Docaro

UK Compliance Topics For Codes Of Conduct

Created:
This dataset highlights key UK compliance topics commonly addressed in workplace conduct policies, helping readers understand what to include and why it matters. For broader guidance, see AI Generated Code of Conduct and Ethics for use in the United Kingdom.
Compliance topic
Relevance summary
Relevance type
Policy coverage notes
Governance priority
Corporate governance, Financial integrity, Supply chain and third parties
Anti-bribery and corruption
UK companies need controls to prevent bribery by employees, agents and associated persons.
General UK business relevance
High-risk activity relevance
Ban bribes, facilitation payments and improper advantages
require approval for gifts, hospitality and intermediaries.
High
Corporate governance, Financial integrity
Gifts and hospitality
Benefits offered or received can create bribery, conflict and procurement integrity risks.
General UK business relevance
Role-dependent relevance
Set value thresholds, approval rules, registers, public-sector cautions and refusal requirements.
High
Conflicts of interest
Employees and directors must avoid personal interests compromising business judgement.
General UK business relevance
Role-dependent relevance
Require disclosure, recusal, registers, approval of outside roles and related-party dealings.
High
Corporate governance
Directors' duties
Directors must act within powers, promote company success and exercise reasonable care.
Role-dependent relevance
Reference statutory duties, board integrity, proper authority, records and stakeholder considerations.
High
Financial integrity, Corporate governance
Fraud prevention
Fraud harms financial integrity and may create criminal, civil and reporting consequences.
General UK business relevance
High-risk activity relevance
Prohibit dishonesty, false claims, expense fraud, asset misuse, deception and concealment.
High
Corporate governance, Financial integrity
Failure to prevent fraud
Large organisations may be liable if associated persons commit fraud for their benefit.
Sector-dependent relevance
High-risk activity relevance
Include fraud risk assessment, associated-person controls, reporting, training and reasonable procedures.
High
Financial integrity, Corporate governance
Financial records and accounting integrity
Companies must maintain accurate records and avoid misleading accounting entries.
General UK business relevance
Require accurate books, honest expenses, supporting evidence, approvals and no off-book accounts.
High
Financial integrity, Corporate governance, Supply chain and third parties
Anti-money laundering
Regulated sectors must prevent laundering and many businesses face proceeds-of-crime risks.
Sector-dependent relevance
High-risk activity relevance
Cover customer due diligence, suspicious activity escalation, beneficial ownership and record keeping.
High
Financial integrity, Supply chain and third parties
Terrorist financing
Businesses must avoid funds, services or assets being used to support terrorism.
Sector-dependent relevance
High-risk activity relevance
Require screening, escalation of red flags, payment controls and no dealings with prohibited parties.
High
Financial integrity, Competition and trading, Supply chain and third parties
Sanctions compliance
UK persons and businesses must comply with financial, trade and immigration sanctions.
General UK business relevance
High-risk activity relevance
Require screening, asset-freeze escalation, licence checks, blocked payments and third-party due diligence.
High
Financial integrity, Corporate governance, Supply chain and third parties
Criminal facilitation of tax evasion
Relevant bodies can be liable if associated persons facilitate tax evasion.
General UK business relevance
High-risk activity relevance
Ban tax evasion facilitation
require risk assessment, due diligence, training and reporting.
High
Employment and workplace, Corporate governance
Whistleblowing and protected disclosures
Workers who report certain wrongdoing may have legal protection from detriment or dismissal.
General UK business relevance
Provide reporting channels, confidentiality, non-retaliation, investigation steps and escalation options.
High
Employment and workplace
Equality and non-discrimination
UK employers must avoid discrimination linked to protected characteristics.
General UK business relevance
Set expectations on fair treatment, recruitment, promotion, reasonable adjustments and inclusive conduct.
High
Harassment and bullying
Employers should prevent unlawful harassment and maintain a respectful working environment.
General UK business relevance
Prohibit harassment, bullying, victimisation and sexual harassment
include reporting and bystander duties.
High
Sexual harassment prevention
UK employers must take reasonable steps to prevent workplace sexual harassment.
General UK business relevance
Define prohibited conduct, third-party risks, reporting, investigations, sanctions and anti-retaliation.
High
Employment and workplace, Supply chain and third parties
Modern slavery and human trafficking
Larger organisations may need transparency statements and supply chains can carry labour exploitation risk.
General UK business relevance
Sector-dependent relevance
High-risk activity relevance
Commit to no forced labour
require supplier due diligence, audits, reporting and remediation.
High
Employment and workplace
Right to work compliance
Employers must check that employees have permission to work in the UK.
General UK business relevance
Role-dependent relevance
Require compliant checks, record retention, no discriminatory checks and escalation of concerns.
Medium
Working time and rest breaks
Working hours, rest breaks and holiday rules affect employee wellbeing and legal compliance.
General UK business relevance
Address hours, rest, holiday, fatigue, opt-outs, records and manager responsibilities.
Medium
Employment and workplace, Financial integrity
National Minimum Wage and pay fairness
Employers must pay at least the applicable minimum wage and manage deductions carefully.
General UK business relevance
Commit to lawful pay, accurate time records, correct deductions and payroll escalation.
High
Health, safety and environment, Employment and workplace
Workplace health and safety
Employers must protect workers and others from workplace health and safety risks.
General UK business relevance
Require risk assessments, safe systems, training, incident reporting and manager accountability.
High
Health, safety and environment
Accident and incident reporting
Certain workplace injuries, diseases and dangerous occurrences must be reported to regulators.
General UK business relevance
Sector-dependent relevance
Require prompt reporting, no concealment, preservation of evidence and manager escalation.
High
Health, safety and environment, Employment and workplace
Drugs and alcohol at work
Substance misuse can create safety, conduct and performance risks, especially in safety-critical roles.
General UK business relevance
Role-dependent relevance
Set impairment rules, support routes, testing conditions, reporting duties and safety-critical controls.
Medium
Health, safety and environment, Corporate governance
Environmental compliance
Businesses may need permits, waste controls and pollution prevention measures.
General UK business relevance
Sector-dependent relevance
Commit to legal compliance, waste management, pollution prevention, permits and incident reporting.
Medium
Competition and trading, Corporate governance, Health, safety and environment
Green claims and sustainability communications
Environmental claims must be truthful, clear, substantiated and not misleading.
Sector-dependent relevance
High-risk activity relevance
Require evidence, legal review, fair comparisons, full lifecycle context and no exaggeration.
Medium
Data and confidentiality, Corporate governance
Data protection and UK GDPR
Organisations handling personal data must comply with UK GDPR and Data Protection Act 2018.
General UK business relevance
Cover lawful use, minimisation, security, rights requests, retention, DPIAs and breach reporting.
High
Data and confidentiality
Personal data breach reporting
Certain personal data breaches must be reported to the ICO within strict timescales.
General UK business relevance
High-risk activity relevance
Require immediate escalation, containment, assessment, notification decisions and evidence records.
High
Data and confidentiality, Corporate governance
Confidential information and trade secrets
Codes should protect business, customer, employee and supplier confidential information.
General UK business relevance
Set need-to-know rules, secure storage, no unauthorised disclosure and post-employment duties.
High
Cyber security and acceptable IT use
Employee conduct affects cyber risk, data security and operational resilience.
General UK business relevance
Cover passwords, phishing, devices, access rights, remote working and incident reporting.
High
Employment and workplace, Data and confidentiality, Corporate governance
Social media and public communications
Online conduct can expose employers to confidentiality, harassment and reputation risks.
General UK business relevance
Set rules on authorised statements, confidentiality, respectful posting and personal account disclaimers.
Medium
Competition and trading, Corporate governance
Competition law and anti-competitive conduct
UK competition law prohibits cartels, bid-rigging, market sharing and abusive conduct.
General UK business relevance
Role-dependent relevance
High-risk activity relevance
Ban price fixing, market sharing, bid rigging and improper competitor information exchange.
High
Competition and trading, Financial integrity, Supply chain and third parties
Procurement integrity and fair tendering
Tendering creates bribery, fraud, conflict, collusion and transparency risks.
Role-dependent relevance
High-risk activity relevance
Require fair tender processes, conflict declarations, no bid-rigging and proper supplier selection.
High
Competition and trading
Consumer protection and fair trading
Businesses dealing with consumers must avoid misleading, aggressive or unfair practices.
Sector-dependent relevance
Require honest marketing, clear pricing, fair terms, complaint handling and no pressure selling.
Medium
Competition and trading, Corporate governance
Advertising and marketing standards
Marketing should be legal, decent, honest, truthful and socially responsible.
Sector-dependent relevance
Role-dependent relevance
Require substantiation, approvals, clear claims, influencer disclosure and no misleading promotions.
Medium
Competition and trading, Health, safety and environment, Supply chain and third parties
Product safety and quality
Businesses placing products on the UK market must manage safety and quality obligations.
Sector-dependent relevance
Cover safety checks, conformity, recalls, customer complaints, traceability and supplier quality controls.
High
Competition and trading, Supply chain and third parties, Financial integrity
Import and export controls
International trade may require licences, classification checks, customs compliance and sanctions screening.
Sector-dependent relevance
High-risk activity relevance
Require classification, licensing, end-use checks, customs accuracy and restricted-party screening.
High
Supply chain and third parties, Corporate governance, Financial integrity
Supplier and third-party due diligence
Third parties can create bribery, sanctions, slavery, fraud, cyber and reputational risks.
General UK business relevance
High-risk activity relevance
Require risk-based checks, approvals, contracts, monitoring, audit rights and termination triggers.
High
Supply chain and third parties, Financial integrity, Corporate governance
Agents, introducers and intermediaries
Intermediaries may expose businesses to bribery, fraud, sanctions and hidden commission risks.
High-risk activity relevance
Role-dependent relevance
Require due diligence, written terms, legitimate services, payment controls and commission approvals.
High
Corporate governance, Financial integrity
Charitable and political donations
Donations can create bribery, influence, transparency and corporate approval risks.
General UK business relevance
High-risk activity relevance
Require approvals, legality checks, no improper influence, records and political donation controls.
Medium
Financial integrity, Corporate governance, Data and confidentiality
Insider dealing and market abuse
Listed, financial and capital markets businesses must prevent misuse of inside information.
Sector-dependent relevance
Role-dependent relevance
High-risk activity relevance
Cover inside information, dealing restrictions, insider lists, disclosure controls and confidentiality.
High
Financial integrity, Corporate governance, Employment and workplace
Financial services conduct rules
FCA-regulated firms must ensure relevant staff observe individual conduct standards.
Sector-dependent relevance
Role-dependent relevance
Reference integrity, due skill and care, openness with regulators and treating customers fairly.
High
Corporate governance, Financial integrity
Cooperation with regulators and authorities
Businesses may need to provide accurate information and cooperate with regulators and enforcement bodies.
General UK business relevance
Sector-dependent relevance
Require truthful responses, document preservation, legal review and no obstruction or retaliation.
Medium
Data and confidentiality, Corporate governance, Financial integrity
Records management and document retention
Records support legal compliance, audits, disputes, data protection and financial reporting.
General UK business relevance
Set retention periods, legal holds, secure deletion, ownership and record accuracy standards.
Medium
Data and confidentiality, Corporate governance, Competition and trading
Intellectual property protection and use
Businesses must protect their IP and avoid unauthorised use of others' IP.
General UK business relevance
Role-dependent relevance
Address ownership, licensing, copyright use, brand protection, inventions and open-source software.
Medium
Corporate governance, Financial integrity, Data and confidentiality
Use of company assets
Company property, systems, funds and information should be used for authorised business purposes.
General UK business relevance
Prohibit misuse, theft, unauthorised access, excessive personal use and unauthorised disposal.
Medium
Financial integrity, Corporate governance
Expenses and reimbursement integrity
Expense claims can create fraud, tax, bribery and accounting risks.
General UK business relevance
Role-dependent relevance
Require genuine business purpose, receipts, approvals, accurate claims and no duplicate reimbursement.
Medium
Employment and workplace, Data and confidentiality, Health, safety and environment
Remote and hybrid working conduct
Remote work affects confidentiality, cyber security, health and safety and working time controls.
General UK business relevance
Cover secure working, home safety, availability, equipment, data handling and incident reporting.
Medium
Employment and workplace, Corporate governance
Non-retaliation for raising concerns
Retaliation undermines speak-up culture and may breach whistleblowing and employment protections.
General UK business relevance
Prohibit victimisation, protect reporters and witnesses, and require escalation of retaliation concerns.
High
Disciplinary consequences for misconduct
Ethics policies should explain that breaches may lead to fair disciplinary action.
General UK business relevance
State examples of misconduct, investigation rights, fairness, proportionality and possible sanctions.
Medium
Grievance and complaints handling
Clear complaint handling supports fair treatment and early resolution of workplace issues.
General UK business relevance
Set reporting routes, investigation standards, confidentiality, appeals and protection from victimisation.
Medium
Data and confidentiality, Corporate governance, Employment and workplace
Responsible AI and automated tools
AI use can affect data protection, confidentiality, discrimination, transparency and intellectual property risks.
General UK business relevance
Role-dependent relevance
High-risk activity relevance
Require approved tools, human oversight, no confidential prompts, bias checks and output verification.
Medium
Employment and workplace, Corporate governance
Diversity, equity and inclusion
DEI commitments support equality compliance, culture, recruitment and fair workplace decisions.
General UK business relevance
Promote inclusion, fair opportunities, respectful language, accessibility and evidence-based initiatives.
Medium
Employment and workplace, Health, safety and environment, Supply chain and third parties
Safeguarding children and vulnerable adults
Organisations working with children or vulnerable adults need clear safeguarding standards.
Sector-dependent relevance
Role-dependent relevance
High-risk activity relevance
Cover DBS checks, boundaries, reporting concerns, referrals, training and safer recruitment.
High
Competition and trading, Corporate governance
Fair treatment of vulnerable customers
Customer-facing sectors should ensure vulnerable customers are treated fairly and appropriately.
Sector-dependent relevance
Role-dependent relevance
Require recognition of vulnerability, appropriate support, fair communications and escalation routes.
Medium
Corporate governance, Financial integrity, Competition and trading
Dealing with public officials and lobbying
Interactions with public officials create heightened bribery, transparency and reputational risks.
High-risk activity relevance
Role-dependent relevance
Require approvals, accurate records, no improper influence, lobbying compliance and hospitality controls.
High
Employment and workplace, Financial integrity, Health, safety and environment
Business travel conduct
Travel can create safety, bribery, sanctions, expenses, security and reputational risks.
Role-dependent relevance
High-risk activity relevance
Cover travel approvals, local law, safety advice, expenses, gifts and incident escalation.
Medium
Corporate governance, Employment and workplace, Supply chain and third parties
Human rights in business operations
Businesses may need to manage human rights impacts across operations and supply chains.
General UK business relevance
Sector-dependent relevance
High-risk activity relevance
Commit to respect rights, conduct due diligence, provide grievance routes and remediate impacts.
Medium
Supply chain and third parties, Employment and workplace
Supply chain labour standards
Supplier labour practices can create modern slavery, wage, safety and reputational risks.
Sector-dependent relevance
High-risk activity relevance
Set supplier standards for lawful pay, safe work, no forced labour and audit cooperation.
High
Financial integrity, Corporate governance
Tax compliance and transparency
Businesses should comply with tax laws and avoid dishonest or abusive tax conduct.
General UK business relevance
Require accurate tax records, truthful filings, no evasion, escalation and professional advice.
High
Proceeds of crime and suspicious activity
Businesses should avoid handling criminal property and escalate suspicious transactions.
Sector-dependent relevance
High-risk activity relevance
Cover red flags, escalation, no tipping off where applicable, payment scrutiny and record keeping.
High
Corporate governance, Employment and workplace
Ethics reporting channels
Codes need practical routes for reporting misconduct, legal breaches and ethical concerns.
General UK business relevance
List reporting routes, anonymous options if available, investigation ownership and escalation triggers.
High
Compliance training and certification
Training helps demonstrate reasonable procedures and embeds expected standards of conduct.
General UK business relevance
Role-dependent relevance
Require induction, periodic refreshers, role-based modules, attestations and completion records.
Medium
Employment and workplace, Data and confidentiality
Employee monitoring and privacy
Workplace monitoring must respect data protection, transparency and proportionality requirements.
General UK business relevance
High-risk activity relevance
Explain monitoring purposes, lawful basis, notice, limits, access controls and DPIA triggers.
Medium
Corporate governance, Employment and workplace, Financial integrity
Internal investigations
Investigations help respond fairly to misconduct, fraud, harassment and compliance reports.
General UK business relevance
High-risk activity relevance
Cover independence, confidentiality, evidence preservation, fair process, outcomes and escalation.
High
Corporate governance, Financial integrity
Related-party transactions
Transactions involving directors or connected persons can create conflict and approval risks.
Role-dependent relevance
High-risk activity relevance
Require disclosure, independent review, board approval, fair terms and documented rationale.
High
Data and confidentiality, Competition and trading
Customer confidentiality
Customer data and commercial information must be protected from misuse or unauthorised disclosure.
General UK business relevance
Sector-dependent relevance
Limit access, prohibit gossip or disclosure, secure communications and report suspected leaks.
High
Employment and workplace
Fair recruitment and hiring
Recruitment decisions must avoid discrimination and follow fair, transparent processes.
General UK business relevance
Role-dependent relevance
Set merit-based selection, interview standards, reasonable adjustments and lawful background checks.
Medium
Employment and workplace, Health, safety and environment
Mental health and wellbeing
Work-related stress and mental health risks are part of workplace health and safety management.
General UK business relevance
Promote respectful workloads, support routes, stress risk assessment and manager escalation.
Medium
Health, safety and environment
Fire safety responsibilities
Workplaces must assess and manage fire risks to protect workers and visitors.
General UK business relevance
Require evacuation compliance, no blocked exits, reporting hazards, drills and equipment care.
High
Health, safety and environment, Employment and workplace
Lone working and personal safety
Lone workers may face heightened safety risks requiring assessment and controls.
Sector-dependent relevance
Role-dependent relevance
Set check-ins, escalation, risk assessment, training, emergency contacts and incident reporting.
Medium
Driving for work and fleet conduct
Work-related driving creates safety, insurance, fatigue and legal compliance risks.
Role-dependent relevance
High-risk activity relevance
Require safe driving, licence checks, vehicle condition, no mobile misuse and incident reporting.
Medium

What UK Compliance Topics Should A Code Of Conduct And Ethics Cover?

A UK code of conduct should usually cover workplace behaviour, anti-bribery, conflicts of interest, data protection, financial integrity, competition law, health and safety, environmental duties and third-party conduct. These areas map to recurring UK legal risks including the Bribery Act 2010, Equality Act 2010, UK GDPR, Companies Act 2006, Competition Act 1998, Health and Safety at Work etc. Act 1974 and Modern Slavery Act 2015.

Which Topics Need The Most Governance Attention?

High-priority topics are those carrying criminal, regulatory, director or reputational risk, including bribery, fraud, sanctions, tax evasion facilitation, modern slavery, workplace harassment, whistleblowing, health and safety, data protection and competition law. These topics normally require clear escalation routes, board or senior management oversight, training and records.

How Should UK Employers Use This Dataset?

Employers can use these topics as a checklist when drafting or reviewing a Code of Conduct and Ethics. Not every topic needs equal detail: some are generally relevant to most UK businesses, while others are sector-dependent, role-dependent or linked to high-risk activities such as public procurement, international trade, handling personal data, managing suppliers or financial reporting.

Why Should Third Parties Be Included In A UK Ethics Code?

UK compliance risks often arise through agents, suppliers, contractors and intermediaries. Policies should therefore address due diligence, contractual standards, reporting channels, gifts and hospitality, modern slavery, sanctions and anti-bribery controls for third parties, not just employees.

UK compliance topics for codes of conduct
Want to Generate Your own Code of Conduct and Ethics?
Docaro AI can help you write your own Code of Conduct and Ethics for use in the United Kingdom in minutes.
Generate Your Document Now

FAQs

It is a guide to key UK legal, regulatory and workplace issues that organisations may need to cover when drafting a Code of Conduct and Ethics.
Show All FAQs

You Might Also Be Interested In

Code of conduct and ethics clause catalogue
Explore United Kingdom code of conduct and ethics clauses for clearer workplace policies and compliance-focused drafting.
Corporate values and conduct expectations
Corporate values and conduct expectations in the United Kingdom for ethical, accountable workplace behaviour.
Code of conduct responsibilities by role
Explore United Kingdom code of conduct responsibilities by role to clarify expectations, accountability, and ethical standards.
Code of conduct implementation checklist
Implement a code of conduct in the United Kingdom with this practical checklist for ethics, compliance, and workplace standards.
Reporting and enforcement provisions
Understand United Kingdom reporting and enforcement provisions, including compliance duties, oversight, and practical governance expectations.
United Kingdom Code of Conduct and Ethics Content Checklist Flowchart
United Kingdom code of conduct checklist flowchart for ethics, compliance, workplace standards, and policy planning.
United Kingdom Code of Conduct and Ethics Policy Structure Flowchart
United Kingdom code of conduct and ethics policy flowchart showing key sections, structure, and practical guidance.
Policy customisation factors
Explore policy customisation factors in the United Kingdom to create clearer, more relevant workplace governance documents.
Training and communication topics
Explore training and communication topics for ethics and conduct programmes in the United Kingdom.
Ethical decision-making prompts
Ethical decision-making prompts for the United Kingdom to support responsible choices, policy alignment, and ethical workplace conduct.
Code of conduct review and audit indicators
Review United Kingdom code of conduct audit indicators to assess compliance, ethics risks, and governance effectiveness.
United Kingdom Code of Conduct and Ethics Implementation Flowchart
United Kingdom code of conduct and ethics flowchart for implementing workplace policy steps clearly and consistently.

References and Information Sources