Business Ethics and Integrity
Living by Our Values
As a professional services firm, we recognize that our reputation is vitally important to our success. Since the firm’s founding in 1983, we have worked persistently to establish our reputation and to build stakeholder relationships on the backbone of trust. Trust is not earned on delivering innovative solutions and quality work alone. Acting in an ethical, responsible, and transparent manner must be embedded in all the client work that we do and how we treat colleagues in the workplace. How we conduct our work and the values that we live by are as important as the results we deliver.
History of Trust built over the past 42 years of client service
Our Values guide our work and shape our success
We will be accountable to our clients and each other and operate in a manner that conveys a genuine focus on service founded on mutual respect and trust.
We will place the long-term good of our clients above our own interest and conduct our business ethically with humility, empathy, and fairness.
We will exceed our clients’ expectations, we will do what we say we will do, and we will do it extraordinarily well.
We will each be stewards of ScottMadden’s reputation, and we will preserve and enhance it.
We will maintain a challenging, diverse, and inclusive work environment centered on client success while promoting collegiality, creativity, responsibility, and an overall esprit de corps.
Our Governance and Organizational Leadership
ScottMadden’s board of directors oversees critical governance matters, including the firm’s strategy and major initiatives, financial and corporate transactions, and executive compensation. As a midsize consulting firm, the day-to-day operations of our core consulting are aligned by practice and overseen by partner Practice Area Leads (PALs) who report directly to our CEO. The remaining partners report directly to one of the PALs. Several committees support specific firm-related activities, including our Corporate Responsibility Steering Committee, which routinely meets to advise management on corporate sustainability leading practices and ensure material sustainability issues are considered and embedded in the firm’s strategic initiatives.
Leadership Succession and Continuity
In 2025, ScottMadden continued a board-guided CEO succession process launched in 2022, focused on continuity, values alignment, and sustained performance. The transition was structured to maintain stability for clients and employees while supporting leadership evolution. The board’s external expertise and independent perspective strengthen oversight of leadership transitions, strategy execution, and enterprise risk. Effective January 1, 2026, ScottMadden will separate the roles of CEO and board chairman to clarify accountability, reinforce decision rights, and support effective oversight of management execution.
Anchored by Our Policies and Standards
Upon joining ScottMadden, every new hire is required to read and sign our Employee Handbook, which contains the firm’s General Standards of Conduct. In addition, all employees are required to review and acknowledge the General Standards of Conduct annually. Observance of these standards and expectations, as well as our Non-Harassment and Safety and Security policies, will help to ensure that our workplace remains a safe and desirable place to work.
ScottMadden Standards of Conduct
Specific topics covered include, but are not limited to, Workplace Conduct, Conflicts of Interest, and Business Ethics. The policies state that we work honestly, fairly, and respectfully with one another and others associated with the firm. Professional behavior is always expected of us, and we are encouraged to report any instances of inappropriate conduct. Our established guidelines for conduct create a safe place for all to work and allow us to do our jobs successfully.
A Safe Workplace
We value every voice at ScottMadden and have zero tolerance for discrimination or harassment of any kind. Our diversity and inclusion efforts are outlined in this report, and we emphasize respectful, nondiscriminatory behavior on a daily basis. We hold ourselves to the highest standards so that we may all excel.
A Fair Workplace for Everyone
ScottMadden is committed to ensuring equal opportunities for all employees across functional levels regardless of race, gender, ethnicity, age, religion, sexual orientation, or other non-job-related factors. For consultants, every employee is compensated according to the same plan based on their title (i.e., associate, senior associate, manager, director, or partner). These same principles are applied to our support staff.
Client Partnerships
Our work is often confidential, and our advice and counsel frequently guide clients’ strategic decisions. Because protection of their situations and information is paramount, we proactively manage conflicts of interest and associated disclosures as circumstances warrant. And because we measure our success by that of our clients, we take a long-term view for them, doing what will be in their best interests for years to come.
Managing Enterprise Risk
We view risk management as an essential activity to conducting our business responsibly. We take a short- to long-term view of enterprise risk and evaluate it across a variety of categories. These risk categories include, but are not limited to, cybersecurity, legal, financial, market, and employee health. Given the critical nature of risk and compliance, ScottMadden maintains a dedicated leadership role for enterprise risk oversight. This role recently transitioned to Partner Trey Robinson upon his predecessor's retirement. Given the importance of this role, the firm ensured a deliberate transition, including a significant overlap period, to preserve continuity and effectiveness during this past year.
Our Ethics and Integrity Priorities and Highlights
Our Business Ethics and Integrity objectives are:
- Professionalism – Promoting inclusivity, respect, honesty, and professionalism as outlined in our General Standards of Conduct.
- Admired Workplace – Fostering a transparent, healthy, productive, and collegial environment for our people.
- Information Security – Protecting our client partnerships by safeguarding confidential information, managing conflicts of interest, and always doing what is in our clients’ best interests for the long term.
OF EMPLOYEES completed Non-Harassment Training
OF EMPLOYEES acknowledged Workplace Conduct, Conflicts of Interest, and Business Ethics policies
Leadership Transition and Ethical Governance
In 2025, ScottMadden hosted a Corporate Responsibility Lunch & Learn, featuring a live fireside conversation with outgoing CEO Brad Kitchens and incoming CEO Andy Flores, focused on governance, ethics, and leadership transition. Open to all employees, the session reinforced the firm’s commitment to ethical leadership, shared accountability, and trust through increased visibility into how governance and values guide decision-making.
"Leading with integrity means doing the right thing in how we serve others, regardless of role or title.”
Andy Flores
Chief Executive Officer
Business Transparency and Communication
As ScottMadden continues to grow, we remain committed to frequent, consistent, and meaningful communication across the firm. One of our longstanding mantras is to “treat adults like adults,” and the communication channels below reflect our commitment to providing employees with visibility into firm strategy, initiatives, operating performance, and culture.
First Fridays
Monthly, in-office meetings (followed by lunch!) to share critical firm updates.
Communities of Practice
Learning and development gatherings that support strategy and capability building across our service areas.
Annual Town Hall
Annual “state of the firm” meetings led by the CEO in each office.
theScoop
A bi-monthly firm newsletter highlighting key announcements and updates.
Employee Resource Groups (ERGs)
Regular opportunities for connection, mentoring, development, and inclusion.
Annual All-Hands Meeting
The firm’s annual retreat, reinforcing and celebrating ScottMadden’s culture.
Data Privacy and Cybersecurity
Guarding Our Data, Securing Our Future
Our top cybersecurity priority is securing our client data and protecting their privacy.
We protect our company data by promoting awareness and actively identifying and mitigating cyber threats. Regardless of where we work, our risk-driven information security and business continuity program enables us to safeguard our data assets.
Information Security Program and Security Awareness Training
Our robust Information Security Program (ISP) and comprehensive Security Awareness Training empower our team to proactively identify, mitigate, and respond to evolving cybersecurity threats while upholding the highest standards of data privacy and protection.
The ISP formalizes the policies and standards required to protect our information resources. Our entire staff is held to the ISP’s standards of individual responsibility for information and response measures to potential incidents, and we actively monitor for compliance. The ISP details our information security controls, procedure standards, and Acceptable Use Policy. It also identifies our data privacy obligations and requirements for meeting clients’ needs. In 2025, we completed our SOC 2 Type II attestation, and we are now a SOC 2 compliant organization. This attestation provides our clients with independent, third-party assurance that ScottMadden's information security controls meet rigorous standards for design and operational effectiveness—a reflection of our longstanding commitment to safeguarding client data.
All active employees are required to complete our annual Security Awareness Training. For 2025, 100% of ScottMadden’s users completed this curriculum, which is updated annually to reflect our most significant risks.
Employees and contractors are periodically presented with test “threats” via email, and we are seeing significant improvement in results. We continually upgrade tools and technologies to protect our systems from cyber threats and are constantly working to stay ahead of emerging threats.
Our Cybersecurity Center of Excellence (CoE) continues to deepen our expertise and offerings in managing cyber risk. This CoE supports our work in delivering cybersecurity services to clients. We commit to continually developing our capabilities, technical knowledge, and resources to ensure expertise in these areas. Our recent focus has been on cyber risk management and the use of analytics to improve it.
OF EMPLOYEES completed Security Awareness Training
Our Commitment to Corporate Responsibility
As Andy shared in his opening message, Corporate Responsibility is embedded in how we serve our clients, support our people, and invest in our communities. Each day we live out our values by creating a business that is ethical, secure, and that operates with integrity. We uplift the communities around us and are good stewards of our environment. We build inclusion among our employees by prioritizing their well-being and development and by growing support networks.
We remain focused on our people, our clients, and our community. Everything we do is built on our core values—service, accountability, respect, trust, and inclusion—and we will always strive to move forward guided by these principles.
This year’s report highlights continued progress across several areas important to our firm and stakeholders, including leadership succession planning, strengthened environmental reporting, growing engagement in our employee resource groups, and ongoing investments in cybersecurity and data privacy.
We are proud of and celebrate our accomplishments but always strive for improvement. We regularly review our progress to evaluate our direction. Each year brings different challenges, and we expect to steadily improve.
Our annual Corporate Responsibility Report again reaffirms our firm’s culture of cultivating employee-led initiatives. I am very grateful to the many people at ScottMadden who contributed to creating this report.
Kim Davenport
Partner and Director of Corporate Responsibility
