If you’ve decided to implement an internal reporting system (or whistleblowing hotline), you might be wondering what to do next.
It’s likely that one of your first steps will be to identify companies that may be able to provide the service you’re looking for. It’s also likely you’ll want to make the right choice first time, so it’s important you know what to think about before you receive any sales demos or presentations.
This brief guide provides some useful tips to help you better understand your requirements, and identify and assess potential providers.
As with any business service or system, the devil is often in the detail. But significant differences can exist even at a high level.
For example, while one vendor may offer a range of reporting options (a proven way of generating a higher volume of reports), other vendors may offer just one or two.
Security and data privacy standards can vary too, while the tools provided to help you manage and investigate cases can range from non-existent to enterprise level.
You may already have a preferred vendor in mind. While this is a great start, you should always aim to speak with more than one vendor. Speaking to multiple vendors will not only increase your chances of finding the most appropriate solution, it will also expose you to different viewpoints and philosophies, enabling you to become a more ‘informed’ buyer.
Beyond that, here are our recommendations for helping you find the best reporting system for your organisation.
The obvious starting point is to define your organisation’s need.
The fact you’re reading this article suggests you understand the type of solution you’re looking for – but it is always worth revisiting your key requirements at the outset.
Your brief doesn’t necessarily have to be detailed at this stage, but you should be able to clearly articulate the problem you’re trying to solve and the basic features your service should include.
For example:
Thinking about your needs upfront will make it easier to rule in – or rule out – potential providers early in the process.
As part of this, you may want to prepare a list of questions to ask potential providers. These may aim to explore providers’ processes, approaches and security measures, whilst also attempting to discover whether the solution can scale (alongside your evolving needs) in the years to come.
When you’ve decided on the features your solution might require, it’s time to start researching the market. You can use a number of approaches to identify possible providers – these are a few of the most popular.
As with any important buying decision, a great starting place is to speak to people who’ve recently made a similar purchase. This might be challenging when it comes to something as niche as a whistleblowing service, but your professional network may prove invaluable.
Ask former colleagues, managers and industry acquaintances if they can recommend providers for the type of service you’re looking for. Even if they have not recently contracted with a provider, they may have a similar service in place within their organisation. Find out who they use and ask them what they know about the provider and their service.
Even if you don’t place value on the subjective feedback you might receive, it can be the fastest way to obtain the names of a few reputable providers.
Professional and industry events can be a great way to make connections and keep up with the changing landscape. Use these opportunities to discuss the challenges your company is facing – it’s more than likely that you’ll find people who’ve faced similar issues.
If you do, remember to ask whether their solution met their original need (and whether they would do things differently next time). If you can’t find people facing comparable challenges, ask for introductions to people within their organisation who may be able to help.
Outsourced whistleblowing services have become commonplace over recent years – particularly among medium-large organisations spanning virtually every sector, and those in regulated industries – so you’re likely to gain some useful knowledge from those around you.
Online is the starting point for the majority of B2B purchases (Forrester, 2017).
But before you begin, make sure you know the search terms (or ‘keywords’) that are likely to return the information you’re seeking.
For example, if you’re purely looking for an outsourced hotline service, you will likely get relevant results using the terms ‘whistleblowing hotline’, ‘ethics line’, ‘compliance line’ or ‘speak up’ coupled with ‘provider’, ‘service’, ‘solution’ or ‘software’.
If you’re looking for a provider that offers a software element too (to support the logging and processing of your reports), you may find the terms above coupled with ‘incident management’, ‘case management’, or ‘software’ return more relevant results.
The differing terms are often used to differentiate one provider from another in terms of its approach or philosophy, even though the competing services share similar tools, software and outputs.
NOTE: Services labelled as ‘helplines’ or ‘advice lines’ imply that legally-qualified advice is available to reporters. Clarify this point with the provider to avoid any confusion.
Once you have come up with a list of potential providers, you’ll need to look more closely at the specific services on offer and the differences between them. The fastest way to do this will be to visit their website service pages.
Broadly speaking, all ‘whistleblowing hotlines’, ‘speak up hotlines’ and ‘ethics helplines’ serve the same purpose: to facilitate the sharing of sensitive disclosures between an individual (usually an employee) and an organisation.
However, once you begin to delve into the detail you will find a number of important differences between vendors that will influence the success of your programme. These will relate to things like:
Ask about the reporting channels offered by each vendor, and look for specifics about how they are administered. For instance, “telephone reporting” could mean voice messaging, live call handling in only one language, multilingual live call handling – or a combination of these.
Also try to discover whether their intake channels will be dedicated only to your organisation, or shared between customers (e.g. one phone number shared among all customers, or a generic web reporting form). Shared channels can pose a data privacy risk and require deeper investigation.
Look for clues about how the provider approaches the reporting process, and consider whether it matches your requirements.
For instance, your overriding goal may be to give your employees confidence and reassurance about speaking up. If it is, you might prioritise providers with a range of reporting options, anonymous reporting processes and channels that are dedicated specifically to your organisation.
The providers’ standard processes are also likely to differ slightly – both in the way reports are captured and processed, and in how they are shared with your organisation. Look for details on both of these points.
You may also find that some providers will allow you to tailor elements of these processes, while others will follow a more rigid procedure.
Recognised certifications can provide reassurance about the security of a vendor’s solution, but check specifically what they relate to (is it the company, a process, or a piece of software that meets the standard, for example?)
Find out how we protect data »
Be sure to find out how (and where) your data will processed and stored, and that this complies with the laws and regulations to which you are subject (e.g. GDPR).
The technology behind the reporting process and incident management software services will differ between providers. Try to discover whether technology offers the key features you require, appropriate security controls and ease of use.
You will be able to take a closer look at the systems on offer by requesting a demonstration from the provider.
In addition to a whistleblowing hotline solution, most providers offer other complementary services, such as online employee training, case management software, or policy and procedure management.
This can be useful in the medium to long-term – especially if your hotline programme is an first step in the development of a more comprehensive risk and compliance programme.
Once you’ve put together your shortlist, you’ll be ready to engage vendors to provide details, product demonstrations and costs.
WhistleB’s whistleblower hotline and reporting services are trusted by over 10,000 organisations worldwide. Want to join them? Contact us today »