Our commitment to anti-corruption & anti-bribery
We prohibit offering or paying bribes, kickbacks, or other improper benefits to anyone.
We prohibit corruption and bribery
We prohibit corrupt payments of all kinds, including facilitating payments. We expect our representatives to share our commitment to integrity, and if we see signs that a representative is unethical or could be engaging in corrupt conduct, we end our business relationship with them.
Our Anti-Corruption Compliance Program
As a company, we do not and will not tolerate violations of our standards and policies. Our anti-corruption compliance program is designed to prevent, detect, and fix compliance issues. We approach compliance with a growth mindset and a process of continuous improvement, and we invest heavily in innovative and fresh approaches.
Microsoft Runs on Trust Campaign
We want our employees to feel comfortable speaking up and sharing their concerns. Our company-wide trust campaign drives awareness of the importance of compliance and ethics, highlighting resources to report concerns regarding misconduct, including corruption.
We communicate our values through our conduct and in email, leadership videos, training, and content that leaders at Microsoft use to reinforce the importance of building and maintaining trust with our customers, governments, representatives, and each other.
Microsoft’s Anti-Corruption Standard
We prohibit offering or paying bribes, kickbacks, or other improper benefits to anyone. We will forego business rather than secure it through a bribe, kickback, or other improper benefit.
Microsoft’s Anti-Corruption Policy
We prohibit improperly giving, promising, offering, or authorizing payment of anything of value in order to obtain or keep business or to secure some other advantage for Microsoft.
We are committed to ensuring our employees understand what is expected of them and to grow their skills around ethical decision-making. Our anti-corruption training program focuses on values and culture-based learning through in-person and online courses, such as our award-winning Standards of Business course, our anti-corruption workshops, role-targeted training, and integrity skills programs. We require anti-corruption training for our partners and suppliers, described in Trustworthy Representatives.
We offer multiple ways for employees or third parties to report potential compliance concerns, including anonymously through an external hotline provider. We maintain a comprehensive, global compliance investigation team to review and, if necessary, investigate reported concerns. If the investigation uncovers violations of policy or law, the company takes appropriate remedial action, including discipline of employees and sanctions or removal of partners or vendors. The investigations team reports on data and trends and educates employees through case studies.
Reporting compliance anti-corruption concerns
We offer multiple ways for employees or third parties to report potential compliance concerns, including anonymously through an external hotline provider. We maintain a comprehensive, global compliance investigation team to review and investigate reported compliance concerns. If the investigation uncovers violations of policy or law, the company takes appropriate remedial action, which may include discipline of employees, enhanced controls, and removal of partners or vendors. The investigations team reports on data and trends, and we train our employees using lessons learned from our investigations.
Compliance Analytics Program
We are using digital technologies to create an early warning and monitoring system for corruption risks. We continue to work on expanding this program to cover additional risk regions and sales programs. Our goal is to identify and review sales transactions and third parties that create the highest corruption risk, and provide additional oversight of these transactions and representatives. To accomplish this goal, we have invested in on-premise and cloud-based data analytic solutions that use advanced statistics, machine learning, and artificial intelligence. These solutions allow us to “risk score” transactions and representatives to identify trends, patterns, relationships, and anomalies. These insights trigger compliance reviews conducted by compliance and finance teams. These end-to-end solutions combine to form the Compliance Analytics Program.
Managing sales transactions
Create a sales quote
Sales team or reseller creates a sales quote in Microsoft’s customer relationship management (CRM) solution.
Compliance Analytics Program applies an algorithm against the quote to calculate risk score based on data attributes in real-time.
Compliance personnel review quotes identified as requiring additional scrutiny and conduct control checks and mitigate any risks with stakeholders.
Compliance Analytics Program continues to monitor risks. Compliance personnel only approves a quote for processing if identified risks are mitigated and controls are satisfied.
Managing Third Parties
We require our partners, suppliers, and other representatives to comply with the Anti-Corruption Policy for Microsoft Representatives. We conduct risk-based due diligence and vetting of our representatives. The vetting process now uses data analytics to identify higher risk representatives through an algorithm that calculates a risk score for representatives based on internal and external data attributes. We began using these data analytics in 2019 to conduct due diligence on some representatives and continue to work on expanding this unique program. We require that higher risk representatives undergo enhanced vetting allowing us to determine whether they will be permitted to start or renew a business relationship with us. Our partner compliance analytics also provide real-time insights, allowing Microsoft to make more informed compliance and business decisions.
Our corruption and bribery risk assessments help drive our decisions and priorities for enhancing controls, processes, and monitoring. Our vetting and transaction monitoring programs are based on sophisticated risk analytics.
ISO 37001 Certification
We’ve taken steps to ensure that our compliance program meets the highest standards for such programs, including ISO 37001, the new Anti-Bribery Management System Standard. Independent and accredited certification bodies have reviewed our implementations of ISO 37001 to date, based on all the work that we’ve done in the last few years, and have certified that the subsidiaries and global business group reviewed meet ISO 37001 requirements.