Mandatory Whistleblowing
Conclusion

Mandatory Whistleblowing Conclusion

International regulatory pressure for the establishment of whistleblowing channels is increasing, particularly in the United States of America and Europe.

In the United States, the Sarbanes-Oxley Act (SOX) of 2002 mandated corporate misconduct reporting for publicly traded companies in the U.S.

Additionally, a 2014 Supreme Court decision established that suppliers of publicly traded companies must also have a mechanism for reporting misconduct.

In Europe, the proposal for a European directive for the protection of whistleblowers reporting corruption, fraud, and violations of laws in European Union countries regulates a "legal status of whistleblower protection" that will elevate the level of protection for workers, in line with the European Social Rights Pillar.

The directive imposes on private companies with more than 50 employees or with an annual turnover of more than 10 million euros, as well as on national and regional administrations and municipalities with more than 10,000 inhabitants, the obligation to implement an internal whistleblowing channel and a procedure for managing communications and reports, with a response deadline of three months.

The directive also establishes two additional levels of reporting channels in case internal channels do not function or appropriate measures are not adopted. Member states must provide suitable channels for reporting to competent authorities and, in cases of imminent danger to the public interest, to the media.

The use of whistleblowing channels should trigger the application of the whistleblower protection statute, which includes measures such as ensuring confidentiality, prohibiting retaliation, with sanctions if applicable, providing access to free advice, and protection in legal proceedings.

In Latin America, the regulatory effect is indirect, as there are no direct regulations for private companies, although this practice is widespread in public sector organizations. However, since regulatory bodies are authorized to receive complaints about their supervised organizations, not having such channels exposes these companies to a high degree of regulatory vulnerability.

Indeed, regulatory bodies such as:

• Superintendencies of Banks, Insurance, and Securities
• Regulatory bodies for public utilities (water, sewage, electricity, natural gas pipelines)

All belonging to the respective Latin American states, have reporting channels not only for their own actions but also for their regulated companies, whether they are public or private.

As a result, it is substantially disadvantageous for any of these organizations to become aware of possible irregularities through their regulatory body, as this has an effect of increased risk perception and, consequently, an intensification of regulatory supervision over such organizations.

Author: Guillermo Casal
International consultant and trainer in fraud prevention and investigation and anti-money laundering. He is a Certified Public Accountant, holds a Master's degree in Economics and Administration, and has six international certifications, including the CFE (Certified Fraud Examiner), CIA (Certified Internal Auditor), and CISA (Certified Information Systems Auditor).