A recent article in the Financial Times reported a year-on-year increase in whistleblowing tip-offs to the Financial Conduct Authority (FCA) – the highest level since 2015, with a 35% increase in reports relating to standards of professional behaviour alone. The article speculated on the rise in direct tip-offs to the regulator indicating a problem with internal controls, such as complaint handling processes. It appears employees are increasingly ready to take their concerns straight to the competent authorities if not satisfied by internal remediation. This is not a welcome development for the Compliance department.
One simple but common control is for firms actively involved in trading the financial markets to require front office and key control staff to take a minimum period of annual leave (typically two weeks). Why? Because staff who seldom take holiday have been recognised as a classic red flag for fraudulent or otherwise transgressive behaviour. The theory being that two weeks out of the office allows opportunity for illicit behaviour to become evident to other colleagues. With working from home now here to stay for many firms, this concept has to some extent been left high and dry – individual employees can remain out of sight (literally and metaphorically) and unobserved. What can firms do to replace such controls?
Whistleblowing during lockdown
Along with surveillance of electronic communications and market activity (both areas where ACA can assist), we believe a robust whistle-blowing policy is a vital tool in mitigating some of the risks presented by the current environment. Read on for some revision of why internal and external reporting procedures are important and the key ingredients of a good policy.
The legal foundations for the protection of whistle-blowers in the UK lies in the Employment Rights Act 1996 (“ERA”) and the Public Interest Disclosure Act 1998 (“PIDA”). These established the concept of a “protected disclosure” which is afforded protection from victimisation and unfair dismissal.
To qualify as a protected disclosure, the “reportable concern” must, in the reasonable belief of the individual, tend to show that a “failure” is being, or is likely to be, committed (e.g. a criminal offence, breach of legal obligation, endangerment to an individual’s health and safety), and that the disclosure is in the public interest. It doesn’t matter if the failure takes place outside of the UK or if it relates to non-UK law. The Enterprise and Regulatory Reform Act 2013 (“ERRA”) also removed the concept of “good faith” – an employer cannot dismiss a whistle-blowing claim simply because it was made in bad faith.
The role of whistleblowing in the UK regulatory regime
The FCA and its predecessors have long recognised the importance of whistleblowing to a robust enforcement and deterrence regime. SYSC 18.3 enshrines the requirement for “appropriate and effective reporting arrangements for the disclosure of reportable concerns by whistle-blowers” and includes guidance on areas such as training and development, and reporting channels to the regulator.
The above framework has been further boosted by the new Code of Conduct Rules of the Senior Managers and Certification Regime (“SM&CR”). SM&CR, and its implementation by the FCA, places great stress on the culture inside firms with managers and employees at all levels to be made aware of their responsibilities and the need for high standards of behaviour.
For that reason, there is a certain irony in the fact that the first enforcement case under SM&CR involved the CEO of a well-known UK investment bank attempting to identify an anonymous internal complainant. That investigation resulted in the CEO receiving a personal FCA fine and claw-back penalty of over £1.1m and the firm being subject to heightened scrutiny. SYSC 18 itself notes that acting “to the detriment of a whistle-blower… could call into question the fitness and propriety of the firm or relevant members of its staff”. Many in the industry believe that the UK regulator should have made an even harsher example of this case.
Whistleblowing – friend or foe?
The above case highlights the existence of a significant constituency who view whistle-blowers as the enemy – something to be discouraged if possible. Arguably, support for the concept has historically been stronger in the UK compared with, say, North America – reinforced by the greater use of financial incentives in the US which are seen here as potentially undermining the “good faith” nature of such reports.
Societal trends, however, point in the opposite direction: the “Me Too” movement against sexual harassment and sexual abuse has demonstrated the value of collective disclosure to protect the individual against unacceptable behaviours in the workplace. Internal reporting channels, if unsupported by adequate legal frameworks and the right of external redress, will seldom be sufficient. It is interesting to note that, as mentioned above, the FCA saw a 35% year-on-year whistleblowing increase relating to breaches of standards of professional behaviour during 2019.
ACA supports the role of whistleblowing in a robust compliance framework – another line of defence against illegal or potentially harmful behaviour. Encouraging employees to come forward with legitimate concerns is of course preferable to them going straight to the regulator or elsewhere but there are many reasons for them to be reluctant to do so. Burying the problem is almost certainly the worst outcome of all. Here are some of the essential elements of a sound whistleblowing policy:
- Governance – make whistleblowing an agenda item for the governing body, including a review of arrangements and events in the compliance officer’s report.
- Education and training – explanation of arrangements to new joiners and periodic reminders on the value of disclosure to the firm.
- How to report – making sure employees understand how, and to whom, internal and external reports should be made.
- Independent advice – provide employees with details about Protect – a charity which supports individuals (and employers) in situations where whistleblowing may be appropriate.
For more information
To learn more about how this impacts your firm, please speak to Martin Lovick, Ron Weekes or your usual ACA consultant. Or contact us at +44 (0)20 7042 0500 to learn more about how we can help you with the following services:
- Market Abuse Surveillance Technology: automated, in-depth trade surveillance to help identify items of interest and non-compliant trading and investment activity. The system offers a case management tool that can track and store emails, reports, and research related to each investigation.
- Employee Personal Trading Technology: an integrated solution for managing your firm’s code of ethics compliance activities related to employee personal securities trading monitoring, attestations, reporting on gifts, political contributions, outside activities, and more.
- Training: open courses devoted to financial crime prevention and money laundering delivered virtually by one of our specialist trainers at a time convenient for you.