Take My Whistleblower, Please
By Susan Caminiti
Among the trickier demands of last year’s Sarbanes-Oxley legislation
is the mandate that companies put formal procedures in place to enable
whistleblowers to speak up about corporate misdeeds without fear of losing
their jobs. Ignore those rules and the penalties are harsh: up to (gulp)
10 years in prison for anyone who messes with a whistleblower.
So how exactly do you set up such a system? And should you take on the
project in-house, or outsource it to someone else? While a company with
a chief ethics officer or topnotch human-relations department could argue
that the task can be handled internally, maintaining, monitoring, and
staffing an employee hotline may prove time-consuming and expensive.
Not surprisingly, more and more companies are opting to have an outsider
take care of this new requirement. Two of the biggest hotline outfits
are Alert Line Inc. of Charlotte, North Carolina, and The Network Inc.
of Atlanta. Alert, a former Pinkerton company, includes BP, Dow Chemical,
Microsoft, and Oracle among its more than 800 clients. The Network provides
whistleblower-hotline services to more than 1,000 companies, including
Coca-Cola, Blockbuster, Marriott, and Sherwin-Williams. The Network claims
that it usually costs less than $1 per employee per year to run an 800-number
hotline. Security experts say directors need not be involved in actually
interviewing companies to do this work, but rather should ensure that
management is addressing the issue.
Tony Malone, The Network’s CEO, is naturally biased but makes
a good argument for outsourcing. “Who’s answering the hotline?” he
says. “Are they trained professionals available 24 hours a day,
seven days a week? Or is an employee going to get voice mail after working
hours, and then not bother to leave a message?” He says his company’s
own research shows that about 40% of whistleblower calls are made at
night or on the weekend, when employees presumably feel more secure about
anonymity.
Having an independent third party field whistleblower calls helps reassure
employees that a company is serious about exposing wrongdoing and maintaining
anonymity, says Malone. As calls come in to a hotline, The Network records
all the information—what is alleged to have happened, who was involved,
when it occurred, where, and how often—and puts together a detailed
write-up. This information is typically sent to the client’s general
counsel or the head of its compliance committee. Malone says that a company
can opt to receive data as often as once a month or several times a year.
Of course, all this effort is essentially for naught if the information
doesn’t get passed on to the right people, or gets sanitized along
the way. Allegations of financial fraud—accounting irregularities,
improper loans by senior executives, insider trading—need to get
to directors unedited by management. Malone says that the audit committee,
or a subgroup of that committee, usually asks to receive information
about these issues directly. “Once we have a list of names, we
can disseminate reports right to these board members without any worry
that they are being filtered,” he says.
After a whistleblower has come forward, a good system should be able
to keep track of subsequent allegations, as well as the course of action
the company, or the board, has taken and the identities of the people
involved. Malone says The Network has a “callback procedure” to
help companies prevent complaints from falling through the cracks. When
an employee calls the hotline anonymously with an allegation, he or she
is assigned a PIN, or personal identification number, and asked to call
back within two weeks. This gives the client time to investigate the
allegation and decide whether it needs further information from the whistleblower.
Malone says the benefits of such a system are twofold: If there are patterns
of illegal behavior, the company will find out sooner. Furthermore, if
the company is sued, the board will have documented the steps it took
to stop financial misconduct.
|
