SYSC 18 Whistleblowing — Compliance Review Questions

The Financial Conduct Authority (FCA) outlines requirements for whistleblowing procedures in SYSC 18 of its Systems and Controls section. These requirements aim to ensure that firms have effective arrangements in place for the protection of whistleblowers, encouraging a culture where people feel safe to raise concerns about potential misconduct. Here are 30 compliance questions designed to assess adherence to FCA SYSC 18 and related whistleblowing requirements:

Whistleblowing Policies and Procedures

1. Does the firm have a formal whistleblowing policy?
2. How is the whistleblowing policy communicated to all employees?
3. Are there clear procedures for making a whistleblowing report?
4. Is the whistleblowing policy accessible to external parties, such as contractors or suppliers?
5. How does the firm ensure the anonymity and confidentiality of whistleblowers?

Whistleblowing Channels

1. What channels are available for whistleblowers to report concerns (e.g., hotline, email, in-person)?
2. How does the firm ensure these channels are secure and confidential?
3. Is there an option for whistleblowers to report concerns externally?
4. How are the effectiveness and integrity of whistleblowing channels monitored?

Training and Awareness

1. What training is provided to employees regarding whistleblowing policies and procedures?
2. How are managers trained to handle whistleblowing reports?
3. Is there regular communication to staff to promote awareness and trust in the whistleblowing process?

Whistleblowing Investigations

1. What process does the firm follow upon receiving a whistleblowing report?
2. How are whistleblowing investigations conducted to ensure fairness and objectivity?
3. What measures are in place to protect whistleblowers from retaliation?
4. How does the firm ensure timely follow-up and resolution of whistleblowing reports?

Governance and Oversight

1. Who is responsible for overseeing the whistleblowing process (e.g., a whistleblowing champion)?
2. How does senior management demonstrate commitment to fostering a culture that supports whistleblowing?
3. What role does the board or audit committee play in overseeing the firm’s whistleblowing arrangements?

Record-Keeping and Reporting

1. How are records of whistleblowing reports and investigations maintained?
2. What safeguards are in place to protect the information contained in these records?
3. How does the firm report on whistleblowing to regulators and other external parties, where required?
4. Is there an annual review of whistleblowing cases and outcomes to identify patterns or systemic issues?

Feedback and Communication

1. How is feedback provided to whistleblowers, where possible, about the outcome of their report?
2. What channels are available for employees to provide feedback on the whistleblowing process?
3. How does the firm communicate the value and importance of whistleblowing in detecting and preventing misconduct?

External Whistleblowing

1. How are external whistleblowing reports (e.g., from clients or the public) handled compared to internal reports?
2. Is there guidance for dealing with whistleblowing reports received from external sources?

Continuous Improvement

1. What processes are in place for regularly reviewing and improving the whistleblowing arrangements?
2. How are lessons learned from whistleblowing cases integrated into broader risk management and compliance practices?

By systematically addressing these questions, compliance officers can ensure that their firm’s whistleblowing arrangements are robust, effective, and compliant with FCA SYSC 18. This not only helps in meeting regulatory expectations but also plays a crucial role in fostering an ethical culture and detecting and preventing misconduct within the organization.

Disclaimer: The information provided herein is solely for informational purposes and represents my own personal views. It should not be construed as legal or regulatory advice. For advice specific to your circumstances, please consult a qualified professional. Additionally, the opinions expressed are my own and do not reflect the views of my employer.