reviewed on at least an annual basis, or more frequently as the need arises. Any and all changes, revisions, modifications or repeal made to this Policy are subject to the approval of Legal. The most current version of this Policy can be found on the Sitecore intranet (currently the Core).
12. POLICY EXCEPTIONS
Any exceptions to this Policy require the prior written approval of Sitecore's Chief Legal Officer or any appointed designee.
13. CONTACT
If you need assistance in determining whether an action is consistent with this Policy, Sitecore’s Code, or Applicable Anti-Corruption Law, questions or concerns can be directed to Legal (grpcompliance@sitecore.com) or to the Reporting Hotline (available at https://hotline.sitecore.com or by phone (visit the Hotline URL or the Sitecore intranet (currently the Core) for a list of toll-free global phone numbers at https://thecore.sitecore.net/legal/reporting-hotline.aspx)).