GitHub upholds our commitment to ethical business practices, including by prohibiting bribery and corruption. As Transparency International explains, the costs of corruption are
- political, by posing a major obstacle to democracy and the rule of law
- economic, by depleting national wealth
- social, by undermining people’s trust in political society, institutions, and leaders
- environmental, by facilitating non-enforcement of environmental laws and regulations.
According to the World Bank in 2017, businesses and individuals pay an estimated $1.5 trillion in bribes each year.
GitHub makes our anti-bribery commitment clear in a number of company policies. As part of the Microsoft family, GitHub is also committed to Microsoft's Anti-Corruption Policy, which applies to all GitHub employees and contractors, in addition to the policies described here.
GitHub's Code of Ethics prohibits employees and contractors from engaging in or contributing to bribery or corruption, and establishes record-keeping requirements:
You must never pay, offer to pay, promise to pay, induce, accept, or authorize payment of anything else of value, to anyone—including to anyone in a position of power or authority, such as government officials, or in commercial transactions—in order to obtain or keep business, or secure any other improper advantage for GitHub or Microsoft. You also must not solicit or accept a bribe, kickback, or any other improper cash payment. ... [GitHub employees] are required to keep accurate and fair records of all transactions involving any expense made on GitHub’s behalf—for example, by keeping receipts and providing accurate descriptions of your expenses—or any other transaction involving the disposal or transfer of GitHub assets. Such actions are required by the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act of 2010, and anti-bribery laws of other jurisdictions in which GitHub does business and are also simply the right thing to do.
GitHub's Code of Ethics elaborates on certain situations, including gifts, travel, and entertainment; facilitating payments; charitable donations; jobs; and working with representatives, as well as on who is considered a government official.
GitHub's Standards of Conduct prohibit:
Bribing government officials or other individuals to gain an unfair advantage, and taking bribes from anyone.
GitHub’s Gifts and Entertainment Policy explains that bribery is not permitted in connection with travel or entertainment, and provides examples to illustrate improper conduct. The policy describes proper and improper gifts, travel, and entertainment expenses; company processes for gift-giving by GitHub’s directors, officers, employees, and agents and requirements for record-keeping, penalties; and reporting of violations. It includes clear monetary thresholds for gifts along with annual limitations, with limited exceptions for gifts approved by appropriate management. The policy is clear and easily accessible to GitHub employees and contractors.
GitHub employees are required to participate in training on corruption, including bribery. We also provide additional training for particularly relevant people and teams, such as our sales team. The training explains relevant elements of the U.S. Foreign Corrupt Practices Act and the U.K. Bribery Act of 2010. For example,
- definition and structural effects of corruption
- who is covered, including
- public officials or others in a position of power
- third parties
- what kind of activity is covered, including
- cash, gifts, travel, and entertainment
- facilitation payments
- charitable contributions and sponsorship
- for what purpose, including
- improper advantage or influence
- due diligence and red flags
- record-keeping requirements
In addition, the training covers GitHub’s internal policies related to anti-corruption and bribery, including our non-retaliation (whistleblower) policy.
While the U.S. FCPA is focused on interactions with government officials, the U.K. Bribery Act is broader and extends to bribing anyone, regardless of whether they are a government official. Both laws can extend to GitHub’s actions elsewhere on the globe. GitHub’s policies prohibit bribing anyone, anywhere in the world.
- GitHub’s standard resale agreements with Channel Partners include mandatory anti-corruption clauses. Going forward, GitHub now requires our Channel Partners to commit to complying with this Anti-Corruption Statement.
- Going forward, GitHub’s vendor contracts now require a commitment to comply with Microsoft's Supplier Code of Conduct or this Anti-Corruption Statement.