When Codes Are Quiet, Reputations Are Loud

Photograph by Shahzad Bhiwandiwala, TikTok/@instaagraace

The moment, and the lesson for CECOs 

In July, a jumbotron moment at a Coldplay show spiraled into a reputational storm for Astronomer, culminating in CEO and CPO resignations and a scramble to reset the narrative. You don’t need a stadium to learn the lesson: when growth takes precedence over governance, conduct risk becomes a brand risk. ABC News 

The statements 

For all of the collective handwringing and endless opinions few have questioned the infrastructure and culture of an organizational setup that allowed this to happen.  

Shortly after the incident, the Company issued a statement saying in part: “Astronomer is committed to the values and culture that have guided us since our founding.  Our leaders are expected to set the standards in both conduct and accountability, and recently, that standard was not met”.   It is not clear if Astronomer was referencing to the appropriateness of the affair, the couple getting caught, or the resulting media storm. 

That statement was followed by founder and interim CEO, Pete DeJoy’s statement on the incident and subsequent attention. In the statement, DeJoy deftly issues a marketing pitch for Astronomer’s products and services.  DeJoy continues by announcing the company will thrive because they care deeply about “doing things the right way”, customers “trust us”, and because the “mission is bigger than one moment”.  Lofty promises, but it fails to address the specific incident, nor does it explain the expectations for the company or its employees.  At the time of these statements and to the present day, the website is devoid of any posting of company values or a Code of Conduct.  

Why “common sense” is not a control 

Absent foundational direction of what the company stands for (values) or how it has chosen to conduct business (Code of Conduct) how are leaders, managers, or employees to understand ‘acceptable conduct’ as referenced by a vague company statement?  How can employees be expected to understand ‘the right thing’ and who should they look to for guidance when something as obvious as attempting to conceal an inappropriate affair is happening with the top leadership of the company.  It’s a slippery slope: what else is acceptable?  Fudging your expenses?  Permanently ‘borrowing’ company equipment?  ‘Greasing the skids’ through a cash payment with a local politician?  Inappropriate jokes if they are told to the right people? 

The reality is this kind of expectation setting is often put on the “later” stage of a high-growth VC or PE backed company’s plan, something that can be done after growth targets are met.   But that’s a risky decision. In an effort to build a superstar product or release the next greatest service, these kinds of organizations: compressed hiring cycles, blurred reporting lines, pressure to perform, and outsized exec influence. If your organization lacks a Code or relies on “good judgment”, you’ve left your most material risks to chance. 

What good looks like (today’s effective programs) 

Leading programs are rediscovering that effective E&C programs blend proactive steps and clear values to influence the company’s ethical culture with strong documentation, procedures, and controls to comply with laws, regulations, and corporate mandates.  They do this by:  

• Developing a formal process to identify, assess, and mitigate risks to their company 
• Providing board-level visibility into culture and conduct 
• Using metrics (hotline + manager-concerns + pulse surveys + training/documentation usage, etc) to spot early warning signs 
• Partnering across functions to prevent issues, not just investigate them after the report resources.ethisphere.com 

And they measure employee perceptions. Among top performing E&C programs, 74% run a standalone ethical culture or program perception survey, a leading practice any scaling company can – and should – adopt.  

Codify the gray areas: “Relationships at Work” and “Expectations” sections to the Code 

Beyond a lack of formal corporate values, an additional gap the Astronomer episode exposed: workplace relationships, conflicts, and the expectations of employees. Add clear, standalone sections in your Code of Conduct that cover: 

• Disclosure & approval: Any romantic or intimate relationship where influence, evaluation, or access exists must be disclosed to E&C and/or Human Resources and any mitigation documented.  
• Recusal & reporting lines: No direct/indirect reporting of individuals in romantic relationships and all decisions (influence on pay, promotions, or assignments mitigated) assigned outside the reporting channel. 
• Conflict of interest (COI): Treat relationships as COI scenarios. Disclose and document mitigation steps in the COI disclosure and review workflow. 
• Expectations: All employees are expected to follow the principles outlined in the code of conduct and to report any suspected violations they may have been exposed to.   
• Retaliation safeguards: Spell out non-retaliation expectations for reporters and witnesses who report suspected misconduct in good faith. Set follow-ups at defined intervals. Talk openly about non-retaliation and the importance of speaking up. 

Don’t let it happen to you 

In his statement, DeJoy explained that the controversy wasn’t how he expected the Astronomer brand to go viral.  A sobering observation after the cat is already out of the proverbial bag.  While it’s not a guarantee that these two leaders wouldn’t have carried on a clandestine affair (there are plenty of public examples of this kind of behavior), one hopes that with a strong ethical foundation in a set of corporate values and a clear enunciation of expectations in a Code of Conduct, someone would have thought twice – or raised their hand.   

Below are some additional resources and considerations to help keep your organization from following Astronomer down this unfortunate path.  

Make “tone at the top” visible—externally 

Clarity is cultural when leaders make it public. Consider: 

• Microsoft (Nadella): A company-wide security memo that tied trust to strategy and compensation and showcased how values can be operationalized.  
• CareFirst: A public Speak-Up report that shows process transparency and outcomes—an external proof point employees and regulators can see.  

Where to Start 

1. Updates: Update your Code of Conduct to cover Relationships at Work, COI, and expectations of employees.  Publish your Relationships at Work policy; refresh COI disclosure workflow. 
2. Manager toolkit: Monthly 10-minute team convo prompts; create a one-pager on how to handle a concern. 
3. Survey & signals: Launch a speak-up pulse or work with HR to get speak-up questions embedded in their employee survey.  
4. Board visibility: Add a culture & conduct dashboard to the next committee pack (reporting rates, retaliation checks, time-to-resolution). 
5. Public proof: Post a short CEO note reaffirming standards + a Speak Up explainer on your site. Make your code of conduct publicly available.