How data is making whistleblowing more effective

Several startups are offering companies more effective methods of handling employees’ allegations of malpractice – and reassuring complainants that they will receive fair treatment and won’t need to go public

Illustration: Sara Gelfgren

The spectacular fall from grace of US healthtech firm Theranos and its CEO, Elizabeth Holmes, which began when three employees contacted state regulators about the company’s misleading claims, highlights the vital role that whistleblowers continue to play in business.

But what if firms could better manage the reporting of misconduct internally and convert employees’ complaints into data that would enable them to detect patterns of harm, thereby enabling them to resolve a problem before it enters the public domain.

That’s what several growing tech companies, including Vault, Navex, SpeakUp and Telli are offering their customers, through platforms that allow employees to report wrongdoing anonymously. In Vault’s case, for instance, complaints are directed to a named manager, who can message the employee, still anonymously, to request more information if needed, before a resolution is reached and the complainant is notified of the result. The system also gives users the option to disclose their concerns only once similar complaints have been registered.

According to Vault’s co-founder and CEO, Neta Meidav, adopters of her firm’s tech are reporting a 70% average increase in the number of internal complaints received, while the time taken to resolve them has fallen by half. This, she says, points to a new era in employee-generated data that, when acted on correctly, can not only save companies the costs of litigation and all the associated reputational damage; it can also prompt them to engineer turnarounds in problematic areas.

“There’s a lot of data flowing through our application, but we’re not sitting in between employees and employers, collecting data on the former’s behalf and passing it forward. We don’t believe that trust can be outsourced – it needs to be built or rebuilt,” Meidav stresses. “We provide companies with the technology, which then they can run autonomously to create that trust.”

Vault and its counterparts can process evidence submitted in various formats, including emails, texts, chat messages, voicemails and screenshots, generating reports for investigations that can be circulated to the relevant stakeholders. Their tech can also connect the dots on reports of a similar nature, to alert companies to recurrent patterns of bullying, say. This gives them the hard data required to address systemic problems that are spreading beyond one individual or team. 

With the ability to create regular high-level reports about misconduct across the organisation, companies can take a more strategic, data-driven approach to improving their cultures. Meidav cites the case of a US tech firm at which complaints submitted through Vault exposed racist bullying, tying it to a single person. The company swiftly dismissed the perpetrator and implemented an anti-bullying programme in the department affected.

Introduced late last year, the EU’s whistleblower directive (which covers UK-based firms with operations in the EU) obliges companies with more than 250 employees to introduce internal misconduct reporting systems. But Meidav believes that the tide has turned already: CEOs have been convinced by their compliance officers that they do “need to know” about problems in their organisations – and they accept that it’s important to invest in technology that makes data about such matters manageable.

 We regularly hear from people whose confidence in an employer’s internal reporting system has been demolished because they have become targets after that system’s failure

She is also expecting an increase in the reporting of environmental issues, particularly given that ESG disclosures will become mandatory from next year for UK companies with more than 500 employees.

A systematic, data-driven approach could have created a completely different experience for Giovanni (not his real name), a former sales director. He and a colleague blew the whistle on what they believed were unlawful data-scraping practices by their firm, which led to an employment tribunal hearing last year after he left the company in 2020, disillusioned by its handling of their complaint.

Giovanni believes that an internal reporting platform would have given the company’s complaints process more structure and, potentially, provided more support for him and his fellow whistleblower.

“Having a technology and a proper procedure would definitely have helped,” he says. “Many of the challenges I faced were because there was no process to follow in the right way. Nothing was written down that could guide us on how to make a protected disclosure. So having such guidance through the implementation of a system, combined with a government function that’s truly invested in the fair treatment of whistleblowers and the investigation of wrongdoing, would help complainants and also make companies more accountable.”

Georgina Halford-Hall is the CEO of WhistleblowersUK, a not-for-profit organisation that provides support both for people who have blown the whistle and for those thinking about acting on their conscience. She sees the new misconduct reporting platforms as “the bedrock of the infrastructure that revolutionises whistleblowing and drives cultural change”.

Nonetheless, she’s concerned that, while these systems claim to protect people’s anonymity, it’s possible for data-scraping tools to identify complainants and so put them at risk of reprisals. 

“We regularly hear from people whose confidence in an employer’s internal reporting system has been demolished because they have become targets after that system’s failure. Too many organisations see a whistleblower as a problem to be rid of, rather than a valued asset,” Halford-Hall says. “Reporting platforms aren’t a silver bullet. They cannot solve the legacy issues [affecting how complainants are treated] on their own.” 

But she adds that they do “have an important role in the future of whistleblowing” in combination with other measures, noting that her organisation has called on the government to create an independent body to ensure the fair treatment of complainants. The House of Lords is set to debate this recommendation after a private member’s bill sponsored by Baroness Susan Kramer in January 2020 proposed the formation of an Office of the Whistleblower. 

Andrew Pepper-Parsons, head of policy at whistleblower support organisation Protect Data, agrees with Halford-Hall that internal reporting systems will only be as effective as the culture of support for complainants that the employer fosters.

“These reporting apps do have a place,” he says. “But, if implementing them is merely fulfilling a requirement, that’s not going to work. This is not only about whether your company enables its employees to raise concerns. It’s also about how you train managers to deal with those concerns, especially any that aren’t raised through closed systems.”

While Meidav acknowledges that technology and culture must work together for reporting platforms to have the most beneficial effect, she adds that the ability to receive complaint data in black and white gives companies a solid foundation.

She points to the case of former Facebook employee Frances Haugen, who felt she had no option but to take her complaints about the company’s practices to the US Securities and Exchange Commission and The Wall Street Journal last year. 

“If Facebook could have said: ‘We have given our people the best tool out there to report any concerns to us,’ it would have put the company on a different standing,” Meidav argues. “We’ve dealt with so many examples where that would have been the case. So companies are almost taking out a platform like Vault as an insurance policy for themselves.”