How to get compliant with the Whistleblowing Law
In this interview with Helge Kvamme from Kvamme Associates AS, based in Oslo, Norway, we hear how the Norwegian Working Environment Act, which relates to whistleblowing, both aligns and differs from the EU Whistleblowing Directive.
Read how there’s a movement regarding corporate investigations that, in addition to eventual disciplinary measures, leading more proactively towards building ethical and sustainable businesses through encouraging whistleblowing and a speak-up culture. Discover why it’s in the interest of an organisation to encourage whistleblowing as part of its Ethics & Compliance Programme by setting up a well-functioning and trusted Whistleblowing Management System. Implementing such system supports both private and public organisation´s ambitions for sound risk management, internal control, and effective compliance, and promotes a culture of transparency, integrity and accountability.
Kvamme Associates is an advisory boutique firm established in 2018 to promote integrity in the fight against corruption, bribery, money laundering and other types of misconduct and unethical conduct. The firm’s services include fact-finding, root cause analysis and remediation of the threats to organisations and democracy. Additional services include preventive initiatives through expertise in Economic Crime Investigations and Anti-Corruption Compliance, Board of Directors, C-Suite, and staff coaching. This is all underpinned by real life experiences from assignments successfully completed all over the world.
Kvamme Associates has developed a unique corporate investigations model; a six-step process designed to fully diagnose underlying issues, taking care of processes and communication towards stakeholders, customers, vendors, staff and third parties, and prevent future compliance breaches. Investigation results and root cause analysis are used to build a stronger culture of trust and increased transparency and business integrity.
The Norwegian Working Environment Act (2007) was introduced to protect employees who report misconduct, and to facilitate a speak-up culture in the workplace. In January 2020 an updated version came into effect to emphasise a stronger and more effective legal framework to protect reporting persons, and how to deal with those who retaliate against them.
Like the EU Whistleblowing Directive, the Norwegian standards provide a high level of protection for reporting persons and any form of retaliation is illegal. It too focuses on breaches of law, like threats to the public interest, for example protection of the environment. Unlike the Directive, the Norwegian regulation also focuses on breaches of Company Code of Conduct, public ethical norms and unsafe working environments.
As to the area of occupational safety and health, a separate Council Directive (89/391/EEC of 12 June 1989 on the introduction of measures to encourage improvements in the safety and health of workers at work) requires Members States to ensure that workers are not placed at a disadvantage because of reports of hazards for workers or requests to remove sources of danger for the purposes of ensuring safety and health.
Similar to the three-tier reporting structure of the EU Directive, the Norwegian regulation has a reporting model structure, but equates internal and external reporting and allows for public discloses when certain conditions are met. Norway has not established a designated office or organisation for receiving public whistleblowing reports.
Unlike the EU Whistleblowing Directive, the Working Environment Act in Norway does not extend to all shareholders associated with an organisation, such as jobseekers, former employees, contractors, etc. However, it does expand on those regarded as employees by including, for example, students, conscripts, prisoners, patients, etc.
The Directive also gives much more detailed guidance on the implementation of confidential reporting channels and handling of reports than it does in the Working Environment Act.
There are never-ending requirements for ethics and compliance officers to adopt changes in operational and regulatory business risks. And increasingly, compliance requirements are not only recommendations and guidelines, but also regulatory statutes.
Changes I am seeing relate to ESG and Globalization.
ESG (Environmental, Social, and Corporate Governance) requirements is a “hot topic” right now, and is expected to lead to changes in risk evaluations. Responsible and sustainable businesses and fair treatment of people in the whole supply chain are becoming important issues.
With increased globalization and the integration of economies, follows the challenges with cross-border crime and actors as national borders become less important.
Cross-border business is becoming more widespread and financial transactions are going faster. Consumers shop on foreign websites, and payments are made using foreign payment services. With this there is a need for a multilateral effort to address new challenges in digital security and digital economic crime e.g. corruption, foreign bribery and cybercrime.
There are many different types of illegal acts, misconduct, wrongdoing, ethical breaches etc, that might form the basis for reporting under the EU Money Laundering Directive, or in accordance with national whistleblowing legislation and guidelines.
Specifically, however, areas mentioned in the latest risk and threat reports from Norwegian law enforcement agencies and the government include the following:
New guidelines and recommendations enforcing corruption and foreign bribery prove the importance of whistleblowing incentives and instruments.
Firstly, there is the OECD 2021 Anti-Bribery Recommendation that expands upon the 2009 Anti-Bribery Recommendation. With it are new recommendations for countries to prevent, detect and investigate foreign bribery cases. The reasoning behind this is due to the essential role that reporting persons can play in the detection of foreign bribery cases. Therefore, it includes the need for comprehensive and effective protection of whistleblowers in public and private sectors.
Secondly, the updated 2020 compliance related documents from US Department of Justice (DOJ) and U.S. Securities and Exchange Commission (SEC), meant for the fight against international corruption and foreign bribery, are useful resources when discussing the benefits of whistleblowing requirements and system developments.
Kvamme Associates assists private and public organisations to implement a Whistleblowing Management System with a holistic approach.
The purpose of a Whistleblowing regulation is to enable reporting through organised communication channels, so concerns reach those assigned to investigate and deal with it swiftly. The system used must therefore be based on confidentiality, independence, integrity, and impartiality. In our experience, many organisations have, or probably will, achieve this by using an encrypted third-party platform that is compliant with the EU Whistleblowing Directive, GDPR requirements and ISO 27000.
Whistlelink is “ticking off” these requirements, making it easy and confidential to report, and operate in compliance with relevant national and international statutes, recommendations, and guidelines.
For Kvamme Associates it is also mandatory that a partner cooperation is in accordance with our own requirements regarding integrity, ethics, independency, and impartiality.
As an external case handler, we will support our clients with first response, triage/risk assessments and escalation management for which we have developed a proprietary methodology based on best practices. Our international network also has the capabilities to support with investigations and legal opinions. Kvamme Associates is the Norwegian representative within a newly established European Whistleblowing Management network. We have aligned with local partners across Europe to provide one stop managed whistleblowing that covers all technology and services needed. This includes secure reporting independent case handlers across Europe. Learn more here about Kvamme Associates AS or its CEO, Helge Kvamme.
Whistlelink has delivered whistleblowing solutions to satisfied customers for more than 10 years. Our whistleblower service is available on your own website 24/7.
We offer 35+ languages in a customized, user-friendly digital whistleblower solution where all data is stored on servers within Europe, in accordance with GDPR. Start your free trial today!
If you have any thoughts about this article or would like to know more about Whistlelink, we’d love to hear from you.
Whistlelink values your privacy. We will only contact you about our solutions.
You may unsubscribe at any time. For more info, please review our Privacy Policy
Nice to meet you!
HAPPY TO MEET YOU!
Whistlelink values your privacy. We will only contact you about our solutions.
You may unsubscribe at any time. For more info, please review our Privacy Policy
HAPPY TO MEET YOU!
Whistlelink values your privacy. We will only contact you about our solutions.
You may unsubscribe at any time. For more info, please review our Privacy Policy