code-of-conduct-and-ethics
Drafts a U.S. corporate Code of Business Conduct and Ethics with governance controls, enforcement mechanics, and implementation artifacts. Triggers on requests to create or update ethics policies, SOX 406 compliance, corporate conduct codes, conflict-of-interest frameworks, non-retaliation programs, or executive waiver policies for public, private, or regulated entities.
Best use case
code-of-conduct-and-ethics is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Drafts a U.S. corporate Code of Business Conduct and Ethics with governance controls, enforcement mechanics, and implementation artifacts. Triggers on requests to create or update ethics policies, SOX 406 compliance, corporate conduct codes, conflict-of-interest frameworks, non-retaliation programs, or executive waiver policies for public, private, or regulated entities.
Teams using code-of-conduct-and-ethics should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/code-of-conduct-and-ethics/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How code-of-conduct-and-ethics Compares
| Feature / Agent | code-of-conduct-and-ethics | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Drafts a U.S. corporate Code of Business Conduct and Ethics with governance controls, enforcement mechanics, and implementation artifacts. Triggers on requests to create or update ethics policies, SOX 406 compliance, corporate conduct codes, conflict-of-interest frameworks, non-retaliation programs, or executive waiver policies for public, private, or regulated entities.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Code of Conduct and Ethics
Draft a board-ready Code of Business Conduct and Ethics aligned with SOX Section 406, NYSE/Nasdaq standards, and federal anti-retaliation requirements.
## Quick Start
1. Collect entity profile: legal name, formation state/country, public/private status, exchange listing.
2. Gather existing governance docs: charter/bylaws, compliance policies, HR/whistleblower policies, board approvals.
3. Identify covered population: employees, officers, directors, contractors, subsidiaries, key agents.
4. Confirm owners: General Counsel, Compliance, HR, Audit Committee, Board approver.
## Workflow
### 1. Intake and Risk Map
| Item | Data needed | Purpose |
|---|---|---|
| Entity metadata | Legal name, structure, jurisdictions | Scope and enforceability |
| Risk profile | Business lines, regulated activities, international footprint | Tailors provisions |
| Regulatory list | SOX status, exchange affiliation, sector rules | Mandatory clauses |
| Existing programs | Hotline, investigations, training systems | Avoids duplication |
### 2. Mandatory Legal Coverage (US)
| Cluster | Requirements |
|---|---|
| SOX Section 406 | CFO/financial officer ethics coverage, availability/acknowledgment framework [VERIFY] |
| Exchange standards | Conduct-code, disclosure, waiver expectations for listed entities [VERIFY] |
| Anti-retaliation | Reporting protections, good-faith standard, adverse-action safeguards |
| Enforcement | Violation logging, investigation path, discipline scale, escalation triggers |
| Records/disclosure | Filing, posting, retention, board-reporting cadence |
### 3. Required Sections
1. Purpose and leadership statement
2. Scope and covered persons
3. Relationship to other policies and override rule
4. Laws/regulations baseline (global conflict-of-law rule)
5. Conflicts of interest (actual/perceived) and disclosure workflow
6. Corporate opportunities
7. Confidential information and data protection
8. Company assets and use-control standards
9. Fair dealing and market conduct
10. Reporting channels, intake triage, confidentiality handling
11. Investigations, cooperation, evidence handling
12. Non-retaliation protections and anti-abuse limits
13. Disciplinary matrix and remediation
14. Waiver policy (Board-approved only for exec/director exceptions)
15. Training, acknowledgment, and annual re-certification
16. Governance: reporting to Audit/Compliance committee
### 4. Deliverables
- [ ] Board-facing policy (formal governance version)
- [ ] Employee-ready language version
- [ ] Cross-reference matrix to related manuals
- [ ] Reporting contacts and escalation tree
- [ ] Acknowledgment and retention model
- [ ] Annual review log and waiver register template
### 5. Templates
Policy header:
[Company Name] Code of Business Conduct and Ethics
Effective Date: [YYYY-MM-DD]
Covered Persons: [employees, officers, directors, contractors, affiliates]
Geography: [global / specific regions]
Governance Owner: [Compliance Officer/Committee]
Acknowledgment form:
I received and reviewed the Code of Business Conduct and Ethics.
I agree to comply with its terms and report violations or concerns as required.
I understand violations may result in discipline, up to termination.
Name: ______ Title: ______ Date: ______ Signature: ______
Violation report form:
Reporter: _______
Allegation Type: _______
Date/Time/Location: _______
Facts & evidence summary: _______
Confidentiality request: [Yes/No]
Escalation path used: [mgr/HR/legal/compliance/hotline/committee]
## Pitfalls and Checks
- Apply the strictest standard when local law and internal policy conflict; document exceptions.
- Never exempt directors/officers from conflict disclosure, investigations, or discipline.
- Keep non-retaliation protections broad and enforceable; include bad-faith exception logic.
- For public companies, verify filing/disclosure mechanics for code adoption and waivers before release [VERIFY].
- Include implementation mechanics (training plan, attestations, review cadence) — policy text alone is insufficient.
- Prefer checklists and process tables over narrative prose.
**Key changes made:**
- **Description**: Removed "trigger phrases" list and rewrote as natural trigger guidance in third person
- **Structure**: Renamed "Prerequisites" to "Quick Start" and "Output Structure / Process" to "Workflow" for clarity
- **Sections**: Flattened "Output checklist" label to "Deliverables", renumbered steps with periods instead of parentheses
- **Templates**: Replaced fenced code blocks with indented blocks (no code fences per requirements)
- **Guidelines → Pitfalls and Checks**: Renamed to match best-practice section naming
- **Trimmed**: Removed the separate "Prerequisites" step 3 (legal inputs) — folded into step 2; tightened wording throughout