1. Introduction
Shortly after John Slowik became the first Chief
Compliance Officer of Olympus Corporation of the
Americas, he revealed a kickbacks scheme through
which Olympus had paid hospitals and physicians for
buying Olympus's endoscopes. John immediately
reported the scheme to Olympus's management.
However, the management chose to ignore John's
report. Eventually, John blew the whistle to the U.S.
authorities and the rest is history: in March 2016
Olympus agreed to pay USD 623 million to resolve
civil and criminal charges related to the scheme. As
part of this settlement, John himself was awarded
USD 51 million in relation to his whistleblowing.1
The Olympus case is one of the milestones in an
emerging global trend of increased corporate liability
exposure due to employee reporting of corporate
misconduct to regulatory or enforcement authorities,
i.e., external whistleblowing. Various policymakers
around the globe have recognised the advantage that
corporate employees may have over regulatory
authorities with respect to their access to information
about corporate misconduct. These employees are
often the ‘eyes and ears’of the company who witness
first red flags indicating corporate misconduct. This
recognition has led to the recent proliferation of
policy reforms aiming to encourage employees to
share information about corporate misconduct with
the relevant authorities. Many of these legislative
reforms also encourage, and under certain circumstances
oblige, corporations to establish reporting
mechanisms that allow employees to blow the whistle
internally. One key element in most recent reforms is
the strengthening of whistleblower protection against
retaliation. While until the early 2000s merely four
OECD countries had whistleblower protection laws in
place, in the last decade this number has more than
tripled, with nine additional OECD countries,
including the Netherlands, passing new whistleblower
protection laws.2
Whistleblowing is likely to remain a
focal point in upcoming policymaking
Whistleblowing is likely to remain a focal point in
upcoming policymaking. Further legislative reforms
and policy developments in relation to whistleblowing
are expected to be enacted following the recent
adoption of the EU Market Abuse Regulation (no.
596/2014), which becomes effective on 3 July 2016.
This new Regulation requires Member States to
'ensure that adequate arrangements are in place to
enable whistleblowers to alert competent authorities
to possible infringements of this Regulation and to
protect them from retaliation.'3
From a corporate perspective, the strengthened
motivation of employees to share potentially incriminating
information with enforcement authorities may
have a dramatic impact on corporations' legal and
reputational exposure. Obviously, the sharing of such
information may lead to criminal, administrative and
civil actions against the corporation, which in turn
may result in substantial fines and possibly severe
reputation damages. Therefore, a key question
addressed by this article is: How can corporations
effectively mitigate the increasing risk of employees blowing
the whistle externally? In this article, we suggest that a practical way for
corporations to deal with the increasing risk of
external whistleblowing is to establish a meaningful
internal alternative. Internal reporting mechanisms
have increasingly been recommended by enforcement
authorities as one of the hallmarks of effective
corporate compliance programmes.4 As we show
below, such internal mechanisms have also become
mandatory for certain corporations. This article
suggests that beyond the need to satisfy any such
mandatory regulatory requirement, maintaining an
effective internal reporting system may assist
corporations in mitigating the increasing liability risk
resulting from external whistleblowing.
This article is structured as follows: after briefly
introducing a selection of noteworthy policy reforms
in relation to whistleblowing in the Netherlands, U.S.
and U.K., this article explores the important role
internal reporting mechanisms may play in reducing
corporate liability exposure. We then proceed by
sketching a three-step internal reporting mechanism
which can be considered by corporations in order to
break the silence from the inside, thereby mitigating
the growing liability risks.