The protection of the whistleblower’s identity is emblematic of true freedom of speech and represents the core instrument in creating a balanced work environment, based on integrity, trust, safety and professionalism. Although, in the past, whistleblowers have often been regarded as individuals disloyal to the system, been marginalized or even sanctioned/punished, they represent the cornerstone of any democratic society.
By Denisa Simion, Manager Forensic and Integrity Services at EY Romania
Integrity is Seen as a Key Pillar In Every Organization
Beyond the principles stated in the corporate mission, vision, values, integrity is seen by the vast majority of organizations and their employees, as a key pillar for business success. EY researchers – the global market research agency Ipsos MORI – conducted between January and February 2020 2,948 surveys in the local language among Board members, senior managers, managers and employees, in a sample of the largest organizations and public bodies in 33 countries and territories worldwide. According to the survey, 95% of the respondents believe it is important to demonstrate that they operate with integrity, and 98% agree that this brings benefits to the organization. Consequently, the most important benefits of operating with integrity are: having a strong corporate reputation (50%), attracting new customers/clients (41%), retaining talented employees (40%), retaining customers/clients (37%), improving financial performance (35%), attracting talented employees (31%) and minimizing risks or regulatory/legal action (31%).
An open public consultation carried out by the European Commission in 2017 , which was aimed at collecting views on the issue of whistleblower protection, showed that 99.4 % of the respondents agreed that whistleblowing should be protected. Respondents were asked to indicate the reasons why workers do not report wrongdoings. The factors selected from the list provided included, fear of legal consequences (80%), fear of financial consequences (78%), and fear of bad reputation (45%).
Nowadays, foundations are set to create a legislative framework which would consolidate the protection granted to whistleblowers and secure them from potential retaliation, as a consequence of their initiative shown on reporting any irregularities within the organization.
In October 2019, a European Directive was adopted concerning the protection of the individuals who report infringements within their organizations. This EU Directive represents an initiative to harmonize the legislation of the Member States and may be regarded as a first step towards a unified approach to this matter. The central objective of the Directive is to strengthen the protection provided to whistleblowers and to protect them from the retaliation they might be exposed to.
The Innovations of the EU Directive Regarding Whistleblowing
What’s new about the EU Directive is that it sets out responsibilities for both the public and private sectors, which will have the duty to create internal procedures compliant with the standards and rules established by the EU Directive. Thus, in addition to the internal procedures concerning the reporting procedure, the public and private companies will have the obligation to create safe reporting channels respecting the anonymity/privacy of the source, the timeliness of the report registration and of the response and the follow-up given to the report.
How Can We Create a Safe Environment for the Employees, to Encourage Them to Prioritize Reporting Within the Organization Over Approaching External Sources?
Private companies and public institutions bear the responsibility for creating a climate of safety, trust and stability, by establishing internal processes to support and encourage employees who signal irregularities they flag, without fear of being sanctioned/punished for doing so.
In the past, companies implemented various reporting systems, such as helplines, or the possibility to send reports via e-mail. The challenges posed by these two solutions were that, in most cases, the identity of the author was disclosed, the helpline was blocked by the multitude of calls, the message was not properly understood or there was no possibility to contact the reporter to clarify certain details, all of these impacting the final resolution. Hence, in order to fully protect the identity of the whistleblower, the companies should provide an online integrity tool to receive the complaints and to ensure the anonymity/privacy of the whistleblower. The report will be received and viewed only by individuals authorized to solve it.
How Can Organizations Comply with the Provisions of the New Whistleblowing Directive?
The companies should create safe internal reporting channels dedicated to the employees, encouraging them to prioritize bringing forward reports internally, for the reported situation to be promptly resolved.
The use of internal reporting channels can prevent potential damage to company reputation, as well as its discreditation on the market following the public disclosure of the situation which led to the report.
In order to avoid additional costs due to the failure to comply in a timely fashion with the provisions of the EU Directive, a company will anticipate the type and volume of necessary material and human resources.
What Criteria Should a Potential Online Report Receipt Tool Meet in Order to Comply With the Needs of Organizations And the EU Whistleblowing Directive?
- Ensuring the protection of the whistleblower’s identity by avoiding face to face contact and the online submission of the report
- Accessibility in any language
- Confidentiality of the report content
- Possibility to interact virtually with the whistleblower via in-app messaging for possible clarifications or additional documents, as necessary to resolve the issue
- Automatic sending of the report registration confirmation
- Automatic sending of a unique log-in code allowing the whistleblower to verify the status of the report
- Accessibility both on mobile devices, as well as on computer systems
- Ensuring compliance with legal provisions on the protection of personal data
- Adaptability of the tool according to the requirements and characteristics of the company needs.