The Code of Business Conduct and Ethics (the "Code") serves as our roadmap for acting ethically whenever and wherever we conduct business. Together with other company policies which provide more detailed information on specific topics, the Code will help us apply basic principles to our daily conduct so that we can ensure we are following both the letter and the spirit of the law while conducting business with honesty and integrity. We expect everyone with whom we conduct business to honor the principles outlined in the Code.

Access the Code of Business Conduct and Ethics.

Our Comprehensive Compliance Program is one of the key components of our corporate conduct and has been tailored to fit the unique environment of our company. Robust and dynamic, this program is reviewed and enhanced regularly to meet our evolving compliance needs.

LEADERSHIP AND STRUCTURE

  • Compliance Officer. A senior-level official in our organization is designated to serve as our corporate Compliance Officer to effectuate change as necessary and to exercise independent judgment. Our Compliance Officer is responsible for developing, operating and monitoring the Comprehensive Compliance Program.
  • Compliance Committee. Incyte has established a Compliance Committee to advise the Compliance Officer and assist in the implementation of the Compliance Program.

WRITTEN STANDARDS

Incyte’s Code of Business Conduct and Ethics (the "Code") is our statement of ethical and compliance principles that guide our daily operations. The Code establishes that we expect management, employees and agents of the company to act in accordance with law and applicable company policy. The Code articulates our fundamental principles, values and framework for action within our organization.

EDUCATION AND TRAINING

A critical element of our Compliance Program is the education and training of our employees on their legal and ethical obligations under applicable federal healthcare program requirements. Incyte is committed to taking all necessary steps to effectively communicate our standards and procedures to all affected personnel. Moreover, Incyte will regularly review and update its training programs, as well as identify additional areas of training on an "as-needed" basis.

INTERNAL LINES OF COMMUNICATION

Incyte fosters dialogue between management and employees. Our goal is that all employees, when seeking answers to questions or reporting potential instances of fraud and abuse, should know whom to turn to for a meaningful response and should be able to do so without fear of retribution. To that end, we have adopted confidentiality and non-retaliation policies. 

In addition, Incyte has a Helpline that provides a means for employees or external parties to report a compliance concern or potential misconduct. This Helpline is managed by a third-party vendor and provides the option to report anonymously as permitted by local law. 

AUDITING AND MONITORING

Incyte’s Compliance Program includes efforts to monitor, audit and evaluate compliance with the company’s compliance policies and procedures. The nature of our reviews as well as the extent and frequency of our compliance monitoring and auditing varies according to a variety of factors, including new regulatory requirements, changes in business practices and other considerations.

RESPONDING TO POTENTIAL VIOLATIONS

Incyte’s Compliance Program includes clear disciplinary policies that set out the consequences of violating the law or company policy. Although each situation is considered on a case-by-case basis, we will consistently undertake appropriate disciplinary action to address inappropriate conduct and deter future violations.

CORRECTIVE ACTION PROCEDURES

Our Compliance Program requires the company to respond promptly to potential violations of law or company policy, take appropriate disciplinary action, assess whether the violation is in part due to gaps in our policies, practices or internal controls, and take action to prevent future violations.

Incyte recognizes the importance of working with suppliers, distributors, vendors and other business partners (collectively, "Third Parties") who share our values and operate in a responsible and ethical manner.

It is our goal to always operate in compliance with all applicable rules and regulations. As such, we expect that all Third Parties with whom we do business comply with all applicable laws and regulations of the countries, states and localities in which they operate. This includes, but is not limited to, business conduct, product quality, labor and employment practices, health and safety, and environmental protection.

As a responsible corporate citizen, Incyte expects its Third Parties to conform their practices to any published standards for their industry, obtain all applicable permits and operate in accordance with permit limitations and requirements at all times. The standards and expectations we have for our Third Parties mirror those which we set for ourselves as reflected in our Code of Business Conduct and Ethics, and we expect our Third Parties to be familiar with and conform themselves to such standards.

Incyte honors its trusted relationships with healthcare professionals, patients, caregivers, consumers, employees and business partners by being transparent about how we collect, use and share data. Learn more about our Privacy practices, including our company policy, Privacy Notices and contact information for our Privacy Office.

View our Privacy page.

Incyte is committed to keeping the lines of communication open and fostering a speak-up culture. The Compliance Helpline provides multiple options to speak up confidentially through a third party and report concerns or misconduct:

United States: 1-855-462-3411
Switzerland: 0-800-890011, then 855-845-3448
Web: incyte.ethicspoint.com

 

Risk Management

 

The continued success of Incyte is dependent on the confidence we earn from our customers, patients, employees, communities and other stakeholders. We adhere to our commitments, displaying honesty and integrity and minimizing risk at every opportunity. 

 

To support ethical behavior across the organization, Incyte regularly conducts employee training on policies and procedures, field-based monitoring and internal audits on certain higher-risk activities. We comply with the principles outlined in the applicable laws regarding disclosure of transfers of value to healthcare professionals, including the Physician Payment Sunshine Act (Sunshine Act) in the U.S. and the Loi Bertrand in France.

To ensure our products are used safely and for the right purposes, the following compliance requirements apply to promotional interactions with healthcare professionals:

  • Must be consistent with the approved labeling/product Prescribing Information and only approved products and indications may be discussed.
  • Must be truthful, non-misleading and fairly balanced in presenting an Incyte product's benefits and risks.
  • Promotional materials used must be accurate, substantiated, scientifically rigorous and consistent with applicable legal and regulatory standards.

Incyte is a member of the Pharmaceutical Research and Manufacturers of America (PhRMA) and therefore is committed to complying with the PhRMA Code on Interactions with Healthcare Professionals. Incyte is also a member of several equivalent national industry trade associations in Europe.

To learn more, please see our Code of Conduct.

As technology improves the efficiency of our organization and activities, it may also increase our risk. Incyte has a robust Cybersecurity program, with a comprehensive suite of tools and processes. These include technical and administrative safeguards such as penetration testing, vulnerability assessment and remediation, privacy and cybersecurity assessment of business partners, end-to-end security tools, cloud security and protection mechanisms for patient data and intellectual property. Incyte also focuses on regularly improving cybersecurity awareness among employees and contingent workers through mandatory cybersecurity training during orientation, annual refreshers and “Cybersecurity Awareness Month” activities, which are supplemented by periodic phishing simulation testing campaigns with additional training for users who do not pass the tests.

Incyte has protocols in place for a number of emergencies. Regular fire drills are conducted, and employees are directed to evacuation points away from the buildings.

Related to the physical impact of natural disasters and climate change, we have assessed a contingency plan for the operating of research facilities in the U.S. Should Incyte headquarters lose power, we have the ability to maintain critical equipment and refrigerator/freezers containing critical-safe issues and samples. While certain discovery projects may need to be on hold, all other work can be conducted remotely.

The Global Technical Operations team has a business continuity Standard Operating Procedure (SOP) in place related to commercial supply. The Quality Assurance and Supply Chain teams also routinely meet with key suppliers to discuss and review their operations regarding the manufacturing of our products, including business continuity and crisis-management preparedness.