Development of corporate and organisational policies

Order Service
Development of corporate and organisational policies

An effective policy system is a critical element of compliance, risk management and trust on the part of donors, investors and partners. In conditions of war, increased regulatory scrutiny and international financing, formal documents are no longer sufficient — policies must be integrated into management and operational processes.

We specialise in developing and implementing corporate and organisational policies for businesses and NGOs. Our services combine the requirements of Ukrainian legislation, international standards and the policy requirements of donors and financial institutions. Our approach ensures not only compliance, but also the practical applicability of policies in the daily activities of organisations.


An effective policy system is the foundation of compliance, donor trust, and organisational sustainability in high-risk environments

We specialise in the development, implementation and support of policies for businesses and non-profit organisations, ensuring compliance with Ukrainian legislation, international standards and requirements of donors and financial institutions.


Who needs it

  • Private companies (including those with foreign investors)
  • Charitable foundations, public organisations
  • Internationally funded projects
  • Organisations undergoing transformation, scaling or preparing for audit


Policies we develop

We form a complete or selective package of policies, including:

  • Anti-Bribery & Corruption Policy — anti-corruption policy
  • Code of Conduct — code of business ethics
  • Sustainability & CSR Policy — sustainable development and corporate social responsibility
  • Environmental Policy — reducing environmental impact, waste management, efficient use of resources
  • Health & Safety Policy — occupational health and safety
  • Diversity & Inclusion (D&I) Policy — gender equality and inclusiveness
  • GDPR / Data Privacy Policy — personal data protection
  • Community Engagement Policy — interaction with communities
  • Security Policy — security policy (physical, information, operational)
  • AI Usage Policy — artificial intelligence policy
  • Accounting Policy — accounting policy (including for IFRS and donor projects)


Approach to work by BDO in Ukraine

1. Building a ‘policy tree’

  • Strategic → functional → operational policies
  • Clear hierarchy, responsibility and connection with procedures, correlation with the company’s strategic goals

2. Adaptation to the context of the organisation

  • Size, sector, risks
  • Requirements of donors, grantors, investors
  • Military and reputational risks

3. Compliance with regulatory requirements

  • Ukrainian legislation
  • International standards and best practices
  • Policies of IFI, EU programmes, USAID, UN, other donors

4. Implementation and training

  • Training for management and staff
  • Practical case studies and compliance scenarios
  • Integration into daily processes
  • Development of systems for monitoring awareness and implementation of policies


Results for the client

  • Systemic compliance, not just formal documents
  • Increased trust among donors and partners
  • Readiness for auditsdue diligence and inspections
  • Reduced legal, reputational and operational risks


Format of work

  • Development from scratch
  • Updating and harmonisation of existing policies
  • Quick packages for donor projects
  • Support for implementation and training


Are you looking for policies that can withstand audits, donor checks and real risks?

Should you require a policy system that is practical, logical and donor-ready, we would be delighted to create one tailored to your sector and the size of your operations.


Key Contact

  • What is an organisation’s policy system?

A policy system is a hierarchical set of interrelated documents that define the principles, rules and standards of an organisation’s activities in terms of compliance, risk management and adherence to legislation and donor requirements.

  • How do policies differ from procedures?

Policies define principles and frameworks for behaviour, while procedures define specific steps and responsible persons. We develop policies in such a way that they can be easily transformed into working procedures.

  • Who needs corporate policies?

Policies are critical for businesses, NGOs, charitable foundations, and internationally funded projects, especially in the context of increased compliance, security, and reputational risks.

  • Are policies mandatory for receiving donor funding?

In most international programmes, the existence of key policies is a mandatory or expected condition (anti-corruption, code of conduct, data protection, safeguarding, security).

  • Do you adapt policies to Ukrainian legislation?

Yes. We ensure dual compliance: Ukrainian regulations + international standards and donor requirements.

  • Do you develop turnkey policies?

Yes. The service includes risk analysis, policy tree construction, text development, management approval, staff training, and implementation support.

  • Do small organisations and NGOs need policies?

Yes. For small organisations, we develop a proportionate and practical package, without excessive bureaucracy, but sufficient for audits and donor checks.

  • Do you cover AI usage policies?

Yes. We develop AI Usage Policy that considers the ethical, legal, security, and data protection aspects of AI usage.

Policy — a top-level document that establishes the principles, rules, and obligations of an organisation.

Policy tree — a structured hierarchy of policies (strategic, functional, operational) that provides a comprehensive management system.

Compliance — conformity of an organisation’s activities with legislation, internal rules and external requirements (donors, regulators).

Code of Conduct — a basic ethical document that defines standards of behaviour for staff and management.

Anti-Bribery & Corruption Policy — a policy for preventing corruption, conflicts of interest, and undue advantages.

Diversity & Inclusion (D&I) — an approach to ensuring equal opportunities, non-discrimination, and inclusive environment.

Data Protection (GDPR) — a system of rules for the protection of personal data and information security.

Security Policy — a policy for managing physical, information, and operational risks.

AI Usage Policy — rules for the use of artificial intelligence, taking into account ethics, security, and responsibility.

Accounting Policy — a set of principles and methods of accounting in accordance with standards and donor requirements.