Financial rewards for whistleblowers in the UK - the calls for reform grow louder

The drumbeat of calls for the UK to introduce a programme of whistleblower incentivisation continues to grow louder.  In our view, a programme of some kind, if only on a pilot basis to begin with, is very likely in the short to medium term.  There are many angles to the debate about what that could or should entail, but if there is one immutable principle to keep in focus it is this: at its heart, any system that comes will have one dominant objective - to generate more intelligence about potential criminal activity.  Corporates with bandwidth to plan ahead should reflect on what impact that would have on them, and begin to prepare for it. 

In what feels like a watershed moment, support has now been voiced in a research report by the Royal United Services Institute (RUSI) published last week (commissioned by the Serious Organised Crime & Anti-Corruption Evidence programme) (the Report).

Based on a comparative cross-border analysis with the U.S. and Canada, the Report puts its weight behind the view that whistleblower incentivisation can be effective in detecting and deterring financial crime. It assesses what the UK can learn from the experience in other jurisdictions – particularly in the U.S - and what a good whistleblower incentivisation programme might look like. It concludes that it should not be a simple 'lift and shift'. If the UK pursues this policy, it will need to develop a programme suited to its own culture, institutions, and legal framework. 

As we have previously reported in this blog, this topic is catching the attention of regulators in the UK.  The Director of the SFO - Nick Ephgrave – has been particularly clear about his support for the idea (describing the report at its launch event as making “an unanswerable case”) and, despite historical reticence, some noises of support have also been heard from the Financial Conduct Authority (FCA). 

The Report is perhaps the most detailed consideration we have seen to date on what a programme might look like in the UK  – so is helpful in pointing to areas that UK corporates might want to consider to get in front as this debate unfolds. We suggest a few takeaways below. 

Snapshot: what is the current status? 

The approach to whistleblower rewards in the UK has been limited to date – some consider there is an almost cultural aversion to the idea of rewarding whistleblowers in the corporate space. There are some contained reward schemes in the cartel and tax contexts, but there is no comprehensive programme covering other serious economic crimes or regulatory breaches. In wider policing and national security contexts, of course, paying informants for intelligence does not suffer from the same squeamishness, and for some, the logic of treating economic crime differently is hard to follow.

The U.S. is generally seen as the market leader in this space and has various schemes in operation. One of the most well-known is the U.S. Securities and Exchange Commission programme which has paid out monetary awards to qualifying whistleblowers for well over a decade, with the largest payout to an individual a headline-grabbing US$279m. More recently, the U.S. Department of Justice launched a three-year pilot Corporate Whistleblowing scheme, also offering financial incentives in certain circumstances. 

For some, there is no good reason why the UK is “missing a trick” here. Nick Ephgrave has pointed to the “brain drain” effect this is creating: because UK whistleblowers are reporting through the U.S. schemes, the benefits of successful enforcement and fines accrue in the U.S. rather than in the UK. 

Lessons from abroad for a UK programme 

The Report concludes that research shows that cash-for-information schemes have a proven impact in: (i) facilitating an increase in actionable information provided to law enforcement; (ii) achieving deterrence of criminal activity; and (iii) better compliance within the private sector, for example increased reporting via internal systems. 

It notes, however, that for a whistleblower incentivisation programme to achieve these objectives and avoid potential pitfalls, it must be carefully designed and consulted on as part of a wider programme of reform. There are material, if not necessarily insurmountable, procedural safeguards that would need to be navigated to ensure a system works effectively and the evidence produced by it can safely be deployed in any enforcement process that follows.

The Report sets out four key observations:

1. Whistleblower incentivisation can achieve goals, but not in isolation.  A financial reward alone is not enough. A scheme must include safeguards to protect against the potential detriment that can occur to whistleblowers, for example through retaliation, financial loss or reputational damage. The Report advocates the value of statutory anti-reprisal and confidentiality protections and, in addition to the idea of a “reward” for information, compensation schemes to recompense reporters from any detriment they suffer. The Report is also clear that a good scheme is nothing without an empowered regulator. Whistleblowers must feel that regulators will administer and act on reports fairly, including taking action against corporates who obstruct or retaliate against whistleblowers.
2. Good design is crucial. A scheme must be realistic and functional within the UK’s existing funding, legislative and policy context. It should be carefully calibrated to various design dimensions – for example to set what information is eligible to report under the scheme, who is eligible to report, what are the criteria for a reward and what would be the size of a reward. The U.S. model may not necessarily translate neatly to the UK. 
3. The message (i.e. the information), not the messenger (i.e. an individual’s role and motives). In the UK, the tendency to conceptualise whistleblowing within a purely employment context, means that external reports tend to be made either by individuals driven by a sense of acting for “the public good” or by those with a grievance. This limits the quantity and quality of evidence available to external agencies. In reality, it is often complicit or adjacent insiders who are the most valuable sources of information, and a good scheme should encourage them to share this evidence with regulators.  That might mean combining reward with immunity, to target the most impactful information. Nick Ephgrave certainly appears to be open to that, and has described whistleblowers as “keyholders” who can help enforcement agencies navigate complex information, and whereas there is (addressable) procedural complexity to anyone in that position being a trial witness, it is not inevitable that they would need to be put in that position.  They might be a signpost, more than a destination. He has also pointed out the corollary benefits this would have of speeding up and reducing the cost of regulatory investigations and judicial time. 
4. Ongoing process. The recommendation is to start small and targeted with a pilot programme, and build incrementally. This will make best use of limited resources, and will also allow for a monitoring process to ensure that positive outcomes are amplified and negative consequences mitigated (for example in the U.S., authorities have been able to identify and bar nuisance complainants). This fluidity is particularly important given the adaptable nature of financial crime. 

What this means for corporates

Regardless of what happens in the short-term, the spotlight on whistleblowing is a timely reminder of the importance of good corporate programmes. Enforcement agencies expect to see effective whistleblowing systems as part of wider “adequate procedures” style compliance design.  The view is that these empower companies to assess risks within their business and address potential cultural, regulatory, and commercial impacts in a controlled manner. Even if this results in a planned self-report to an authority, most would consider it preferable to having to react to an issue that is first surfaced only when an enforcement authority makes contact. By proactively managing risks and encouraging internal reporting, companies can maintain better control over their operations and mitigate potential damages. 

If the discussion continues in this direction, we can perhaps expect a UK whistleblower incentivisation scheme relatively soon in the UK, at least on a pilot basis, and we would not be surprised to see consultation starting next year. If this is coming, corporates would be well advised to assess how their policies, procedures and business resourcing provide for whistleblowing, and make adjustments to ensure they would operate well in a new system, including to consider the following: 

1. Anti-retaliation:  Traditionally (and still highly relevantly) thought of in the context of retaliation by companies against whistleblowing employees, U.S. authorities have been proactively penalising U.S. corporates who have sought to use measures to dissuade reporting (for example through the use of non-disclosure agreements and contractual terms restricting external engagement). It remains to be seen whether any UK scheme would seek to introduce new prohibitions or powers to penalise for anti-retaliation measures, but given the policy objectives that would be driving any new scheme, one can assume that enforcement agencies would be highly critical. This would represent a marked change from the current regime, where the onus is on employees to seek redress through the employment tribunal if they allege that they have suffered retaliation.  Corporates should assess the extent to which they have in place provisions or actions which might  be inconsistent with the parliamentary intention of introducing a scheme, and properly test the extent to which they can be justified. 
2. Scope of existing policies, procedures and incident management capability: The tenor of the Report was that a wider range and volume of reporters should be encouraged to come forward. Any change would, after all, have at its core the goal of generating intelligence about potential crime. Corporates should therefore consider the extent to which their existing policies and procedures would be sufficient to respond. Corporates may also wish to prepare for the prospect that an increase in external reporting may lead to a resulting increase in the external disclosure of company documentation, which might contain confidential, privileged or personal information, and develop plans and processes to deal with this eventuality.  
3. Resourcing: If a scheme is introduced in the UK, this will involve more work for corporates. The U.S. experience suggests this would involve having to deal with increased internal reporting and compliance work, regulatory enquiries and possibly regulatory investigations and enforcement. Based on what has happened in the U.S., the prospect of financial rewards may well facilitate a growing industry of specialist whistleblower legal counsel. Corporates may also need to reconsider team structuring - managing whistleblowing risk should not be confined to Human Resources and may increasingly require time from Legal and Compliance teams (an approach which is likely to be familiar to large financial services firms that already operate under an enhanced whistleblowing regime, but may be less routine for corporates in other sectors).
4. Education. Given the above, it is worth putting potential developments in this space on the senior agenda. The UK has recently seen major expansion in the scope of corporate liability (see our blog post on the Economic Crime and Corporate Transparency Act 2023 here) and the commentary by actors in this space – most notably, from the SFO – suggests this is an area corporates should consider seriously. The next step in reforming this area is unlikely to be a “line in the sand”, rather we are more likely to see incremental evolution. Corporates should be prepared to adapt.