We read it in the newspapers all the time: Corruption, bribes and scandals. Still, we think “that will never happen to us”. But how can you be so sure? In this two–part mini-series, we will help you secure your company and protect your business from different types of scandals. Here is part 1.
Corruption and misconduct does not always have to involve millions in bribes and insider trading of large proportions. Even a minor misconduct can harm the company in the long run. In addition, blackmail and extortion are potential risk factors if misconduct already occurs within the company. So, make sure to nip it in the bud and create safety procedures before it’s too late.
It may seem simple and obvious, but have you really conducted a thorough risk and vulnerability analysis? Are there certain people in the company who hold important information or have the power to make important decisions, which makes them extra valuable to the company?
Which actions would potentially harm your company most, and which ones would be easy for employees to “get away” with? Best practice is to involve all personnel and start talking about these issues. Have any of the employees already been subjected to pressure or attempts to influence company processes or disclose information about them?
Don’t go reinventing the wheel. Most likely there are already procedures and factors in place to protect your business from wrongdoing. Are there processes for detecting illegal activities, deviations and so on? Do you perform audits, internal controls and spot checks of business processes? Do you demand invoice documentation and perform due diligence on customers, suppliers and partners?
One of the most important protections that we often fail to notice is the loyalty of employees. Do employees feel loyal to the company, and what can we do to maintain or strengthen loyalty to both the company, as well as individual managers?
All available documentation and guidelines must be part of the risk assessment process. When conditions change, for example regarding data protection and digital invoicing, there will most likely be a need for updating policy documents and guidelines to reflect these changes.
If there are no procedures in place for handling certain situations, for example a whistleblower policy, these should be implemented as soon as possible. In this way, you ensure that your company has adequate protection against various possible scenarios and situations.
Whilst having documented procedures in written form is great, it will not work if no one follows them. It is important to do a follow up, as well as spot checks and audits. Above all, managers must set a good example. You can hardly expect employees to comply with guidelines and policies if the managers don’t do so themselves. A mindset of ‘safety first’ is not a one-time-job, it is a way of running the entire company’s operations.
Perhaps you have now taken the first steps on the path to secure your company from fraud, scams and misconduct. In the next part of our mini-series, we will take further steps to ensure your company is secure and does not make any negative headlines.
If you have any thoughts about this article or would like to know more about Whistlelink, we’d love to hear from you.
Philippa Johnsson, Whistlelink
Test our whistleblowing system free for a month
HAPPY TO MEET YOU!