NAVEX, the global leader in integrated risk and compliance management software, has released its 2024 Regional Whistleblowing & Incident Management Benchmark Report. A deeper dive into the global data, it offers valuable insights into workplace culture by analysing 1.86 million global reports spanning 3,784 organisations that together employ more than 50 million employees. NAVEX analysed its global 2023 data by four main regions: Europe, North America, South America, and Asia Pacific (APAC).
“Understanding how regional differences may impact the level and types of incident reporting is a key component of evaluating the effectiveness of a whistleblower program. Consistent analysis and benchmarking of whistleblowing hotline data empowers organisations to take action and evaluate their risk and compliance programs,” says Carrie Penman, Chief Risk and Compliance Officer at NAVEX.
“NAVEX remains the gold standard in risk and compliance data analytics, continually innovating our benchmarks to enhance corporate compliance programs and offer insights into the trending risk areas. New this year, we analysed critical third-party reporting trends in our research to involve a group that represents a diverse and distinct view. In this way, business leaders will better understand how to nurture ethical culture throughout the business including the supply chain.”
“NAVEX remains the gold standard in risk and compliance data analytics, continually innovating our benchmarks to enhance corporate compliance programs and offer insights into the trending risk areas. New this year, we analysed critical third-party reporting trends in our research to involve a group that represents a diverse and distinct view. In this way, business leaders will better understand how to nurture ethical culture throughout the business including the supply chain.”
Europe-based organisations saw a larger share of reports from third parties
In a first for this report, NAVEX analysed its database by both employees and third-party reporters. Europe-based organisations appear to have received a larger share of their reports from third parties than peers based elsewhere in 2023 (apart from South America, where some metrics in this analysis are subject to greater swings). This may be related to a greater focus on third-party due diligence in Europe driven by regulations such as the German Supply Chain Due Diligence Act (commonly referred to as LkSG), the European Union’s Corporate Sustainability Due Diligence Directive, and sanctions regimes.
Third-party reporters are less likely to be anonymous than employees across almost all measures, but some nuances remain. For example, organisations based in Europe and APAC have roughly the same anonymity rate for employees, but third parties were more likely to stay anonymous when reporting to an organisation based in APAC.
The Substantiation Rate (the rate of reports that when investigated prove to be correct or partially correct) for third-party reports made to organisations based in Europe was actually better than the rate for employees in 2023—a surprising finding given the decreased proximity third-party reporters have to the organisation, its policies, and training.
European headquartered organisations received the greatest share of reports of Bribery and Corruption
The greatest share of reports pertaining to Bribery and Corruption by headquarters were for those based in Europe, which also showed a 10% year-over-year increase; 1.78% of reports in 2023 compared to 1.62% in 2022. Conversely, when looking at this category by report origination, reports in North America and Europe were far less likely than in APAC and especially South America to involve this Risk Type.
March and October are peak months
Interestingly, report volume is typically lower in the summer months. This appears true when looking at reporting by company headquarter location and by the region in which a report originated. Reporting shows two peaks across regions and measures—March and October.
Europe shows increase in reporting…except the UK
There were expectations that the implementation of the European Union Whistleblower Protection Directive would increase internal reporting activity across Europe, given that the regulation requires a wide swath of organisations to implement internal reporting systems. Data shows median Reports per 100 Employees is indeed increasing across mainland Europe.
However, for the UK—notably not an EU member state and thus not subject to the Directive—report volumes fell. Comparing 2022 to 2023, organisations based in Europe saw median Reports per 100 Employees increase from 0.53 to 0.63, while in the UK, those values decreased from 0.53 to 0.43. This trend may change as the nation considers updates to its own internal reporting regulations, a process still under discussion in Parliament.
Workplace Civility reports for European-based organisations more than doubled
Workplace Civility issues (bad behaviour, bullying or abuse of power) experienced a major increase in frequency for organisations based in Europe; reports jumped 123% (2022 versus 2023). This trend was also evident in Europe by region of report origination, which experienced an 83% increase. By both measures, all regions saw this Risk Type grow year-over-year, yet Europe was particularly notable.
Retaliation reports still low but are on the rise
Finally, although always relatively low, retaliation reports represented a greater share of reports made for all four geographies in 2023 than in 2022, both in terms of headquarters and report origination region. Among the greatest increases were for organisations based in Europe, which saw a noticeable rise in frequency. Individuals who experience retaliation are much less likely to report again to the same channel, and this is likely a factor in the low overall volume of these types of reports.
When reporters feel they cannot safely speak up internally, they may turn to an external regulator, revealing the need to address misconduct directly and for organisational change. Noting the protections provided to whistleblowers in various regulatory regimes, and that the EU Directive places the burden of proof on the organisation—not the reporter—proactive retaliation prevention processes are becoming more important than ever.
Join our webinar for more insights on the 2024 Regional Whistleblowing & Incident Management Benchmark Report.
About NAVEX
NAVEX is trusted by thousands of customers worldwide to help them achieve the business outcomes that matter most. As the global leader in integrated risk and compliance management software and services, we deliver solutions through the NAVEX One platform, the industry’s most comprehensive governance, risk, and compliance (GRC) information system. For more information, visit NAVEX.com and our blog. Follow us on Twitter and LinkedIn.