Rules of Procedure

Conflict of Interest Policy

Adopted by the Board on 25-May-2021

Summary of the conflict of interest policy

This policy is lengthy, but if you are on the Board of Directors, the Foundation staff, or a Committee, you must be aware of and adhere to it. If you are a leader, it is in your best interest to understand this policy, because it can lead to expenses or activities being rejected, escalated for a disinterested approver, or a requirement to repay any conflicted payments and discontinue a conflicted decision or activity.

tl;dr:

Regardless of if you’re conflicted or not, declare any perceived or actual conflicts
Manage the risk of conflicts by either stepping away from discussion and decision making or ensuring that everyone knows that you’re conflicted
Some conflicts are fraudulent or illegal, and can cause the OWASP Foundation and yourself to be in legal peril. If in doubt, declare and ask for advice.

Participants, members, staff, and Directors all have a duty to ensure that they are not conflicted or self dealing with anything they do at OWASP. This is required by our non-profit status and good governance of non-profits in general.

ARTICLE I

PURPOSES

It is important for the OWASP Foundation board of directors and employees to be aware that both real and apparent conflicts of interest or dualities of interest sometimes occur in the course of conducting the affairs of the Foundation and that the appearance of conflict can be troublesome even if there is in fact no conflict whatsoever. Conflicts occur because the many persons associated with the Foundation should be expected to have, and do in fact generally have multiple interests and affiliations and various positions of responsibility within the community. In these situations a person will sometimes owe identical duties of loyalty to two or more corporations or organizations. The #### purpose of the conflict of interest policy is to protect the Foundation’s tax-exempt interest when it is contemplating entering into a transaction or arrangement that might benefit the private interest of an officer or director of the Foundation or might result in a possible excess benefit transaction. In addition the policy ensures there is transparency and the actions of the Foundation can clearly serve the mission. The policy is intended to supplement but not replace any applicable state and federal laws governing conflict of interest applicable to nonprofit and charitable organizations.

Conflicts are undesirable because they potentially or eventually place the interests of others ahead of the Foundation’s obligations to its charitable purposes and to the public interest. Conflicts are also undesirable because they often reflect adversely upon the person involved and upon the institutions with which they are affiliated, regardless of the actual facts or motivations of the parties. However, the long-range best interests of the Foundation do not require the termination of all association with persons who may have real or apparent conflicts that are harmless to all individuals or entities involved.

Each member of the board of directors and employees of the Foundation has a duty of loyalty to the Foundation. The duty of loyalty generally requires a director or employee to prefer the interests of the Foundation over the director’s/employee’s interest or the interests of others when making decisions affecting the organization. In addition, directors and employees of the Foundation shall avoid acts of self-dealing which may adversely affect the tax-exempt status of the Foundation or cause there to arise any sanction or penalty by a governmental authority.

In connection with any actual or possible conflict of interest, an interested person must disclose the existence of the financial interest and be given the opportunity to disclose all material facts to the directors and members of the community with governing board delegated powers considering the proposed transaction or arrangement.

ARTICLE II

DEFINITIONS

2.1 Interested Person

Any director, principal officer, member of a committee with governing board delegated powers, or employee who has a direct or indirect financial interest, as defined below, is an interested person.

2.2 Financial Interest

A person has a financial interest if the person has, directly or indirectly, through business, investment, or family:

An ownership or investment interest in any entity with which the Foundation has a transaction or arrangement,
A compensation arrangement with the Foundation or with any entity or individual with which the Foundation has a transaction or arrangement, or
A potential ownership or investment interest in, or compensation arrangement with, any entity or individual with which the Foundation is negotiating a transaction or arrangement.

Compensation includes direct and indirect remuneration as well as gifts or favors that are not insubstantial. A financial interest is not necessarily a conflict of interest. Under Article III, Section 2, a person who has a financial interest may have a conflict of interest only if the appropriate governing board or committee decides that a conflict of interest exists.

ARTICLE III

PROCEDURES

3.1 Duty to Disclose

In connection with any actual or possible conflict of interest, an interested person must disclose the existence of the financial interest and be given the opportunity to disclose all material facts to the directors and members of committees with governing board delegated powers considering the proposed transaction or arrangement.

3.2 Third Party Disclosure

Board members, employees, community members, or other third parties are encouraged to notify the board any undisclosed financial interest or other conflict of interest by a board member or employee including material facts supporting the conflict.

3.3 Determining Whether a Conflict of Interest Exists

After disclosure of the financial interest and all material facts, and after any discussion with the interested person, they shall leave the governing board or committee meeting while the determination of a conflict of interest is discussed and voted upon. The remaining board or committee members shall decide if a conflict of interest exists.

3.4 Procedures for Addressing the Conflict of Interest

An interested person may make a presentation at the governing board or committee meeting, but after the presentation, they shall leave the meeting during the discussion of, and the vote on, the transaction or arrangement involving the possible conflict of interest.
The Chair of the governing board or committee shall, if appropriate, appoint a disinterested person or committee to investigate alternatives to the proposed transaction or arrangement.
After exercising due diligence, the governing board or committee shall determine whether the Foundation can obtain with reasonable efforts a more advantageous transaction or arrangement from a person or entity that would not give rise to a conflict of interest.
If a more advantageous transaction or arrangement is not reasonably possible under circumstances not producing a conflict of interest, the governing board or committee shall determine by a majority vote of the disinterested directors whether the transaction or arrangement is in the Foundation’s best interest, for its own benefit, and whether it is fair and reasonable. In conformity with the above determination, it shall make its decision as to whether to enter into the transaction or arrangement.

3.5 Violations of the Conflicts of Interest Policy

If the governing board or committee has reasonable cause to believe a member has failed to disclose actual or possible conflicts of interest, it shall inform the member of the basis for such belief and afford the member an opportunity to explain the alleged failure to disclose.
If, after hearing the member’s response and after making further investigation as warranted by the circumstances, the governing board or committee determines the member has failed to disclose an actual or possible conflict of interest, it shall take appropriate disciplinary and corrective action. The violation of this Conflicts of Interest policy is a serious matter and may constitute cause for removal from the Board, termination of employment, and/or the termination of any contractual relationship the Foundation may have with an Interested Person or other party.

ARTICLE IV

RECORDS OF PROCEEDINGS

4.1 Minutes

The minutes of the governing board and all committees with board delegated powers shall contain:

The names of the persons who disclosed or otherwise were found to have a financial interest in connection with an actual or possible conflict of interest, the nature of the financial interest, any action taken to determine whether a conflict of interest was present, and the governing board’s or committee’s decision as to whether a conflict of interest in fact existed.
The names of the persons who were present for discussions and votes relating to the transaction or arrangement, the content of the discussion, including any alternatives to the proposed transaction or arrangement, and a record of any votes taken in connection with the proceedings.

ARTICLE V

COMPENSATION

5.1 A voting member of the governing board who receives compensation, directly or indirectly, from the Foundation for services is precluded from voting on matters pertaining to that member’s compensation.

5.2 A voting member of any committee whose jurisdiction includes compensation matters and who receives compensation, directly or indirectly, from the Foundation for services is precluded from voting on matters pertaining to that member’s compensation.

5.3. No voting member of the governing board or any committee whose jurisdiction includes compensation matters and who receives compensation, directly or indirectly, from the Foundation, either individually or collectively, is prohibited from providing information to any committee regarding compensation.

ARTICLE VI

ANNUAL STATEMENTS

Each director, principal officer, member of a committee with governing board delegated powers, and employee shall annually sign a statement which affirms such person:

Has received a copy of the conflicts of interest policy,
Has read and understands the policy,
Has agreed to comply with the policy, and
Understands that the Foundation is charitable and to maintain its federal tax exemption it must engage primarily in activities which accomplish one or more of its tax-exempt purposes.

ARTICLE VII

PERIODIC REVIEWS

To ensure the Foundation operates in a manner consistent with charitable purposes and does not engage in activities that could jeopardize its tax-exempt status, periodic reviews shall be conducted. The periodic reviews shall, at a minimum, include the following subjects:

Whether compensation arrangements and benefits are reasonable, based on competent survey information and the result of arm’s length bargaining.
Whether partnerships, joint ventures, and arrangements with management corporations conform to the Foundation’s written policies, are properly recorded, reflect reasonable investment or payments for goods and services, further charitable purposes and do not result in inurement, impermissible private benefit or in an excess benefit transaction.

ARTICLE VIII

USE OF OUTSIDE EXPERTS

When conducting the periodic reviews as provided for in Article VII, the Foundation may, but need not, use outside advisors. If outside experts are used, their use shall not relieve the governing board of its responsibility for ensuring periodic reviews are conducted.

CERTIFICATE OF ADOPTION OF CONFLICT OF INTEREST

POLICY AND AGREEMENT

(This will be a digitally signable form once the policy has been approved)

I do hereby certify that the above stated Conflict of Interest Policy and Agreement for the OWASP Foundation were approved and adopted by the board of directors on insert date and constitute a complete copy of the Conflict of Interest Policy of the Foundation.

Secretary_______________
Date: ________________

Annual Conflict of Interest Questionnaire