We have long had policies governing what work we will and will not do. In 2019, we strengthened these policies further by launching a more rigorous framework and set of criteria to evaluate our client service.
Our Client Service Policy requires partners to systematically assess client projects across five interrelated dimensions: Country, Institution, Topic, Individual, and Operational considerations. Referred to as “CITIO,” this framework is embedded in the way we assess risk for all our client work. Among other criteria, the policy requires us to consider the unintended consequences of any proposed work, including potential negative impact on vulnerable populations. If a client or proposed project falls short of our standards, we will not do the work. This policy applies globally, across all sectors, whether work is paid or unpaid.
The Client Service Policy includes additional clear rules for work we will not perform. For example, we do not serve tobacco companies, opioid manufacturers, dual-use technology companies in certain countries, and pharmaceutical companies on projects that deviate from industry pricing norms or seek to circumvent regulatory structures or legal conventions. In the government sector, we do not serve defense, intelligence, justice, or police institutions in non-democratic countries (for which we base our assessment on The Economist Intelligence Unit's Democracy Index), with limited exceptions for international aid and humanitarian work approved by our firm’s risk leadership. We also do not serve political parties, political advocacy groups, legislatures, or individual legislators’ offices; nor do we take part in political advocacy or lobbying on behalf of our clients.
We also follow additional policies and guidelines for specific areas of our client work; for example, an enhanced set of rules govern our work for public sector clients.
Dedicated oversight and decision-making support
To oversee our Client Service Policy and ensure our firm continues to adapt in an increasingly complex world, we continually improve our risk and governance processes and capabilities, including our firm risk, legal, and compliance functions. Client service matters that require consideration beyond our standard processes are escalated to a global decision-making body, the Client Service Risk Committee (CSRC).
The CSRC is a global committee of respected senior firm leaders, supported by firm risk, legal, and communications professionals, which provides advice and decisions on the most complex risks we face in our client service. Each year, the CSRC and our risk teams review thousands of cases of potential client engagements to ensure they adhere to relevant policies and that appropriate guardrails are put in place to address risks. For engagements that fail to meet our standards, the CSRC declines the work.