Whistleblowers – A key Resource for the Compliance Officer.

The adoption of Whistleblowing practice in the Corporate World as a governance tool has proven to be of multidimensional importance, as its’ importance has been felt in the tripod of Governance, Risk and Compliance. Many Compliance Officers and Fraud Investigators have, however, not seen this as a tool to achieve compliance and investigative objectives, hence, have not keyed into the benefits it provides.

I was privileged to be the Guest Speaker at the Webinar of the Compliance Institute of Nigeria (CIN) on Wednesday, 4th September 2024 where I spoke on “Whistleblowers – A key Resource for the Compliance Officer” as the title of the paper presented. Below is the presentation for your reference:

The Compliance Officer and his information needs

Compliance as an assurance and investigative role thrive on information, without which, cost of compliance at its highest.

Information are facts provided or learned about something or someone or a phenomenon, which serves as the basis for an opinion or action.

Sources of information for a Compliance Officer

1. Primary Source (Self-sourced)

• Review
• Analysis
• Observation

2. Secondary Source

• Public source
• Private or Classified Source (whistleblower and informant)

Of all these sources, whistle-blowing has consistently been adjudged the most valuable and cost-effective source of relevant information to the assurance person.

Facts from the Books…..

• Federal Government of Nigeria approves new whistle-blower bill — The policy also rewards a whistleblower who provides information about any financial mismanagement or tipoff about stolen funds ... (Punch Newspapers, 14 Dec 2022 )
• Whistleblowers are the first line of defense against corruption, fraud, and wrongdoing and the single most effective source for information about fraud and other illegal activities. (National Whistleblower Center).
• In a 2007 study conducted by PricewaterhouseCoopers, it was found that professional auditors only detected 19% of fraudulent activities at private corporations, while whistleblowers detected and exposed 43%. According to the study, surveyed executives “estimated that the whistleblowers saved their shareholders billions of dollars.”
• A 2006 study from the University of Chicago Booth School of Business, “Who Blows the Whistle on Corporate Fraud?”, comes to the same conclusion, stating: employees “clearly have the best access to information. Few, if any, fraud can be committed without the knowledge and often the support of several of them. Some might be accomplices…but most are not.”
• ACFE: ACFE 2008 Report to the Nation on Occupational Fraud and Abuse examined 959 cases of occupational fraud. It was found that 46.2% of all frauds were uncovered by tipsters.
• ACFE (2016): Another key finding from the 2016 ACFE report was that in 51% of the instances of occupational fraud employees were the source of the Tips
• ACFE (2018): “the most common detection method for fraud are reports from whistleblowers which accounted for 40% of all.”
• ACFE(2022) 42% of frauds were detected by tips (Whistleblowing).

Who is a Whistleblower?

• Whistleblowing is the disclosure of information about perceived wrongdoing being committed in or by an organisation to individuals or entities believed to be able to effect action. – the organization itself, the relevant authorities, or the public. (Transparency International)
• Whistleblowing is the lawful disclosure of information a discloser reasonably believes evidences wrongdoing to an authorized recipient (Dni.gov).
• Whistleblowing is when a worker reports suspected wrongdoing at work. This is officially referred to as 'making a disclosure in the public interest’.
• The essential feature of whistleblowing is the disclosure by organization members (former or current) of illegal, immoral, or illegitimate practices under the control of their employers, to persons or organizations that may be able to effect action (Miceli and Near 1984:689).
• On the simplest level, a whistleblower is someone who reports waste, fraud, abuse, corruption, or dangers to public health and safety to someone who is in a position to rectify the wrongdoing. A whistleblower typically works inside of the organization where the wrongdoing is taking place; however, being an agency or company “insider” is not essential to serving as a whistleblower. What matters is that the individual discloses information about wrongdoing that otherwise would not be known. (National WhistleBlower Center).

Acts qualifying for Whistle-blower reports.

Whistleblower reports can be about many different things, but they are often about the following:

• Bribery and corruption
• Workplace discrimination and harassment
• Violations of the law and crimes
• Violations of human rights
• Stealing, conspiracy, connivance, and concealment
• Frauds and other fraudulent practices
• Mismanagement or poor governance
• Trading by insiders
• Data mishandling
• Other actions which negate the organization’s policies or have been included as reportable actions on the organizational Whistleblowing policy.

Methods and channels for whistle-blowing reporting (UNODC, 2015, p. 48):

• Open reporting: Where individuals openly report or disclose information, or state that they do not endeavour to ensure or require their identity to be kept secret.
• Confidential reporting: Where the name and identity of the individual who disclosed information is known by the recipient, but will not be disclosed without the individual's consent, unless required by law.
• Anonymous reporting: Where a report or information is received, but no one knows the source.

The guiding principle:

“When confidentiality is undermined, the integrity of the entire system as a whole is seriously in question”.

Types of whistleblowers – by association

a. Internal whistleblowing

• It occurs when an employee alerts another individual inside the organisation about workplace wrongdoing. Usually, this is a senior official or a professional.
• Whistleblowers can inform management about internal wrongdoing through an internal reporting channel. This can be done by emailing the authorized employee or meeting in person.
• Uses internal reporting channels (HR, whistleblower systems, etc.)
• Managed within the organization
• The whistleblower is often, but not always, protected from retaliation, this is where the professionalism and experience of the Compliance Officer comes in.

In summary

With a functional and ‘user-friendly’ internal whistleblower solution, the Compliance Officer reduces the risk that employees will feel the need to turn to external whistleblowing. This comes with numerous benefits for the Compliance Officer.

b. External whistleblowing

• This is a product of non-existent or weak or unreliable internal alert person or system.
• The act of informing a third party, such as the police, a law office, or the media, about wrongdoing or corruption in a company is known as external whistleblowing. It differs from an internal one because it goes straight to the proper authorities, which the government chooses. Misconduct in certain areas will be reported to an outside channel, which will follow up and give feedback.
• Uses external reporting channels (authorities, media, social media)
• Often handled externally through trials in the eyes of the public
• The whistleblower is sometimes not protected from retaliation.
• It has the implication of higher cost of Compliance and reputational risk.

Types of whistleblowers – other criteria

Like the regular informant, Whistleblowers are of different types, beyond the basis of their association with the organisation, these include:

1. Anonymous Whistle-blower

2. False Whistle-blower

3. Self-Aggrandizing Whistle-blower

4. Rival-Eliminator Whistle-blower

5. Frightened Whistle-blower

6. Confidential Whistle-blower

7. Double-Crosser Whistle-blower

8. Mercenary Whistle-blower

Requirements for Good whistleblowing Practices.

The following are some good whistleblowing management requirements:

• Policy backed: Policy serves as the basis for the Compliance Officer’s reliance on the whistleblower’s report, it takes care of concerns of uncertainty about how, where and to whom to report.
• Communication of the existence of the whistle-blowing policy and expectations from stakeholders.
• A comprehensive understanding of the company’s policies is required to determine whether there was a policy breach.
• Going through the regular escalation routes, which includes reporting concerns to higher-ups within the organization before contacting outside authorities.
• Provide alternative recipients of whistleblowing to take care of the incidence of role conflict.
• Senior Management must be aware of whistle-blowing received, irrespective of the outcome.

Standard whistleblowing handling Practices.

The following standards should be observed in handling and management of whistleblowing as a source of information:

• Must allow for Anonymity
• All information received from a Whistleblower, whether identified or anonymous, must be considered valuable until proven otherwise.
• The Compliance Officer must be unrevealing how valuable the information received is to an ongoing matter/investigation but may simply acknowledge the information.
• Do not get over anxious to hear “how the story ended” when receiving whistle-blowing via verbal (face-to-face or telephone) reporting. Be patient. Take your time.
• The Compliance Officer should endeavor to keep a tab and stay in control of an ongoing compliance investigation, do not be distracted by a new and distracting allegation by a whistleblower which may make the current matter of secondary importance.
• As an informed Compliance Officer with an investigator’s trait, Keep what you know to yourself, Don’t become an informant’s informant.
• The Compliance Officer must imbibe the culture of performing a comprehensive enquiry into what is thought to be the problem, not leave the issue and face the individual.
• The Compliance Officer must refrain from adding to or participating in business rumors or gossip.
• Approach every Whistleblowing report in its merit with professional skepticism.
• The Protection for Whistleblowers to take care of fear of the consequences (legal, financial, reputational). Protecting whistleblowers from unfair treatment, including retaliation, discrimination, or disadvantage, can embolden people to report wrongdoing and increase the likelihood that wrongdoing is uncovered and penalised.
• Be seen to have acted (action must be taken and seen to have been taken), the belief that nothing will be done, and that reporting deviance will not make any difference is a key disincentive to whistleblowing.
• Recognition of the Whistleblower: Acknowledge the whistleblower and appreciate his/her contribution in ensuring a compliant/deviance-free environment, ending the acknowledgment with the assurance that the report will be investigated, and appropriate corrective action taken.
• Handle every whistle-blowing with utmost Confidentiality: Confidentiality is the essence of being trusted (Billy Graham). A Compliance Officer’s ability to keep the bond of confidentiality often enables him to learn the hidden or secret aspects of the organisation.
• Document all interactions related to the whistle-blowing case/situation and keep copies for your personal file.
• Keep all documentation and interaction objective.
• Irrespective of the outcome of a whistleblowing investigation, put a detailed report in place.

Advantage/benefits of whistleblowing to Financial Crime Compliance and investigation.

• It is the highest deterrence for frauds and other deviance in the organisation. Ethical compliance issues/activities are curbed when everyone is aware that wrongdoers get punished as whistleblowing is a possibility.?
• Helps combat fraud
• Avoids reputational damage
• Prevents issues escalating
• Reduces losses
• Raises awareness
• Creates an open culture
• It reduces the lag time between the time of committing a compliance breach and discovering it.
• Saves investigation time
• Timely addressing of the cause of the compliance breach (the people responsible for the issues can be apprehended or adequately punished for their actions. In an organisation, this can mean removing them from the position that enabled their felony or letting them go.)
• It prevents malpractice in that whistleblowing has a ripple effect.
• Transparency and accountability resulting from whistle blowing allow the organisation to function effectively.

Promoting whistleblowing in the organization

To promote whistleblowing culture in the organisation, the following actions are advised:

• Secure top management buy-in
• Write a whistle-blowing Policy or adopt or domesticate one.
• Educate stakeholder
• Assure stakeholders of confidentiality and non-retaliation, preferably by management.
• Identify the recipients of the whistle-blowing report.
• Educate the recipients on responsibilities and actions
• Sent up whistle-blowing platforms or emails
• Continue to sensitise the system.

Conclusion

Whistleblowers are invaluable in exposing corruption, fraud and mismanagement (Transparency international).

Alexius Nwankwo