ISO 37301, ISO 37001, IATF 16949, TISAX, SMETA

Standards and certifications that require the introduction of a whistleblowing system

There are a variety of standards and certifications which your organization can apply to ensure that your workplace and processes are ethical, transparent and responsible. Many require or suggest the implementation of whistleblowing system, such as the following:  ISO 37301ISO 37301 was introduced by the International Organization for Standardization in April 2021 and sets out guidance on implementing a compliance management system (CMS). It is based on widely accepted principles of good governance, proportionality, transparency and sustainability. One of the key aims of ISO 37301 is to outline the best practice when implementing a whistleblowing policy. These include: Timely and thorough investigation of allegations or suspicions of misconduct.A visible and accessible whistleblowing system.Confidential, anonymous reporting channels.Impartial investigations of any reports of unethical conduct.Comprehensive documentation of reports made.Recording of any lessons learnt changes to the CMS.ISO 37001Published in 2016, ISO 37001 provides guidance and details requirements for the setup and maintenance of an anti-bribery system. ISO 37001 is designed to help combat instances of bribery in the public, private and nonprofit sectors, perpetrated by individuals within the organization, as well as those acting on its behalf, plus a host of other scenarios. ISO 37001 is only intended for use as part of an anti-bribery system, but its recommendations are deliberately generic as to be applicable for any nature of organization.  The introduction of a whistleblowing system in your organization is crucial for complying with ISO37001. Requirement no. 18 specifically calls for the implementation of a whistleblowing system: ‘Implement reporting (whistle-blowing) procedures which encourage and enable persons to report suspected bribery, or any violation of or weakness in the ABMS, to the compliance function or to appropriate personnel’. IATF 16949IATF 16949 is a standard published by the International Automotive Task Force (IATF) and the Technical Committee of ISO, to be used in the creation of a quality management system to allow for ongoing improvement in the automotive industry supply and assembly process. The standard was updated in 2016 to include a stipulation for a whistleblowing policy. The updated version states: ‘[Organizations] shall define and implement corporate responsibility policies, including at a minimum an anti-bribery policy, an employee code of conduct, and an ethics escalation (whistle-blowing) policy.’ TISAXTISAX (Trusted Information Security Assessment Exchange) stipulates the standards for information security management systems within the automotive industry and is now commonplace across Europe. Its requirements are very similar to ISO 27001, differing mainly in the fact that TISAX is designed specifically for the automotive industry, whereas ISO 27001 is a more generalized standard. ISO 27001 focuses on data security within an organization, TISAX secures data throughout the supply chain. SMETASMETA (Sedex Members Ethical Trade Audit) is not a standard as such, but an audit that your organization can request to help you understand labor, health and safety, environmental and ethical standards within your workplace. After the audit, organizations receive an action plan designed to help them take corrective steps. The audit comprises two mandatory pillars, Labor Standards and Healthy & Safety. The two non-compulsory pillars are Business Ethics and Environment.  Sedex recommends providing whistleblowing hotlines across your supply chain, particularly to combat modern slavery. Other standards and certificationsRead about other standards and certifications and how they relate to whistleblowing in our previous blog posts: Whistleblowing guidelines: what you need to know about ISO 37002Whistleblowing requirements and the SA8000How whistleblowing can help improve your company's ESG scoreGet in touch and see how FaceUp can meet your whistleblowing needs. 
Whistleblowing requirements and the SA8000

Whistleblowing requirements and the SA8000

Social Accountability International (SAI) is a global non-government organization that protects and advances human rights at work. The Library of Congress in the United States includes the SAI as one of the recommended organizations providing policies and guidelines for socially responsible companies. And GOV.UK, the official website of the UK government, mentions the SAI’s workplace certification, the SA8000 as one of two audits that can be used to combat modern slavery in government supply chains.     Benefits of getting an SA8000 certificateThe SA8000 certification measures organizational practices according to nine criteria: Child LabourForced or Compulsory Labour Health and SafetyFreedom of Association & Right to Collective BargainingDiscriminationDisciplinary PracticesWorking HoursRemunerationManagement System Organizations that apply for an SA8000 certificate signal to stakeholders and the public that they are committed to creating work environments that protect and promote human rights. Having an SA8000 certification also shows potential investors that your organization is a safe investment.  As ESG (Environmental, social, and corporate governance) investing becomes more prevalent, organizations are under increased pressure to ensure that they are above board and operating ethically. The SA8000 is one of the most well-known certifications for ensuring that commitment.    SA8000 whistleblowing requirementsThe SA8000 requires that a company has a written complaint system. This grievance process must be easily accessible, for employees and other interested parties to make complaints, comments, recommendations, or reports about the workplace or violations of SA8000 standards. The SA8000 also specifies that the complaint system must be unbiased, confidential, and non-retaliatory. Once a report is received, the organization needs to have a clearly outlined process for investigating and following up on complaints concerning the workplace or non-conformance to the SA8000 guidelines.  The results of the investigation and response must be freely available to all personnel and interested parties upon request. Finally, The SA8000 makes it clear that the organization can’t in any way punish, dismiss, or discriminate against a member of staff if they choose to make a complaint. Do you need an internal complaints system for the SA8000?FaceUp is an intuitive effective whistleblowing system that matches all of these requirements. FaceUp makes it easy to track reports and respond to issues quickly within your organization. Available in 113 languages, the platform takes minutes to integrate into your organization and makes collecting reports and responding to workplace issues much easier. Get in touch and see how FaceUp can meet your whistleblowing needs. 
EU Whistleblowing Directive

What is the EU Whistleblowing Directive?

The subject of whistleblowing has been gaining traction in recent years, with both companies and the authorities looking for ways to protect whistleblowers when they speak up about unethical conduct in their workplace. To that end, the EU introduced its EU Whistleblowing Directive 2019 (also known as EU Directive 2019/1937), which aims to standardise the amount of protection afforded to whistleblowers across member states.  What does the EU Whistleblowing Directive cover?Under the Directive, organizations must:  Provide an internal whistleblowing channel (like FaceUp 🙂!)Educate employees and other stakeholders about whistleblowing optionsProtect whistleblowers who report breaches, andPrevent them from retaliationIt’s important to note that this is a directive, not a regulation (like GDPR), which means it is left up to individual member states how they go about applying it. The Whistleblowing Directive acts as a minimum standard of protection for whistleblowers. Countries or individual companies may go even further if they wish. When does the EU Whistleblowing Directive come into effect?The EU Whistleblowing Directive was adopted on 23 October 2019 and came into force on 16 December 2019, meaning that member states had until 17 December 2021 to transpose it into their national laws, although many missed this deadline.  Organizations with 50-249 workers have until 17 December 2023 to implement internal reporting channels. Who is protected and who has to comply?Simply put, the Directive protects anyone who has a ‘work-based relationship’ with an organization. The scope is broad and covers all manner of paid and unpaid workers, from full-time employees to freelancers, suppliers and subcontractors.  The Directive applies to all companies with more than 50 employees or with an annual turnover or assets totalling more than 10 million EUR. It also applies to local authorities which serve more than 10,000 people. How FaceUp can help your company comply with the EU Whistleblowing Directive Complying with the Directive may seem confusing and overwhelming. Fortunately, FaceUp has you covered. By using our whistleblowing platform, you can be assured that you are complying with the Directive’s stipulations through our anonymous and secure internal reporting channel, with the option of appointing an impartial assignee to receive and investigate reports.Check out all the FaceUp features which help you comply with the Whistleblowing Directive.  Do you need advice on how to effectively introduce a whistleblowing system? 
ESG score whistleblowing

How whistleblowing can help improve your company's ESG score

The world is becoming increasingly critical of companies that prioritize short-term profits over sustainable business practices. As such, there is an increased demand from investors and employees to work with companies that provide a net positive to the world.  Enter ESG (Environment, Social, and Governance) criteria. ESGs are a set of standards that stakeholders can use to determine if companies share their values or are at risk from sustainability issues in the future. In this article, we will break down what ESG standards are and how whistleblowing can increase your ESG score. The ESG areas cover three broad areas of long-term sustainability namely: Environment Criteria refer to a company’s environmental footprint and concerns such things as the energy your company uses and the amount of pollution created. A company that tracks its CO2 and has measures to progressively reduce CO2 emissions would have a higher environmental score. A mining organization that pollutes local water sources would score much lower.Social Criteria address the effects a company has on people, both in and outside of the organization. If your organization follows rigorous diversity hiring practices and has strong policies in place to protect workers from abusive managers this can lead to a higher ESG score. If your company has connections with organizations that use child labor this is very likely to hurt your score.       Governance Criteria refer to how a company governs itself, makes decisions, and complies with the law. Embracing transparency with decision-making and corporate practices and ensuring that there is diversity among board members can boost your score. Fines for accounting mismanagement, lack of tax transparency, lack of transparency, or other corruption issues can negatively affect your score. Whistleblowing and ESGThe European Commission is expected to adopt a first set of sustainability reporting standards through delegated acts by 30 June 2023, as part of the Corporate Sustainability Reporting Directive (CSRD).The goal of the CSRD is to improve the comparability and quality of corporate ESG disclosures. This includes transparency about how the company is governed and specifically mentions the protection of whistleblowers. Under the new sustainability reporting standards, companies will need to disclose information on certain governance factors, such as business ethics, corporate culture, and measures to prevent corruption and bribery. They will also need to report on the protection of whistleblowers and their policies regarding animal welfare. A robust whistleblowing system can help an organization meet this specific criterion of the EU. Having a formal approach and tools for whistleblowing helps in several ways:   Demonstrates a commitment to transparency Having a whistleblowing channel in place makes it clear to investors, employees, and the public that you are committed to making your workplace as open and transparent as possible. Not only this, having an established whistleblowing system allows those in positions of governance within an organization to keep a finger on the pulse of their company and make better-informed decisions. Identify opportunities for developmentHaving a whistleblowing system in place and promoting a strong speak-up culture allows companies to find areas of improvement from employees, the people who know their organizations best.  If employees know that your company prioritizes the environment and ethical work practices they can use that whistleblowing system to make suggestions to help your company reduce waste, improve performance, or identify business partners or liabilities that could hurt your ESG score.  Protect your stakeholders Last but not least, having a whistleblowing system protects your stakeholder and your organization. If employees have the ability to report discrimination and abuse they will feel safer. If employees have a way to report questionable behavior such as suspicion of embezzlement or theft it allows your organization to address the issue before it becomes a liability.  ESG investing is here to stay and having a whistleblowing system in place is a fantastic way to increase your score.  Do you need advice on how to effectively introduce a whistleblowing system? 
La protezione del whistleblower

La protezione del whistleblower: The EU Whistleblowing Directive is Coming to Italy

On December 9th, 2022, the Italian Government approved a draft implementing the EU Whistleblowing Directive into national law.    The draft expands the retaliation protection for whistleblowers in Italy. Previously, only employees were protected from retaliation. Now the list of those protected after making a report includes: self-employed workers, external workers, shareholders, facilitators of the whistleblowing process, paid and unpaid trainees and even third-party members such as the whistleblower’s colleagues and relatives.   The new law is expected to affect all private sector organizations with 50 or more employees. These organizations must install internal and external whistleblowing channels which ensure the whistlelblower’s confidentiality should they come forward.  Is your organization ready for the new Italian law?  The EU Whistleblowing Directive will take effect in Italy soon. Get a secure and anonymous whistleblowing channel to meet the legislative requirements of Italy and help whistleblowers speak up. Do you need advice on how to effectively introduce a whistleblowing platform in Italy? Sources:
Whistleblower laki Finland

Whistleblower-laki: The EU Whistleblowing Directive in Finland

Finland’s Whistleblower Act went into effect on January 1st, 2023. Private sector employers with at least 250 employees and public sector employers with 50 or more employees will be required to set up a whistleblowing channel by April 1st, 2023.  Private sector organizations with 50-249 employees will have until December 17th, 2023 to put a whistleblowing channel in place.  The Finnish government will allow certain organizations to have joint whistleblowing channels that receives notifications, verifies their validity and/or carries out investigations to ascertain their validity. However, this does not excuse individual organizations from their legal obligations.  Finally, the Office of the Chancellor of Justice in Finland established an external reporting channel for whistleblowers on the 1st of January 2023. Is your organization ready for the new Finnish law?  Finland's new whistleblowing law went into effect on January 1st, 2023, meaning that all companies with 250 employees or more must have whistleblowing channels in place by April 1st.   Get a secure and anonymous whistleblowing channel to meet the legislative requirements of Finland and help whistleblowers speak up. Do you need advice on how to effectively introduce a whistleblowing platform in Finland? Sources:,breach%20via%20a%20reporting%20channel.
Belgium whistleblowing

Belgium’s New Whistleblowing Law: What You Need to Know

On December 15th 2022 Belgium passed a bill transposing the EU Whistleblowing Directive into national law.  Here is what you need to know: The law will establish 3 whistleblowing channels each with their own rules: an in-company channel, an external channel to the authorities and a channel to the press. With few exceptions, all legal entities with 50 to 249 employees will have until December 17th, 2023 to establish internal whistleblowing channels. Organizations with 250 employees or more must have these channels in place when the law enters into force on February 15th 2023.   The Belgian law provides strong protection for whistleblowers against retaliation. Awards equal to 18-26 weeks' salary will be given to employees who are punished for stepping forward. Finally, the law expands on the EU Whistleblowing Directive. In Belgium reports on tax fraud and social fraud will also be protected. Is your organization prepared?  Belgium’s new whistleblowing law will go into effect on February 15 2023, meaning that all companies with 250 employees or more must have whistleblowing channels in place by that date.   Get a secure and anonymous whistleblowing channel to meet the legislative requirements of Belgium and help whistleblowers speak up.  Do you need advice on how to effectively introduce a whistleblowing platform in Belgium? Sources
Whistleblowing Examples

Four Whistleblowing Examples: What Happens When People Speak Up?

In the US alone there has been a massive spike in whistleblowing. The pandemic gave employees distance from their coworkers and company culture. This distance helped many people to recognize organizational problems and choose to take action.  Simultaneously, as organizations continue to embrace transparency, whistleblowing and anonymous reports have become tools for creating environments where communication is encouraged and employees feel protected enough to raise concerns. The following examples show how whistleblowing can foster a more open work environment and end corruption within an organization.    Whistleblowing Example One: Making Inclusion EasierDespite their best intentions, managers can have blind spots when it comes to employees' needs. The sports equipment retailer SPORTISIMO implemented a whistleblowing system and started to receive reports about small workplace issues. For example, the store didn’t stock certain shoes for women. These easily implemented changes go a long way toward creating a happier, more productive workforce. Whistleblowing Example Two: Revealing Harmful BehaviorIn 2021, Internal documents from Facebook (now Meta) were leaked to The Wall Street Journal, lawmakers and regulators. The documents revealed that Meta had been aware of the harmful effects its platforms were having on teenagers. (One study found that roughly 13% of teenagers in the UK linked Instagram to suicidal thoughts.)  Despite this, the company had done little to address these issues. When Frances Haugen came forward to testify on this negligence, it caused Meta to pause the production of ‘Instagram for kids’ and adjust its practices. If Meta hadn’t ignored its own internal reports and addressed the negative effects of their platforms, this leak wouldn’t have been necessary. Whistleblowing Example Three: Protecting Against AbuseA government office implemented a whistleblowing system and started to receive reports of abuse and bullying coming from one department. After an investigation, the office let the head of that department go.    Whistleblowing Example Four: Creating Open CommunicationSometimes whistleblowing and anonymous reports aren’t about wrongdoing but about fear of failure. For one organization that implemented an anonymous whistleblowing channel, most of the reports didn’t concern wrongdoing or abuse. Instead, they were from employees who needed clarification and guidance and were afraid to speak up. After the company started addressing these issues, more and more employees felt safe coming forward and asking for help. Final thoughtsWhistleblowing is one of the most effective ways to fight corruption within an organization and one of the fastest ways to address internal issues. Governments across the globe are increasing the protections offered to whistleblowers, encouraging this trend. Do you need advice on how to effectively introduce a whistleblowing platform?  Resource:

FREE E-BOOK: everything you need to know about whistleblowing