Get useful tips, learn best practices and read the latest newsThe Whistlelink Blog

Secure your company in 8 easy steps – Part one 

Secure your company.

We read it in the newspapers all the time: Corruption, bribes and scandals. Still, we think “that will never happen to us”. But how can you be so sure? In this two–part mini-series, we will help you secure your company and protect your business from different types of scandals. Here is part 1. 

Corruption and misconduct does not always have to involve millions in bribes and insider trading of large proportions. Even a minor misconduct can harm the company in the long run. In addition, blackmail and extortion are potential risk factors if misconduct already occurs within the company. So, make sure to nip it in the bud and create safety procedures before it’s too late. 

  • 1: Risks 
  • 2: Protection 
  • 3: Policies 
  • 4: Compliance 

Secure your company – Step 1 – Identify the risks 

It may seem simple and obvious, but have you really conducted a thorough risk and vulnerability analysis? Are there certain people in the company who hold important information or have the power to make important decisions, which makes them extra valuable to the company?  

Which actions would potentially harm your company most, and which ones would be easy for employees to “get away” with? Best practice is to involve all personnel and start talking about these issues. Have any of the employees already been subjected to pressure or attempts to influence company processes or disclose information about them? 

Step 2 – Examine the existing protection 

Don’t go reinventing the wheel. Most likely there are already procedures and factors in place to protect your business from wrongdoing. Are there processes for detecting illegal activities, deviations and so on? Do you perform audits, internal controls and spot checks of business processes? Do you demand invoice documentation and perform due diligence on customers, suppliers and partners?  

One of the most important protections that we often fail to notice is the loyalty of employees. Do employees feel loyal to the company, and what can we do to maintain or strengthen loyalty to both the company, as well as individual managers? 

Step 3 – Review guidelines, policies, job descriptions and processes related to risk analysis 

All available documentation and guidelines must be part of the risk assessment process. When conditions change, for example regarding data protection and digital invoicing, there will most likely be a need for updating policy documents and guidelines to reflect these changes.  

If there are no procedures in place for handling certain situations, for example a whistleblower policy, these should be implemented as soon as possible. In this way, you ensure that your company has adequate protection against various possible scenarios and situations. 

Read more: How to help employees understand your whistleblowing policy 

Secure your company – Step 4 – Ensure compliance of procedures, guidelines and policies  

Whilst having documented procedures in written form is great, it will not work if no one follows them. It is important to do a follow up, as well as spot checks and audits. Above all, managers must set a good example. You can hardly expect employees to comply with guidelines and policies if the managers don’t do so themselves. A mindset of ‘safety first’ is not a one-time-job, it is a way of running the entire company’s operations. 

Perhaps you have now taken the first steps on the path to secure your company from fraud, scams and misconduct. In the next part of our mini-series, we will take further steps to ensure your company is secure and does not make any negative headlines.  

Read on for part two!

If you have any thoughts about this article or would like to know more about Whistlelink, we’d love to hear from you.

Liked this article?
Spread the word

The EU Whistleblowing Directive explained

Philippa Johnsson,

Try Whistlelink for free

Test our whistleblowing system free for a month

The new whistleblowing law

WHISTLELINK BLOGWhat to read next...​

ISO 37002:2021 Whistleblowing Management Systems
Internal investigation of alleged corporate misconduct
Partner interview with Alexandra Mota Gomes, Partner at Antas da Cunha, Portugal


Get in touch

Our team is ready to answer your questions. Find the answer by visiting our support centre, or fill out the form below and we'll be in touch as soon as possible. Or simply give us a call!

Talk with Territory Manager
Annelie Demred

0046 (0)706 83 82 88