On The Hotline
- By Kathleen Kotwica
- Mar 05, 2008
Historically, corporations have struggled to accurately assess hotline performance because they had nothing to compare it to. They could collect data on their own hotlines to see how many reports had been received and what action had been taken based on those reports.
But with no way of knowing how those numbers stacked up against those of comparable organizations, they couldn’t draw any reliable conclusions about the quality of their hotlines and reporting programs.
For the second year in a row, the Security Executive Council has joined forces with The Network Inc., the leading provider of ethics and compliance hotline programs in the U.S., to create the 2007 Corporate Governance and Compliance Hotline Benchmarking Report, which provides more extensive hotline benchmarking data. The 2007 report breaks out the data by industry and by year, and it presents several data points in the form of rates instead of percentages, which controls for data variations between industries and business sizes.
The report is based on an analysis of more than 277,000 hotline incident reports from more than 650 organizations across all major industries over a fiveyear period. Participants -- or those who made reports -- may be employees, former employees, vendors and the public. The data was masked to protect confidentiality. Findings that accounted for aggregated frequencies across five years included:
- For those reports where case outcome was provided, most reports (65 percent) were serious enough to warrant an investigation and 45 percent resulted in corrective action taken.
- The research showed that half of the reports received concerned personnel management incidents. Beyond the personnel management category, company/professional code violations (16 percent), employment law violations (11 percent) and corruption and fraud (10 percent) were the most commonly reported incidents regardless of industry. Aggregated rate data for 2006 only included:
- A rate of 8.3 incidents was reported per 1,000 employees overall (regardless of incident type).
- Smaller organizations showed a general decrease of incidents reported over time. Mid-sized and larger companies showed a general increase of reported incidents over time
Develop A Plan
But even with all these improvements, like any other report, the value of this study lies not just in the data, but in what can be done with that data.
First, comparing the numbers alone won’t provide you with a complete picture of your hotline’s performance. Unless you look beyond the numbers to consider all the potential explanations of why your program varies from the average, you’ll still be missing critical insights that could change the whole direction of your program assessment.
For example, after reading the report’s assessment of reporting rates, you determine that your organization, given its size, should be receiving eight to nine calls per 1,000 employees.
You are only receiving three per every 1,000.This result may be an indication that your organization has far fewer compliance issues than its peers and competitors.
While that may be so, it is not the only possible explanation. You’d likely receive fewer calls than average if company employees were being intimidated by their managers into keeping mum about misconduct concerns. Or, perhaps your awareness program isn’t what it should be.
Once you have studied the benchmark data presented here and considered why your numbers are higher or lower in various categories, share what you have found with your partners in other business units. Internal Audit is no longer the only player in compliance and misconduct. Many of the issues examined in this study will impact Human Resources, Legal, IT, and Corporate Security and Safety, among other departments.
Organize a team with representatives from every affected business unit to pinpoint the problems or accomplishments behind the numbers and determine how to correct any shortfalls.
After you’ve determined what actions should be taken, present your findings to management and explain how you intend to use the report to help better calibrate your hotline program. Show management that you’ve organized a collaborative effort to improve performance and tell them what you are doing with the information you have acquired.
Protecting brand image, people, organizational growth and stakeholder confidence are at the roots of what should be driving how you measure the success of your program.