The Gold Standard: Structuring a Pharma Corporation’s Code of Conduct

Introduction

The Code of Ethics is more than a formal document—it is the foundation of corporate integrity, ethical decision-making, and sustainable business operations. As companies expand globally, interact with diverse stakeholders, and navigate complex regulatory landscapes, a well-structured Code of Conduct becomes a necessity rather than a formality.

The Evolution of Ethical Standards in Pharma

Pharmaceutical corporations operate in a highly regulated and ethically sensitive environment, where compliance, transparency, and patient welfare are paramount. Over the years, Codes of Conduct have evolved from rigid rulebooks to value-driven frameworks, shaping corporate culture rather than just imposing restrictions.

An analysis of leading pharmaceutical Codes of Conduct from companies such as Pfizer, Biogen, Novartis, Sanofi, Amgen, Mölnlycke, Hikma, and Takeda reveals key trends:

Best Practices for Structuring a Code of Conduct in the Pharmaceutical Industry

A well-structured Code of Conduct is not just a legal safeguard—it is a living document that helps companies maintain public trust, ensure regulatory compliance, and promote ethical business practices.

A well-structured Code should cover:

1. CEO Message & Leadership Commitment – Reinforcing ethical culture from the top.

2. Core Values & Ethical Compass – Defining principles such as integrity, transparency, and accountability.

3. Scope & Applicability – Clarifying expectations for employees, suppliers, and third parties.

4. Regulatory Compliance & Legal Standards – Aligning with global laws (EFPIA, FCPA, UK Bribery Act, GDPR).

5. Business Integrity & Financial Transparency – Preventing fraud, bribery, and conflicts of interest.

6. Healthcare & Patient Interactions – Ensuring transparency in industry collaborations.

7. Digital Ethics & Data Privacy – Managing AI ethics, cybersecurity, and responsible tech use.

8. Research & Clinical Trial Ethics – Safeguarding patient safety and scientific integrity.

9. Human Rights & Workplace Culture – Promoting diversity, inclusion, and labor rights.

10. Supply Chain & Procurement Ethics – Ensuring ethical sourcing and supplier due diligence.

11. Corporate Social Responsibility (CSR) & Sustainability – Meeting ESG and climate impact goals.

12. Whistleblowing & Reporting Mechanisms – Establishing secure, anonymous reporting channels.

13. Monitoring, Auditing & Enforcement – Conducting compliance reviews and enforcing disciplinary actions.

Best Structure for a Pharmaceutical Corporation’s Code of Conduct

Section 1:  CEO Message & Leadership Commitment

A Code of Conduct should begin with a CEO statement that reinforces leadership accountability, ethical expectations, and corporate values. This section sets the tone for the organization, signaling that compliance and integrity are not just obligations but fundamental to corporate success.

The Role of the CEO in Ethical Leadership

A strong "tone from the top" ensures that ethical behavior is embedded in corporate culture. Research shows that employees are more likely to engage in ethical decision-making when leadership actively promotes and upholds ethical values. A CEO message in the Code should:

• Reinforce Corporate Values – Emphasize integrity, transparency, and compliance.

• Commit to Ethical Leadership – Demonstrate leadership’s role in setting ethical standards.

• Encourage Employee Accountability – Urge employees to adhere to the Code and report misconduct.

• Align Ethics with Business Strategy – Link compliance to corporate mission, innovation, and patient safety.

• Support a Speak-Up Culture – Promote whistleblower protections and open communication.

Without a clear commitment from leadership, compliance risks becoming a check-the-box exercise rather than a core business principle.

Leading pharmaceutical companies integrate strong CEO endorsements into their Codes of Conduct. Pfizer's "Blue Book" – CEO Albert Bourla emphasizes trust and patient-centricity as central to the company’s ethical obligations. In Amgen’s Code – CEO Robert Bradway links corporate success to transparency, ethical decision-making, and compliance. Novartis aligns leadership accountability with business strategy, stating that ethics guide all corporate actions and partnerships.

These examples highlight how an effective CEO statement transforms a Code from a policy document into a strategic guide.

Section 2: Organizational Core Values & Ethical Compass

A Code of Conduct is built on a foundation of core values that define how a company conducts business, interacts with stakeholders, and upholds ethical integrity. These values serve as an ethical compass, guiding employees in decision-making and reinforcing the company’s commitment to responsible corporate behavior.

Strong corporate values create consistency in behavior, decision-making, and business operations. They ensure that compliance is not just about following rules but about aligning business practices with ethical principles. A well-defined values system helps:

• Prevent ethical dilemmas by providing clear decision-making frameworks.

• Foster a culture of accountability where employees understand their ethical responsibilities.

• Strengthen corporate reputation and stakeholder trust by demonstrating commitment to ethical conduct.

Companies that embed core values into their daily operations see higher compliance rates, stronger employee engagement, and reduced ethical risks.

Pharmaceutical companies emphasize key ethical principles in their Codes. Biogen’s Code features the "Headline Test," prompting employees to consider if their actions would be acceptable if made public. Pfizer, Amgen, and Sanofi define values in a way that integrates ethics with corporate strategy and regulatory obligations.

These approaches ensure that core values are practical, actionable, and embedded in daily decision-making.

An effective Code of Conduct should define Essential Core Values, such as:

1. Integrity – Conducting business with honesty and fairness.

2. Transparency – Clear and open communication with stakeholders.

3. Accountability – Taking responsibility for actions and decisions.

4. Diversity & Inclusion – Promoting a respectful and equitable workplace.

5. Patient-Centricity (Pharma-specific) – Prioritizing patient health and safety.

6. Innovation with Ethics – Advancing science responsibly, ensuring regulatory compliance.

Section 3: Who Must Follow the Code?

A Code of Conduct applies to all individuals and entities that represent or act on behalf of the company. Clearly defining who is subject to the Code ensures consistent ethical standards across the entire organization and its external partnerships.

A well-structured Code must outline who is required to understand, adhere to, and uphold its principles. This typically includes:

• Employees at all levels, including executives and board members.

• Contractors, temporary workers, and consultants acting on behalf of the company.

• Third-party business partners, including suppliers, distributors, and joint ventures.

By extending compliance expectations beyond internal employees, companies mitigate ethical and regulatory risks in their supply chain and business operations.

Pharmaceutical companies ensure broad applicability of their Codes e.g. Hikma’s Code of Conduct explicitly includes external business partners, ensuring that ethical standards extend throughout the supply chain. Pfizer, Amgen, and Novartis reinforce that leadership must set an example, holding executives accountable for ethical decision-making.

A Code of Conduct should not only outline expectations but also emphasize accountability:

1. Employees and Executives – Required to comply with ethical guidelines, report concerns, and promote integrity.

2. Managers and Supervisors – Expected to lead by example, enforce compliance, and support employees in ethical decision-making.

3. Third-Party Business Partners – Must comply with contractual obligations that align with the company’s Code.

By holding all stakeholders accountable, companies minimize compliance risks and strengthen corporate integrity.

Section 4: Compliance with Laws, Regulations & Corporate Policies

A Code of Conduct must ensure adherence to both local and global regulations while aligning with the company’s internal policies. This section ensures that all business activities comply with applicable laws and sets the framework for maintaining legal integrity across the organization.

Compliance with laws and regulations is the foundation of corporate integrity. A well-defined compliance framework protects the organization from legal risks, reputational damage, and financial penalties. By outlining legal requirements clearly, the Code ensures that:

• Business operations comply with regulatory standards at every level.

• Employees understand their legal obligations and responsibilities in daily tasks.

• The company mitigates the risk of non-compliance and maintains a positive corporate reputation.

A pharmaceutical company’s Code of Conduct should clearly address compliance inter alia in the following areas: Pharma Regulations, Anti-Bribery and Anti-Corruption, Data Protection, Environmental and Health.

Leading pharmaceutical companies are proactive in integrating compliance into their operational framework. Takeda’s Code of Conduct is built around four key principles: Patient, Trust, Reputation, and Business, which collectively align legal compliance with ethical business practices. Pfizer and Novartis have robust systems in place to ensure compliance with both local and international regulations, incorporating these standards into day-to-day business functions.

In addition to regulatory compliance, the Code of Conduct must align with internal company policies. These policies should guide day-to-day operations and ensure that: all employees and departments adhere to internal standards—from marketing and sales to HR and procurement, clear policies are established on issues such as conflicts of interest, gifts and hospitality, and financial reporting, a system of accountability is in place to track compliance with these internal policies and address any violations promptly.

Section 5: Business Integrity & Financial Accountability

A strong Code of Conduct must establish clear expectations for ethical business practices, financial transparency, and accountability. This ensures that all employees, executives, and business partners operate with integrity, protecting the company from fraud, corruption, and financial misconduct.

Integrity in business operations is essential for maintaining trust with regulators, investors, customers, and employees. A company that prioritizes ethical business conduct: (i) prevents corruption, fraud, and financial misconduct through clear policies and oversight, (ii) strengthens investor confidence by ensuring financial transparency, (iii) minimizes legal risks associated with bribery, money laundering, and conflicts of interest.

A well-defined framework for business integrity helps companies avoid reputational damage and ensures compliance with global anti-corruption laws.

Preventing Bribery, Corruption & Conflicts of Interest

A Code of Conduct should outline strict policies on:

• Anti-Bribery & Anti-Corruption – Compliance with laws such as the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act to prevent unethical financial practices.

• Gifts, Hospitality & Entertainment – Ensuring that any exchange of value remains transparent, justified, and aligned with business ethics.

• Conflicts of Interest – Requiring employees to disclose personal or financial interests that could influence decision-making.

Section 6: Financial Integrity & Transparent Reporting

Companies must ensure accurate financial reporting and accountability to maintain trust and compliance. A Code should enforce: (i) strict financial reporting standards to prevent fraud and misrepresentation, (ii) internal controls and audits to detect financial irregularities, (iii) prohibition of insider trading and misuse of confidential financial information.

For example Amgen requires annual employee certification of financial integrity, reinforcing accountability at all levels.

Leading pharmaceutical firms integrate business integrity into corporate policies by: (i) implementing financial controls to ensure accuracy and prevent misconduct, (ii) establishing whistleblowing mechanisms to report unethical financial behavior, (iii) ensuring executive accountability for financial transparency.

Section 6: Interactions with Healthcare Professionals, Healthcare Organizations & Patients

Pharmaceutical companies operate in a highly regulated environment where interactions with healthcare professionals (HCPs), Healthcare Organizations (HCOs) and patients must meet the highest ethical and legal standards. A Code of Conduct must ensure that all engagements are transparent, ethical, and compliant with industry regulations, preventing undue influence on medical decision-making.

Ethical Principles Governing Interactions with HCPs & Patients

Ethical interactions between pharmaceutical companies and healthcare professionals are essential for maintaining public trust and regulatory compliance. A well-structured Code should: (i) ensure transparency in financial relationships with HCPs and healthcare organizations, (ii) prohibit unethical influence on medical decision-making, (iii) respect patient rights in clinical research and treatment programs.

These principles safeguard the integrity of healthcare decisions, ensuring that medical choices are based on scientific evidence and patient needs rather than financial incentives.

Transparency in Transfers of Value & Conflict of Interest Prevention

Code of Conduct should explicitly state: (i) prohibition of improper payments – No direct or indirect influence on prescribing decisions, (ii) clear guidelines on gifts, sponsorships, and hospitality – Ensuring that all exchanges are modest, appropriate, and legally permissible, (iii) full disclosure of financial relationships with HCPs – Compliance with industry reporting standards.

Ensuring Ethical Patient Engagement

In addition to HCP interactions, companies must uphold patient rights and ethical treatment in: (i) clinical trials – Compliance with Good Clinical Practices (GCP) ensuring informed consent, patient safety, and data transparency, (ii) patient assistance programs – Ensuring that support programs prioritize patient well-being over commercial interests. Sanofi – for example . emphasizes ethical patient engagement, ensuring that clinical trial participants receive unbiased information and proper care.

Section 7: Digital Ethics, AI, & Data Privacy

As digital transformation accelerates, pharmaceutical companies must ensure that artificial intelligence (AI), data analytics, and digital tools are used ethically and responsibly. A Code of Conduct should set clear expectations for AI governance, data privacy, and cybersecurity, ensuring compliance with global regulations while safeguarding patient and business data.

Pharmaceutical companies increasingly rely on AI-driven research, digital health platforms, and big data analytics. While these innovations offer significant benefits, they also introduce ethical risks, including: (i) bias in AI decision-making, affecting patient treatment and clinical outcomes, (ii) privacy concerns, particularly regarding sensitive patient data, (iii) cybersecurity threats, exposing corporate and personal information to breaches.

Pharmaceutical companies must adhere to strict data protection laws and AI governance frameworks, including inter alia: (i) General Data Protection Regulation (GDPR) – Protecting patient and employee data in Europe, (ii) Health Insurance Portability and Accountability Act (HIPAA) – Ensuring patient data confidentiality in the U.S., or (iii) AI Ethics Guidelines – Aligning AI use with transparency, fairness, and accountability.

Pfizer includes a dedicated section on AI ethics, ensuring compliance with data privacy laws and responsible AI deployment. Biogen highlights cybersecurity measures to prevent data breaches and unauthorized access.

A Code of Conduct should address responsible use of: (i) AI in healthcare decision-making – Ensuring algorithms do not introduce bias in drug development or patient care, (ii) Social media and digital communications – Preventing misinformation and protecting corporate reputation, (iii) Cybersecurity measures – Establishing safeguards to protect sensitive company and patient data.

Section 8: Research, Development & Clinical Trial Ethics

Pharmaceutical research and development (R&D) are at the core of medical innovation, but they must be conducted with the highest ethical standards to protect patient safety, ensure scientific integrity, and comply with regulatory frameworks. A Code of Conduct must establish clear principles for responsible research, clinical trial transparency, and ethical data management.

Integrity in drug discovery, development, and clinical trials is essential to maintain trust in the healthcare industry. Ethical research ensures that: (i) patient rights, safety, and well-being remain the top priority, (ii) clinical trials are designed and conducted with scientific rigor and transparency, (iii) regulatory requirements are strictly followed to ensure data credibility and drug efficacy.

A pharmaceutical company’s Code of Conduct must ensure adherence to inter alia: (i) Good Clinical Practice (GCP) – Ensuring ethical and scientific integrity in human trials, (ii) FDA & EMA Regulations – Governing drug approvals, trial protocols, and data submission, (iii) WHO & ICH Guidelines – Providing global standards for patient safety and ethical R&D practices.

Sanofi establishes detailed guidelines to ensure fair treatment of clinical trial participants and full regulatory compliance.

An ethical R&D framework must include: (i) Patient Consent & Safety Protections – Ensuring full transparency in informed consent procedures, (ii) Accurate Data Collection & Reporting – Preventing falsification or selective reporting of trial results, (iii) Responsible Use of AI & Digital Tools – Applying AI ethically in clinical trial analysis and decision-making.

Leading pharmaceutical companies enforce strict compliance protocols by: (i) providing ethics training for researchers and clinical trial staff, (ii) implementing external oversight committees to review research integrity, (iii) ensuring fair patient recruitment and eliminating biases in clinical studies.

Section 9: Human Rights & Workplace Culture

A company’s commitment to human rights and workplace ethics is a key indicator of its integrity and corporate responsibility. A Code of Conduct must establish clear principles for fair treatment, equal opportunity, and a safe, inclusive work environment, ensuring compliance with global labor and human rights standards.

Pharmaceutical companies have a responsibility to respect and promote human rights across their workforce, supply chain, and business partnerships. A Code should: (i) prohibit forced labor, child labor, and human trafficking, (ii) ensure fair wages, safe working conditions, and employee well-being, (iii) promote diversity, inclusion, and equal opportunity for all employees.

By embedding human rights protections into corporate policies, companies align with international frameworks such as the United Nations Guiding Principles on Business and Human Rights and the Modern Slavery Act.

An ethical workplace culture fosters respect, collaboration, and professional integrity. A Code of Conduct should: (i) ban discrimination, harassment, and retaliation in all forms, (ii) encourage open communication and a speak-up culture, (iii) ensure work-life balance and mental well-being initiatives.

Hikma dedicated section on labor rights and anti-slavery policies to ensure ethical employment practices, while Biogen integrated human rights commitments into corporate sustainability policies.

Leading pharmaceutical firms prioritize workplace ethics by: (i) implementing anti-discrimination training and workplace diversity programs, (ii) providing confidential reporting mechanisms for ethical concerns, (iii) holding leadership accountable for maintaining a respectful workplace.

Section 10: Supply Chain & Responsible Procurement

Pharmaceutical companies rely on complex global supply chains, making responsible procurement and ethical sourcing critical for maintaining regulatory compliance, product integrity, and corporate reputation. A Code of Conduct must establish clear expectations for suppliers, distributors, and third-party partners, ensuring alignment with ethical, legal, and sustainability standards.

A responsible supply chain ensures that all business partners uphold ethical, legal, and sustainability commitments. Companies must: (i) ensure fair labor practices and human rights protections across suppliers and subcontractors, (ii) prevent corruption, bribery, and unethical financial dealings in procurement, (iii) enforce environmental sustainability standards to minimize carbon footprint and waste.

By embedding supplier accountability into procurement policies, companies mitigate risks of labor exploitation, regulatory violations, and reputational damage.

Pharmaceutical companies must comply with supply chain due diligence laws, including: (i) UK Modern Slavery Act & U.S. Forced Labor Prevention Act – preventing human trafficking and child labor, (ii) good Distribution Practices (GDP) – ensuring product safety and quality through the supply chain, (iii) Anti-Corruption Laws (FCPA, UK Bribery Act) – preventing unethical payments in procurement.

Mölnlycke aligns supplier expectations with the UN Global Compact Principles, ensuring ethical labor and environmental practices.

A Code of Conduct should establish Key Elements of a Responsible Procurement Policy e.g: (i) Ethical Business Practices – Zero tolerance for corruption, fraud, and bribery, (ii) Labor & Human Rights Protections – Fair wages, safe working conditions, and non-discrimination (iii) Sustainability & Environmental Standards – Ethical sourcing, waste reduction, and carbon management, (iv) Transparency & Risk Management – Supplier audits, compliance monitoring, and clear reporting mechanisms.

Leading pharmaceutical firms implement supplier responsibility programs by: (i) conducting regular supplier audits to ensure compliance with ethical and quality standards, (ii) requiring third-party partners to sign Codes of Conduct aligning with corporate values, (iii) establishing termination policies for suppliers that fail to meet ethical standards.

Section 11: Corporate Social Responsibility (CSR) & Sustainability

CSR and sustainability are integral to a pharmaceutical company’s long-term success, public trust, and regulatory compliance. A Code of Conduct must establish clear commitments to environmental sustainability, ethical business practices, and community engagement, ensuring that the company contributes positively to society while maintaining corporate integrity.

A strong CSR strategy ensures that a company operates beyond profit generation, integrating social, ethical, and environmental considerations into business decisions. Key CSR objectives include: (i) promoting environmental sustainability by reducing carbon footprints and minimizing waste, (ii) ensuring ethical supply chains by holding suppliers accountable for human rights and labor standards, (iii) engaging in community health and education initiatives to support public well-being.

Pharmaceutical companies must align with global sustainability frameworks, including: (i) UN Sustainable Development Goals (SDGs) – Promoting responsible consumption and environmental protection, (ii) EU Green Deal & Climate Directives – Reducing emissions and improving energy efficiency, (iii) Global Reporting Initiative (GRI) Standards – Ensuring transparency in CSR and ESG reporting.

Novartis integrated sustainability into corporate decision-making processes, linking ethical business practices with long-term societal benefits. Sanofi embeded climate action and carbon neutrality goals into its CSR commitments.

A Code of Conduct should clearly define commitments to: (i) Environmental Responsibility – Reducing carbon emissions, sustainable sourcing, and waste management, (ii) Community Engagement – Supporting global health initiatives, education programs, and access to medicines, (iii) Transparency & Accountability – Regular CSR reporting and impact assessments.

Leading pharmaceutical firms drive sustainability and social impact by: (i) setting measurable ESG goals, such as carbon neutrality and sustainable procurement, (ii) establishing partnerships with NGOs and public health organizations to improve healthcare accessibility, (iii) conducting independent audits to ensure compliance with ethical and environmental standards.

Section 12: Whistleblowing & Speak-Up Culture

A strong speak-up culture is essential for maintaining corporate integrity, regulatory compliance, and ethical accountability. A Code of Conduct must establish clear whistleblowing mechanisms that encourage employees and stakeholders to report unethical behavior without fear of retaliation.

Whistleblowing policies ensure that employees can safely report misconduct, strengthening corporate governance and compliance efforts.

Pharmaceutical companies must align with global whistleblower protection laws, including: (i) EU Whistleblower Directive – Ensuring protection against retaliation for employees reporting misconduct, (ii) Sarbanes-Oxley Act (SOX, U.S.) – Requiring financial whistleblower protections.

A Code of Conduct should outline Key Elements of an Effective Whistleblowing Program: (i) Confidential & Anonymous Reporting Channels – Hotlines, web portals, and ombudsman access, (ii) Zero-Tolerance for Retaliation – Protecting employees from dismissal, demotion, or harassment, (iii) Clear Investigation Procedures – Ensuring timely, impartial, and fair handling of reports, (iv) Leadership Accountability – Requiring senior management to foster a culture of ethical reporting.

Leading pharmaceutical firms strengthen whistleblowing frameworks by: (i) providing mandatory ethics training on reporting misconduct, (ii) ensuring Board-level oversight of whistleblower investigations, (iii) publishing annual transparency reports on ethics violations and corrective actions.

Section 13: Monitoring, Auditing & Code Enforcement

For a Code of Conduct to be effective, it must be actively enforced, monitored, and regularly audited. A strong compliance framework ensures that ethical policies are not just written guidelines but actively upheld through accountability measures.

Regular monitoring and auditing are essential to: (i) detect and prevent misconduct before it escalates into a regulatory violation, (ii) evaluate the effectiveness of compliance programs and identify areas for improvement, (iii) ensure employees, suppliers, and business partners adhere to ethical standards.

Pharmaceutical companies must align with international compliance monitoring frameworks, including: (i) U.S. Department of Justice (DOJ) Compliance Program Guidelines – Defining how organizations should structure audits and compliance monitoring, or (ii) ISO 37301 (Compliance Management Systems) – Establishing best practices for compliance audits.

Amgen requires annual employee certification of compliance with the Code of Conduct, while Novartis implemented real-time compliance monitoring systems to track adherence to ethical policies.

Key Elements of Effective Code Enforcement should include: (i) Regular Compliance Audits – Assessing risk areas, employee adherence, and policy effectiveness, (ii) enforcement Mechanisms – Disciplinary actions for non-compliance, ranging from corrective training to termination, (iii) whistleblower Investigations – Ensuring timely and impartial handling of ethics violations, (iv) Leadership Accountability – Holding senior management responsible for Code enforcement.

Leading pharmaceutical firms maintain strong compliance oversight by: (i) conducting third-party audits to ensure objective enforcement of ethical policies, (ii) integrating compliance into performance evaluations for leadership and employees, (iii) establishing clear escalation processes for non-compliance incidents.

This article builds upon my recent SGH lecture on Corporate Governance, Risk, and Compliance Management, incorporating insights from global industry leaders such as Pfizer, Novartis, Amgen, Sanofi, Biogen, and Hikma, and evaluates how a modern Code of Ethics supports Compliance Management Systems (CMS) and promotes a culture of accountability.