Companies and organisations will have to change the way they deal with fraud cases and suspicions after the whistleblower directive will be implemented; they will have to implement the right procedures and be very carefull since they can be held criminally liable just like an individual, says Oana Piticas, White Collar Crime Practice Coordinator at Noerr at BR’s 18th edition of BR’s Tax, Law & Lobby | Focus on Whistleblower.
What are the main things for a company to consider after implementing internal reporting channels?
It is normal for a company to implement today internal reporting channels, implementing the right procedures if the law passes. There are two important things they need to do after implementing the procedures. One would be fact that companies will have to completely reform the way they look at fraud cases and fraud suspicions.
I mean you have the right procedures in plans, but you do need to be aware to the fact that you must tackle the fraud cases in a different way than you did before. Because, given this whistleblower directive companies really need to be aware of the fact that one the local law passes they will have to register and have the obligation to keep the register open to authorities in case of any scrutiny or control. Those registers will show every case of non-compliance or breach of law that was committed. And companies they need to implement this correctly and used to their advantage.
The other fact is that is going to change the way the criminal investigation bodies and courts of law are going to deal with the fact in Romania companies can be held criminally liable. I think this is a major topic that can be linked to the discussions of today because since 2006 companies can be held criminally liable just like an individual. So it is not only the perpetrator or the individual that can be held liable, but also the organization.
I see in my activity many companies that ignore fraud suspicions and this is a problem for them and for the authorities. I suggest that companies should start to reconsider the way the deal with fraud cases. They should perform a risk assessment to see where the vulnerabilities are inside the company and implement the reporting channels.