GitLab Inc. (collectively with its subsidiaries, “GitLab”, “we”, “our”) is committed to the highest standards of legal and ethical business conduct and has long operated its business consistent with written operating principles and policies that reinforce this commitment. In furtherance of those standards, this Anti-Fraud Policy (this “Policy”) applies to all officers, employees and direct and indirect contractors of GitLab and of its direct and indirect subsidiaries (“Team Members”). Compliance with this Policy is mandatory for every Team Member and member of GitLab’s Board of Directors (“Director”). In addition to this Policy, Team Members and Directors are subject to and must comply with other policies (including GitLab’s Code of Business Conduct and Ethics for Directors, Officers, Employees and Contractors (the “Code of Business Conduct and Ethics”) and programs of GitLab, as applicable. We expect each Team Member and Director to read and become familiar with this Policy. Violations of the law, our corporate policies, or this Policy may result in disciplinary action, including dismissal.
This Policy outlines the principles to which we are committed in relation to preventing, reporting, and remediating fraud and corruption. As described in the Code of Business Conduct and Ethics, all Team Members are required to deal honestly, ethically and fairly with customers, partners, suppliers, competitors and other third parties. No Team Member or Director may knowingly, directly or indirectly, partake in, assist or otherwise be involved in any fraud.
The primary objective of this Policy is to prevent fraud, help maintain GitLab’s culture of compliance, help maintain integrity in GitLab’s business dealings, establish procedures and protections that allow Team Members to act on suspected fraud or corruption with potentially adverse ramifications and to achieve GitLab’s legitimate business objectives.
In the broadest sense, fraud can encompass any crime for gain that uses deception as its principal method of operation. More precisely, fraud is defined_ as _knowingly misrepresenting the truth or concealing a material fact in order to induce another person to act to their detriment. Fraud may involve:
There is no set monetary threshold that defines fraud. There is no need to be successful to be viewed as corrupt; the offering can be enough to amount to a criminal offense in certain jurisdictions. These principles apply equally in any country in which GitLab operates or carries on business.
All Team Members and Directors, regardless of position or title, have a stewardship responsibility with regard to GitLab’s funds and other assets. Team Members and Directors are responsible for safeguarding GitLab’s resources and ensuring that those resources are used only for authorized purposes in accordance with GitLab’s rules, policies, and applicable laws.
As every Team Member is free to raise concerns regarding any questionable practices without fear of harassment or retaliation, GitLab will not allow any retaliation against any Team Member who acts in good faith in reporting any violation of this Policy or against any person who is assisting in good faith in any investigation or process with respect to such a report. Any Team Member who participates in any such retaliation is subject to disciplinary action, including termination.
Each Team Member who is a manager is responsible for detecting and preventing fraudulent activities in their respective work areas. Each Team Member who is a manager will be familiar with the types of activities that constitute fraud and be alert for any indication that improper or dishonest activity is or was in existence in their work area.
All participants in a fraud investigation shall treat all information received confidentially. A person reporting suspected fraud may remain anonymous except as otherwise required by law. Investigation results will not be disclosed or discussed with anyone other than those who have a legitimate need to know. Any Team Member or Director contacted by the media with respect to a fraud investigation shall refer the media person to GitLab’s public relations team at firstname.lastname@example.org.
During an investigation of allegations of fraud or suspected fraud, the Team Member(s) suspected of such fraud may be placed on administrative leave pending the outcome of the investigation). Any Team Member who has committed fraud will be subject to disciplinary action up to and including dismissal. In all cases, GitLab reserves the right to refer the matter to appropriate law enforcement officials for independent review, investigation and/or prosecution.
The CLO is responsible for the administration, revision, interpretation and application of this Policy. This Policy will be reviewed annually and, if necessary, revised.