Whistleblowers: A Fraud Triage System
Background
As the use of whistleblower programs continues to intensify and grow, many organizations find themselves struggling to manage burgeoning caseloads. With the new AMLA and the February 2021 announcement by the US Department of Labor stating that OSHA will investigate whistleblower retaliation complaints?under new antitrust and money laundering laws, it's reasonable to assume that caseloads will continue to increase. As a result, serious fraud investigations can be delayed (with mounting losses) while less consequential complaints are being investigated. The lack of a timely, systematic, and repeatable process for evaluating and prioritizing whistleblower tips that contain allegations of ethical breaches can also expose an organization to increased regulatory risk. While there is no single “right” method for following up on whistleblower complaints, the most effective approaches often resemble the medical triage programs that hospitals and first responders use to allocate limited resources during emergencies or crises. Here are some useful guidelines for designing and implementing a fraud triage system.
The Growing Use of Whistleblower Programs
Despite extensive fraud detection measures, closer management scrutiny, and increasingly sophisticated technology, the most common fraud detection method is still the simplest: somebody notices something suspicious and decides to speak up. According to the Association of Certified Fraud Examiners (ACFE) 2020 Report to the Nations on Occupational Fraud and Abuse, more than 40.0% of the cases reported in their study were uncovered as the result of tips (usually from an employee, supplier, or customer) —more than internal audit 15% and management review 12% combined. The ACFE study also demonstrates that dedicated reporting hotlines are particularly effective. In organizations where such hotlines were in place, 49.0 % of the cases reported were uncovered through tips, compared with only 31.0% percent of the cases in organizations without hotlines. These results are consistent with patterns that have been recorded in the ACFE’s biennial survey since its inception 20 years ago.
In approximately 33% of cases where a tip was made, the whistleblowers did not use a formal reporting mechanism. Instead, they reported their suspicions directly to supervisors, investigators, or other interested persons.? Source: ACFE
On a broader scale, as a matter of best practice, the COSO Internal Control-Integrated Framework and various other enterprise risk management (ERM) frameworks and guidance from the Institute of Internal Auditors (IIA) also emphasize the importance of establishing and maintaining effective whistleblower programs. In addition to their demonstrated effectiveness, whistleblower programs have also been promoted through recent regulatory actions. For example, one section of the Dodd-Frank Wall Street Reform and Consumer Protection Act directs the Securities and Exchange Commission to make monetary awards to individuals who voluntarily provide information leading to successful enforcement actions that result in monetary sanctions of over $1 million. A few years earlier, the Sarbanes-Oxley Act of 2002 required the audit committees of publicly traded companies to establish procedures to enable employees to submit confidential, anonymous information regarding fraudulent financial reporting activities. Dodd-Frank and Sarbanes-Oxley are only two examples of a broad range of laws that encourage – and often mandate – whistleblower programs. A 2013 study by the Congressional Research Service found no fewer than 40 federal whistleblower and anti-retaliation laws designed to protect employees who report misconduct. Eleven of those 40 laws were enacted after 1999. On February 21, 2018, the U.S. Supreme Court issued an opinion in Digital Realty Trust, Inc. v. Somers. This long-anticipated case clarifies who is protected as a “whistleblower” under the Dodd-Frank Act’s anti-retaliation provisions. It states that to qualify as a “whistleblower” under Dodd-Frank, individuals now have a clear incentive to report all sorts of observations to the SEC before reporting those observations through their company’s internal reporting infrastructure. Under Dodd-Frank, an individual is only protected from retaliation if they have reported potential violations to the SEC before they separate from the company. Such laws not only make whistleblower programs more common but also make the timely resolution of tips even more critical, as we are about to explain.
Responding to Tips – Why Timeliness Matters
Dodd-Frank, Sarbanes-Oxley, and the various regulatory structures established to implement them are helping mold a corporate environment where undervalued and under-appreciated compliance professionals and in-house counsel are incentivized to “blow the whistle.” Such incentives can help create a self-regulating environment, but they also make it essential that corporations establish a timely and effective process for remediating complaints. For example, the SEC established a separate Office of the Whistleblower to carry out its mandate under Dodd-Frank.??Since the beginning of the whistleblower program, the Commission has awarded approximately $387 million to 67 individuals. Despite an unusual year challenged by a lapse in appropriations, in FY 2019, the SEC awarded roughly $60 million in whistleblower awards to eight individuals whose information and cooperation assisted the Commission in bringing successful enforcement actions. Three award recipients in FY 2019 were located abroad or reported conduct that was occurring abroad, demonstrating the program's international reach.
In FY 2019, the Commission received more than 5,200 tips, its second-largest number of whistleblower tips in a fiscal year. It made its third-largest award to date—a $37 million award to a whistleblower who provided significant evidence and assistance that enabled the agency to resolve the matter efficiently and successfully. This award followed a $50 million award to joint claimants in March 2018 and a $39 million award to a whistleblower in September 2018.
Under this program, there are exceptions if at least 120 days have passed either since the auditor (excluding external auditors who obtained the information during the audit of an issuer) or the accountant properly disclosed the information internally (to their supervisor or to another person in the organization who is responsible for remedying the violation (i.e., the audit committee, chief legal officer, chief compliance officer, or their equivalents), or since they obtained the information under the circumstances indicating that the entity’s officers already knew of the information. Then they can report the lapse directly to the SEC and be eligible for a sizable whistleblower award – from 10 percent to 30 percent of any collected fines or sanctions. The program’s website prominently features headlines such as “SEC Issues $17 Million Whistleblower Award” and “SEC Awards More Than $5 Million to Whistleblower,” to cite only two of many recent examples.
Since the inception of the Whistleblower Program, the SEC has ordered wrongdoers in enforcement matters brought with information from meritorious whistleblowers to pay over $2 billion in total monetary sanctions, including more than $1 billion in disgorgement of ill-gotten gains and interest, of which almost $500 million has been, or is scheduled to be, returned to harmed investors.
With incentives like that, it should be no surprise that whistleblower complaints are on the rise. Yet, in most cases, such awards would not have been available if the companies involved had resolved the initial fraud complaints within 120 days. Unfortunately, our experience indicates that while many companies invest in tips hotlines and similar whistleblower programs, many fail to invest adequately in an allegation review process for promptly evaluating, prioritizing, and responding to the whistleblowers’ tips in a systematic, repeatable, and defensible manner. As the number of tips grows and investigators’ caseloads expand, complaints end up sitting in a queue waiting to be investigated. Simultaneously, the company remains vulnerable to the risks the tipsters were warning about, and the SEC timeline is running. A 2020 study of compliance software company NAVEX Global customers found that Case Closure times had blipped up to 45 days from 40 days in 2018. This metric is important given that, under specific agency whistleblower provisions, an organization will have limited time to complete an internal investigation. Moreover, when the various fraud cases are compared, cases involving suspected accounting, auditing, and financial reporting fraud took the longest to resolve by far – 56 days! In other words, the average case closure time for cases of suspected financial fraud was almost halfway to the 120-day deadline – the point at which employees are incentivized to report the case directly to the SEC and expose the company to additional, sizable sanctions.
Hidden and Direct Costs of Delayed Response
Even setting aside potential SEC sanctions, delays in investigating whistleblower tips are costly in other ways. Delayed responses to tips can cause employees and other potential sources to lose confidence in the hotline or other whistleblower programs, undermining the compliance and ethics program's effectiveness and adding further complexity to the risk management effort. Most companies spend considerable time, effort, and resources creating compliance and ethics programs. Failing to promptly establish a system for dealing with allegations or tips can mean those expenditures are probably wasted. There are also direct costs associated with delays in handling tips. The losses resulting from a fraud scheme are directly related to how long the scheme goes on. The ACFE’s 2020 Report to the Nations found that the median losses for frauds uncovered in six months or less were $50,000. But at the other end of the scale, schemes lasting more than five years caused a median loss of $740,000. Simply put, the longer perpetrators can continue, the more financial harm they can cause. The absence of an effective program for handling whistleblower complaints promptly and effectively can have a significant and direct financial impact – in addition to the regulatory, employee relations, and reputational risks such a shortcoming entails.
When triaging a whistleblower allegation, it is crucial to ensure that the review process is conducted by a competent and well-structured Allegation Review Committee (ARC).
A Triage Approach
While there is no single, one-size-fits-all method for following up on whistleblower complaints, the most effective approaches are similar in many ways to medical triage programs, such as those implemented by hospitals and first responders during emergencies to help medical professionals prioritize the treatment of patients. In medical triage, those with severe, life-threatening injuries are treated ahead of those with less severe conditions. Similarly, a fraud triage program helps risk, audit, and fraud professionals prioritize the investigation of tips and whistleblower complaints. Those that indicate serious, material risks are addressed differently and more aggressively than those that reflect mere misunderstandings, minor errors, personal grievances, or false tips, all of which could tie up investigators unnecessarily. Under a fraud triage program, the same principles apply. Hotline tips or complaints that do not indicate fraudulent behavior can be delegated to human resources, IT, or other line or support functions capable of handling them more efficiently. Meanwhile, complaints that involve suspected fraud but are less significant regarding financial losses, control failures, or other risks may be set aside temporarily. At the same time, larger, more material cases receive immediate attention.?
Proper Staging of the Allegation – the Critical First Step
A swift and thorough triage process leads directly to a more appropriate and timely response. Of course, the specifics of that response will vary depending on the nature and severity of the case. Still, the fundamental elements of the treatment include forming the right team to investigate, understanding root causes, and providing timely disclosure to all constituencies. Before such a response can be planned and executed, the tip or allegation must be evaluated or “staged” based on a consistent set of criteria. Navigant’s fraud governance framework identifies five such stages:
Stage 1
Stage 1 allegations have a low threat level and do not suggest a breakdown of internal controls. Tips that get grouped into this stage do not have a financial or reputational impact. These may include employee-to-employee disputes, isolated cases of small-scale employee theft, normal policy complaints, misunderstandings, and personal disagreements that are often raised through a whistleblower program. In most cases, these complaints are best handled by human resources or management personnel. Note: Human Resources and management should be trained on proper investigation protocols, including the escalation process. A basic level of review should be performed and documented to corroborate that no further investigation is warranted. A branch or office manager could perform this review and documentation. For an employee who is the target of such a complaint, management should consider placing such an employee on a temporary legal hold, which triggers the retention of email and other documents until the risk of retaliatory litigation has passed.
Stage 2
These allegations are more severe and often indicate some deficiency in the design of internal controls. Examples include business rule violations such as recurring employee theft or patterns of falsifying expense reports. If the allegation is substantiated, then the result of the remediation process is a change to a business process or business rule, followed by an enhancement of the company’s preventive or detective internal controls. Because they indicate a deficiency in internal controls, such allegations are escalated to the internal audit function to understand the control environment better. Internal audit should evaluate what controls are currently in place and determine where the internal controls' breakdown occurred. It is also important to assess if the allegations are signs of a bigger problem or if they could have an impact on financial reporting. Sensitivity testing must be performed to calculate the low-case, medium-case, and worst-case financial impact if financial reporting is affected. Internal audit’s review also might identify multiple violations. Again, the employees affected should be put on a legal hold, which triggers the retention of email and other documents until the risk of litigation passes. In some cases, employee termination may be warranted.
Stage 3
These allegations are serious, generally involve an override of internal controls, and thus are, at a minimum, a severe deficiency. But they have only a minimal impact on the financial statements or the company’s reputation. More severe allegations in this category include fraud, embezzlement, and bribery involving employees or mid-level management. Such cases require the same level of investigation as Stage 2 cases, along with an internal investigation that usually is conducted under the direction of the general counsel, involving compliance and internal audit. In some instances, the investigation might need to be performed independently by a function or person not directly involved in the control environment.
Stage 4
These are serious allegations that could impact the completeness and accuracy of the audited financial statements, which could indicate a material weakness in internal controls. They do not, however, appear to involve any senior management team member. Typically, outside counsel, operating under privilege, directs an independent investigation into such cases, utilizing outside experts, including forensic accountants.
Stage 5
These are serious allegations involving one or more senior management team members, or they are severe enough to damage the company's reputation. At this stage, the receipt of allegations typically places the company in crisis management mode and could result in the restatement of audited financial statements or additional regulatory scrutiny. In such instances, the board generally should engage outside counsel and forensic investigation experts to initiate a privileged and confidential independent fact-based investigation. External auditors may also be involved (shadow investigation), and SEC disclosure may be required. It’s important to note that engaging outside experts is generally necessary in both Stage 4 and Stage 5. Other critical elements of Stage 4 and Stage 5 responses include having a qualified and experienced investigation team and a time-phased work plan that minimizes disruptions to the organization’s day-to-day business as much as possible. The investigators will begin with fact-finding interviews to help them evaluate who else to interview and when. The investigators will also help the company identify a list of custodians who will be interviewed to understand where their data was being saved (for example, on email servers, mobile phones, or other devices, flash drives, cloud servers, and network folders). Generally, once data privacy issues are understood and resolved, a large-scale data collection effort will then ensue to search for and preserve all potentially relevant information. The goal is to determine who knew what, when, and how far up the chain the knowledge went. The investigation will also assess if the audited financial statements can be relied upon so that counsel and board members can determine what disclosure requirements might apply. Additionally, the investigation team has the ability to aid in remediation, including the development of new or enhanced policies, procedures, and controls when they identify internal control issues.
Allegation Review
When triaging a whistleblower allegation, it is crucial to ensure that the review process is conducted by a competent and well-structured Allegation Review Committee (ARC). The ARC should be composed of individuals with diverse expertise, including legal, compliance, human resources, and relevant subject matter experts, to comprehensively assess the nature and implications of the allegation. This multidisciplinary approach ensures that the committee can evaluate the claim from multiple perspectives, understand the potential legal ramifications, and consider the broader organizational impact.
A key aspect of best practices in whistleblower allegation triage is maintaining the integrity and confidentiality of the review process. The ARC must be composed of individuals who not only possess the necessary skills and knowledge but also adhere to the highest standards of ethical conduct. This is critical in maintaining the trust of the whistleblower and ensuring that the investigation is conducted impartially and fairly. The members of the ARC should be trained in handling sensitive information and be aware of the legal protections afforded to whistleblowers to prevent retaliation and maintain confidentiality.
The ARC’s role in the triage process is to initially assess the validity and severity of the allegation. This involves a preliminary investigation to determine whether the claim falls within the organization’s scope and jurisdiction, and if there is sufficient evidence to warrant further investigation. The committee should establish clear criteria and protocols for evaluating allegations, ensuring consistency and objectivity in decision-making. By adhering to these best practices, the ARC can effectively manage whistleblower allegations, uphold the organization’s commitment to ethical standards, and foster a culture of transparency and accountability.
Not all organizations have a formal Allegation Review Committee (ARC), but many larger companies and institutions, particularly those with established compliance and ethics programs, do implement some form of structured review process for handling whistleblower allegations. The existence and structure of an ARC often depend on the organization’s size, industry, regulatory environment, and commitment to corporate governance.
In highly regulated industries, such as finance, healthcare, and government contracting, organizations are more likely to have a formal ARC or a similar body to ensure compliance with laws and regulations. These committees are essential for maintaining a robust compliance framework and for mitigating risks associated with regulatory breaches and potential legal issues. In these sectors, there is often a greater emphasis on having clear protocols and dedicated teams to handle allegations of misconduct.
In smaller organizations or those in less regulated industries, the approach may vary. They might not have a dedicated ARC, but they may still have designated individuals or a cross-functional team responsible for reviewing and investigating allegations. The approach can be less formal but still aims to ensure that allegations are addressed appropriately and confidentially.
Overall, while not universally implemented, the concept of an ARC or a similar review mechanism is recognized as a best practice in organizational governance. It helps ensure that whistleblower allegations are handled consistently, fairly, and in a manner that protects both the organization and the whistleblower.
Ownership, Responsibility, and Follow-Up
The triage staging system described here is not the only plausible methodology an organization can use to evaluate allegations of wrongdoing and plan appropriate responses. Other thought leaders in the field have proposed evaluating tips according to various other criteria, such as the severity of the allegation, the specificity of the information it contains, and similar factors. Ultimately, the company's unique situation and industry will require customization of the chosen triage process and framework. In many cases, boards may choose to combine elements from a variety of approaches. I cannot overstate the importance of maintaining written policies and procedures, regardless of the specific criteria upon which the system is based. Moreover, in all cases, it is important that the responsibility for developing, implementing, and maintaining the triage response system be clearly defined. The assignment of this responsibility will also vary depending on the organization's size and nature, its governance structure, the volume of whistleblower complaints, and other factors. It could fall to internal audit, compliance, the corporate general counsel, a board committee, a designee of the CFO, or some other person or group. Still, in all cases, it’s essential to have a designated individual or business function that is responsible for initially capturing complaints and performing the triage of the allegation(s). After establishing the framework and gathering data, it's crucial to pause and reassess the data on a regular basis. Consider a scenario where the complaint hotline receives a high volume of insignificant complaints, such as minor personnel disputes, uniform violations, or complaints from employees about working on holidays. If such a scenario arises, it might be necessary to conduct further training on the use of the complaint hotline. An increase in sexual harassment complaints or complaints related to substandard working conditions could provide an early warning of a potential leading indicator for a class action lawsuit. Similarly, increasing reports of low-dollar employee theft are usually signs of a larger cultural problem.
领英推荐
Anti-Money Laundering Act of 2021
The 2021 AMLA establishes a whistleblower reward program for suspected violations of the BSA. The program is similar in some ways to the whistleblower program at the Securities and Exchange Commission (SEC): tipsters who provide original information that leads to an enforcement penalty of more than $1 million would be eligible for a reward as high as 30 percent of the collected total. Also, reporting tips would allow that individual to claim anti-retaliation protections included under AMLA. Specifically, in the event of a violation of these provisions, the whistleblower can file a complaint with the Department of Labor and seek recourse in federal district court if it is not adjudicated within a certain period.
My initial interpretation of this whistleblower program is that compliance and internal audit professionals will be eligible to submit tips and pursue awards, even without internally reporting misconduct allegations. A maneuver many of us shunned over the years; however, this does make sense if you think carefully. At some point, I hope, the SEC requires the departure of the CCO or CAE to be an 8-K triggering event. Potentially bypassing internal reporting is another reason why the board and compliance professionals everywhere need to think hard about the compliance program's current state.
Crisis Situations
A study states individual behaviors in crises do not correspond to everyday life behaviors, which makes sense.? One example many of us can relate to is the 2008 Financial Crisis. During the Financial Crisis, behaviors like anxiety, fear, confusion, and disbelief pushed some to make poor decisions and cross ethical boundaries. For a variety of reasons, individuals may overlook ethical violations and not report the alleged bad behavior.
Don’t ignore exit interviews regardless if they need to be conducted remotely. Employees exiting might have some interesting things to share, including overriding of controls, or worse, misconduct!
Here are some questions I like to ask during an exit interview:
Closing
Evaluating the data and trends captured in your complaint system can help you make decisions that could prevent the next “big event.” In that sense, a practical, well-designed, and consistently executed fraud triage effort can pay even more significant dividends that go beyond the direct benefit of helping you evaluate and prioritize tips and complaints more efficiently. Also, please make sure you have an investigation playbook and keep it consistent.? There is also an opportunity to use data analytics to get answers quickly.? For those working towards creating an enterprise-resilient organization, continuous monitoring (management) and continuous auditing (compliance and internal audit) might be an option, as ongoing feedback may help enhance programs and controls.
Update - 2024
The Expanding Landscape of Whistleblower Programs
As whistleblower programs continue to evolve, organizations are facing increasing challenges in managing the growing number of cases. Since the introduction of the Anti-Money Laundering Act (AMLA) of 2020, which established a whistleblower reward program similar to that of the Securities and Exchange Commission (SEC), there has been a significant uptick in reported cases. The AMLA program incentivizes individuals to report violations by offering rewards up to 30% of the collected penalties, provided the enforcement penalty exceeds $1 million. This development, alongside the SEC’s and other agencies’ efforts, underscores the critical role whistleblowers play in regulatory enforcement.
The SEC’s Office of the Whistleblower has been particularly active, with record numbers of tips and substantial awards. As of 2024, the SEC has awarded over $1.3 billion to whistleblowers, with more than $750 million of this total awarded since 2021 alone. The SEC reported receiving over 12,000 tips in fiscal year 2023, marking a continuous increase from previous years. High-profile awards in recent years include a $114 million award in 2021 and several multimillion-dollar awards in 2023, reflecting the program’s expanding reach and impact.
Additionally, the Department of Justice (DOJ) has launched a pilot program to further enhance whistleblower protections and incentives. This new initiative aims to expedite the handling of whistleblower complaints and ensure greater transparency and efficiency in the process. Under the pilot program, whistleblowers who provide original information leading to successful enforcement actions can receive awards of up to 30% of the monetary sanctions collected, mirroring the SEC’s approach. The DOJ’s pilot program also includes robust anti-retaliation measures, allowing whistleblowers to report misconduct without fear of retribution.
The DOJ has seen a rise in False Claims Act cases, with whistleblowers playing a pivotal role. In fiscal year 2023, the DOJ recovered over $3 billion in settlements and judgments from False Claims Act cases, with whistleblower-initiated cases accounting for a significant portion of these recoveries. The Office of Inspector General (OIG), particularly within the Department of Health and Human Services (HHS), has also ramped up efforts, focusing on fraud in Medicare and Medicaid programs. Recent data indicates a surge in whistleblower tips leading to substantial recoveries and program improvements.
A study by NAVEX Global highlights the importance of effective whistleblower programs. According to their 2023 benchmark report, organizations with robust whistleblower systems saw a 40% higher reporting rate of ethical concerns and a 50% faster resolution rate compared to those with less developed systems. This data suggests that well-implemented whistleblower programs not only uncover fraud but also enhance organizational integrity and efficiency.
Responding to Tips: The Critical Need for Timeliness
With the increasing volume of whistleblower tips, timely and effective responses are more crucial than ever. The SEC and DOJ’s emphasis on swift action and substantial penalties for non-compliance has heightened the stakes for organizations. The SEC’s program allows whistleblowers to report directly to the agency if internal reports are not addressed within 120 days, potentially leading to significant sanctions if issues are not promptly resolved.
Average case closure time has improved to 35 days, down from 45 days in 2020. However, cases involving financial fraud still take longer to resolve, averaging 50 days.
NAVEX Global’s 2023 data indicates that the average case closure time has improved to 35 days, down from 45 days in 2020. However, cases involving financial fraud still take longer to resolve, averaging 50 days. This improvement is crucial as prolonged investigation times can erode employee trust in the whistleblower process and increase regulatory risks.
Organizations must adopt a triage approach to manage the influx of tips effectively. This involves prioritizing cases based on severity and potential impact, akin to medical triage systems. By doing so, companies can ensure that significant fraud allegations receive immediate attention while less critical issues are managed appropriately. A well-structured triage system can mitigate risks, enhance response times, and improve overall program efficacy.
The Strategic Importance of Whistleblower Programs
?Effective whistleblower programs are integral to maintaining compliance and fostering a culture of transparency and accountability. Recent regulatory enhancements and increasing whistleblower activities highlight the need for organizations to continuously refine their whistleblower processes. The adoption of advanced data analytics and continuous monitoring can further enhance the ability to detect and respond to ethical breaches promptly.
Programs at the SEC, IRS and other agencies such as the Commodity Futures Trading Commission are limited in scope, and don’t address the “full range of corporate and financial misconduct that the Justice Department prosecutes,” Deputy Attorney General Lisa Monaco said.
DOJ
The U.S. Department of Justice (DOJ) launched its whistleblower program on August 1, 2024. Announced initially by Deputy Attorney General Lisa Monaco on March 7, 2024, this program aims to incentivize individuals to report corporate and financial misconduct by offering financial rewards. It complements existing federal whistleblower programs, such as those by the SEC and CFTC, and seeks to address misconduct that falls outside their jurisdictions .
Key Features:
1. Financial Incentives: Whistleblowers providing original, non-public information leading to successful enforcement actions may receive a portion of the recovered assets. This reward is contingent on the information being new to the government and not derived from individuals involved in the wrongdoing.
2. Scope of Program: The program is designed to cover a broad spectrum of misconduct, including violations affecting the U.S. financial system and foreign corruption. It particularly targets significant cases that may not be addressed by other whistleblower programs due to jurisdictional limitations.
Timeliness and Investigation Timelines:
Program Implementation:
The DOJ whistleblower program introduces a new avenue for individuals to report misconduct, encouraging timely and accurate reporting through financial incentives. Organizations must be prepared to respond swiftly to whistleblower reports, with the standard investigation timeline being 30-45 days. This emphasis on timeliness ensures that organizations can address potential issues efficiently, maintaining compliance and minimizing risks. For more information visit the DOJ’s whistleblower program website.
Conclusion
In conclusion, the landscape of whistleblower programs in 2024 is characterized by growing regulatory support, increasing tip volumes, and substantial financial incentives for whistleblowers. Organizations must prioritize the development of comprehensive, efficient, and responsive whistleblower systems to navigate this complex environment successfully. The integration of robust triage systems and ongoing program assessments will be vital in managing the challenges and opportunities presented by modern whistleblower initiatives.
Thank you!
_______________________________________________________________________________________________
Disclaimer
My thoughts, suggestions, and opinions are my own and are never a substitute for professional advice.? This material is protected by Copyright and may not be used in any form without the express written permission of Jonathan T. Marks.
Attribution:
Modified from my 2018 post.The Whistleblower Program was created by Congress on July 21, 2010, in Section 922?of the Dodd-Frank Act.The SEC implemented the program by issuing?Final Rules?on May 25, 2011. These?Final Rules?are effective as of August 12, 2011.