Whistleblower policies date back to 2002 with the passage of the Sarbanes-Oxley Act, which came about as a result of corporations that misled their investors relating to fraudulent financial reporting practices.
The intent of the act is to ensure that corporations and nonprofits alike are transparent and accountable for their financial results.
A whistleblower policy is more than a core policy for nonprofit organizations. We’ll review the purpose it serves, explain how it can protect your nonprofit, and provide an overview of the elements of a responsible whistleblower policy.
What Is a Whistleblower Policy?
A whistleblower policy is a regulatory and compliance issue that’s outlined in the Sarbanes-Oxley Act. It pertains to corporations and nonprofits. Its purpose is to prevent retaliation against employees or others who report fraud or destroy evidence of fraud.
In simple terms, a whistleblower is a person who reports suspicions of illegal or dishonest practices to the proper authority. Whistleblowers don’t investigate fraudulent activities on their own, and your whistleblower policy should identify who does.
A few examples of dishonest or illegal activities include:
- Violations of laws at any level of government
- Billing for services that weren’t performed
- Billing for goods that weren’t delivered
- Fraudulent financial reporting
The purpose of a whistleblower policy is to protect employees from being fired or retaliated against in situations where they report internal misconduct.
How Do Whistleblower Policies Differ for Nonprofits?
While the focus of whistleblower policies for corporations focuses primarily on financial practices, nonprofits typically create whistleblower policies that address complaints about a wider variety of the nonprofit’s activities and operations.
It’s common for nonprofits to put whistleblower protections in place even if they don’t yet employ staff. A whistleblower policy is a core policy for nonprofits that encourages volunteers as well as employees to communicate their concerns about most any issue without fear of retaliation.
For nonprofits, a whistleblower policy tells volunteers and employees the nonprofit has an open-door policy and the standards for transparency and accountability are clear. The policy affirms that a responsible person will take their concerns seriously and the complaint won’t be passed off as nothing.
Nonprofits should view whistleblowing in a positive light as it presents an opportunity to address all concerns including unsafe conditions, discrimination, harassment, and fraudulent accounting practices.
Whistleblower Policy Is an Important Governance Issue for Nonprofits
The federal law prohibits nonprofits from retaliating against employees who report, or “blow the whistle” on suspicions of accounting and financial practices. As a result, more than 45 states have enacted laws that require whistleblower policies in the workplace.
By instituting a whistleblower policy, your nonprofit helps to demonstrate its commitment to compliance, which is a hallmark of good governance.
Your board should be aware that the IRS takes whistleblowers seriously. The IRS even has a Whistleblower Office that offers monetary awards to those who report cases of financial fraud if the IRS uses the information they discovered in a trial as a result of the complaint. The IRS may make a payment of 15%-20% of the funds they collect in a case. Whistleblowers get paid after the final determination gets made and all appeals are exhausted.
The Secretary of Treasury keeps Congress in the loop of whistleblower investigations by providing them with an annual report on federal whistleblower activity.
Elements of a Whistleblower Policy
Your directors, officers, and employees all have a responsibility to uphold high standards of business and personal ethics as they perform their duties. All should be trained in ethics and be encouraged to practice honesty and integrity in their duties and comply with applicable laws and regulations at all times.
As your board develops or reviews your nonprofit’s whistleblower policy, it’s important to include the following elements:
Describe the intent of the policy which is to allow internal concerns to come forth so your board can take the appropriate actions. Note that the policy applies to all board members, officers, employees, and volunteers.
This element speaks to the notion that it goes against the values of your nonprofit for anyone to retaliate against any individual that reports an ethics violation or suspected violation of any regulation.
Describe that your nonprofit has an “open door” policy, and anyone is welcome to ask questions, relay concerns, file a complaint, or offer suggestions. Identify the designated individuals that are authorized to hear concerns. Many nonprofits also require supervisors and managers to file a written report when someone files a complaint.
Assign a compliance officer to investigate and resolve all complaints. The compliance officer may be a board member, executive director, or third party. Detail the compliance officer’s duties. Require the compliance officer to advise the executive director and/or the board of directors of all complaints and to file an annual report to the treasurer, finance committee chair, or audit committee on compliance activity related to allegations of financial, accounting, or other compliance matters.
Accounting and Auditing Matters
Describe how the compliance officer should work with the appropriate parties to resolve matters and boost internal controls.
Acting in Good Faith
In this section, note that anyone who files a complaint in writing about a violation or suspected violation must act in good faith. They must also have reason to believe there was a violation. Also, explain that unsubstantiated, malicious, or false allegations will be viewed as a serious disciplinary offense which may subject them to termination.
Assurance of Confidentiality
Your board may wish to make a note in your whistleblower policy that you will protect the confidentiality of the whistleblower except for circumstances where you may need to comply with the law or provide accused individuals with their legal defense rights.
Handling Reported Violations
Note that the compliance officer will acknowledge receipt of the complaint and that it will be properly investigated and corrected if needed.
In addition to establishing a whistleblower policy, your board should also develop core policies for conflict of interest, code of contact, executive compensation, gift acceptance, and document retention. With a BoardEffect board management system, you can store all your important policies and other documents safely in the cloud.