Whistle Blowing Hotlines

Introduction
Much has been written about the act of "Whistle blowing" and, indeed, the morality of this practice. In 1971, the then Chairman of General Motors, James Roche warned against whistle blowing in the following quote:

"Some critics are now eroding another support of free enterprise – the loyalty of a management team, with its unifying values of cooperative work. Some of the enemies of business now encourage an employee to be disloyal to the enterprise. They want to create suspicion and disharmony, and pry into the proprietary interests of the business. However this is labelled – industrial espionage, whistle blowing, or professional responsibility – it is another tactic for spreading disunity and creating conflict."

Now these are blistering words from Roche as he equates whistle blowing and acts he defines as professional responsibility, with a breach of loyalty to the organisation. A year later, Ralph Nader, the U.S. consumer advocate seemed to counter the issue of loyalty by extolling the virtue of public interest when he defined whistle blowing as:

"[a]n act of a man or woman who, believing that the public interest overrides the interest of the organization he serves, blows the whistle that the organization is involved in corrupt, illegal, fraudulent or harmful activity."

Judging from the many cases where legitimate whistle blowers have suffered severe consequences for their actions, it is clear that the perception still predominates that organisational loyalty and the maintenance of confidentiality are of overriding importance. This is unfortunate as misconduct of any nature and perpetrated at any level in any organisation does not deserve protection, nor does it merit shelter behind the guise of proprietary activities, corporate loyalty or privilege!

How far do we take this concept? In this era of corporate social responsibility the scope of whistle blowing information cannot be confined to internal organisational misconduct, malfeasance or theft of the organisation's assets. Any conduct by the organisation, its officers or employees that is against public interest; that is harmful to the environment; that is in contravention of the fiduciary duties of the officers; that may adversely impact on the interests of stakeholders, primarily shareholders; or that may dilute the image, reputation and value of the organisation are to be considered fair game for exposure. This is fundamental to good corporate governance.

Similarly, no person in an organisation should be exempt from inquiry. If we search for authority to support these contentions and bring finality to this discussion we need look no further than a past President of the United States, Theodore Roosevelt who stated:

"To announce that there must be no criticism of the President, or that we are to stand by the President right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public."

It is obvious that we can draw conclusions from this that find parallels in the private and public sectors. Now that we have hopefully settled the issue of the morality and acceptability of the process, we need to consider its practicalities.

The Rationale
Statistics from fraud cases clearly indicate that although detection measures are important in exposing commercial crime, by far the greater source of information leading to the uncovering of frauds comes from people who know the perpetrator and who, to coin a phrase, "spill the beans". Some authorities note that information provided from such sources leads to 80% of all fraud detections and convictions. Now that is quite a high percentage. Can your organisation leave such random reporting to chance? Why leave the chance of exposing criminal threats within your organisation to someone who may or may not have the inclination to find the right contact person and telephone number to report it to? The solution clearly is to formalise the process to make it as easy as possible for informants to pick up the phone, dial a toll-free number and disclose vital information, and this is now not at all difficult!

Whistle Blowing Hotlines
There are a number of companies, including the large auditing firms, which provide this service; so the cost and effort of setting up one's own call centre and hiring qualified staff is obviated.

Whistleblowing service companies benefit from the economies of scale due to their large client base and these cost reductions are passed on to their customers. They also have the qualified staff to ask the right questions in determining whether a call is genuine or an attempt at malicious slander. Thereafter they have the expertise to assist with any investigation the client deems necessary.

The Organisation's Responsibility
Even if the organisation outsources the whistle blowing hotline, it still has certain functions it should perform to ensure success. One of these is to increase awareness of the existence of the hotline, highlight its ease of use and to encourage reporting by staff and other stakeholders, including, customers, suppliers and contractors.

As part of the awareness process, the organisation must not only undertake but should also ensure that a formalised process is in place, either internally or through the service provider, to handle and investigate reports and incoming information timeously and in the proper fashion.

It is essential that the organisation guarantees, through a written and publicly available Policy document, the anonymity of callers and gives the assurance that there will be no retaliation or victimisation of people coming forward with incriminating evidence or information.

The organisation should set up appropriate reporting structures so that hotline interviewers and investigators have access at the relevant level. This would require access even up to the level of the Chairman of the Audit Committee (a post held by a non-executive director) for cases where senior management or Board members are the subjects of investigation.

What to look for in a Whistle Blowers Hotline Service?
When looking to outsource this service or implementing it in-house the following are to be considered:

• A system that supports a multi-lingual capability; provides access to a trained interviewer; and one that is operational and accessible 24 hour / 365 days per year.
• A single, segregated case management system that allows logging of calls and follow up; facilitation and management of the resolution process; testing by Internal Audit; oversight by the Board or Audit Committee; and helps to focus the efforts of investigators.
• Procedures that are formalised in a Policy document to ensure that information reported and case documentation is disseminated to the appropriate parties, including the Ethics / Compliance Team; Human Resources Department; Board / Audit Committee; Legal Department and the risk and security managers.
• Regular, independent evaluation of the process for effectiveness, compliance with local legislation and established protocols.

Conclusion

While whistle blowing is the formalisation of one of the most efficient processes of gathering evidence and fraud-related information, it should never be employed as the only tool in the detection programme.

Used as part of the detection programme arsenal alongside continuous process monitoring / data analytics; monitoring of electronic communications; fraud detection controls; process controls; and the analysis of critical data and trends, whistle blowing serves to enhance the rate and probability of detections and may well act as a further preventative factor for persons considering stepping over the ethical boundary.