Speak Up Procedures - Institute of Business Ethics
Speak Up Procedures - Institute of Business Ethics
Speak Up Procedures - Institute of Business Ethics
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
1<br />
SPEAK UP PROCEDURES<br />
PART 1<br />
• A clear statement that malpractice is taken seriously in the organisation<br />
and an indication <strong>of</strong> the sorts <strong>of</strong> matters regarded as malpractice<br />
• Respect for the confidentiality <strong>of</strong> staff raising concerns if they wish, and<br />
the opportunity to raise concerns outside the line management structure<br />
• Penalties for making false and malicious allegations<br />
• An indication <strong>of</strong> the proper way in which concerns may be raised outside<br />
the organisation if necessary.<br />
“[This approach…] goes further by inviting all staff to act responsibly to<br />
uphold the reputation <strong>of</strong> their organisation and maintain public confidence. It<br />
might help to avoid the cases when the first reaction <strong>of</strong> management faced<br />
with unwelcome information has been to shoot the messenger.”<br />
Whistleblowing Best Practice - Second Report, Committee on Standards in<br />
Public Life, May 1996 13<br />
<strong>Speak</strong> <strong>Up</strong> legislation in other countries<br />
UK organisations operating overseas may be governed by legislation in other<br />
countries. Some examples are below.<br />
Sarbanes-Oxley Act 2002 (US)<br />
In the wake <strong>of</strong> the Enron and Worldcom collapses, the Sarbanes-Oxley Act <strong>of</strong><br />
2002 was enacted in the US. It contains significant protections for corporate<br />
whistleblowers. As part <strong>of</strong> the mandated audit committee function, publicly<br />
traded corporations must establish procedures for employees to file internal<br />
complaints and procedures which would protect the confidentiality <strong>of</strong> employees<br />
who file allegations with the audit committee.<br />
CNIL (France)<br />
In May 2005, the French Data Protection Authority (Commission Nationale de<br />
l'Informatique et des Libertés, or CNIL) refused to authorise two whistleblowing<br />
programmes submitted by the multinational burger chain McDonald’s and by<br />
CEAC, a division <strong>of</strong> Exide Technologies. The companies had prepared these<br />
programmes in order to comply with the requirements <strong>of</strong> the Sarbanes-Oxley Act<br />
<strong>of</strong> 2002. The grounds for refusal were tw<strong>of</strong>old: that employees might be deprived<br />
<strong>of</strong> certain rights to which they are entitled under French law, and that such<br />
programmes are tantamount to systems <strong>of</strong> “pr<strong>of</strong>essional incrimination” or<br />
“pr<strong>of</strong>essional denunciation” that could be slanderous.<br />
These decisions have prevented multinationals from simultaneously complying<br />
with Sarbanes-Oxley requirements and French data protection laws.<br />
13 http://www.pcaw.co.uk/about/nolan.html<br />
8