Whistleblowing is becoming more standardised, with more protection for whistleblowers and greater obligations on the part of employers. The most visible example of this change is the launch of the EU Whistleblowing Directive, which provides greater protection for whistleblowers in EU member states.
But the EU Directive isn’t the only important recent development in this field. The development of a new ISO standard providing guidelines for whistleblowing management systems represents an additional step forward, and a new addition to the Ethics & Compliance toolkit.
ISO 37002 is the first ever international standard dedicated to whistleblowing management. Here, we explore what it means for Ethics & Compliance functions and for businesses at large.
What is ISO 37002?
ISO 37002 is a new standard that sets out international guidelines for handling reports from whistleblowers. Unlike other initiatives, ISO 37002 focuses not on the whistleblower but on the way in which their reports are dealt with. The standard sets out best practices for setting up the systems required to manage reports in a satisfactory manner. It focuses on the four stages of report handling: receive; triage and assess; address; and close the loop.
ISO 37002 was published recently, having been drafted through collaboration between the national standard bodies under the oversight of ISO convener Dr. Wim Vandekerckhove.
What does ISO 37002 mean for my business?
ISO 37002 is not a certifiable standard, as distinct from those governing other practices such as those concerning anti-bribery activities. However, it is ‘plug and play’ with regard to existing standards. This means that it is designed to allow for easy integration with national or state-level requirements on bullying, harassment, and related issues.
The new ISO is intended to help businesses integrate whistleblowing systems into their existing Ethics & Compliance and HR processes, and it sets out an intuitive framework by which this can be achieved. It takes businesses from planning through implementation and eventually to assessment and review, working on the basis that whistleblowing processes should be under constant evaluation to ensure that they are operating properly.
ISO 37002 is applicable to organisations of every size, whether public or private, and of every type, in every territory, and in any industry.
How does ISO 37002 relate to the EU Whistleblowing Directive?
ISO 37002 complements the EU Whistleblowing Directive by broadening access to important knowledge about effective whistleblower management. It should be seen as part of a range of tools used by Ethics & Compliance professionals and business leaders not only in their efforts to remain legally compliant but also to ensure that they are creating and maintaining safe, productive, sustainable workplaces and organisations.
How do I implement ISO 37002?
Vault Platform is the leader in Ethics & Compliance and whistleblowing solutions globally. We are on hand to share our expertise, including in the implementation of ISO 37002-compliant processes.