Skip to main content
AC

Acme Cloud

EthicPages logoVisit EthicPages

Code of Conduct

Last updated: January 15, 2026

Code of Conduct and Business Ethics

Document owner: Chief People Officer & General Counsel (Joint) Version: 3.0 Effective date: January 1, 2026 Last updated: January 15, 2026 Classification: Public — Trust Center Review cadence: Annual, and upon material regulatory or organizational changes Company: Acme Cloud, Inc. Address: 1200 Market Street, Suite 400, San Francisco, CA 94103, USA Primary contacts: trust@acmecloud.com | security@acmecloud.com | privacy@acmecloud.com

1. Executive Summary and Purpose

This Code of Conduct and Business Ethics ("Code") establishes Acme Cloud, Inc.'s ("Company," "we," "us," or "our") expectations for ethical behavior, legal compliance, and professional conduct for all personnel. The Code serves as the foundation of our corporate culture and demonstrates our commitment to integrity, transparency, and accountability to our employees, customers, partners, shareholders, and communities.

Core Principles:

PrincipleCommitmentApplication
IntegrityWe act honestly and transparently in all business dealingsEvery interaction with customers, partners, and colleagues
ComplianceWe comply with all applicable laws, regulations, and internal policiesAll jurisdictions where we operate
RespectWe treat all individuals with dignity and respectWorkplace interactions, customer service, vendor relationships
AccountabilityWe take responsibility for our actions and their consequencesDecision-making at all levels
ExcellenceWe strive for the highest standards in our workProduct quality, customer service, professional development

Scope of Application:

This Code applies to all individuals associated with Acme Cloud:

Personnel CategoryApplicationAcknowledgment Required
Full-time employeesAll provisionsAnnual certification
Part-time employeesAll provisionsAnnual certification
Contractors and consultantsAll provisions (via contract)Contract incorporation
Temporary workersAll provisionsOnboarding acknowledgment
Board membersAll provisionsAnnual certification
Executive officersAll provisions + enhanced obligationsAnnual certification
InternsAll provisionsOnboarding acknowledgment
VolunteersApplicable provisionsEngagement acknowledgment

Violations and Consequences:

Violations of this Code may result in disciplinary action up to and including termination of employment or engagement, and may be referred to appropriate authorities for investigation and prosecution where violations involve illegal conduct. The severity of consequences depends on the nature, frequency, and impact of the violation.

2. Definitions

For purposes of this Code, the following terms shall have the meanings set forth below:

TermDefinition
Conflict of InterestA situation where personal, financial, or other interests may interfere with, or appear to interfere with, an individual's judgment, objectivity, or loyalty to the Company.
BriberyOffering, giving, receiving, or soliciting anything of value to influence the actions of an official or business decision-maker in their official capacity.
KickbackA payment made to a person in a position of influence in exchange for favorable treatment, typically in connection with contracts, procurement, or business transactions.
Facilitation PaymentA small payment made to a government official to expedite or secure performance of a routine, non-discretionary action (prohibited under this Code).
GiftAnything of value given without expectation of return, including merchandise, meals, entertainment, travel, accommodations, services, discounts, or cash equivalents.
Insider InformationMaterial, non-public information about the Company or its business partners that could affect investment decisions.
HarassmentUnwelcome conduct based on protected characteristics that creates an intimidating, hostile, or offensive work environment, or that results in adverse employment decisions.
DiscriminationUnfair or unequal treatment based on protected characteristics in employment decisions including hiring, promotion, compensation, and termination.
RetaliationAdverse action taken against an individual because they reported a concern, participated in an investigation, or exercised rights protected by law or this Code.
WhistleblowerAn individual who reports suspected violations of law, regulation, or Company policy through appropriate channels.
Protected CharacteristicsCategories protected by law including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, genetic information, and other characteristics protected by applicable law.
Personal DataAny information relating to an identified or identifiable individual, as defined under applicable privacy laws.
Confidential InformationNon-public information about the Company, its customers, partners, or employees that should be protected from unauthorized disclosure.
Trade SecretConfidential business information that provides a competitive advantage and is subject to reasonable efforts to maintain its secrecy.
Export ControlsLaws and regulations governing the export of goods, services, technology, and information to foreign countries, entities, or individuals.
SanctionsGovernment restrictions prohibiting transactions with specified countries, entities, or individuals.

3. Ethical Business Practices

3.1 Honest and Fair Dealing

All personnel must conduct business honestly and fairly:

RequirementDescriptionExamples
Truthful RepresentationsAll statements to customers, partners, regulators, and investors must be accurate and not misleadingSales presentations, marketing materials, financial reports, regulatory filings
Contract ComplianceHonor all contractual commitmentsService level agreements, delivery timelines, payment terms
Fair CompetitionCompete fairly without engaging in unfair or deceptive practicesPricing decisions, customer communications, competitive intelligence
Accurate RecordsMaintain accurate books, records, and accountsFinancial transactions, expense reports, time records, contracts
Transparent PricingPrice products and services fairly and transparentlyCustomer quotes, invoices, contract terms

3.2 Prohibited Business Practices

The following practices are strictly prohibited:

Prohibited PracticeDescriptionConsequences
False or Misleading StatementsMaking false claims about products, services, or capabilitiesTermination, legal action
Bid RiggingCoordinating with competitors to manipulate bidding processesTermination, criminal prosecution
Price FixingAgreeing with competitors on pricingTermination, criminal prosecution
Market AllocationAgreeing with competitors to divide markets or customersTermination, criminal prosecution
FraudIntentional deception for personal or Company gainTermination, criminal prosecution
EmbezzlementMisappropriation of Company funds or assetsTermination, criminal prosecution
ForgeryFalsifying documents or signaturesTermination, legal action
Off-Books TransactionsMaintaining undisclosed accounts or transactionsTermination, legal action

3.3 Record Keeping and Financial Integrity

RequirementStandardVerification
Accurate RecordingAll transactions recorded accurately and timelyInternal audit, external audit
Proper AuthorizationTransactions authorized by appropriate personnelApproval workflows, segregation of duties
Asset ProtectionCompany assets safeguarded from loss or misuseAsset tracking, access controls
Expense DocumentationAll expenses supported by appropriate documentationReceipt requirements, approval workflows
Retention ComplianceRecords retained per legal and policy requirementsRetention schedules, legal holds
Audit CooperationFull cooperation with internal and external auditsAudit support procedures

4. Anti-Bribery and Anti-Corruption

4.1 Global Anti-Corruption Commitment

Acme Cloud maintains a zero-tolerance policy for bribery and corruption. We comply with:

Law/RegulationJurisdictionKey Requirements
Foreign Corrupt Practices Act (FCPA)United StatesProhibits bribes to foreign officials; requires accurate books and records
UK Bribery Act 2010United KingdomProhibits commercial and public bribery; creates corporate offense for failing to prevent bribery
OECD Anti-Bribery ConventionMember countriesInternational framework for combating bribery
Local Anti-Corruption LawsAll jurisdictionsCompliance with local anti-corruption requirements

4.2 Prohibited Activities

ActivityDefinitionProhibition
Bribes to Government OfficialsPayments to influence official actionAbsolutely prohibited
Commercial BriberyPayments to influence business decisionsAbsolutely prohibited
Facilitation PaymentsSmall payments to expedite routine actionsProhibited (no exception)
KickbacksPayments in exchange for favorable treatmentAbsolutely prohibited
Political Contributions (Corporate)Company funds for political purposesProhibited without Board approval
Charitable Donations as Quid Pro QuoDonations to obtain business advantageProhibited

4.3 Third-Party Due Diligence

When engaging third parties who may interact with government officials:

Due Diligence StepRequirementDocumentation
Risk AssessmentEvaluate corruption risk of engagementRisk assessment form
Background CheckVerify legitimacy and reputationThird-party screening report
Contract TermsInclude anti-corruption representations and audit rightsStandard contract clauses
Ongoing MonitoringMonitor for red flags during engagementPeriodic review
TrainingEnsure third parties understand our standardsTraining acknowledgment

4.4 Red Flags Requiring Escalation

Red FlagRequired Action
Requests for unusual payment terms (cash, third-party payments)Escalate to Legal before proceeding
Requests for payments to countries with no business connectionEscalate to Legal; do not proceed
Requests for unusually high commissions or feesEscalate to Legal and Finance
Third-party has reputation for improper paymentsDo not engage without Legal approval
Government official suggests payment could expedite approvalRefuse; document; report to Legal
Pressure to ignore due diligence proceduresRefuse; report to Ethics hotline

5. Conflicts of Interest

5.1 Conflict of Interest Policy

All personnel must avoid situations where personal interests conflict with Company interests:

Conflict TypeDescriptionRequired Action
Financial InterestsOwnership in competitors, suppliers, or customersDisclosure; potential divestment
Outside EmploymentEmployment or consulting outside Acme CloudPre-approval required
Board PositionsService on outside boardsPre-approval required
Personal RelationshipsFamily or romantic relationships affecting business decisionsDisclosure; recusal from affected decisions
Business OpportunitiesDiverting Company opportunities for personal benefitProhibited; disclosure required
Competing ActivitiesSide projects in competitive spacePre-approval required

5.2 Disclosure Requirements

TriggerDisclosure TimingDisclosure Channel
New employmentBefore starting Acme Cloud roleOffer acceptance form
New conflict arisingWithin 5 business daysethics@acmecloud.com
Annual disclosureDuring annual certificationEthics questionnaire
Promotion to managementBefore assuming roleHR and Legal review
New personal relationship with business impactWithin 5 business daysManager and HR

5.3 Conflict Resolution Process

StepActionResponsible Party
1Disclosure of potential conflictEmployee
2Initial assessmentManager + HR
3Conflict determinationCompliance Officer
4Mitigation plan (if conflict exists)Compliance Officer
5Implementation and monitoringManager
6DocumentationHR file

5.4 Common Conflict Scenarios and Guidance

ScenarioGuidanceApproval Required
Spouse works for competitorDisclosure required; may require information barrierCompliance Officer
Personal investment in customerDisclosure required if >$10,000 or >1% ownershipManager + Compliance
Speaking at paid conferenceGenerally permitted; disclosure of compensationManager approval
Advisory board of non-competitorPermitted with disclosureManager + Legal
Family member applying for jobDisclosure required; recusal from hiring decisionHR
Side project in adjacent spacePre-approval requiredManager + Legal

6. Gifts, Entertainment, and Hospitality

6.1 Receiving Gifts

Gift TypeThresholdApprovalDocumentation
Business mealsReasonable and customaryNone requiredReceipt recommended
Small promotional items<$25None requiredNone
Gifts from vendors/partners$25–$100Manager notificationGift log
Gifts from vendors/partners>$100Manager approval requiredGift log, approval
Cash or cash equivalentsAny amountProhibitedN/A
Entertainment (sporting events, concerts)<$250Manager notificationGift log
Entertainment>$250Manager + Compliance approvalGift log, approval
Travel or accommodationsAnyPre-approval requiredGift log, approval

6.2 Giving Gifts

Recipient TypeGuidanceApproval
Commercial customersReasonable business gifts permittedManager for >$100
Government officialsGenerally prohibited; very limited exceptionsLegal pre-approval required
Prospective customersModest, branded items onlyManager for >$50
Vendors/partnersReasonable business gifts permittedManager for >$100

6.3 Entertainment Guidelines

PrincipleApplication
Business purposeEntertainment should have legitimate business purpose
Reasonable valueEntertainment should be reasonable and customary for industry
TransparencyHost should be present; no secret entertainment
Legal complianceEntertainment must not violate laws or counterparty policies
ReciprocityPattern of one-sided entertainment is red flag

7. Workplace Conduct and Respect

7.1 Equal Employment Opportunity

Acme Cloud is an equal opportunity employer committed to non-discrimination:

Protected CategoryApplicable LawsOur Commitment
Race, ColorTitle VII, state lawsZero tolerance for discrimination
ReligionTitle VII, state lawsReasonable accommodation
Sex, GenderTitle VII, Equal Pay ActEqual treatment, pay equity
Sexual OrientationState laws, company policyFull inclusion and respect
Gender IdentityState laws, company policyAffirming workplace policies
National OriginTitle VII, IRCANon-discrimination, lawful employment
AgeADEAMerit-based decisions
DisabilityADA, state lawsReasonable accommodation
Veteran StatusVEVRAASupport and recognition
Genetic InformationGINANon-discrimination
PregnancyPDAAccommodation and leave

7.2 Anti-Harassment Policy

Prohibited Conduct:

Harassment TypeExamplesProhibited In
Sexual harassmentUnwelcome advances, requests for favors, inappropriate commentsAll work contexts including remote
Hostile environmentConduct creating intimidating or offensive environmentAll work contexts
Quid pro quoConditioning employment benefits on submissionAll contexts
BullyingRepeated mistreatment, threatening behaviorAll contexts
CyberbullyingHarassment via digital channels (Slack, email, social media)All contexts
MicroaggressionsSubtle, often unintentional discriminationAll contexts

Reporting Channels:

ChannelContactAnonymityBest For
ManagerDirect conversationNoInitial concerns, immediate issues
HR Business Partnerpeople@acmecloud.comNoFormal complaints, investigations
Ethics Hotline+1-800-555-0199YesAnonymous reporting
Ethics Web Portalethics.acmecloud.comYesAnonymous reporting, documentation
General Counsellegal@acmecloud.comNoSenior executive concerns

7.3 Investigation Process

PhaseTimelineActions
Acknowledgment2 business daysReceipt confirmation, preliminary assessment
Investigation15–30 business daysWitness interviews, evidence review
Findings5 business days after investigationDetermination of substantiation
Corrective ActionPer finding severityDiscipline, training, policy changes
Reporter Notification10 business days after resolutionOutcome communication (as appropriate)

7.4 Workplace Safety

Safety ElementRequirementEnforcement
Violence-free workplaceNo threats, violence, or weaponsImmediate termination
Drug and alcoholNo impairment affecting workPerformance management, EAP referral
Emergency proceduresCompliance with emergency protocolsTraining, drills
Reporting hazardsReport safety concerns promptlyNo retaliation
Remote work safetyMaintain safe home officeErgonomic guidelines, stipend

8. Information Protection and Privacy

8.1 Confidential Information

Information TypeProtection RequirementsDisclosure Restrictions
Customer dataHighest protection; access controls, encryptionNeed-to-know only; no external disclosure
Trade secretsAccess controls; NDA required for accessAuthorized personnel only
Financial informationRestricted access pre-disclosureInsider trading rules apply
Personnel recordsHR access controlsHRBP and manager only
Security informationSecurity team accessClassified handling
Product roadmapProduct team accessUnder NDA only
Pricing informationSales and Finance accessCustomer-specific; no broad sharing

8.2 Data Protection Obligations

ObligationDescriptionReference
Minimize collectionCollect only data necessary for business purposesPrivacy Policy
Purpose limitationUse data only for stated purposesPrivacy Policy
AccuracyMaintain accurate personal dataData governance procedures
SecurityApply appropriate security controlsSecurity policies
RetentionRetain only as long as necessaryData Retention Policy
Individual rightsSupport data subject rights requestsDSR procedures

8.3 Acceptable Use of Technology

Permitted UseProhibited Use
Business communicationsPersonal use that interferes with work
Authorized personal use (limited)Illegal content or activities
Professional developmentUnauthorized software installation
Collaboration toolsCircumventing security controls
Cloud services (approved)Shadow IT
AI tools (approved)Unapproved AI with customer data

9. External Communications and Representation

9.1 Public Communications

Communication TypeAuthorizationGuidance
Media inquiriesCommunications team onlyRefer all inquiries to communications@acmecloud.com
Press releasesExecutive approvalCoordinated by Communications
Conference presentationsManager approvalReview by Communications for external-facing
Social media (company)Social media teamBrand guidelines
Social media (personal)Personal responsibilitySee personal social media guidelines
Analyst/investorInvestor Relations onlyIR coordination required
RegulatoryLegal coordinationCoordinated response

9.2 Personal Social Media Guidelines

GuidelineDescription
DisclosureWhen discussing work, clarify opinions are personal, not company positions
ConfidentialityNever share confidential or proprietary information
RespectDo not disparage customers, partners, or colleagues
ComplianceFollow securities laws regarding material non-public information
JudgmentConsider how posts reflect on you and the Company
SeparationMaintain clear separation between personal and official accounts

9.3 Intellectual Property

IP TypeProtectionPersonnel Obligations
PatentsPatent applications, trade secretsDisclose inventions; assign to Company per agreement
TrademarksRegistration, enforcementUse properly; report misuse
CopyrightsAutomatic protectionWork product belongs to Company
Trade secretsConfidentiality controlsProtect proprietary information
Open sourceLicense complianceFollow OSS policy; pre-approval for contributions

10. Trade Compliance and International Business

10.1 Export Controls Compliance

RequirementDescriptionApplicable Laws
Export licensingObtain required licenses before exportEAR, ITAR
ClassificationProperly classify products and technologyECCN determination
ScreeningScreen all parties before transactionsDenied party lists
Record keepingMaintain export recordsEAR requirements
TrainingComplete export controls trainingAnnual requirement for relevant roles

10.2 Sanctions Compliance

Sanctions TypeExamplesAcme Cloud Approach
Country sanctionsComprehensive embargoes (North Korea, Cuba, etc.)No business with sanctioned countries
Sectoral sanctionsRestrictions on specific industriesCase-by-case legal review
SDN listSpecially Designated NationalsAutomated screening; no transactions
Secondary sanctionsRestrictions on non-US personsLegal guidance required

10.3 Anti-Money Laundering

ControlImplementation
Customer due diligenceKYC procedures for enterprise customers
Transaction monitoringSuspicious activity review
Record keepingTransaction records retention
ReportingSAR filing where required
TrainingAML awareness for relevant roles

11. Reporting Violations and Non-Retaliation

11.1 Reporting Channels

ChannelContactAvailabilityAnonymity
Direct managerDirect conversationBusiness hoursNo
HR Business Partnerpeople@acmecloud.comBusiness hoursNo
Ethics emailethics@acmecloud.comMonitored business hoursPartial (email visible)
Ethics hotline+1-800-555-019924/7/365Yes
Ethics portalethics.acmecloud.com24/7/365Yes
General Counsellegal@acmecloud.comBusiness hoursNo
Board Audit Committeeaudit-committee@acmecloud.comFor executive mattersConfidential

11.2 Non-Retaliation Commitment

Acme Cloud strictly prohibits retaliation against anyone who:

Protected ActivityExamples
Reports a concern in good faithEthics hotline, manager, HR
Participates in an investigationWitness interviews, document production
Refuses to participate in illegal activityDeclining to make prohibited payment
Exercises legal rightsWorkers' compensation, FMLA
Cooperates with regulatory inquiryResponding to government requests

Prohibited Retaliatory Actions:

CategoryExamples
Employment actionsTermination, demotion, suspension
Compensation impactsPay reduction, bonus denial
Career impactsNegative evaluation, promotion denial, unfavorable assignment
Workplace treatmentExclusion, harassment, intimidation
Subtle retaliationSilent treatment, micromanagement, reduced responsibilities

11.3 Investigation Confidentiality

PrincipleApplication
Need-to-knowInformation shared only with those required for investigation
Reporter identityProtected to extent possible; disclosed only if legally required
Investigation detailsNot disclosed beyond necessary participants
OutcomesSpecific disciplinary actions generally confidential

12. Disciplinary Framework

12.1 Violation Categories and Consequences

SeverityExamplesTypical Consequences
MinorLate policy acknowledgment, minor gift violation, inadvertent policy deviationVerbal coaching, additional training
ModerateInappropriate communication, minor confidentiality breach, repeated minor violationsWritten warning, performance improvement plan
SeriousHarassment, significant data mishandling, policy circumvention, discriminationFinal written warning, suspension, termination
CriticalFraud, bribery, violence, intentional data breach, retaliationImmediate termination, legal referral

12.2 Factors in Disciplinary Decisions

FactorConsideration
Severity of violationImpact on individuals, Company, customers
IntentDeliberate vs. negligent vs. inadvertent
Prior historyPrevious violations or warnings
PositionGreater expectations for senior roles
CooperationSelf-reporting, cooperation with investigation
RemediationEfforts to correct harm
PatternIsolated incident vs. pattern of behavior

12.3 Appeal Process

StepActionTimeline
1Written appeal to HR10 business days after disciplinary action
2HR review with General Counsel10 business days
3Decision communication5 business days after review
4Final appeal to CEO (termination only)5 business days after HR decision

13. Training and Certification

13.1 Required Training

TrainingAudienceFrequencyDeadline
Code of ConductAll personnelAnnual30 days from hire; annual by January 31
Anti-harassmentAll personnelAnnual30 days from hire; annual
Anti-bribery/corruptionFinance, Sales, ExecutivesAnnual60 days from role start
Export controlsEngineering, Sales, OperationsAnnual60 days from role start
Insider tradingAll personnelAt hire; upon material eventsBefore trading window
Data protectionAll personnelAnnual30 days from hire; annual
Manager ethicsAll people managersAt promotion; annualBefore assuming role

13.2 Annual Certification Process

StepTimelineAction
1January 1Certification window opens
2January 1–31Complete Code of Conduct training
3January 1–31Complete conflict of interest questionnaire
4January 31Certification deadline
5February 1–15Manager follow-up with non-completers
6February 15Escalation to HR for non-completion
7March 1Access restrictions for persistent non-completion

13.3 FY2025 Certification Metrics

MetricResult
Overall completion rate99.1%
On-time completion (by January 31)94.7%
Conflicts disclosed47
Conflicts requiring mitigation12
Average completion time28 minutes
Manager completion rate100%

14. SOC 2 and ISO 27001 Control Mapping

14.1 SOC 2 Trust Services Criteria Mapping

Control IDControl DescriptionCode Implementation
CC1.1Demonstrates commitment to integrity and ethical valuesThis Code, ethics program, certification requirement
CC1.2Board exercises oversightBoard Audit Committee ethics oversight
CC1.3Management establishes structures and reportingEthics organization, reporting channels
CC1.4Commitment to attract and retain competent individualsTraining, performance management
CC1.5Holds individuals accountableDisciplinary framework, certification
CC2.1Information generation and useRecords management, confidentiality
CC2.2Internal communicationPolicy communication, training
CC2.3External communicationCommunications policy, spokesperson rules
CC3.1Risk identificationConflict of interest disclosure
CC3.2Risk assessmentDue diligence, vendor assessment
CC6.1Logical access controlsNeed-to-know principles
CC6.7Information handlingConfidentiality requirements

14.2 ISO 27001:2022 Annex A Control Mapping

ControlControl TitleCode Implementation
A.5.1Policies for information securityCode as foundational policy
A.5.4Management responsibilitiesManagement accountability
A.5.10Acceptable use of informationAcceptable use provisions
A.5.36Compliance with policiesCertification, disciplinary framework
A.6.1ScreeningBackground check requirements
A.6.2Terms and conditions of employmentCode acknowledgment
A.6.3Information security awarenessTraining program
A.6.4Disciplinary processDisciplinary framework
A.6.5Responsibilities after terminationConfidentiality obligations
A.6.6Confidentiality agreementsNDA requirements
A.6.7Remote workingRemote work guidelines

Related Trust Center documents

whistleblower, corporate governance, dei report, vendor code of conduct, access control, privacy policy, modern slavery

Document revision history

VersionDateAuthorSummary of changes
1.02024-06-01Legal & ComplianceInitial Trust Center publication
2.02025-03-15GRC ProgramSOC 2 Type II alignment refresh; expanded subprocessors
2.52025-09-01Security EngineeringEncryption standards update; ISO 27001 mapping
3.02026-01-15Trust Center ProgramFull procurement-grade expansion; 34-document set

Contact

Acme Cloud, Inc. 1200 Market Street, Suite 400 San Francisco, CA 94103, USA

ChannelEmailUse case
Trust & procurementtrust@acmecloud.comSecurity questionnaires, trust reviews
Securitysecurity@acmecloud.comIncidents, vulnerabilities, control questions
Privacyprivacy@acmecloud.comDSRs, privacy assessments
Legallegal@acmecloud.comContractual, DPA, legal notices

15. Program Governance and Metrics

15.1 Ethics Program Oversight

RoleResponsibilitiesReporting
General CounselEthics program ownership, policy updatesCEO, Board Audit Committee
Chief People OfficerTraining, culture, HR integrationCEO
Compliance OfficerDay-to-day operations, investigationsGeneral Counsel
Ethics AmbassadorsDepartmental ethics champions (12 volunteers)Compliance Officer
Board Audit CommitteeProgram oversight, executive concernsFull Board

15.2 FY2025 Ethics Program Metrics

MetricValueTrendBenchmark
Ethics hotline reports23+4 YoYHealthy
Substantiated reports8 (35%)StableIndustry: 30–40%
Retaliation claims2 (unsubstantiated)-1 YoYTarget: 0
Average investigation time22 days-3 days YoYTarget: <30 days
Training completion99.1%+0.5% YoYTarget: 100%
Ethics culture survey (fear of retaliation)91% feel safe reporting+3% YoYIndustry: 82%
Leadership models ethics88% agree+2% YoYIndustry: 78%

15.3 Program Benchmarking

Acme Cloud's ethics program is benchmarked against:

FrameworkResultDate
Ethisphere World's Most Ethical CompaniesCriteria assessment completedQ4 2025
DOJ Evaluation of Corporate Compliance ProgramsSelf-assessment: meets expectationsQ3 2025
Industry peer comparisonAbove median for SaaS 200–500 employeesQ4 2025

16. Acknowledgment and Commitment

By working at or with Acme Cloud, all personnel acknowledge and commit to:

CommitmentAcknowledgment
I have read and understand this CodeRequired at hire, annually
I will comply with all Code provisionsRequired
I will report suspected violationsRequired
I will complete required trainingRequired
I will disclose conflicts of interestRequired
I understand consequences of violationsRequired
I will not retaliate against reportersRequired
I will protect confidential informationRequired

Annual Certification Statement:

"I certify that I have read, understand, and agree to comply with the Acme Cloud Code of Conduct and Business Ethics. I have disclosed all actual or potential conflicts of interest. I understand that violations may result in disciplinary action, including termination. I know how to report concerns and understand that retaliation is prohibited."

Contact Information:

PurposeContact
Ethics questionsethics@acmecloud.com
HR matterspeople@acmecloud.com
Legal questionslegal@acmecloud.com
Anonymous reporting+1-800-555-0199 / ethics.acmecloud.com
Trust inquiriestrust@acmecloud.com

This Code is effective as of January 1, 2026 and supersedes all prior versions. Acme Cloud may update this Code at any time. Material changes will be communicated to all personnel.

Last updated: January 15, 2026
EthicPages logoEthicPages