Compliance & Transparency

We aim to make a difference by conducting business with the highest integrity, making information available as needed to our patients, employees, global stakeholders, medical professionals and the broader healthcare community.

The Code of Business Conduct and Ethics (the "Code") serves as our roadmap for acting ethically whenever and wherever we conduct business. Together with other company policies which provide more detailed information on specific topics, the Code will help us apply basic principles to our daily conduct so that we can ensure we are following both the letter and the spirit of the law while conducting business with honesty and integrity. We expect everyone with whom we conduct business to honor the principles outlined in the Code.

Access the Code of Business Conduct and Ethics.

Our Comprehensive Compliance Program is one of the key components of our corporate conduct and has been tailored to fit the unique environment of our company. Robust and dynamic, this program is reviewed and enhanced regularly to meet our evolving compliance needs.


  • Compliance Officer. A senior-level official in our organization is designated to serve as our corporate Compliance Officer to effectuate change as necessary and to exercise independent judgment. Our Compliance Officer is responsible for developing, operating and monitoring the Comprehensive Compliance Program.
  • Compliance Committee. Incyte has established a Compliance Committee to advise the Compliance Officer and assist in the implementation of the Compliance Program.


Incyte’s Code of Business Conduct and Ethics (the "Code") is our statement of ethical and compliance principles that guide our daily operations. The Code establishes that we expect management, employees and agents of the company to act in accordance with law and applicable company policy. The Code articulates our fundamental principles, values and framework for action within our organization.


A critical element of our Compliance Program is the education and training of our employees on their legal and ethical obligations under applicable federal healthcare program requirements. Incyte is committed to taking all necessary steps to effectively communicate our standards and procedures to all affected personnel. Moreover, Incyte will regularly review and update its training programs, as well as identify additional areas of training on an "as-needed" basis.


Incyte fosters dialogue between management and employees. Our goal is that all employees, when seeking answers to questions or reporting potential instances of fraud and abuse, should know whom to turn to for a meaningful response and should be able to do so without fear of retribution. To that end, we have adopted confidentiality and non-retaliation policies.

In addition, Incyte has a Helpline that provides a means for employees or external parties to report a compliance concern or potential misconduct. This Helpline is managed by a third-party vendor and provides the option to report anonymously as permitted by local law.


Incyte’s Compliance Program includes efforts to monitor, audit and evaluate compliance with the company’s compliance policies and procedures. The nature of our reviews as well as the extent and frequency of our compliance monitoring and auditing varies according to a variety of factors, including new regulatory requirements, changes in business practices and other considerations.


Incyte’s Compliance Program includes clear disciplinary policies that set out the consequences of violating the law or company policy. Although each situation is considered on a case-by-case basis, we will consistently undertake appropriate disciplinary action to address inappropriate conduct and deter future violations.


Our Compliance Program requires the company to respond promptly to potential violations of law or company policy, take appropriate disciplinary action, assess whether the violation is in part due to gaps in our policies, practices or internal controls, and take action to prevent future violations.

Incyte recognizes the importance of working with suppliers, distributors, vendors and other business partners (collectively, "Third Parties") who share our values and operate in a responsible and ethical manner.

It is our goal to always operate in compliance with all applicable rules and regulations. As such, we expect that all Third Parties with whom we do business comply with all applicable laws and regulations of the countries, states and localities in which they operate. This includes, but is not limited to, business conduct, product quality, labor and employment practices, health and safety, and environmental protection.

As a responsible corporate citizen, Incyte expects its Third Parties to conform their practices to any published standards for their industry, obtain all applicable permits and operate in accordance with permit limitations and requirements at all times. The standards and expectations we have for our Third Parties mirror those which we set for ourselves as reflected in our Code of Business Conduct and Ethics, and we expect our Third Parties to be familiar with and conform themselves to such standards.

lncyte recognizes that ethical relationships with healthcare professionals and organizations are critical to its mission of helping patients by developing and marketing new medicines. Our interactions with healthcare professionals and organizations are professional exchanges intended to enhance the practice of medicine for the benefit of patients, and we follow the highest standards of integrity, ethical conduct, and full compliance with the laws, regulations and applicable codes of marketing practice, including the U.S. PhRMA Code on Interactions with Healthcare Professionals (the "PhRMA Code"). Additionally, we also comply with applicable disclosure and declaration requirements related to interactions and transfers of value provided to reportable recipients, such as the U.S. Sunshine Act.


The Physician Payment Sunshine Act (Sunshine Act) was passed as part of healthcare reform in March 2010 and was in effect as of August 1, 2013. The Sunshine Act, also referred to as "Open Payments," requires pharmaceutical manufacturers such as Incyte, medical device companies, and group purchasing organizations (GPOs) to track and report certain ownership interests, payments and transfers of value, including meals, refreshments, educational items and fee-for-service compensation provided to U.S. physicians and teaching hospitals.

Incyte complies with the disclosure requirements and encourages individuals to reference the Open Payments website, which is managed by the Centers for Medicaid and Medicare Services (CMS), for additional information.

If there are any questions or inquiries related to data submitted by Incyte, please contact our Transparency team at


Click the documents below for a description of Incyte’s Comprehensive Compliance Program pursuant to the California Marketing Practices Act: 
Read our Declaration of Compliance for CA
Read more about the Incyte Compliance Program for CA.


Read our Policy on Compassionate Use.


Read our Clinical Trial Transparency, Data Sharing, and Disclosure Practices.

Incyte honors its trusted relationships with healthcare professionals, patients, caregivers, consumers, employees and business partners by being transparent about how we collect, use and share data. Learn more about our Privacy practices, including our company policy, Privacy Notices and contact information for our Privacy Office.

View our Privacy page.

Incyte is committed to keeping the lines of communication open and fostering a speak-up culture. The Compliance Helpline provides multiple options to speak up confidentially through a third party and report concerns or misconduct:

United States: 1-855-462-3411  
Switzerland: 0-800-890011, then 855-845-3448  

Risk Management

The continued success of Incyte is dependent on the confidence we earn from our customers, patients, employees, communities and other stakeholders. We adhere to our commitments, displaying honesty and integrity and minimizing risk at every opportunity.

To support ethical behavior across the organization, Incyte regularly conducts employee training on policies and procedures, field-based monitoring and internal audits on certain higher-risk activities. We comply with the principles outlined in the applicable laws regarding disclosure of transfers of value to healthcare professionals, including the Physician Payment Sunshine Act (Sunshine Act) in the U.S. and the Loi Bertrand in France.

To ensure our products are used safely and for the right purposes, the following compliance requirements apply to promotional interactions with healthcare professionals:

  • Must be consistent with the approved labeling/product Prescribing Information and only approved products and indications may be discussed.
  • Must be truthful, non-misleading and fairly balanced in presenting an Incyte product's benefits and risks.
  • Promotional materials used must be accurate, substantiated, scientifically rigorous and consistent with applicable legal and regulatory standards.

Incyte is a member of the Pharmaceutical Research and Manufacturers of America (PhRMA) and therefore is committed to complying with the PhRMA Code on Interactions with Healthcare Professionals. Incyte is also a member of several equivalent national industry trade associations in Europe.

To learn more, please see our Code of Conduct.

As technology improves the efficiency of our organization and activities, it may also increase our risk. Incyte has a robust Cybersecurity program, with a comprehensive suite of tools and processes. These include technical and administrative safeguards such as penetration testing, vulnerability assessment and remediation, privacy and cybersecurity assessment of business partners, end-to-end security tools, cloud security and protection mechanisms for patient data and intellectual property. Incyte also focuses on regularly improving cybersecurity awareness among employees and contingent workers through mandatory cybersecurity training during orientation, annual refreshers and “Cybersecurity Awareness Month” activities, which are supplemented by periodic phishing simulation testing campaigns with additional training for users who do not pass the tests.

Incyte has protocols in place for a number of emergencies. Regular fire drills are conducted, and employees are directed to evacuation points away from the buildings.

Related to the physical impact of natural disasters and climate change, we have assessed a contingency plan for the operating of research facilities in the U.S. Should Incyte headquarters lose power, we have the ability to maintain critical equipment and refrigerator/freezers containing critical-safe issues and samples. While certain discovery projects may need to be on hold, all other work can be conducted remotely.

The Global Technical Operations team has a business continuity Standard Operating Procedure (SOP) in place related to commercial supply. The Quality Assurance and Supply Chain teams also routinely meet with key suppliers to discuss and review their operations regarding the manufacturing of our products, including business continuity and crisis-management preparedness.