Governance and Trust

Our commitment

The Dayforce Our Way values are core to our culture: Customer Focus, Shared Ambition, Agility, Equity, Optimism, and Transparency. They are our roadmap for delivering our brand promise, and we aim to reflect our values in everything we do—including through the policies and procedures we adopt as a business. These values inform our management philosophy and help us create a positive experience for our employees, customers, and partners.

Governance

Dayforce maintains the highest standards and guidelines to ensure that our employees conduct business ethically. We regularly update corporate policies to conform to evolving best practices, including strengthening our anti-corruption, records retention, sanctions compliance, and expense submission policies. These are covered in detail in our annual ESG report.

In 2023, we focused on maturing our already strong Ethics and Compliance program. This includes improving efficiency by automating pre-clearance procedures for key compliance processes and ensuring that our policy processes and overall governance framework meet the demands of our fast-growing global business. We also revamped our Code of Conduct to include expanded sections on government interactions, usage of artificial Intelligence, responsible innovation, and human rights.

We believe that artificial intelligence (AI) in general and machine-learning (M/L) specifically have the potential to fundamentally transform HCM. We aim to deploy advanced data capabilities that deliver not only greater efficiency at scale for our customers, but also improved outcomes for their employees.

That’s why we implemented a new AI Governance Framework last year that evaluates the potential use of AI through all key stages of the product development lifecycle. From ideation to release, internal leaders leverage a scoring rubric and other tools to assess the potential benefits and tradeoffs.

This rigorous internal process continues as we regularly review post release models led by our Product organization and supported by our AI and Data Science team, conducted in partnership with Customer Success, Legal, and Information Technology. We also engage third-party audit services as an additional validation point.

Data Security

Effective stewardship of customer data is our highest priority as an organization. We are relentlessly focused on preventing data breaches and stopping cyberattacks from being successful or impacting our business. Each year, we work to meet this challenge by making strategic investments in new tools and technologies, expanded expertise, and improving already strong internal processes and procedures.

In 2023, this included building a new threat intelligence program, growing the global Data Security team by 20%, and continuing to invest in cybersecurity at a rate of 1.5% of revenue. As a result of these efforts, we receive best-in-class scores from third-party rating agencies such as RiskRecon as well as Bitsight for our Dayforce suite.

Privacy

Safeguarding data privacy is one of our most important responsibilities as a business, and Dayforce customers trust us to handle some of their employees’ most sensitive personal information.

In 2023, we further strengthened our policies and practices in several new ways. We secured certification to the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework.

In addition, we strengthened control assurance by expanding the application of privacy-by-design assessments and reviews across business processes and offerings. We also launched an inaugural Data Privacy Awareness Week to increase attention and understanding across the organization and supplement our annual mandatory employee training.

Enterprise risk management

We believe that successful management of enterprise risk is a requirement for our company to operate effectively and achieve our key business objectives. Through our fact-based, globally integrated model, our approach to ERM is built on the goals of continuous improvement as well as execution of a rigorous risk identification, analysis, and mitigation process.

In 2023, our team made significant progress in ensuring global consistency, maturing existing controls and procedures, and increasing our employees’ awareness of this work and the critical role they play in its success.

This included: globalizing our Enterprise Risk Management Policy; maturing our scoring rubric to provide a more standardized, consistent, and objective approach to risk identification and assessment; and deploying an employee training to help them understand their responsibilities as part of an effective ERM program.