The word “whistleblower” owes its origin to the practice of blowing of whistles by policemen in England, whenever they observed any crime or any attempt at crime.
In Corporate Governance parlance, whistleblowing refers to inviting the attention of a company’s top management or any committee to some wrongdoing in the company such as fraud or the violation of any laid down practice(s) or legal compliance.
Who is a whistleblower?
A whistleblower could be an employee, former employee, member of the Board of Directors, a vendor, a customer, a government agency, or any person who is associated with the company, and who is willing to flag the fraud or violation so that the company can take corrective action(s), including punishing the person(s) responsible for the violation or misconduct.
As per the Companies Act, 2013, and SEBI LODR Regulations, 2015, companies, especially, listed companies, have to establish a vigil/whistleblowing mechanism, to enable the reporting of any unethical behaviour or other similar concerns to the management or to the Audit Committee.
There are two types of whistleblowers:
1) Internal Whistleblower
2) External Whistleblower
While an internal whistleblower is someone within the organization, who reports any fraud or malpractice, an external whistleblower is someone outside the organization, such as a vendor, lawyer, media personnel, law enforcement or watchdog agency etc., reporting malpractice.
The whistleblowing mechanism is expected to ensure the confidentiality of the identity of the person, whether internal or external, lodging the complaint, and to ensure that he/she is not exposed to any harm consequent on filing the complaint.
Objectives of a Whistleblower mechanism:
- To encourage any stakeholder of a company to bring ethical and legal violations, that they are aware of, to the attention of the top management, so that necessary action can be taken immediately.
- To minimize the organization’s exposure to the potential damage that can occur when employees/ others circumvent internal mechanisms.
- To let employees know the organization is serious about adherence to codes of conduct
- To prevent the possibility of any fraud, major or minor, that can be prevented if issues are flagged early.
In regard to the Whistleblowing mechanism, each company is required to take the following steps:
- To have a Whistleblower policy which is hosted on the website of the company.
- To have a proper mechanism to aid in reporting – Email, postal address or helpline numbers.
- To have a dedicated person(s) from the management to receive, and promptly act on the complaints. The Chairperson of the Audit Committee can be reached in exceptional cases. The whistleblower need not inform his/her supervisor.
- To ensure confidentiality and security of the whistleblower.
- To report complaints/ conclusions to the Audit Committee/ Board at regular intervals.
In addition to having a robust Whistleblower policy, companies should train managers and executives on how to encourage openness and promote confidence in the policy and the process. The basic objective is to provide confidence to all stakeholders to flag issues that, when attended to, will prevent the company from being exposed to frauds and malpractices that would otherwise impact on the finances and/or the reputation of the company.