Client Service Policies

In recent years, we have strengthened our governance and compliance processes as part of our ambition to lead our industry.

Among other enhancements, we implemented a new Client Service Policy and increased the influence and authority of the global committee that reviews high-risk engagements. Since 2018, we have spent nearly $700 million on strengthening our risk-management teams and capabilities, and we have implemented new trainings and accountability mechanisms to ensure that our colleagues understand and adhere to our policies. Each of these enhancements applies globally.

Collectively, these and other improvements represent significant steps in the continued evolution of how our firm operates. They do not change the values we have always lived by; they do strengthen them and give our colleagues clearer guidelines to put those values into practice.

We have long had policies governing what work we will and will not do. In 2019, we strengthened these policies further by launching a more rigorous framework and set of criteria to evaluate our client service.

Our Client Service Policy requires partners to systematically assess client projects across five interrelated dimensions: Country, Institution, Topic, Individual, and Operational considerations. Referred to as “CITIO,” this framework is embedded in the way we assess risk for all our client work. Among other criteria, the policy requires us to consider the unintended consequences of any proposed work, including potential negative impact on vulnerable populations. If a client or proposed project falls short of our standards, we will not do the work. This policy applies globally, across all sectors, whether work is paid or unpaid.

The Client Service Policy includes additional clear rules for work we will not perform. For example, we do not serve tobacco companies, opioid manufacturers, dual-use technology companies in certain countries, and pharmaceutical companies on projects that deviate from industry pricing norms or seek to circumvent regulatory structures or legal conventions. In the government sector, we do not serve defense, intelligence, justice, or police institutions in non-democratic countries (for which we base our assessment on The Economist Intelligence Unit's Democracy Index), with limited exceptions for international aid and humanitarian work approved by our firm’s risk leadership. We also do not serve political parties, political advocacy groups, legislatures, or individual legislators’ offices; nor do we take part in political advocacy or lobbying on behalf of our clients.

We also follow additional policies and guidelines for specific areas of our client work; for example, an enhanced set of rules govern our work for public sector clients.

Dedicated oversight and decision-making support

To oversee our Client Service Policy and ensure our firm continues to adapt in an increasingly complex world, we continually improve our risk and governance processes and capabilities, including our firm risk, legal, and compliance functions. Client service matters that require consideration beyond our standard processes are escalated to a global decision-making body, the Client Service Risk Committee (CSRC).

The CSRC is a global committee of respected senior firm leaders, supported by firm risk, legal, and communications professionals, which provides advice and decisions on the most complex risks we face in our client service. Each year, the CSRC and our risk teams review thousands of cases of potential client engagements to ensure they adhere to relevant policies and that appropriate guardrails are put in place to address risks. For engagements that fail to meet our standards, the CSRC declines the work.

Our policies forbid an employee who has acquired confidential information about a client from serving a competitor in a competitively sensitive engagement. That restriction lasts as long as the information has significant competitive value.

We follow additional conflict-management protocols in our work with the public sector. In addition to managing any potential staffing conflicts, we are subject to our government clients’ conflict of interest requirements and review potential conflicts—both actual and potential—accordingly.

Protecting and preventing the misuse of client information

We rigorously protect the information with which we have been entrusted. At all tenure levels, colleagues are trained on and required to follow confidentiality obligations. We also follow relevant data protection and handling restrictions.

Colleagues must adhere to a Personal Investments Policy under which, among other requirements, colleagues and members of their households are prohibited from purchasing or selling single name publicly listed traded securities, unless there is a documented exception from Compliance.

For more on these professional standards, including our approach to protecting client confidential information, please visit our Code of Professional Conduct.