Time running out to get whistleblowing organized?

If you are an organization with 250 or more employees, you must have a whistleblowing system up and running by the end of this year. Get the ‘do’s and don’ts’ right!

The ‘European Directive on the protection of persons who report breaches of European law’ requires companies in many industries to have a ‘whistleblowing’ system up and running by December 17th of this year (250+ person companies), or by December 17th 2023 at the latest (50 – 249 person companies). Whether you are on top of this obligation, or only starting out, you will benefit from the cyber talk by Mona Caroline Chammas and Catherine de Dorlodot, respectively Founder and Expert Counsel at GOVERN&LAW, on ‘The do’s and don’ts for the set-up of your whistleblowing system’.

A whistleblowing system, that is yet another bothersome and expensive obligation? Actually, no. People very rarely abuse a whistleblowing system, while very often raising valid concerns (50+ percent of cases). But you must do it right, with strong attention paid to the anonymity and support of whistleblowers (they are often ‘fragile’). Do get management buy-in, with the right foundations (ethics, policies…) and with affinity for the required managerial courage (admitting to problem situations). A whistleblowing system is more than buying a tool (a phone works fine too), with a suitable balance between all aspects (security, specific laws, HR…) and a clear and well-communicated access for all in the organization. And go for a broad scope of topics.

A whistleblowing system can be organized internally (also with the help of outside services), or externally (calling upon a designated authority). Smaller companies can share a whistleblowing system. It is too expensive? Do understand that virtually all whistleblowers raise alerts ‘in good faith and in the interest of the company’, if offered the opportunity and means (thus e.g. rendering outside leaks to the press etc. unnecessary). Finding out about fraud and other messes will save money and avoid costs, making for an interesting ‘ROI’. Indeed, companies with whistleblowing systems find out more often and faster about infringements than companies without these systems. If you do not hear about any problems, it does not mean they are not festering in your company. So check out this presentation and www.whistleblowing.center, whether you are new to whistleblowing systems, or already well ahead.



Nos autres articles

NIS-2: Where are you?

In December 2020 the European Commission published a proposal to repeal the current NIS Directive (European Directive on Network and Information Systems) and to replace it with a new Directive: the so-called NIS-2 Directive. This post will give an update on the status of negotiations of NIS-2, and will outline the aspects we already know and don’t know about the upcoming Directive’s final form.  

SANS Experience Sharing Event

The Cyber Security Coalition and top cybersecurity trainer SANS Institute joined forces to provide specially needed insights and recommendations on successful cloud security, as well as how to handle cyber security in these times of war.

Privacy Focus Group – Practical AI Use Cases

It is easy to drown in the sea of dire warnings about the danger of AI, in particular to our privacy. The main point is that AI in good trust is possible, but requires solid, long term and well-structured approaches. This session of the Privacy focus group offers some crucial insights and welcome examples.

30 November: Computer Security Day: Ada Lovelace

On computer security day we pay tribute to Ada Lovelace, the forgotten mother of the computer. Often described as the first computer programmer — before computers were even invented — Ada was a real visionary. Imagine what she might have achieved had Babbage actually built his “computer” and she hadn’t died at the age of 36.


Partagez ce contenu avec votre réseau :