Blog Home

Hotline Reporting

How many hotline reports should I receive?

You would think that there was a simple answer to the question: “How many hotline reports should I receive through my anonymous hotline? However, when you start to really look at an answer, it is far more complicated than you think.

Over the past 7 years, I have discussed hotline benchmarking with compliance officers, HR executives, auditors, and legal counsels at organizations all over the globe.  The common expectation is that about 1% of all employees will use a hotline every year.  This metric is not so cut and dry however, as factors such as demographics of the workforce, geography and culture at your facilities, and the other processes that you support for issue reporting.

According to the corporate executive board almost 80% (50% unreported & lost, 30% stuck or siloed) of all risk data gets lost, stuck or siloed.  Over the years, I have probably read over 1,000 codes of conduct, and have found that a great majority of the time the code suggests that “to raise a concern and employee should go to management, senior management, human resources, compliance and ethics, or use the anonymous reporting process.”  In the majority of situations the code also provides for non-retaliation, which means that the company is guaranteeing that regardless of how the employee raises a concern, they are protected.  These two written statements seem like a utopia compared to reality. Since we know that employees don’t bring information forward and retaliation does exist in organizations, how can we make effective decisions without employees feeling confident in reporting all issues?

So now, let’s take a look at how many reports you should get per year based using industry metrics as our variables (Sources: Compliance & Ethics Leadership Council, Ethics Resource Center)

• 15% of employees observe misconduct (CELC) Turning Ethics into Outcomes (Page 4)
• 50% goes unreported (CELC) Turning Ethics into Outcomes (Page 4)
• Of the misconduct that is reported ~5% comes through the company prescribed anonymous “hotline” (ERC) 2011 National Business Ethics Survey (Page 21)

1. 10,000 employees * 15% =  1,500 employees observed misconduct
2. 1,500 observed issues * 50% actually brought forward by employees = 750 reports
3. 750 Reports * 5% reported through the hotline = 38 hotline reports per year.

Note: This assumes that of those 15% they each only saw one issue of misconduct. We know that more than one issue is observe, so these are very conservative estimates

This means that there are 712 issues that are never reported because they are lost or stuck and siloed in the organization. Your hotline gives you a very small window into the actual risk in the organization, and while valuable, is not a good representative example of what his happening in your company.

Now that we have given you a model for determining a baseline answer of the number of reports your hotline should receive, it is still not accurate because there are so many factors into why issues are not reported.  If you are trying to minimize risk, increase transparency and improve culture you can start by:

• Analyzing  your code of conduct – highlight any areas that provide instructions for people to report – open door, hotline, conflict of interest, gift approval etc.
• Analyzing the current process and determine if they are consistent and measurable.
• Developing process to minimize data getting lost stuck and siloed.

If you follow these three steps, it will give you a good starting point to improving your reporting program and giving you even better insight into not only the number of hotline reports but misconduct overall but improving reporting across the board.

Whistleblower Compliance Webinar

The SEC recently issued its final regulations to Dodd-Frank's whistleblower bounty provisions. This presentation will highlight salient aspects of those provisions, identify the attendant risks, and provide practical ways to head-off whistleblower claims and strengthen defenses where litigation is unavoidable.

Check out our archived webinar to learn about whistleblower compliance and the Dodd-Frank Act.

Stephen Molen is the Director of Strategic Solutions for EthicsPoint, a leading provider of Governance, Risk and Compliance software & services that help clients protect their culture and reputation by providing visibility into the actual risks impacting their business. Stephen and EthicsPoint are based in the pacific northwest just outside of Portland Oregon.

Stephen has been working in the Governance, Risk and Compliance market for the past 7 years, and has advised numerous companies on the adoption of best practice solutions to aide in the evolution of their GRC Strategy and the protection of their brand. Prior to leading the solutions team, Stephen was the National Account Manager for the Oil & Gas, Energy, Utilities, Hospitality & Leisure, Real Estate & Construction, and Manufacturing market segments, working with Global 500 customers.

Stephen is a frequent speaker on ethics & compliance solutions and has worked with the SCCE, OCEG, EthicsPoint, and at national conferences. In his off time, Stephen looks to celebrate life with friends and family. As an avid cook, he loves to experiment with new ingredients and local flavors, specializing in Caribbean fare to carry on the traditional foods of his family’s heritage.