Skip to content

What if we create a web page on corporate web-site inhouse?

Man sitting at the workplace looking into the monitor

We have repeatedly heard that anyone can make a trust line or mechanism of confidential communication on their own. It is only a web form, though, and it is not worth the cost to outsource it to third parties.

In fact, such practices take place, for example, some banks have thus decided to formally meet the requirements of the NBU, according to our research on bank compliance and trust lines. 

However, is this the right decision? We tried to understand and analyze the disadvantages and advantages.


Feedback and dialogue with the whistleblowers. 

The web form does not give a proper opportunity to keep in constant dialogue with anonymous whistleblowers (informants, exposers, complainants).

Obtaining information from anonymous applicants, even if well-structured, sometimes requires clarification, without which the team goes blind. Accordingly, such appeals fall into the trash. The possibility of long-term communication with anonymous informants is a necessary tool to help raise the quality of the information received.

Moreover, ongoing dialogue and feedback from whistleblowers have been properly assessed by the European Parliament and will become binding from 2021 in the context of compliance with EU Directive A8-0398 / 2018 “Protection of persons reporting on breaches of Union law” of 16 April 2019.


Anonymity. Real anonymity arouses the informant's trust. 

Registering messages through a web form does not guarantee anonymity to applicants. A custom web form is just as much about keeping anonymity as a video camera that follows a box for paper anonymous hits. Obviously, it will be easy for your IT professionals to identify the person who wanted to remain anonymous. Does it inspire informants?  

At the same time, some informants want to remain anonymous. According to statistics, 56% of signals are received anonymously1. If so many signals are received anonymously, they should be handled. This is why the US Department of Justice, in its FCPA investigations, pays special attention to the anonymity factor when evaluating the effectiveness of compliance programs2.

If you are working with anonymous users, it is your responsibility to provide them with anonymity guarantees, and better than an independent third party, no one will.


Completeness of registration of all messages without forgery and manipulation. 

Web form does not guarantee 100% registration of messages. Simple example — if the information from the web form comes to an email address, the person responsible for the mailbox can simply remove the unwanted hits. It is easy to manipulate because something can be deleted. Do you agree?

In good systems, there is no way to remove messages from whistleblowers. And all the actions of internal users - employees of the company, are logged. 


The registration itself is not enough. What's next?

You need to be clear about what happens next after registering through web forms.

Whether with the web form or not, personally or through outsourcing, but most importantly, WHAT will then proceed to the report? Where does the appeal then go, and how many eyes or actions does it take? Isn't it enough of the human factor? Then, how can you make sure that other steps are responsive or adequate? How not to miss and not forget? How are routing, prioritization, and workflow done?

Of course, you can do everything manually, or use expensive automation systems. The main thing is to remember that every problem requires not only registration but also a mandatory solution.


The client is always right.

Of course, the decision to make a web registration with your own hands is obvious and understandable, no one can refuse you.

However, based on the arguments above, if you are about to build a trust line mechanism, you must approach systematically to avoid common mistakes and achieve results. However, it will be easier and more profitable to do with those who do it constantly, professionally, and responsibly.


The Ethicontrol system is a hotline efficiency platform. 

These are three systems in one - message logging, breach response procedures, internal audits, and investigations.

The mission of the Ethicontrol online system is to protect anonymity, ensure long-term dialogue, transparency of response, and validity of appropriate management decisions.