BY: ComplyLog|June 10, 2021|Whistleblowing
The EU Whistleblowing Directive, which came into force in 2019, will be adopted by all member states by December 2021, setting a tight compliance deadline for businesses, government agencies and municipalities. Organisations with 50 or more employees are now required to implement confidential internal whistleblowing reporting systems for people who uncover illegal activities and unethical behaviour in the course of their work.
Table of Contents
1 4 Examples of Whistleblowing in the Workplace
The directive is aimed at ensuring those who come forward with information that they will not be subject to retaliation by the organisation or their colleagues. It is also intended to standardise the reporting of breaches of EU law by employees. To explore whistleblowing and its benefits, let’s look at a few examples of whistleblowing in the workplace and how they were dealt with.
Swedish telecoms operator Telia developed its own internal whistleblowing reporting system, the Speak-Up line, in 2014. Within a year, the system received 92 reports of “suspected incidents of conflict of interest, corruption, embezzlement, procurement fraud and HR matters.”
Encouraging a company culture focused on ethics and integrity produced extraordinary results for Telia in its first twelve months. The line uncovered potentially fraudulent activity involving a former senior manager, third-party relationships related to personal gain that had been entered “in breach of standard procurement processes, possibly to support embezzlement of funds” and several breaches of the company’s Code of Ethics and Conduct.
Michaela Ahlberg, Chief Ethics and Compliance Officer at Telia noted that it’s important to engage employees to be able to reap all of the benefits of a whistleblowing system,
“Employees and stakeholders need to trust the system to submit the report. We are continuously raising awareness and are transparent in our communication to maintain the highest level of trust in the organisation.”
In 2014, Antoine Deltour leaked documents from his employer that helped expose around 340 businesses who were avoiding tax by creating complex financial structures and obtaining tax rulings that allowed the use of these structures within Luxembourg. They then channelled billions of Euros through the Grand Duchy with some organisations paying less than 1% tax on their profits.
Deltour downloaded the evidence and passed it on to a French journalist, Edouard Perrin, who reported on the leaks on TV.
The accountancy firm that employed Deltour prosecuted him for leaking the documents which resulted in him receiving a six-month suspended sentence and a €1,500 fine in 2014. However, he was awarded the European Citizens Award in 2015 by the European Parliament in recognition of his revelations. In 2018, he was cleared of his conviction and officially recognised as a whistleblower.
The LuxLeaks case is a prime example of retaliation and was one of the triggers that spurred the creation of more stringent whistleblowing laws in the EU and the Whistleblowing Directive. It was directly cited by the European Commission as a reason why those who uncover illegal activity should be covered by the EU Whistleblowing Directive.
In 2016, Slovak foreign ministry employee Zuzana Hlávková went public with accusations about procurement fraud. She reported being pressured into avoiding proper public procurement procedures in her role organising events to mark Slovakia’s EU presidency.
Hlávková alleged that she was told to work with an agency linked to the ruling Smer party. In addition, she told reporters that the government overstated the actual cost of a concert held to mark the start of the presidency.
Hlávková and her colleague Palo Szalai left the Slovak Ministry of Foreign Affairs over the issue, with the Slovak government framing the revelations as an attack on its presidency of the European Union. She now works with Transparency International to support whistleblowers.
British banker Howard Wilkinson uncovered a €200 billion money-laundering scheme running through Danske Bank’s branch in Tallinn, Estonia between 2007 and 2015. It involved payments made through the branch from non-residents accounts based in Russia, Cyprus and the UK. Many of the transfers were made by shell companies and then went out again to recipients in more than 150 different countries.
Wilkinson, who was Danske Bank’s head of trading in the Baltic states, discovered that accounts labelled as dormant were transacting millions of Euros every day and blew the whistle in 2014 once he discovered what was happening within the organisation. However, he claims the bank ignored him and the scandal did not become public knowledge for four years when Wilkinson’s name was illegally leaked to an Estonian newspaper against his will.
He testified in the Danish parliament in 2018 as part of an investigation that saw the Tallinn branch closed down and ten employees arrested.
Wilkinson told the European Parliament that “because the bank failed to take adequate corrective action in light of my well documented and verified concerns, I consider that I was compelled to resign. I am informed that this is known as a “constructive discharge.”
In addition, he claims the “highly restrictive” Non-Disclosure Agreement (NDA) that he signed restricted his conversations with law enforcement, and he accused Danske Bank of discrimination:
“The leaking of my identity, and my loss of privacy, constitute retaliation. The Bank knew
who I was based on my internal disclosures. The Bank was under an obligation to ensure that my identity was protected.”
The EU Whistleblowing Directive stipulates how individuals should state their concerns, which whistleblowing reporting channels to employ and how organisations should respond to reports.
|Reporting a Concern||Whistleblowers should have “reasonable grounds to believe that the information on breaches reported was true at the time of reporting.” They should then share their report through one of the available reporting channels within their organisation, which should allow them to do so in writing, orally or both.
They should be able to do so with confidentiality, giving as much detail as they can to allow the organisation to investigate fully. This should include the nature of the complaint. For example fraud, money laundering, safety concerns and so on.
Examples of reporting channels include:
The benefits of using an online reporting portal are numerous. You can ensure confidentiality and anonymity if needed. It is compliant with GDPR in terms of data handling, it is accessible from anywhere and does not require 24/7 staffing with trained professionals like a phone line would, for example.
|Responding to a Concern||The organisation must ensure a competent and impartial person or department is tasked with receiving the reports and investigating them. This could be the same individual or department or two separate parties.
They should respond to acknowledge receipt of the report within seven days and then provide feedback on the investigation within three months of that acknowledgement.
Using an online system like IntegrityLog allows you to see at a glance the progress of all cases on the easy to use dashboard, as well as to receive notifications when deadlines are due. This helps you ensure compliance at all times.
The investigating party should remain in contact with the reporting person in case they need more information. They should also keep the whistleblower’s identity confidential, as well as the identities of anyone else mentioned in the report, whether they are supporters of the reporting person or are the subject of complaints of wrongdoing.
There should also be training and other measures in place to protect the whistleblower and their family and supporters from retaliation as a result of their report.
The EU Whistleblowing Directive requires member states to put in place dissuasive penalties to help prevent organisations or individuals from retaliation against whistleblowers. The directive sets out a list of actions that might be considered retaliatory.
You should maintain the confidentiality of the reporting person, as well as anyone they mention in their report. This could be colleagues who have helped them or supported them in making that report. It could also be the name of anyone who is being accused of any violations of the law in the report as well.
A corporate culture that encourages whistleblowing inspires confidence in its workforce. It shows that the business is committed to the public interest, public health, its people and that it wants to continuously grow and improve its systems. It protects against legal violations and safety violations which could lead to unsafe conditions and damage to morale. There is no need to fear speaking up because management makes that pledge to listen, act and protect those who shine a light on criminal offences within the organisation.
Everyone in an organisation should feel safe reporting concerns, without being concerned about a miscarriage of justice that would see them get into trouble. Whether it is government fraud or a private company laundering money, each worker in the EU should be treated the same way when they want to report an infringement of Union law.
There have, unfortunately, been many examples of whistleblowing in the workplace that have previously proved difficult for the reporting person. These are the kinds of incidents that inspired the EU Whistleblowing Directive, which aims to protect those who do the right thing and alert people in power to the wrongdoing occurring. As seen in the example of Telia, when a company steps up and actively encourages whistleblowing, it can take immediate action and make the workplace a safer and happier environment for all.
Using an online whistleblowing portal like IntegrityLog helps this process run smoothly, efficiently and in compliance with the law. Request a demo today to find out how IntegrityLog could transform your organisation.