A recent article in the Financial Times reported a year-on-year increase in tip-offs to the Financial Conduct Authority – the highest level since 2015, with a 35% increase in reports relating to standards of professional behaviour alone. It appears that employees are increasingly ready to take their concerns straight to the authorities.

The FT article speculated on the rise in direct tip-offs to the regulator that indicated problems with internal controls such as complaint-handling processes. It appears that employees are increasingly ready to take their concerns straight to the competent authorities if their superiors do not put things right to their satisfaction. This is not a welcome development for compliance departments.

One simple but common control is for firms actively involved in trading in the financial markets to require front-office and 'key control' staff to take a minimum number of holidays (typically two weeks). This is because of the old trope about fraudsters - that they dislike going on holiday because they are always worried about being found out in their absence and not being able to explain things away or hide evidence. Compliance departments therefore know that a refusal to take breaks is a classic 'red flag' for fraudulent or otherwise transgressive behaviour. With working from home now a fixture at many firms, this concept has to some extent been left high and dry – every employee can remain out of sight (literally and metaphorically) and unobserved. What can a firm do to replace the old means of control?

Whistleblowing during lockdown

Along with the surveillance of electronic communications and market activity, a robust whistle-blowing policy is one vital way of keeping fraudulent behaviour at bay.

What does the law say?

The legal foundations for the protection of telltales in the UK lies in the Employment Rights Act 1996  and the Public Interest Disclosure Act 1998. These established the concept of a “protected disclosure” which affords the telltale complete protection from victimisation and unfair dismissal.

To qualify as a protected disclosure, the “reportable concern” must, in the reasonable belief of the individual, tend to show that a “failure” (e.g. a criminal offence, a failure to meet some legal obligation, the endangerment of someone’s health and safety) is being, or is likely to be, committed and that the disclosure is in the public interest. It does not matter whether the failure takes place outside the UK or if it relates to foreign law.

The Enterprise and Regulatory Reform Act 2013 also removed the concept of “good faith,” so an employer cannot now dismiss a whistle-blowing claim simply because it was made in bad faith. This is very important because stool pigeons are seldom angels.

The role of the informant in the British regulatory regime

The Financial Conduct Authority and its predecessors have long recognised the importance of private disclosures as a means of helping it to deter bad behaviour. SYSC 18.3 requires firms to have “appropriate and effective reporting arrangements for the disclosure of reportable concerns by whistle-blowers” and includes guidelines for areas such as training, development and channels through which telltales can report things to the regulator.

The new Code of Conduct Rules of the Senior Managers and Certification Regime have now added to this effort. The SM&CR and its implementation by the FCA places great stress on the culture at firms. It insists on managers and employees at all levels being made aware of their responsibilities and the need for high standards of behaviour.