Governments are figuring out that whistleblowers deserve protection
No one likes a squealer. At least, that's what we've heard since we were children: from parents, from teachers, from classmates. With the idea ingrained from childhood that "ratting someone out" is one of the worst things you can possibly do, it's no wonder that even as adults we can be uneasy with the idea of whistleblowers. This in spite of the fact they often bring to light issues of serious misconduct or even potential danger to the public.
Thankfully, there are lawmakers who can get past irrational prejudices to do what needs to be done: pass laws that protect whistleblowers. Having anonymous, reliable channels through which to report misconduct, and punishments in place for organizations that retaliate, hopefully means the idea of whistleblowing as "squealing" can be turned on its head and it can instead be seen for what it is: a source of invaluable business intelligence. One which allows public and private sector organizations to potentially catch problems in their most nascent state. This is good for companies, markets, and economies as a whole.
Following are countries where new whistleblower-protection legislation is being passed, existing legislation is being strengthened, or regulatory agencies are enforcing existing law with renewed zeal.
FRANCE: SAPIN 2
Sapin 2 is the follow-up to 1993's Sapin Act. The Sapin Act sought to bring greater transparency to many areas of French life, including campaign financing and the awarding of private sector contracts. Sapin 2 came into effect in June of last year and continues the Sapin Act's quest for greater transparency. Most importantly for our purposes, Sapin 2 gives financial-sector whistleblowers the official protection of the state, defining them as:
“Any individual who reveals or reports, disinterestedly and in good faith, a crime or offence; a serious and manifest breach of an international commitment duly ratified or approved by France, of a unilateral act of an international organization adopted on the basis of such commitment, or a serious breach of a law or regulation; or a serious threat or harm to the public interest, of which he/she has had personal knowledge.”
Sapin 2 goes on to lay out the specific, tiered manner in which whistleblowers must make their reports:
- Whistleblowers must first go to a supervisor, or a person appointed for this purpose.
- If no action is taken, the whistleblower may then go to a judicial or administrative authority.
- The whistleblower may go public only as a last resort.
If a firm has more than 50 employees, internal reporting procedures must be in place. Mechanisms must ensure confidentiality of the whistleblower's identity, the identity of the person or persons being reported upon, as well as the information collected. Disclosure can mean a fine of €30,000 and two years in prison. Retaliation against whistleblowers is strictly prohibited in any manner, including the hiring process, terms of assignment, or salary.
Finally, any interference in the transmission of a whistleblower report to the employer, the courts, or the authorities can mean a year in prison and a €15,000 fine.
For complete coverage of Sapin 2, read our recent in-depth blog.
ITALY: LAW NO. 179/2017
Law No. 179/2017 came into effect last year, offering protections for whistleblowers anywhere in the private sector. Previously, only whistleblowers in the financial industry and the public sector had explicit protections under Italian law.
Law No. 179/2017 builds off the work of Legislative Decree No. 231/2001, under which companies can be held liable for crimes carried out on their behalf and in their interest by executives, subordinates, and authorized agents. Penalties include bans from doing business, the suspension of licenses and permits, the confiscation of profits, and large fines. Companies can avoid liability if they have a compliance program in place designed to prevent the kind of criminal conduct in question, but the creation of a compliance program isn't mandated.
Law No. 179/2017 also forgoes mandating the creation of compliance program, but does set out what it thinks a good whistleblower protection scheme should look like:
- To protect a whistleblower's identity there must be more than one whistleblower channel, one of which must be computerized.
- Retaliating or discriminating against whistleblowers is strictly forbidden, and must be made clear in company policy.
- There must be disciplinary measures in place for those who retaliate or discriminate against whistleblowers.
- There must be disciplinary measures in place for those who knowingly file false or unsubstantiated reports of violations.
Criminal courts have final authority to determine whether or not a company's compliance program is sufficient for the crime in question, and therefore whether or not the company will be held liable for the actions of its agents.
For full coverage on Law No. 179/2017, see our recent in-depth blog.
THE UK: NEW RULES AND RENEWED FOCUS
In September 2016, new rules related to whistleblowing in the financial sector took effect. They follow recommendations made by the Parliamentary Commission on Banking Standards two years earlier, and require broadly that banks have mechanisms in place to allow employees to report problems internally and that banks appoint a person responsible for the effectiveness of those mechanisms.
The new rules were published by the Financial Conduct Authority and the Prudential Regulation Authority and apply to institutions that take deposits—such as banks, building societies, and credit unions—with over £250 million in assets. They also apply to PRA-designated investment firms and insurers subject to the Solvency II directive. The new rules are non-binding guidance for all other firms the FCA and PRA supervise. In addition to the two above-mentioned requirements, to comply with the new rules banks must also:
- Include text in settlement agreements explaining workers' legal right to blow-the-whistle.
- Inform UK-based employees about the FCA and PRA whistleblowing services.
- Present a report on whistleblowing to the board at least annually.
- Inform the FCA if it loses an employment tribunal with a whistleblower.
- Require any appointed representatives and tied-agents to tell their UK-based employees about the FCA/PRA whistleblowing program.
Like the Securities and Exchange Commission, the FCA has taken steps and increased agency resources to encourage whistleblowers to come forward. As a result, the FCA has seen an increase in the number of reports. For fiscal year 2014/2015 there were 1340 whistleblower disclosures recorded, versus just 1040 for fiscal year 2013/2014. In fiscal year 2007/08, there were only 138 such tips recorded.
THE US: WHISTLEBLOWER REWARDS PROGRAM
The United States has also become keen on encouraging whistleblowers of late, and has taken what might be considered a very American approach to the matter: monetary incentives. In 2011, the SEC created a rewards program to "incentivize whistleblowers with specific, timely, and credible information about securities-laws violations to report to the SEC." Violations include:
- The fraudulent offer or sale of securities, like Ponzi schemes.
- Theft or misappropriation of funds or securities.
- Manipulation of a security's price or volume and insider trading.
- Bribery of, or improper payments to, foreign officials.
Tips are submitted directly to the SEC, with anonymity guaranteed by law. If it's determined laws have been broken, enforcement action is filed publicly. Penalties are ordered upon completion of successful litigation. For cases in which sanctions exceed $1 million, the public is alerted: giving everyone the opportunity to get in on the action. Awards range from 10-30 percent of monies collected.
Between 2011 and 2017, 22,818 tips were generated in the US. In that same period, thousands of tips came in from foreign countries, including the UK, Canada, China, Australia, and India. Since the program began, more than $250 million has been awarded. Enforcement actions from tips have resulted in more than $1 billion in sanctions. 2018 is also looking to be a banner year for SEC payouts. In April, the SEC announced a $2.1 million whistleblower award, and reported $90 million being paid out in the month previous. No one likes a squealer, perhaps, but everyone likes a reward.
At StarCompliance, we understand the challenges of operating globally. Our software is used by hundreds of thousands of employees in 50 countries. We've spent nearly 20 years developing compliance software and partnering with clients to optimize their compliance programs. To learn how Star can optimize your compliance program, no matter where in the world you do business, book a FREE demo now.