How to prepare for the EU Whistleblowing Protection Directive | The FCPA Blog
How to prepare for the EU Whistleblowing Protection Directive
Cédric Dubar
December 16, 2020
7:58 am
The EU Whistleblower Protection Directive sets out minimum standards for how organizations should handle whistleblowers’ reports, respond to these reports, and protect the whistleblowers. Because Member States are obligated to adopt this Directive into their national legislation by December 17, 2021, organizations should already ensure that their whistleblowing strategy is compliant with the Directive — while closely monitoring the adoption of the Directive in the EU countries where they operate.
By creating an “Ombuds” function, organizations in the scope of the Directive may appropriately tackle one of the key principles in the Directive: if structured properly within the organization, the Ombuds function can ensure that reports are followed by “competent” personnel that maintain a significant level of “independence” and “neutrality” in relation to other functions in the organization.
An Ombuds function can provide many other advantages to organizations, including:
Instilling more trust in the system: as part of its responsibilities, this independent and neutral function fosters the organization’s speak-up culture and ensures confidentiality and non-retaliation, thereby encouraging whistleblowers to report internally rather than externally
Allowing better management of whistleblower reports (if channeled centrally to the Ombuds function)
Providing better information to management and the Board on compliance and cultural risks, and
Advising the organization on how to improve its policies, processes, systems, and governance.
When creating its Ombuds function, an organization must be careful in establishing the governance and operation of the function.
In particular, the Ombuds function must:
Be independent and neutral – in practice, anyone working for the Ombuds Office must be free of any conflict of interest and, therefore, preferably not have any other role or duty within the organization. Also, as an independent and neutral function, the Ombuds personnel should make recommendations to the organization but not be involved in any decision-making linked to a report
Have adequate authority: the Ombuds function must have full support from senior management and the board of directors as well as a reporting line to the CEO and the board
Ensure confidentiality and non-retaliation – it should be the Ombuds function’s responsibility to ensure the confidentiality of a reporter’s identity in relation to a report or an investigation and to protect reporters from retaliation, and
Have the necessary competence and resources to perform its duties – in particular, the organization should implement an end-to-end digital tool allowing submission of reports, structured case management, and comprehensive statistics and data analysis capabilities.
Cédric Dubar
Cédric Dubar is the Chief Compliance & Ethics Officer of Volvo Cars in Sweden. Prior to joining Volvo Cars, he served as Group Compliance & Ethics Officer at Dassault Systèmes, in France. For several years, he was on the Board of the French Business Ethics Association (Cercle d´Ethique des Affaires) where he also served as General Secretary from 2013 to 2017.
How to prepare for the EU Whistleblowing Protection Directive | The FCPA Blog
Comments
Post a Comment