MANAGING OUTSOURCED REPORTING SERVICES EFFECTIVELY

Recommendations

Info

electric fences in the past and sadly some organisations also consider this to be the case with reporting services. My philosophy of risk management is simply that one needs the skills of a competent risk management professional to integrate all the appropriate solutions available in the right combination to ensure that the most effective outcome is achieved for each specific organisation. This is rather like the analogy that a pile of building materials only become a home once an architect and skilled tradesmen have put the components together in the most optimum manner. A group of musicians, no matter how skilful each may be, only become an orchestra and produce sublime music once they unite under the baton of a conductor to reveal the mysteries of a composers score. The obvious conclusion is that a reporting service, while being an excellent (and almost indispensable) component of a well-structured risk management strategy, is never going to really live up to its potential unless it is skilfully integrated with other complementary solutions. Taking it a step further, and no matter what level of service is provided by the ORS, it is never “going to work” in an ethical desert! I have recently had two subscribers who, for one reason or another introduced an ORS and after a year cancelled their subscription because they didn’t achieve the results that they expected. 4 Whereas even 15 years ago most risk management effort and resources were of a reactive nature (like investigations), the trend lately has been to introduce proactive measures to identify unlawful and inappropriate behaviour in the workplace. ORSs fall firmly into that category. For years in risk management we have talked about the, entirely unempirical, 10:80:10 rule. This rule states that 10% of your employees will always behave ethically no matter what the circumstances, 10% will always look for opportunities to break the rules and take short-cuts and cut corners and the 80% majority will move between the two ends of the spectrum depending on the ethos of the particular organisation. Clearly the objective is to move as many employees as possible to the “good guy” end of the spectrum and either get rid of or transform the bad apples. That said, we are still (quite rightly) spending a lot of effort on keeping the “dodgy” 10% out of the organisation by introducing effective pre-employment processes and in identifying, apprehending and disciplining those that are already in the organisation but I don’t believe that we are doing enough to build a team of “good guys” and to celebrate their ethical behaviour. From the time when ORSs were introduced they were accommodated firmly in the compliance space. It was all about policies, procedures, rules and instructions. In most organisations the internal audit and/or forensic manager was responsible for managing the service. The original communication themes were all about catching the crooks. Version 2015-01 © BE HEARD 2015
5 REGULATORY FRAMEWORK Over the past 16 years the legislative framework governing the operation of ORSs has changed significantly. Government has also been very active and has set clear guidelines, strategies and plans for the establishment of reporting services in the public sector. The Public Finance Management Act, 1999 (Act 29 of 1999) and the related regulations led to the Public Service Commission establishing a National Anti-corruption Hotline in September 2004. On 16 February 2001, the Protected Disclosures, 2000 (Act 26 of 2000) became effective and provided a first and important legal framework for reporting services in South Africa. (Go to www.home-affairs.gov.za/PDF/Protected%20Disclosures%20Act.pdf for a PDF version). Unfortunately, despite the need for the Act to be amended and periodic rumours of amendments being imminent none have been forthcoming. In 2014 the Protected Disclosures Amendment Bill was published but notwithstanding follow-ups to MPs there is no certainty when this will be considered by parliament. The private sector really took the lead in recommending reporting services in the second King Report on Corporate Governance with the Chairman Mervyn King being quoted as saying that providing a reporting service makes “good hard business sense”! This report which was published in 2002 also recommended the establishment of “easily accessible safe reporting channels” to “support embedded ethical business practices”, for the benefit of an organisation’s stakeholders. King III was published in 2009 and one of the principles was that “the audit committee should be an integral component of the risk management process” and more specifically that the “… audit committee should review arrangements made by the company to enable employees and outside whistleblowers (including customers and suppliers) to report in confidence their concerns about possible improprieties in matters of financial and sustainability reporting, or non-compliance with laws and regulations …” Other initiatives have added impetus to the requirement for reporting services. The sentiments contained in the Sarbanes-Oxley legislation, which was adopted in the USA after the Enron and Anderson debacles, have cascaded into the South African economy and many entities in the public sector (especially listed companies) have adopted these guidelines. The Companies Act, 2008 (Act 71 of 2008), provides in Section 159 (7) that “A public and state-owned company must directly or indirectly – (a) establish and maintain a system to receive disclosures contemplated in this section confidentially, and act on them; and Version 2015-01 © BE HEARD 2015
Page 1 and 2: WOULDN’T YOU LIKE TO KNOW? MANAG
Page 3: ears in mind that the monthly subsc
Page 7 and 8: While the original draft of the Act
Page 9 and 10: depending on the environment. If th
Page 11 and 12: The few internal services that I ha
Page 13 and 14: avoid the possibility of being vict
Page 15 and 16: o Should a specific report concern
Page 17 and 18: 17 COMMITMENT FROM THE SUBSCRIBER T
Page 19: 19 APPENDIX A RATE YOUR EXISTING RE

MANAGING OUTSOURCED REPORTING SERVICES EFFECTIVELY

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?