Compliance and Ethics at Microsoft
Our commitment to corporate responsibility and integrity
Empower every person and every organization on the planet to achieve more.
Microsoft’s commitment to corporate responsibility and integrity guides everything we do as a company, and defines the work of our ethics and compliance program. We have high ethical standards governing the way we conduct our business, standards that we also apply to our suppliers and business partners. Our business practices and standards reflect our commitment to making a positive impact around the globe. We demand such high standards from ourselves and our partners to preserve trust with our customers, governments, investors, partners, representatives, and each other, and because it is the right thing to do.
Overview of Microsoft’s Compliance and Ethics Program
Microsoft has built its compliance and ethics program on three pillars: Prevention, Detection, and Remediation. We continually evolve our programs to meet these goals.
Prevention
To prevent compliance issues from arising in the first place, we focus on promoting a culture of ethics and integrity. We do this through creating a culture of compliance throughout our company, and through our Standards of Business Conduct, policies, and training, while also using data analytics, risk assessment, proactive investigations, third party vetting, and other compliance efforts to minimize potential risks.
Detection
We detect potential compliance issues in several ways, including testing by our Internal Audit group, monitoring through our compliance analytics program and by our Controls & Compliance teams, investigating concerns reported by employees and others, and analyzing trends through our Office of Legal Compliance. Compliance is a team effort at Microsoft. Every employee is responsible for upholding our standards, fostering the culture of compliance in their Microsoft team and partners, and reporting concerns.
Remediation
We assess the root cause of problems, and continually enhance our controls and processes to minimize the risk of recurrence. This process is a core component of Microsoft’s compliance program and growth mindset culture. We discipline employees who violate our policies and standards, regardless of their level, and we stop doing business with partners and suppliers who don’t meet our ethical standards.
Our Standards of Business Conduct help us build trust
We achieve more when we apply our culture and values to build and preserve trust with our customers, governments, investors, partners, representatives, and each other.
Employees who violate our standards face disciplinary action, up to and including termination of employment. Any employee who engages in retaliation against someone for raising a compliance concern is likewise subject to disciplinary action up to and including termination of employment.
Microsoft Standards of Business Conduct
Our standards reflect our culture and values, and the principles that guide our behavior. Our employees use these standards to understand what is required of them, get help when needed, and make good decisions that build trust and empower our customers and partners to achieve more.
Reporting concerns & non-retaliation
Microsoft’s commitment to building and maintaining a culture of trust, ethics, and integrity depends on our employees and representatives telling us if they are aware of, or have a concern about, compliance with our Standards of Business Conduct, policies, or the law.
Again, Microsoft prohibits retaliation. Employees will not suffer adverse consequences or retaliation for:
- Refusing to do something that violates the Microsoft Standards of Business Conduct, policies, or the law, even if this refusal results in the loss of business to Microsoft.
- Raising a concern about potential misconduct in good faith, or for cooperating with an investigation.
Anyone who retaliates against an employee for engaging in any of these activities will be subject to disciplinary action, up to and including termination of employment or business relationship.
Microsoft provides multiple ways to report concerns. When you report a concern or issue, you can expect that your report will be treated seriously, fairly, and promptly. Use the reporting options here.
Awards and recognition
Microsoft is honored to have received positive recognition for our work in ethics, compliance and corporate social responsibility. In 2019, Ethisphere Institute ranked Microsoft among the World's Most Ethical Companies for the ninth year in a row. See some of our other awards and recognition here.
Administration and oversight
The President and Chief Legal Officer serves as Microsoft’s Chief Compliance Officer and has overall responsibility for the management of our compliance and ethics program. He reports directly to the CEO and, for this purpose, also directly to the Audit Committee of Microsoft’s Board of Directors. The President and Chief Legal Officer, through the Vice President and Deputy General Counsel of Compliance and Ethics, oversees the Office of Legal Compliance (OLC). The Deputy General Counsel has direct access and reporting obligations to the Audit Committee.