IMPLEMENTATION
PURPOSE
If the service will include customers and suppliers, be clear on why the service is to be used and the difference between other options, such as customer complaint area or customer service department.
The best way to communicate the purpose of the service is with an Implementation Advice. We offer templates to assist in developing the awareness of the service.
Set the service level for your business. Our experience is that businesses have:
- disclosures of 1 per 50 people
- report of 1 per 250 people
Organizations where employees trust management and do not fear retaliation tend to experience lower rates of disclosure because the internal systems and controls ensure the business identifies an issue early so that it can be rectified as quickly and at low cost.
ESTABLISHMENT
- Support the business culture
- Be part of your business improvement process
- Augment the effectiveness of other standards, code of conduct and training
A code of conduct outlines the operating principles and serves as a guideline of the expected behaviour of each employee. Where this standard is not being met and/or the internal systems and processes are not working, an alternate avenue should be available to ensure the business can:
- Check the systems and processes are effective
- Identify systemic and system issues
- Make appropriate improvements
- Where necessary, address the behaviour of individuals
Whistleblower protection must be clearly communicated to ensure compliance with the law and for the overall effectiveness of the program, this includes strong protection from retaliation such as dismissal, demotion or denial of opportunities for advancement, as well as setting out the potential repercussions for those who retaliate against a whistleblower.
ROLES
Employees can report a concern 24/7.
Primary Contact manages the contract and service administration for the business.
Designated Recipient receives each report for the business. There may be more than one. For example fraud and accounting matters may be sent to an independent board member.
Case Investigator manages all information gathering by WBS to ensure that the Case Reporter can prepare the Report. This activity is through an anonymous dialogue.
Case Reporter prepares the WBS report and forwards the report to the Designated Recipient.
Service Manager prepares quarterly and annual reports, responds to queries about a report.
EFFECTIVE ACTION
- Using a Web Portal that can retain confidentiality and anonymity
- Explaining how well the disclosure and the person making the disclosure are protected
- Avoiding phone and email as forms of notification
- Avoiding other actions that might compromise confidentiality and anonymity
- Using an external service to create multiple separations between the person disclosing and the organisation receiving
- Avoid using internal Legal, Audit or HR functions as the first point of reference
- Avoid recommending the first step in raising the concern, should be with a manager or colleague
The program should ensure everyone is aware of the service (employees, contractors, visitors), with the information being available:
- In the Code of Conduct
- In the Handbook and on wallet cards
- During orientation, induction and re-induction programs
- As part of all training programs offered to employees
Once the Designated Recipient has received the report, it is important that the information in the report be acted upon in a timely manner. The business should have clear rules on:
- Access to the information
- Performance Indicators for actioning reports
- Providing advice to WBS when the report has been actioned
Areas of Concern
| Governance | Shareholder concerns | Performance of Systems | Management Reporting | Director Actions | Senior Management Actions | International Activities | Business Continuity | Strategic Risk |
| Risk | Fiscal | Operations | Projects | Environment | Safety | Critical Events | Technology | Quality Assurance | Supplier | Purchaser | Other |
| Serious Conduct | Contrary to Law | Contrary to Contract | Contrary to Requirements |
| Corporate Misconduct | Collusion | Cartel | Anti Trust | Anti Competition | Compliance | Listing Rules | Insider trading |Regulation |
| Financial Misconduct Direct or Indirect |
Bribery | Misappropriation | Embezzlement | Fraud | Forgery | Audit Fraud| Money Laundering | Siphoning |
| Property | Sabotage | Vandalism | Theft | Unlawful Disposal | Disposal not at Market Value |
| Procurement | Kickback | Bribe | Corrupt Payment | Corrupt Influence | Bidding Collusion | Bid Manipulation | Variation Abuse | Billing Abuse | Undisclosed Interest in a Contract | Contract Specifications | Billing Redirection |
| Corporate Standards | Code of Conduct | Falsifying documents | Insubordination | Misconduct | Grievance |
| Company Policy Misconduct | Abuse of Authority | Misuse of Property | Acceptable Use Breach | Conflict of Interest | Fitness to Work | Drug and Alcohol Abuse |
| Inappropriate Actions | Discrimination – Age | Gender | Race | Colour | Religion | Orientation |
| Inappropriate Behaviours | Harassment | Hostile Workplace | Mistreatment | Retaliation | Sexual Harassment | Threats | Violence | Employee Communications |
| Customer Service | Aggressive Behaviour | Customer Mistreatment | Service Standards | Vendor Concerns |
| Financial Issues | Accounting Controls | Accounting Errors | Billing Errors or Violations | Risk Detection |
| Privacy and Security | Violations under Privacy Law | Identity Theft | Information Security | Privacy Issues | Security Issues |