Ian Ross on whistleblowing: Examining the evidence and incoming information, the importance of witness care, and creating healthy whistleblower company policies (Part 1)

Whistleblowers are the primary source of information, leading to successful policing on economic crime. Detecting organisational misbehaviour is challenging, especially when those that witness wrongdoings do not have sufficient knowledge and incentives on how, and whether, to disclose. The webinar series “Whistleblowing Demystified,” which was held on Tuesday, May 25^th 2021 was aimed at giving confidence and guidance to companies to treat those speaking out with respect and dignity, whilst at the same time protecting the organisation from malicious accusations. There are many pressing ethical and legal questions related to whistleblowing that might affect the effectiveness of disclosure. The webinar was moderated by Elina Karpacheva from the European Compliance Center, and featured Ian Ross as the guest speaker of the morning. This event was also jointly organised by the European Compliance Center and the Risk & Compliance Platform Europe and endorsed by VUZF University in Bulgaria. This is part one.

Ian Ross is a UK anti-money laundering and compliance expert with 30 years of experience in risk management and financial crime investigation and prevention. During this webinar, he examined six key areas in his talk, primarily:

• Who is a ‘whistleblower?’
• How do you assess ‘incoming’ information from a person?
• Data integrity and anonymity (including GDPR aspects)
• Independent investigations
• Witness care, an often-overlooked issue; and
• Creating healthy, productive and trustworthy whistleblower company policies

The detrimental effects that disclosing can have on a whistleblower

Mr. Ross kicked off his presentation by providing a ‘safe’ definition of the term whistleblowing, which can be defined as, “making a disclosure that is in the public interest”. He stated that regulators and authorities are typically where disclosures are made. It is crucial to decide and balance the motivations with the credibility of the allegations that a person chooses to bring forward. It is also important to measure the credibility of the information as well. He then brought up witnesses and stated that they can de defined as, “a person who gives a formal account as evidence.” He mentioned that this is where you encounter a grey area because if a person discloses to the wrong person or if they disclose in a certain way, some advantages could be taken of this.

Mr. Ross continued by providing some real-life cases to highlight the devastating effects that disclosing can have on some whistleblowers when they decide to speak out. One case involved an American man working in an oil company who decided to blow the whistle. He thought that he did the right thing by speaking out, and he ended up in a criminal court. Another case, which was rather quite extreme, involved two whistleblowers who were sentenced to death in the Democratic Republic of Congo for speaking out on the corruption that took place in the company that they worked at.

He then returned to the topic of whistleblowing and stated that they are essentially a witness. On the other hand, you have the decision-making authorities, which are for example the criminal courts, the management, or the ethical board of a company. Their primary job is to deal with evidence and find out how they can extract it from the information that they receive. These authorities also need to be able to prove when the evidence is false or malicious.

Mr. Ross then questioned: when does a person become a witness? Or in similar words, when will the whistleblower be a real bonified witness to appear in a court or other tribunal hearing? He stated that, in the examples mentioned, all those whistleblowers thought they were doing the right thing – and they were. However, the problem was that they became stuck in this ‘swamp’ because they were never classified as witnesses. The companies were also able to get to the whistleblowers first and hit them with various accusations in retaliation for them speaking out.

Fraud, corruption, and money laundering

Mr. Ross stated that there are several definitions of fraud. However, in his opinion, fraud can best be defined as, “the strategic intention to create in the mind of the other person, a false perception of reality.” He continued by stating that intention is a big word when it comes to criminality, and that in 99 out of 100 times, fraud cases will typically be dealt with outside of criminal courts when someone discloses information to you. Moving on to corruption, it can be generally understood as ‘you do for me, I do for you’. Additionally, when it comes to corruption, it is important to determine how frequently it occurs, and why it is happening. For example, is it a pattern or a one-off event?

Then we also have money laundering, which can be defined as, “the disguising and movement of the proceeds of crime”. Furthermore, it is crucial to look at the risk for yourself and determine what kind of money laundering is taking place. He said that the crime is then the disguising and movement of the proceeds. However, he also stated that the money does not need to be moved to be laundered. For example, it can be stolen, disguised or remain in one place for a certain period of time, and still be laundered. Some of the indicators of money laundering are cash withdrawals, the movement of funds, accounts opening and closing within eight months, and funds that were affected based on loan agreements.

Mr. Ross then proceeded with his talk to discuss the topic of information and sources and said that we cannot avoid biases and stereotyping. It is particularly a vulnerable area for companies because they don’t know how to initially deal with information coming to them. As for the information, he explained that it can come in the form of various means such as in an email, a phone call, a written report, or a hotline, for example. At times, it may be presented very clearly and concisely, and at other times, it may be explained in a very bad and vague manner. Typically, the whistleblower will attempt to explain what they think is happening, and as a manager, you will have the responsibility of receiving the information and analysing it properly. You can either take an extreme reaction and accuse someone without knowing what is happening or have what is called a zero-tolerance policy, which he described is an approach that is highly dangerous.

The EU Whistleblower Directive

Mr. Ross then moved on to discuss some of the legal initiatives that have been taken on whistleblowing. He stated that the scope of the legal whistleblowing framework has been broadened to provide greater protection for people who blow the whistle. He also underlined how important it is to be clear on how the law works when it comes to whistleblowers, and how crucial it is to safeguard the identities of the whistleblowers through the means of confidentiality.

He also specifically gave mention to the EU Whistleblower Directive, which will come into effect on December 17^th, 2021. As with many of the previous directives that have been introduced, this EU directive is also very broad. He noted how this has certainly been a welcome piece of legislation on whistleblowing, but that some aspects of the directive are vague. He observed how the directive is restricted to a number of sectors, so it’s quite narrow from this perspective. He also pointed out how the Netherlands was the first country in the EU to introduce their own whistleblowing law without the European Union telling them to.

What can be reported to gain protection – examining the evidence and incoming information

So, with that said in mind, Mr. Ross made an important note here. He stated that this new directive does not protect people that report harassment, bullying and discrimination. This does not mean, however, that nothing can be done about such things when they do occur. For example, if you have a good way of doing things and can project trust and report these types of behaviours, then that is what you should be doing. Furthermore, when it comes to reporting, the questions that should be asked is: who protects what, and does the law protect it? And if the law doesn’t protect it, how can we then protect whistleblowers?

Firstly, what is essential is to examine the evidence. It’s important to consider how we handle the evidence, and how strong the evidence is when we receive it. Evidence generally comes in three forms: direct, real, and circumstantial. Direct evidence refers to what was seen, heard or what someone did. Real evidence refers to items, documents and photos and circumstantial evidence is evidence that is not drawn from direct observation of a fact in issue. Mr. Ross stated that whistleblowers are widely let down by companies that cannot simply investigate and handle the information that comes to them effectively.

What is also crucial in this process is to assess the incoming information. He said that there are three general questions you can ask yourself when tasked with doing so. Firstly, where do you begin? Do you need to follow up by carrying out a full investigation? And when do you stop – or in similar words – how far do you go? This last question is crucial as you need to know when to stop. He stated that it’s a business decision that you are making when determining this, not a criminal investigation, although in many instances, there will be a criminal backing to them.

Mr. Ross then stated that when you consider the overall investigative process, you have to make a decision on a number of factors, such as:

• Finding out what the illegal behaviour was – if there was any.
• Also, upon receiving a report, phone call or email, you have to decide how close to the action the person is. For example, is the person criminally involved? Or are they no longer benefitting criminally, which is the reason why they disclosed?
• Legalised financial rewards – this refers to offering financial incentives before a report is made. Mr. Ross stated that you have to be careful with incentivising someone financially, as it can go wrong and attract the wrong kind of volunteer. For example, a person may hold out on giving information until they receive payment.
• Is the person cooperating with you, and are you cooperating with them? Or is there no cooperation at all? Remember, it’s your job, not the whistleblower’s, to deal with the incoming information.
• And finally, how credible is what they are saying?

Part 2 will see speaker Ian Ross continue to explain the following stages in the whistleblowing investigative process, such as evaluating the evidence and handing off the information to a relevant and appropriate decision-making authority.