Volunteer and Non-Employee Handbook

Download PDF version

Volunteer and Non-Employee Code of Conduct


The commitment to excellence is fundamental to the philosophy of CFA Institute. This commitment means that all personnel share a common set of objectives and benefit from the achievement of those objectives. One essential objective is our conviction to uphold ethical standards in all our corporate activities. The purpose of this Code of Conduct is to strengthen the CFA Institute ethical climate and to provide basic guidelines for situations in which ethical issues arise.

It is the policy of CFA Institute to comply with all applicable laws, including, without limitation, employment, discrimination, health, safety, antitrust, securities, and environmental laws. No executive or people leader of CFA Institute has authority to violate any law or to direct any other person to violate any law on behalf of CFA Institute.

All individuals performing services for CFA Institute, including Non-Employee Personnel, are and will be held responsible for the observance of this Code of Conduct. If any person has questions about any section of this Code of Conduct, they should direct all questions to their CFA Institute liaison, the CFA Institute Chief Compliance Officer, or Legal.


A. Volunteer and Non-Employee Handbook

All Non-Employee Personnel of CFA Institute must be familiar with and abide by the CFA Institute Volunteer and Non-Employee Handbook. The Handbook sets forth CFA Institute policies for non-employees. For guidance on any issues not addressed in this Code, Non-Employee Personnel should refer to the Handbook. Non-Employee Personnel should contact their CFA Institute liaison or the Chief Compliance Officer if they have any questions concerning a specific Handbook policy.

B. Conflicts of Interest

Pursuant to the Conflict of Interest policy, Non-Employee Personnel have an obligation to avoid actual or potential conflicts of interest with their provision of services to CFA Institute. A conflict of interest may exist when you or a member of your family are involved in activities that may impact your ability to conduct CFA Institute business fairly and impartially. A conflict may be actual or perceived and could result in personal or professional gain for that Non-Employee Personnel or persons close to them. For the purposes of this policy, family members include a Non-Employee Personnel’s spouse, children, parents, siblings, grandparents or grandchildren; the parents, children, or siblings of the Non-Employee Personnel’s spouse; or any other person whose association with the Non-Employee Personnel is similar to any of these relationships. A Non-Employee Personnel’s participation in any CFA Institute exam program, or participation of any family members/ household members, can create a potential or perceived conflict of interest or advantage. Non-Employee Personnel must request and receive approval from Exam Security prior to enrolling in any CFA Institute exam program. Further, Non-Employee Personnel must disclose to Exam Security any immediate family/household member participating in the CFA or CIPM programs. Business dealings with outside firms should not result in unusual gains for CFA Institute or the outside f irm. Unusual gains refer to bribes, product bonuses, special fringe benefits, unusual price breaks, or other windfalls designed to ultimately benefit the employer, the Non-Employee Personnel, or both. Anything that could be interpreted as involving an unusual gain requires disclosure and approval by the Chief Compliance Officer. Non-Employee Personnel with any influence over CFA Institute business with outside firms must disclose to their CFA Institute liaison and the Chief Compliance Officer any relationships with the firm and any personal gain to the Non-Employee Personnel or persons close to them. Disclosures should be made as soon as possible so that safeguards can be established to protect all parties. Personal gain may result not only in cases where a Non-Employee Personnel or a Non-Employee Personnel’s family member has a significant ownership in a firm with which CFA Institute does business, but also when a Non-Employee Personnel or a Non-Employee Personnel’s family member receives any kickback, bribe, substantial gift (e.g., all-expense paid vacation, weekend getaway, etc.) or special consideration as a result of any transaction or business dealings involving CFA Institute.

C. Gifts

In the course of business, the exchange of gifts and entertainment can build goodwill and strengthen business relationships. Providing or accepting occasional meals, small company mementos, or attending events may be appropriate in certain circumstances. However, some gifts and entertainment can create the appearance of, or actual, conflict of interest or improper influence. Some could even be viewed as bribes that tarnish the reputation of CFA Institute for fair dealing or break the law or be in violation of CFA Institute or the other party’s internal policies. Others could create tax consequences or could be considered offensive culturally.

CFA Institute recognizes that it is occasionally customary to give gifts and entertainment to and receive gifts and entertainment from some of its suppliers, customers, and other business associates. It is important, however, that these gifts do not affect an employee’s or third-party representative’s business judgment or give the appearance that judgment may be affected. Accordingly, CFA Institute employees and Non-Employee Personnel must be very careful when it comes to giving and accepting gifts. Specific guidance on acceptable gifts and entertainment can be found in the Gift & Entertainment Policy (see business liaison for policy) and all employees and others doing business on behalf of CFA Institute should familiarize themselves with this policy in order to know the parameters the organization has put in place around gifts & entertainment and the expected behavior.

If uncertain whether a gift or entertainment is appropriate or allowed by this policy, please contact Compliance so that a review of the situation can be performed to ensure compliance with this policy, as well as local laws. Any requests for exceptions to this policy should be reviewed by the Chief Compliance Officer (in consultation with the Director, Tax).

D. Use of CFA Institute Property and Information

All employees and Non-Employee Personnel are responsible for the proper use of CFA Institute physical resources, real property, and intangible property such as trademarks, copyrights, trade secrets, and proprietary or confidential information. Further guidance on the use of CFA Institute resources, property, and confidential information can be found elsewhere in the Code of Conduct. Notice is hereby provided that pursuant to 18 USC §1833(b), an employee, consultant or contractor of an employer may not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of an employer’s trade secrets, so long as such disclosure is made solely: (a) in confidence to a federal, state, or local governmental official, either directly or indirectly, or to an attorney, and solely for the purpose of reporting or investigating a suspected violation of law; and/or (b) in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal. Additionally, pursuant to 18 USC § 1831 et seq., an individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose a trade secret to the attorney of the individual and use the trade secret information in the court proceeding, if the individual files any document containing the trade secret under seal and does not disclose the trade secret, except pursuant to court order. The foregoing immunities provided under 18 USC § 1831 et seq. do not apply to any disclosure of confidential information or trade secrets of any employer’s clients, customers or counterparties, or of any other third parties. For purposes of this policy, “trade secret” has the meaning set forth in 18 USC § 1839.

E. Trademarks, Service Marks and Copyrights

Trademarks and service marks — words, slogans, symbols, logos, or other brands used to identify a particular source of goods or services — are important business tools and valuable assets. No Non-Employee Personnel may negotiate or enter into any agreement regarding CFA Institute trademarks, service marks, or logos without first consulting the regionally assigned Brand Champion, with escalated cases to Legal. CFA Institute also respects the trademark rights of others and any proposed name of a new product or service, or proposed design or logo, must be submitted to Legal for clearance prior to its adoption and use.

Non-Employee Personnel must avoid the unauthorized use of copyrighted materials of others. Reproducing, distributing, or altering copyrighted materials without permission from the copyright owner is illegal and may result in litigation, fines, and penalties. Most materials found on the internet are copyrighted and Non-Employee Personnel should confer with Legal if they have any questions regarding the use of copyrighted materials.

F. Political Involvement

Non-Employee Personnel are free to exercise the right to make political contributions within legal limits, unless such a contribution is otherwise prohibited by other policies of CFA Institute. CFA Institute will not reimburse any Non-Employee Personnel for political contributions, and Non-Employee Personnel should not attempt to receive or facilitate such reimbursements. Generally, no contribution may be made with the expectation of favorable government treatment in return. Any political activity or contribution by a Non-Employee Personnel which might appear to be an endorsement or contribution by CFA Institute must be approved in advance by the Chief Compliance Officer. Non-Employee Personnel must not use CFA Institute resources to seek any public office and must not solicit contributions on CFA Institute property.

Contacting government agencies or legislative bodies and certain advertising and public relations activities may be considered lobbying and may have reporting or financial consequences to CFA Institute. The rules governing such activities are quite complex; please consult with Legal for guidance.

G. Securities Laws

Non-Employee Personnel must not trade in any securities based on inside information. Insider trading is the purchase or sale (or providing information to someone else for their purchase or sale) of a publicly traded security while in possession of important, non-public information about the issuer of the security and is prohibited by the securities laws. When in doubt, information obtained as a Non-Employee Personnel of CFA Institute should be presumed to be important, not public, and should not be acted on. 

H. Antitrust/Fair Competition Laws

As a general rule, antitrust laws prohibit competitors, customers, and suppliers from restricting trade or seeking to create or maintain a monopoly on a certain market. Examples include agreements to set prices, divide territory or markets, or boycott certain customers. Employees and other representatives of CFA Institute must not engage in any behavior that violates antitrust laws and must be alert to avoid even the appearance of such conduct. In the United States and some other countries, violations of antitrust laws can lead to substantial fines and criminal convictions of both corporations and individuals. Any questions concerning a specific situation should be directed to Legal before taking action.

I. Global Policy Against Harassment, Discrimination, Bullying, Workplace Violence, and Retaliation

1. Overview
CFA Institute is committed to providing a work environment free from harassment, discrimination, bullying, workplace violence, or retaliation on the basis of race, color, national origin, citizenship or immigration status, religion, creed or belief, age, marital or partnership status, family status, care giver status, pregnancy and maternity, sexual and other reproductive health decisions, physical abilities/qualities, disability, sexual orientation, gender, gender identity or expression, predisposing genetic characteristic, military or veteran status, status as a victim or witness of domestic violence or sex offense or stalking, unemployment status, infectious disease carrier status, migrant worker status, educational background, socio-economic status, geographic location and culture or any other basis protected by applicable law.

This policy covers harassment, discrimination, bullying, workplace violence, and retaliation which occurs both in and out of the workplace, such as on business trips, or at work-related events or social functions. It covers harassment, discrimination, bullying, workplace violence and retaliation by or against Non-Employee Personnel. It also covers harassment, discrimination, bullying, work-place violence, and retaliation by third parties such as customers or visitors to our premises or events.

All Non-Employee Personnel are required to take the time to ensure they understand their obligations under this policy. We take all allegations of harassment, discrimination, bullying, workplace violence, and retaliation seriously and address them promptly. Any investigation will be conducted with the greatest degree of confidentiality consistent with completing a fair and thorough investigation. The core principle is that Non-Employee Personnel must treat others with dignity and respect and should, themselves, be treated with dignity and respect.

Non-Employee Personnel should always consider whether their words or conduct could be offensive or threatening. Whether conduct violates this policy does not turn on the intent of the person who engages in the conduct. What matters is how the conduct is received and whether a reasonable person would find the conduct offensive, threatening, or compromising of their dignity.

2. Anti-Harassment and Sexual Harassment
Harassment is a form of unlawful discrimination. Harassment is defined as conduct that denigrates or shows hostility toward an individual because they are a member of a protected group and that interferes with an individual’s work performance by creating a hostile, intimidating, or offensive work environment, even if the complaining individual is not the intended target of the harassment.

Sexual harassment is also a form of discrimination and is unlawful under federal and (where applicable) state and local law. Sexual harassment includes harassment on the basis of sex, sexual orientation, gender identity, and the status of being transgender.

In addition to the definition of harassment provided above, sexual harassment also includes unwelcome conduct which is either sexual in nature, or which is directed at an individual because of that individual’s sex when:

  • The conduct unreasonably interferes with work performance or creates a hostile or offensive environment (alters the condition of the working environment); or
  • Submission to or rejection of such conduct is used as the basis for employment decisions affecting an individual’s employment.

Examples of sexual harassment include:

  • Unwanted and inappropriate physical contact or horseplay, including touching, pinching, pushing, grabbing, unnecessary brushing against someone, invading personal space, and physical or sexual assault;
  • Unwelcome sexual advances or suggestive behavior, and suggestions that sexual favors may further a career or that a refusal may hinder it;
  • Stalking or persecuting a person with unwanted attentions, gifts, or messages;
  • Continued suggestions for dating, romance, or social activity after it has been made clear that the suggestions are unwelcome;
  • Sending or displaying material that is pornographic or that reasonable people find offensive (including emails, text messages, video clips, and images sent by mobile phone or posted on the internet); or
  • Offensive or intimidating comments or gestures, or insensitive jokes or pranks that undermine the dignity of the person.

3. Bullying

While legitimate, reasonable, and constructive criticism of a Non-Employee Personnel’s performance or behavior is an acceptable and expected part of the work environment, workplace bullying is unacceptable and will not be tolerated. This policy applies to all Non-Employee Personnel. CFA Institute defines bullying as persistent, malicious, offensive treatment that threatens, humiliates, or intimidates a Non-Employee Personnel. Bullying can take the form of physical, verbal, and non-verbal conduct.

By way of example, workplace bullying includes:

  • Shouting or raising one’s voice in a hostile manner;
  • Routinely demeaning, humiliating, or ridiculing others;
  • Making physical or psychological threats;
  • Using personal insults or excessive profanity;
  • Inappropriate, exaggerated, or untrue derogatory remarks about someone’s performance, particularly in front of others;
  • Sabotage of work; or
  • Stealing credit for another’s work.

4. Workplace Violence

CFA Institute prohibits any manner of workplace violence. For the purposes of this policy, workplace violence is defined as an array of behaviors, including but not limited to overt acts of violence, harassment, intimidation, or other direct or veiled threats against CFA Institute employees, volunteers, vendors, customers, guests, contingent workers or other personnel. Such behavior will not be tolerated on CFA Institute property or while conducting CFA Institute business at any location or at any CFA Institute event. Non-Employee Personnel should never take any action that might jeopardize their own safety. Non-Employee Personnel shall immediately report any acts or direct or veiled threats of violence, bullying, intimidation, or harassment by another employee, vendor, customer, volunteer, contingent worker or guest. In addition, any suspicious or potentially dangerous individuals or activities in the workplace should be reported immediately.

5. Non-Work Disputes

CFA Institute encourages Non-Employee Personnel to manage any non-work-related disputes in a respectful manner, out-side of work, and off company premises. However, the company recognizes that non-workrelated events can have an impact on the workplace. Therefore, Non-Employee Personnel are encouraged to notify their CFA Institute business liaison when such events have the potential to create a disruption in the workplace.

In addition, a Non-Employee Personnel shall promptly report to their business liaison or Security if they are the protected party in any temporary or permanent restraining order or protective order, including those issued pursuant to the consent of the parties, or similar orders no matter how titled. Non-Employee Personnel are also encouraged to report safety concerns that may relate to intimate partner violence. CFA Institute is committed to sup-porting victims of intimate partner violence by pro-viding referrals to the company’s employee assistance programs and/or community resources.

6. Protection Against Retaliation

CFA Institute also prohibits retaliation or victimization of persons who seek to enforce their legal rights or the provisions of this policy. CFA Institute will not take any action against you if you report violations in good faith, assist or testify in a proceeding involving discrimination or harassment, or encourage a fellow Non-Employee Personnel to report harassment. If a violation is found, CFA Institute will take appropriate remedial action, which may include discipline consistent with the applicable working regulations or organizational policies and procedures. Disciplinary actions are proportional, so they may vary from a verbal warning to dismissal or referral for criminal prosecution, depending on the country and laws involved. Disciplinary actions are customarily private. If you think that you or someone else has been retaliated against or victimized for raising an issue under this policy, please contact your local people leader or Non-Employee Personnel. Nothing in this policy prohibits you from reporting a potential violation or retaliation/victimization to a local governmental agency.

7. Procedure for Reporting Incidents of Inappropriate Behavior

CFA Institute is committed to taking all reasonable steps to prevent harassment, discrimination, bullying, workplace violence, and retaliatory behavior. CFA Institute cannot take prompt and effective remedial action unless each Non-Employee Personnel assumes the responsibility of promptly reporting any incident of discriminatory, harassing, bullying, violent, or retaliatory conduct. Anyone who feels that they have experienced or witnessed conduct that could be in violation of this policy must immediately report the incident to their CFA Institute business liaison, or Compliance.

Reports of discriminatory, harassing, bullying, workplace violence, or retaliatory behavior may be made verbally or in writing. Alternatively, Non-Employee Personnel may report the incident using the anonymous Ethics Helpline (see Policy on Raising Concerns). All instances of alleged discrimination, harassment, bullying or inappropriate behavior must be reported, including those occurring at work-related events outside of the office. Any people leader who receives a concern, or otherwise becomes aware of conduct that could be in violation of this policy, is required to notify your business liaison or Legal.

8. Supervisory Responsibilities

All people leaders have a specific responsibility to operate within the boundaries of this policy, take effective steps so that all Non-Employee Personnel understand the standards of behavior expected of them, and to take action upon receipt of a concern under this policy or when observed behavior falls below its requirements.

9. Investigation of Concerns

CFA Institute will investigate all oral or written concerns of inappropriate behavior thoroughly and promptly, as appropriate to the nature and particulars of the concern. CFA Institute will strive to keep all concerns confidential consistent with its legal obligations to follow up on concerns, including investigation, remedial action, and if required, reporting to appropriate enforcement agencies. Upon receipt of a concerns, your business liaison or its designate, will conduct an immediate review of the allegations and may, if needed, take immediate remedial action. At the conclusion of the investigation, CFA Institute will notify the complaining party about the outcome of its investigation. When possible, an investigation will be completed within 30 days. 

10. Legal Protections and External Remedies

Harassment is not only prohibited by CFA Institute but is also prohibited by law in all jurisdictions where CFA Institute has offices. 1,2 

J. Anti-Bribery

When conducting business in other countries, it is imperative that Non-Employee Personnel be sensitive to foreign legal requirements and laws that apply to foreign operations, including the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act, and U.S. sanctions against foreign countries. These laws impose requirements and limitations on the interactions of CFA Institute Non-Employee Personnel with foreign persons and foreign government officials and with individuals and governments in certain countries against which the U.S. has imposed economic sanctions.

  1. In India, the Policy on Prevention and Redressal of Workplace Sexual Harassment (POSH Policy) has been framed in consonance with applicable law and has been introduced to prohibit, prevent and redress grievances of workplace sexual harassment in a time bound and sensitive manner.
  2. In New York, Article 15, Section 290 of the state Human Rights Law prohibits sexual harassment. A complaint alleging violation of the Human Rights Law may be filed either with the New York State Division of Human Rights (DHR) or in New York State Supreme Court. Employees and Non-Employee Personnel who work in New York City may also file complaints of sexual harassment with the New York City Commission on Human Rights. The United States Equal Opportunity Commission (EEOC) enforces federal anti-discrimination laws. If Non-Employee Personnel based in the United States believes that they have been discriminated against at work, they can file a “Charge of Discrimination” with the EEOC. Non-Employee Personnel in other offices should contact your business liaison with questions about what external remedies may be available to them.

A key point for Non-Employee Personnel to understand is that CFA Institute and its employees and agents do not pay bribes or kickbacks in conducting business anywhere in the world. In this context, a bribe or kickback is the giving or accepting of money, fees, commissions, credits, gifts, favors, or anything of value that is either directly or indirectly provided in return for any kind of favorable treatment. You must never offer, give, ask for, or receive any form of bribe or kickback. Non-Employee Personnel who interact directly or indirectly with foreign government officials must be particularly vigilant in this regard. In some countries, it is customary and legal for governments to accept “facilitation” payments to expedite normal government actions. Because such payments may be prohibited in other countries, CFA Institute does not permit its employees to make facilitation payments in any location. Non-Employee Personnel should contact the CFA Institute Chief Compliance Officer or Chief Legal Officer if they have any questions concerning a specific situation.

Many countries, including the United States, have laws and regulations that prohibit dealings with sanctioned or embargoed countries, governments, entities, and individuals. As noted above, CFA Institute is committed to complying with all applicable laws and government rules and regulations, including without limitation the United States sanctions and embargos administered and enforced by the Office of Foreign Assets Control (OFAC) of the United States Department of the Treasury. Broadly speaking, OFAC regulations prohibit CFA Institute and its employees and representatives from engaging in business activities with individuals, entities, and governments in U.S. embargoed countries. Non-Employee Personnel should contact the CFA Institute Chief Compliance Officer or Chief Legal Officer if they have any questions concerning the extent to which CFA Institute is permitted to do business with any given individual, entity, or foreign government or in any foreign country.

K. Accounting and Financial Records

CFA Institute must abide by generally accepted accounting principles (GAAP) and control procedures to ensure the complete and accurate reporting of all f inancial transactions. All Non-Employee Personnel are expected to adhere to these procedures. No Non-Employee Personnel may interfere with or seek to improperly influence, directly or indirectly, the auditing of CFA Institute financial records. Violation of these provisions shall result in termination of services for CFA Institute, and may also subject the violator to substantial civil and criminal liability.

Any accounting adjustments or financial transactions that materially depart from GAAP must be approved by the Audit Committee and reported to CFA Institute independent auditors. Any Non-Employee Personnel who is aware of any arrangement, relationship, or f inancial transaction not reported in the financial statements that they believe will have a material effect on the organization’s financial condition, reported financial results, or its resources, is obligated to report the issue to the Chief Financial Officer or the Chief Compliance Officer.

L. Former Government Employees

Many laws restrict hiring as an employee, or retaining as a consultant, a government employee other than secretarial, clerical, or similar employees. These restrictions also cover informal arrangements for prospective employment under certain circumstances. Therefore, written clearance must be obtained from the Chief Compliance Officer before discussing proposed employment or contingent work agreement with any current government employee and before hiring or retaining any former government employee who left the government within the past two years.


All Non-Employee Personnel have a responsibility to understand and follow this Code of Conduct. Every Non-Employee Personnel must annually certify that they have read this Code of Conduct and to the best of their knowledge are in compliance with all its provisions. In addition, all Non-Employee Personnel are expected to perform their work with honesty and integrity in any areas not specifically addressed by the Code of Conduct. A violation of this Code of Conduct may result in termination of services with CFA Institute.

The Board of Governors of CFA Institute has the exclusive responsibility for the final interpretation of the Code of Conduct. The Code of Conduct may be revised, changed, or amended at any time by the Board of Governors of CFA Institute.


General Policy
A. Overview

CFA Institute and our subsidiaries and other controlled affiliates (together “us”) are committed to the highest standards of legal and ethical conduct. As part of fulfilling this commitment, we ask — and expect — all our employees, contingent workers (e.g., contractors, consultants and temps) and volunteers (together, “you”) to speak up if you have concerns that activities by us or any person associated or doing business with us may be illegal, unethical, or violate the CFA Institute Code of Conduct (the “Code”), the Employee Handbook, or any of our other policies (as more fully described below, “Concerns”). This Policy prohibits retaliation against you for raising a Concern in good faith. 

B. When to Raise a Concern 

You are encouraged to raise a Concern if you believe that an employee, contingent worker, volunteer, Governor, or any other person associated or doing business with us has engaged, is engaging, or may engage in any illegal or unethical conduct or has violated, is violating, or may violate any law, rule or regulation, the Code, the Employee Handbook or any other of our policies. You should not hesitate to raise a Concern because of the identity or position of the person or persons whose activities are the subject of the Concern. Examples of activities that may give rise to a Concern include potential financial wrongdoing, by-passing internal controls, fraud, harassment, a conflict of interest that has not been disclosed, or a deliberate concealment of any of the above.

A Concern may be submitted at any time. However, you are encouraged to raise a Concern as promptly as possible after becoming aware of it so that the Concern may be addressed in a timely manner.

C. How to Raise a Concern 

Concerns may be submitted in writing (including by email) or orally. No specific form is required to be f illed out in order to submit a Concern, but you are encouraged to provide as much information as possible. A Concern may be submitted:

  • To your CFA Institute liaison
  • To the Human Resources department
  • To the Compliance department
  • To the Legal department
  • To any member of the Risk Committee (“RC”) of the Board of Directors (the “Board”)
  • Through the Ethics Helpline for employees, which is operated by a third-party provider

Concerns may be raised anonymously (including through the Ethics Helpline). If you wish to raise a Concern anonymously, it is especially important to provide as much information as possible so that the Concern can be adequately addressed as we will not be able to obtain additional detail from you.

D. How Concerns Will Be Addressed

As a general matter, initial intake of Concerns will be handled by the Senior Head, Talent and Employment Law who will direct the course of action if the matter is an HR concern. In other instances, the Senior Head, Talent and Employment Law will engage additional parties to address the matter in an appropriate manner based on the nature of the Concern. All Concerns relating to internal controls, accounting, auditing, financial reporting or other financial matters, including about finance personnel with respect to conduct that may bear on financial matters, will be referred directly to the Chair of RC. The RC Chair, in their discretion, will notify the CEO.

Any person who is the subject of a Concern, or who may otherwise have or be perceived to have a conflict of interest with respect to the Concern, will not participate in any actions with respect to the Concern on behalf of CFA Institute.

Your cooperation in any inquiry by CFA Institute with respect to a Concern will be required.

E. Confidentiality

All Concerns received will be treated confidentially or anonymously, as applicable, to the extent reasonable and practicable under the circumstances and consistent with the requirements of the law.

To the extent possible after a Concern has been resolved, and consistent with the considerations above, the resolution will be discussed with the person who raised the Concern.

F. Protection Against Retaliation

It is our policy to protect from adverse employment action, loss of volunteer position or other retaliation any employee, contingent worker, or volunteer who raises a Concern in “good faith” (that is, without having good reason to believe that the Concern is false) or who participates in an investigation or the fashioning or implementation of corrective action. This protection applies to any employee, contingent worker, or volunteer who raises a Concern in good faith either internally through the channels set forth in this Policy, or with a governmental, regulatory, or enforcement body. Any person who violates this prohibition against retaliation will be subject to appropriate disciplinary action, which may include termination of that person’s employment or other relationship with us. 

G. Conduct and Ethical Business Practices

CFA Institute is committed to engaging in ethical business practices as a part of the organization’s overall commitment to excellence. As such, Non-Employee Personnel must:

  1.  Observe both the form and spirit of all laws and government rules and regulations applicable to CFA Institute.
  2. Conduct themselves with integrity and dignity and act in an ethical manner in their dealings with the public, clients, customers, employers, fellow coworkers, and government officials;
  3. Conduct themselves and should encourage others to conduct themselves in a professional and ethical manner that will reflect positively on themselves and the organization;
  4. Act with competence and should strive to maintain and improve their competence and that of others in the organization;
  5. Use proper care and exercise independent professional judgment; and
  6. Adhere to the highest standard of business ethics.

Please click here for the full policy.

Information Protection Policy Summary

The Information Protection Policy (IPP) (see business liaison for policy) is a compilation of the policies created to regulate the handling, confidentiality, and availability of CFA Institute information technology resources and data. This is a summary only. Non-Employee Personnel are responsible for reviewing and complying with the full IPP.

The IPP addresses the proper handling of Highly Confidential Information (HCI). HCI includes, but is not limited to: 

  • Personally Identifiable Information such as name, email, address, date of birth, government identification numbers, employment information and professional complaints or investigations;
  • Bank Account, Payment Card, or other Financial Information;
  • Health Information such as in the context of employee Health Insurance Benefits or in the case of employee or candidate disability accommodation requests; and
  • Corporate Intellectual Property such as our proprietary credentialing assets (exam content, forms/answer books, minimum passing scores, exam results, etc.).

CFA Institute Personnel are personally responsible for safeguarding and monitoring proprietary HCI against unauthorized disclosure, modifications, or destruction.

  • HCI must be encrypted when digitally transported, transmitted, or stored.
  • Making copies of data should be avoided.
  • HCI is intended for distribution within CFA Institute and is restricted to (1) employees; and (2) vendors or consultants who have signed a Legal approved contract with CFA Institute. Contact Legal for assistance.
  • CFA Institute Personnel must not email HCI outside CFA Institute unless the data is encrypted by a method approved by the ISO. Contact the IT Help Desk for assistance.
  • HCI should not be stored locally, printed, or manipulated by ‘cut-and-paste’ during a remote session.
  • Vendors engaged to collect, process, or store HCI must be reviewed and approved by the Chief Information Security Officer (or delegate) and by the Global Data Privacy Officer (or delegate).

If you know, or have reason to believe, that there has been a breach of security or loss or theft of HCI, report such breach immediately as set forth in the Incident Response Policy. 

Customer Credit Card Security Policy

I. Purpose

To protect the credit card information that CFA Institute collects from customers and to comply with Payment Card Industry Data Security Standards (PCI DSS) and the CFA Institute Privacy Policy

II. Policy

It is the responsibility of every employee, temporary employee, consultant and contractor with building or network access to protect and maintain the security of customer credit card data. Generally, customer cardholder data cannot be transmitted or stored electronically in a readable format, and the data cannot be accessed unless there is a legitimate business need to do so. Access to customer credit card information is limited as appropriate to each individual who has a need to view the information to perform their duties. The following are key points:

  • Customer credit card information (full account number, last four digits of account number, expiration date, etc.) cannot be entered, forwarded, or stored in: 
    • spreadsheets, documents or Access databases
    • Siebel service requests, service request notes, or activities
    • emails or any other electronic files
  •  The payment card security code (the three-digit or four-digit validation number printed on the front or back of a customer’s payment card) cannot be requested or stored in any format.
  • Specifically, designated paper forms may be utilized by the Charlottesville Global Contact Center and the Member Affiliation Team only to collect single credit card transactions and are the only paper documents approved for the collection of credit card information via telephone. 
  • Registrations & Revenue and the Charlottesville Global Contact Center are the only departments authorized to process credit card charges. All paper, fax, and mail credit card transactions must be processed by the Registrations and Revenue (R&R) department only. 
  • If paper documents containing customer credit card information are received by individuals in other departments or offices, they must be handled as follows:

Charlottesville, VA USA

    • Hand-deliver to R&R staff person or place in R&R’s secure incoming mail cabinets.

All offices other than Charlottesville 

    • Fax to R&R’s secure fax line at (434) 9515240. Originals must be securely destroyed once receipt is confirmed. 

Interoffice mail is not to be used.

  • Internal and external forms requesting payment information must have remittance instructions to the R&R post office box number (2082) and/or to the R&R secure fax number (434-951-5240).
  • Contracts with third party service providers that collect customer Cardholder Data must be reviewed by the Information Security Officer (ISO), Treasurer and Legal prior to execution.
  • Exceptions to this policy must be pre-approved by the ISO in writing.

If you have any questions about these requirements, please contact the ISO or Manager, Registration and Revenue.

III. Responsibilities

All employees are required to acknowledge receipt and understanding of this policy at the start of their employment and at least annually thereafter.  All temporary employees, consultants and contractors with building or network access are required to acknowledge receipt and understanding of the Information Protection Policy (which includes the security of cardholder data) at the start of their contractual relationship and at least annually thereafter. This policy is applicable to CFA Institute, its affiliates, and its subsidiaries.

Workplace Safety and Inspections

All individuals on company property are expected to obey posted safety rules and to exercise caution in all work activities. Individuals must promptly report any unsafe condition to the appropriate people leader.

CFA Institute is committed to maintaining a safe work environment for all employees, non-employees, and visitors. In doing so, CFA Institute reserves the right to take appropriate measures toward this goal that may include the use of such devices as video surveillance equipment, both visible and concealed, on company premises.

CFA Institute may monitor the general areas of the facility including but not limited to all interior office space, common areas, and parking lots. Employees, workers, and guests should not have any expectation of privacy in these areas.

To the extent permissible under applicable laws, CFA Institute prohibits the possession, transfer, sale, or use of illegal drugs, alcohol, firearms, explosives, or other improper materials on its premises and requires the cooperation of all in administering this policy.

For everyone’s safety, if CFA Institute reasonably suspects that an individual possesses items that are prohibited on CFA Institute premises, the property may be searched, in accordance with applicable laws. This may include personal property such as a cooler, purse, briefcase, vehicle, etc., and assigned company property such as offices, desks, drawers, lockers, workspace, computer files, etc. Please remember that individuals on CFA Institute property should not have any expectation of privacy in any item that is company property, even if they have company assigned items such as a desk or locker or access codes.

Dress Code

The CFA Institute Dress Code Policy outlines the parameters for presenting oneself in a professional manner, and is not intended to be a complete set of rules or an all-inclusive list of items that are allowed or not allowed. Rather, Non-Employee Personnel are expected to use the policy as a guide and exercise good judgment when selecting work clothing.

All clothing should be clean and in good repair (without holes and tears — even if purchased this way) and must support our goal of creating a welcoming and safe environment that embraces differences, demonstrates respect, and instills trust. Regardless of the circumstances, shorts are not considered an appropriate clothing choice. Non-Employee Personnel are encouraged to speak with their CFA Institute liaison if they have questions about making appropriate clothing choices consistent with this policy.  

There may be medical conditions and/or particular CFA Institute positions that require exceptions to this policy all or some of the time. CFA Institute will also make reasonable accommodations to its Dress Code for a Non-Employee Personnel’s bona fide religious beliefs or practices. Please speak with your CFA Institute liaison if you have any questions.

Equal Opportunity

It is the established policy of CFA Institute not to discriminate against any individual employee or Non-Employee on the basis of race, any traits historically associated with race, color, national origin, citizenship or immigration status, religion, creed or belief, age, marital or partnership status, marital or family status, care giver status, pregnancy and maternity, breastfeeding, sexual and other reproductive health decisions, physical abilities/qualities, disability, sexual orientation, gender, gender identity or expression, predisposing genetic characteristic, military or veteran status, status as a victim or witness of domestic violence or sex offense or stalking, unemployment status, infectious disease carrier status, migrant worker status, educational background, socio-economic status, geographic location and culture or any other basis protected by applicable law. This policy impacts all aspects of employment, including but not limited to, recruitment, training, development, promotion, demotion, and dismissal. This is a global policy that applies to all CFA Institute employees and Non-Employee Personnel, regardless of location.

Any Non-Employee Personnel who feels that they have experienced or witnessed discrimination under this policy should promptly notify their primary employer or temporary staffing agency, if applicable, and then their CFA Institute liaison.

Non-Employee Personnel may raise good faith concerns and make reports without fear of reprisal. Any Non-Employee Personnel found to be engaging in any type of discrimination or retaliation in violation of this policy will be subject to termination of services for CFA Institute.

Workplace Accommodations

I. Workplace Disability or Pregnancy Accommodations

Non-Employee Personnel who are pregnant or who are qualified individuals with disabilities covered by applicable disability laws, and who require reasonable accommodations should first discuss potential accommodations with their primary employer or temporary staffing agency, if applicable, and then with their CFA Institute liaison.

II. Workplace Religious Accommodations

Non-Employee Personnel whose religious beliefs or practices conflict with their duties, work schedule, CFA Institute Dress Code, or with other aspects of services for CFA Institute, and who seek a religious accommodation should first discuss their request with their primary employer or temporary staffing agency, if applicable, and then with their CFA Institute liaison.


All Non-Employee Personnel who engage in travel for CFA Institute business are responsible for reading and abiding by the terms of the CFA Institute Non-Staff Travel Policy, which is available on the CFA Institute website. The objective in developing the policy is to provide for the well-being of non-staff while traveling on behalf of CFA Institute, and ensuring the best value is obtained using available savings programs and reasonable cost management.

Questions should be directed to your CFA Institute liaison.