Cambridge Analytica. Panama Papers. Luxleaks. Scandals caused by a lack of transparency show that whistleblowers can play an important role in uncovering activities that damage the “public interest and the welfare of our citizens and society.” This is how the European Commission explains the reasoning behind its proposal for new standards to protect whistleblowers.
Brave whistleblowers are increasingly being celebrated. Those who step up to fight against misconduct and unethical behaviour, such as sexual harassment during the #metoo campaign, are having a significant impact on changing behaviour all over the world. Names like Antoine Deltour, John Doe, Chris Wylie and Sherron Watkins have become widely known and will be long remembered as whistleblower heroes.
However, misconduct is all too often not identified internally, and instead ends up being exposed in the public domain, wreaking havoc on an organisation’s reputation. But why? The main reason is that most people are reluctant to speak up within their organisation. Fear of retaliation and inaccessibility to the right people who need to know about misconduct are major factors that keep people silent within companies and governmental authorities. Another reason is reluctance to encourage internal reporting on the part of the organisation’s management, for fear of people reporting in bad faith. Nevertheless, not even fear can prevent leakage of information about wrongdoings.
That’s why offering a safe space for employees or other stakeholders to speak up about a conflict of interest, or other wrongdoings, is a vital part of any organisation’s long term strategy. As shown by research into the benefits of a transparent business climate, whistleblowing plays an important role.
In 2017 the European Commission issued the report “Estimating the economic benefits of whistleblower protection in public procurement”. The report states that there is a strong economic case for whistleblower protection. In all of the countries studied, the potential gains from recovering misused public funds was found to exceed the costs of setting up and maintaining such systems in the area of public procurement alone. As an example, in Ireland, the potential benefits were valued at about 2 times the costs involved, while in Romania potential benefits were valued to exceed the costs of setting up a suitable infrastructure 300 to 500 times.
According to the Association of Certified Fraud Examiners’ 2018 Report to the Nations – Global Study on Occupational Fraud and Abuse, organisations lose an average of 5 per cent of their annual revenue to fraud each year. And a secure whistleblowing system is the optimal solution for preventing wrongdoings: the same report states that fraud losses were 50% smaller at organisations with whistleblowing hotlines than those without a whistleblower hotline. We are seeing that such whistleblowing solutions increasingly consist of an online whistleblowing system, rather than the traditional telephone hotline.
While more and more organisations are moving to facilitate whistleblowing and protect whistleblowers from retaliation, the main driver for change is legislation. At the end of April 2018, the European Commission proposed new EU-wide standards aimed at protecting whistleblowers. The EC’s proposal includes an obligation for organisations to implement safe channels for internal reporting. Companies with more than 50 employees or with an annual turnover of over EUR 10 million will have to set up an internal procedure to handle whistleblower reports. All state and regional administrations and municipalities with over 10,000 inhabitants will also be covered by the new proposal. (Read our previous post for a more extensive analysis of the proposed Whistleblower Protection Directive.) Additionally, the European Parliament Committee on Legal Affairs’ draft report on the proposal for the Whistleblower Protection Directive states that “arrangements for anonymous reporting or disclosure shall be in place and anonymous reporting or disclosure shall not be prohibited.” This is good news in our opinion.
We believe that to establish a trustworthy whistleblowing system, any organisation needs to make sure that:
- the system is easy to use and the whistleblower can choose to be anonymous;
- the highest possible data privacy level is applied to protect sensitive information and personal data (GDPR compliance);
- the case handling organisation and process is clearly defined and necessary external expertise is used;
- the system and all processes are compliant with the GDPR and other applicable laws;
- the system is well communicated and implemented.