Mandatory Whistleblowing Conclusion

International regulatory pressure for the establishment of whistleblowing channels is increasing, particularly in the United States of America and Europe.

In the United States, the Sarbanes-Oxley Act (SOX) of 2002 mandated corporate misconduct reporting for publicly traded companies in the U.S.

Additionally, a 2014 Supreme Court decision established that suppliers of publicly traded companies must also have a mechanism for reporting misconduct.

In Europe, the proposal for a European directive for the protection of whistleblowers reporting corruption, fraud, and violations of laws in European Union countries regulates a "legal status of whistleblower protection" that will elevate the level of protection for workers, in line with the European Social Rights Pillar.

The directive imposes on private companies with more than 50 employees or with an annual turnover of more than 10 million euros, as well as on national and regional administrations and municipalities with more than 10,000 inhabitants, the obligation to implement an internal whistleblowing channel and a procedure for managing communications and reports, with a response deadline of three months.

The directive also establishes two additional levels of reporting channels in case internal channels do not function or appropriate measures are not adopted. Member states must provide suitable channels for reporting to competent authorities and, in cases of imminent danger to the public interest, to the media.

The use of whistleblowing channels should trigger the application of the whistleblower protection statute, which includes measures such as ensuring confidentiality, prohibiting retaliation, with sanctions if applicable, providing access to free advice, and protection in legal proceedings.

In Latin America, the regulatory effect is indirect, as there are no direct regulations for private companies, although this practice is widespread in public sector organizations. However, since regulatory bodies are authorized to receive complaints about their supervised organizations, not having such channels exposes these companies to a high degree of regulatory vulnerability.

Indeed, regulatory bodies such as:

  • Superintendencies of Banks, Insurance, and Securities
  • Regulatory bodies for public utilities (water, sewage, electricity, natural gas pipelines)

All belonging to the respective Latin American states, have reporting channels not only for their own actions but also for their regulated companies, whether they are public or private.

As a result, it is substantially disadvantageous for any of these organizations to become aware of possible irregularities through their regulatory body, as this has an effect of increased risk perception and, consequently, an intensification of regulatory supervision over such organizations.

Author: Guillermo Casal
International consultant and trainer in fraud prevention and investigation and anti-money laundering. He is a Certified Public Accountant, holds a Master's degree in Economics and Administration, and has six international certifications, including the CFE (Certified Fraud Examiner), CIA (Certified Internal Auditor), and CISA (Certified Information Systems Auditor).

Guillermo Casal
LinkedIn

Guillermo Casal   argentina

A professional with 40 years of experience in the fields of forensic and internal auditing. He graduated as a Certified Public Accountant (UBA - Argentina) and holds a Master's in Economics and Administration (ESEADE - Argentina). He possesses certifications including CFE (Certified Fraud Examiner), Certified Internal Auditor (CIA), and Certified Information Systems Auditor (CISA).

He established the forensic auditing practices at IFPC - IGI, a firm founded and chaired by Stephen P. Walker, a former special agent of the FBI, and at the Law Firm of Dr. Luis Moreno Ocampo, former prosecutor of the International Criminal Court in The Hague.

He has led three Internal Audit units in large companies in Argentina and served as the Executive Director of FLAI, the Latin American Federation of Internal Auditors.

He presided over the Institute of Internal Auditors of Argentina. He has acted as a consultant, fraud investigator, and speaker in various countries in Latin America, the United States, Spain, and Mozambique.

Regulatory compliance with SHOGUN ethical line

European Whistleblower Protection Directive

ISO 37301: Compliance Management System

ISO 37001: Anti-bribery management system

ISO 37002: Whistleblower Channel System

EU General Data Protection Regulation

Corporate Anti-Fraud program

COSO: Committee of Sponsoring Organizations of the Tradeway Commission

 

Request a demo

Learn how SHOGUN can positively impact your organization