Whistleblowing & Regulation

In December 2020, the Securities and Exchange Commission (SEC) implemented new rules to its whistleblower program with the goals of providing greater transparency to the process and increasing both the incentives and awards whistleblowers receive. 

The new rules followed a bumper year for payouts, with the office awarding more money to more whistleblowers than ever before in the program’s history, paying out around $175m in awards, and receiving a record number—around 6,900—of tips. The organization suggested that the added pressures of COVID on companies and their employees is driving an increase in misconduct and a corresponding increase in external whistleblowing. 

There is an obvious concern here because when it comes to encouraging and capturing reports of ethical misconduct or compliance breaches, having prospective whistleblowers first use an internal reporting channel is the most desirable approach for businesses.

Not only does this minimize the risk of financial and reputational damage of an incident going public or to a regulator at a later stage, it also strengthens trust between the employee and employer by encouraging more people to speak up before concerns boil over. 

Unfortunately, it’s often when the internal mechanism – such as a traditional hotline – falls short, is ineffective, or even unavailable, that whistleblowers decide to take their concerns to an external party, social media, or to the press.  

MobileApp_Mockup Detailed

Vault Platform: Your solution for Whistleblowing

At Vault Platform we hear from compliance leaders that they are seeing a steady decrease in hotline usage by internal whistleblowers. The shift away from telephone hotlines is highlighted in the 2019 Global Business Ethics Survey, which revealed hotlines as the least popular channel – used only by 6% of people that reported misconduct.

With a multigenerational workforce that largely favors digital communications, hotlines are seen as increasingly outdated. The most effective way to open a two-way dialog with a prospective whistleblower, anonymously or in-name, is through technology such as a mobile app. Vault Platform also advocates for highly accessible technology that can blind-connect multiple parties reporting the same or a similar incident and help identify problems before employees feel compelled to take their reports to an external body.  

Book a guided tour

Optimizing internal whistleblowing

With remote working set to continue being a staple in 2021, the suggestion is that prospective whistleblowers feel more confident in taking action externally and going straight to a regulator because they have the added security of being ‘out of sight, out of mind’ of their peers and leaders. As is intended, the highlighted changes to whistleblower legislation globally are also having the effect of encouraging more people to come forward. 

The SEC started to review its claim-evaluation process with the goal of making it more efficient about a year and a half ago in recognition of a global trend toward increasing the protections for those who choose to blow the whistle as well as to better protect them against retaliation.

In the US, further progress is being made in this direction at a federal level through the Whistleblower Programs Improvement Act (WPIA) and the Whistleblower Protection Reform Act of 2019 (WPRA). 

Meanwhile, forthcoming European regulation will also apply to US companies with operations in the EU, as any company that has employees in the EU will be affected by the EU Whistleblower Protection Directive (full report available here). 

Every employer with more than 50 employees in the European Union will need to comply with the European Union’s Directive for the protection of persons reporting on breaches of Union law. The legislation comes into effect from December 2021. 

how Vault Platform helps your company facilitate internal whistleblowing

ISO Certified

Vault Platform helps you remain compliant and effective when dealing with whistleblowing incidents

Organisational Security & Practices

Encourage potential whistleblowers to raise their concerns internally, before going to an external party

Data & Analytics

Get to resolution fast, before incident reporters become frustrated with the process


Reveal and resolve
misconduct in your workplace

Mobile App


Open Reporting


Resolution Hub


Data & Analytics


A trust platform with
security at the core

Vault Platform’s core application is to facilitate trust between companies and their people and to help to create working environments that are inclusive, diverse, productive and safe. This is why we consider security and data privacy to be critical components of our platform and why both are at the foundation of everything we do.


Vault Platform is ISO 27001 certified and GDPR compliant


Data encryption in transit and at rest: TLS and AES-256 technology protects your information


Servers located in the EU and UK, in AWS data centres that are ISO 27001, SOC 1 and SOC 2 certified