Internal Reporting Systems

Appendix 3-O: Checklist of Processes and Controls to Consider When Establishing a Whistleblower System

  • Informing/involving stakeholders

    • Which stakeholders should be informed about/involved in the project in advance of or during the conception/implementation phase?

  • Personal scope of application

    • Which legal entities should be the subject of the whistleblower system?

  • Material scope of application

    • Which types of violations/reports should be addressed, and which not?

  • Organization, scope, structure, roles, and responsibilities of key stakeholders responsible for the end-to-end whistleblower system

    • Are roles and responsibilities clearly defined and communicated? How/where?

    • What processes are in place to facilitate regular collaboration amongst key stakeholders?

    • What is the whistleblower case management system?

  • Policies and procedures governing the initial intake, evaluation, and triaging of whistleblower hints; the investigation of hints; and processes to discipline confirmed misconduct

    • What policies are in place regarding the intake, evaluation, triaging, investigation, and discipline related to whistleblower reports?

    • What processes are in place to ensure that target timelines (across all phases of the whistleblower system) are defined, tracked, and monitored?

    • What processes are in place to ensure/allow confidential reporting of whistleblower reports?

    • What anti-retaliation policies are in place?

  • Resources responsible for administering and supporting the whistleblower system, including qualifications, expertise, and training

    • What process are in place to ensure the whistleblower system is administered/supported by individuals with relevant knowledge, training, experience, and skills to effectively maintain the system?

  • Communication and training of employees with regards to key aspects of the whistleblower system, including confidential reporting; anti-retaliation policies; speak-up culture; and processes to enhance accountability and transparency of the whistleblower system

  • Availability and accessibility of whistleblower reporting channels

    • Should we offer only personal reporting or also anonymous reporting?

    • Which reporting channel would you favor?

    • Describe the availability and accessibility of the internal and external reporting channels

    • Does the hotline allow users to report confidentially/anonymously? How is this ensured?

  • Information management and reporting, including processes to share the results of whistleblower investigations with key stakeholders for continuous improvement and root cause analysis

  • Oversight and monitoring, including processes to monitor the effectiveness of the whistleblower system

This document is only available to subscribers. Please log in or purchase access.