Home / Use cases / Compliance matrix
Go beyond compliance!
We apply a forward-looking approach to make sure you will be compliant with any upcoming requirements.
Reporting |
Ethicontrol platform |
EU Directive |
ISO 37002 |
U.S. FCPA |
USDoJ Evaluation |
ISO 37001 |
In-house solution |
Internal reporting channels
|
|||||||
Friendly/multichannel/different types of channels to be available (hotline, online form, personal meeting)
|
|||||||
Transparency and accessibility of information for whistleblowers
|
|||||||
The reporting channels should be available to third parties
|
|||||||
Record-keeping (Whistleblowing)
|
|||||||
Confidentiality of channels and reporters
|
|||||||
Anonymous reporting
|
|||||||
Consider the context of the organization when developing WMS
|
|||||||
Timely feedback/trackability and follow-ups to the whistleblower / acknowledge receipt, report on progress, receive/give feedback
|
|||||||
Right of whistleblowers to be wrong
|
Incident management
|
Ethicontrol platform |
EU Directive |
ISO 37002 |
U.S. FCPA |
USDoJ Evaluation |
ISO 37001 |
In-house solution |
Competent impartial person to follow up on the reports | |||||||
Triage and prioritisation | |||||||
Full access of a compliance officer to reporting and investigative information | |||||||
Direct, unrestricted and confidential access to top management and the governing body by whistleblowing management | |||||||
Determine scope of the whistleblowing system | |||||||
Timing metrics to ensure responsiveness |
Case management
|
Ethicontrol platform |
EU Directive |
ISO 37002 |
U.S. FCPA |
USDoJ Evaluation |
ISO 37001 |
In-house solution |
Transparency / validity of investigation mandate | |||||||
Independent delivery of investigation and protection functions | |||||||
Appropriately conducted investigation | |||||||
Properly documented investigation and response | |||||||
Decision-making process is free from conflict of interest | |||||||
Protection from retaliation and unfair dismissal | |||||||
A process for monitoring the outcome of investigations |
|||||||
Reporting and investigating mechanisms sufficiently funded |
|||||||
Update internal controls according to lessons learned | |||||||
Internal control provisions |
Reporting and analytics
|
Ethicontrol platform |
EU Directive |
ISO 37002 |
U.S. FCPA |
USDoJ Evaluation |
ISO 37001 |
In-house solution |
Remedial actions within the company | |||||||
Ability to collect, track, analyze, and use information from a reporting mechanism |
|||||||
Periodic tests of the effectiveness of the hotline (from start to finish) |
Other
|
Ethicontrol platform |
EU Directive |
ISO 37002 |
U.S. FCPA |
USDoJ Evaluation |
ISO 37001 |
In-house solution |
Personnel training | |||||||
A responsible business process owner / whistleblowing management function | |||||||
Self reports | |||||||
Cooperation with authorities | |||||||
Adequate compliance program | |||||||
Accurate books and records (Reflect transactions and dispositions of the issuer) | |||||||
Effective compliance procedures | |||||||
Periodic reports | |||||||
Data safety | |||||||
GDPR-compliant |