Blog

Since it became mandatory for employers to have an internal whistleblower channel, the employers using Lantero’s whistleblower channel have received over 2,500 reports in total. Municipal operations have three times as many reports compared to private operations. The introduction of the whistleblower law has not been without challenges, but we can see that many employers have greatly benefited from their whistleblower processes. ### Thank you to all brave and wise individuals June 23 is The World Whistleblower Day. With all the thousands of cases that have come in, we at Lantero want to take the opportunity to acknowledge and thank all the brave individuals who have taken the time and energy to report suspected misconduct. We also want to thank all the wise employers who take whistleblowing seriously and understand the benefits of a well-functioning whistleblower process. ### Significant differences Lantero has customers from both public and private sectors. We can note that public operations (largely municipalities) receive three times more reports compared to private operations. The reasons for this can be several: - Municipalities operate in many different areas - Municipalities are typically relatively large employers - Municipalities are major purchasers of both goods and services - Several municipalities are exposed to organized crime But we also believe it may be due to many municipalities being very ambitious with their whistleblower channel. They have worked actively to make the channel known and encouraged its use when needed. Therefore, receiving many reports does not necessarily have to be a negative thing. It can be a sign that the employer is open to improving the operation. ### The new whistleblower law is not without challenges Compared to the previous whistleblower law, the new one is more comprehensive. This does not necessarily mean it is clearer. For example, the assessment of whether an incoming report falls under the whistleblower law or not should be based on several factors that are open to interpretation. What does it mean that a case has “public interest” to be investigated? If it cannot be conclusively determined that the whistleblower received the information in a “work-related context,” should it not be classified as a whistleblower case? If a case has public interest, but the whistleblower is not covered by the whistleblower law’s protection, what is the employer’s responsibility then? We believe that the key to answering these questions lies in the original purpose of the whistleblower law: To protect informants to encourage people to dare to report suspected irregularities. The law has not yet been extensively tested. This means there are still ambiguities. Another challenge is the requirement for independence in the handling of incoming cases. A requirement that we think is entirely reasonable and central to whistleblower legislation. However, we often see that employers struggle to meet this requirement. Particularly for smaller employers, it is difficult to solve this with internal resources. It is therefore crucial to have well-formulated, anchored, and communicated routines from the start on how this should be handled. If a conflict of interest arises in the handling of a case, it should be simple, obvious, and well-anchored to bring in an external resource. On an overall level, we can unfortunately state that our experience is that internal whistleblower channels have an important function to fulfill. A function that, in the short time since the new law became mandatory, has proven useful and valuable for many employers. Good luck to all brave individuals and wise employers! The World Whistleblower Day is for you.

In connection with the requirement for a whistleblowing channel for smaller companies in Sweden that came into effect at the end of 2023, we at Lantero experienced an intense period. We have welcomed many new companies and organizations as clients. Some of you are in close contact with us regarding cases or other advisory services, while we have much more sparse interaction with others. We are always available if you need assistance. We are now working on new services, primarily related to regulations, reporting, and case management processes. A particular focus is the fight against welfare crime and fraud, an area undergoing significant development, especially in the public sector. For many municipalities and authorities, welfare crime is a special focus as costs have recently increased rapidly, and the area has been identified as possibly the primary source of funding for organized crime. We have long had close cooperation with many municipalities in related areas and are collaborating particularly closely in this project with a handful of municipalities that are at the forefront of the fight against welfare crime. Together, we are developing effective tools for the overall effort and, from a national perspective, for sharing best practices in this area. If you are interested in participating in the development work in future phases, please feel free to contact us. The whistleblowing service is also being further developed based on our customer interactions. We are adding functionality and making the tool easier to use. For instance, we have established new possibilities to easily revert a case in the case management process. As part of Lantero's maintenance work, we will be performing a server migration on June 12th between 13:00 and 16:00 CET. During this time, the system will be unavailable for login, and whistleblowers will not be able to submit a report via the web form. We have chosen to carry out the upgrade during the time of day when new whistleblower cases are normally not reported in the system. We thank you in advance for your patience!

Lantero will perform a server migration on June 12th between 13:00 and 16:00. This will result in a service interruption during which the service will not be available. We have chosen to schedule the interruption during the day because we prioritize availability for whistleblowers and know from experience that more cases are reported outside of office hours. We constantly strive to maintain the best, safest, and most stable service possible and appreciate your patience with this temporary service disruption. Please do not hesitate to contact us with any questions or feedback!

In an article in the newspaper Tidningen Näringslivet, Olle Lundin, a professor of administrative law and an expert on corruption, describes how corruption in Swedish municipalities and authorities is worsening. Given Sweden's historical position as one of the world's least corrupt countries, the development is very disappointing. The trend was confirmed, among other things, in connection with Transparency International's latest index on perceived corruption, where Sweden recorded its worst ranking since the measurement began in 1995. Additionally, it's one of the five EU countries with the worst performance in the index. In the news reporting, we see plenty of examples of clear violations and often a dubious attitude towards improper benefits or gifts. However, it is difficult to draw far-reaching conclusions from individual cases. Corruption is generally difficult to measure, but the trend in perceived corruption must be considered as clear evidence of actual underlying corruption. Olle Lundin argues that the reasonable reaction to a request for a bribe should be to call the police, but his conclusion based on recent legal cases is that reality is far from that. Swedish Industry recently published a report highlighting several deficiencies in public procurement. Together with the company Tendium, they have identified patterns such as a troublingly high percentage of recurring procurement winners. A whopping 65.2 percent of all procurements turned out to have recurring or partially recurring winners. The report author, Ellen Hausel Heldahl, describes that the figure indicates that authorities satisfied with an existing supplier in some cases may be influenced by the inconvenience of changing suppliers, but it could also be a more direct issue of competition being sidelined or reflecting some form of corruption, often friendship corruption. She states that Swedish Industry's surveys suggest that procurements are often perceived as targeted towards a specific supplier in advance and that in such cases, it may be decided even before any bids are submitted. Olle Lundin is not surprised by the picture painted, but shares the view of a high percentage of pre-determined procurements. He describes a trend where procurements are very specific and can hardly be fulfilled by anyone other than the local supplier. Both Lundin and Hausel Heldahl see increased transparency as an obvious part of the solution and a prerequisite for scrutinizing transactions or accessing obstruction from officials. Lundin would like to see the Parliamentary Ombudsman sanctioning authorities more often for deficiencies regarding the principle of public access to information. From Swedish Industry, several proposals have been presented to address deficiencies in, among other things, procurement. Among the proposals are: 1. Higher requirements for direct procurements: Introduce provisions for reprisals against procuring organizations that do not follow guidelines for direct procurement according to the Public Procurement Act 19 a chapter 15 §. 2. Increase transparency: Instruct the Procurement Agency to annually collect and publish the procurement values from all procuring organizations, including direct procurements. 3. Requirements for procurement analyses: Task the National Financial Management Authority with analyzing the conditions for mandatory use of spend analysis/procurement analysis in the financial systems of authorities and publicly owned companies with a purchasing volume of more than 150 million SEK. 4. Make e-commerce mandatory: Develop a legislative proposal for the introduction of an e-commerce law for all procuring organizations, including publicly owned companies. 5. Strengthen the rules on conflicts of interest: Develop a legislative proposal for the implementation of the provisions on conflicts of interest in the Swedish procurement laws. 6. Clarify volume rules: Reintroduce the aggregation rule that previously existed in the Public Procurement Act, the Procurement Act for the Defence and Security Sector, and the Procurement Act for the Utilities Sector, regarding "goods and services of the same kind during one fiscal year." 7. Review the direct procurement thresholds: Instruct the Competition Authority to analyze the effects of the raised direct procurement thresholds. The analysis should include the impact on efficient financial management, competition, and risks of corruption. 8. Strengthen municipal auditing: Appoint a commission to propose a strengthened municipal audit, with the aim of abolishing the current system of lay auditors appointed by the municipal council and instead design a system based on the Companies Act as a model. The commission should also propose a clearer budget process and stricter accounting requirements for municipalities. 9. Enact legislation on preclusion in public procurement: There is a need for legislative changes that clarify the requirement for damages and issues of preclusion in Swedish law. The current status where companies that feel that the procurements favor a specific supplier do not have an opportunity to have it tried in court.

Every year, Transparency International compiles figures on the perceived corruption worldwide, known as the Corruption Perceptions Index (CPI). In the figures for 2023, a continued and concerning negative trend for Sweden is evident. The index measures perceived corruption in the public sector in 180 countries and is based on a combination of 13 sources with data from independent institutions specializing in the analysis of governance, business climate, and country risks. This means that the information should be understood as a reflection of actual corruption through a general perception of the situation. The figures can be assumed to be a reasonable estimate of actual conditions but are even more a useful tool for trends per country or region. Sweden's trend has been negative for many years, and after losing seven points since 2015, a new lowest level is noted with 82 points on a scale of 100. The ranking is significantly lower than the Nordic neighbors Denmark (90 points), Finland (87 points), and Norway (84 points), but still somewhat higher than Iceland (72 points). Transparency International Sweden is calling for a comprehensive and systematic approach to combating corruption and undue influence, encompassing both the private and public sectors. Furthermore, they request an overview of the criminal penal code, including corruption offenses, announced by the government over a year ago. Transparency International Sweden is ready to actively contribute to shaping an action plan in this area but notes that the proposals made in connection with the previous national action plan are still relevant three years later. That this is the case is possibly not surprising, as corruption in a society is closely intertwined with a wide range of factors and societal development in a broader sense. Corruption is associated with demographics, transfer systems, the level of trust in society, and a multitude of other cultural factors, along with more or less explicit incentive structures. The political effort against corruption is therefore a task that requires extensive efforts on many levels to be effective. And it typically requires long periods of time.

BankID is a widely used method in Sweden for secure logins. The method enjoys high trust and is used for everything from logging into government websites to handler logins for Lantero's whistleblower service. During the spring, security will be enhanced with an upgrade called "BankID Secure Start." The background is that there have been frauds where scammers have deceived users into authenticating fraudulent activities remotely. Therefore, from May 1, 2024, the so-called "secure start" will be mandatory for BankID login and authentication, with some exceptions. (The upgrade is already implemented in the Lantero service.) The most significant change is the removal of the option to initiate authentication with a personal identification number (personnummer). This option has been an easy way for scammers to activate a user's BankID service during a phone call, making it seem like a confirmation of the transaction's legitimacy. Since personal identification numbers are public and relatively easy to obtain, it has become a common method for scammers to access various e-services. Changes with "secure start" aim, among other things, to ensure that the customer's BankID is physically located in the same place as the device accessing the e-service. To achieve this, two separate methods are established: a moving QR code and auto-start for BankID on the same device. With a QR code, it becomes easy for the user to scan the code on the computer with their mobile phone. The fact that the QR code is dynamic means that it regularly changes appearance, making it more difficult for someone at a distance to capture a photo or screenshot for login. Overall, logging in with BankID and the respective e-service from different locations becomes relatively challenging. At the same time, logging in remains easy for those using Mobile BankID on their mobile phones. For those who want to log in to a service from the same device where they have BankID – typically logins to e-services via mobile phones – increased security is achieved with "auto-start." The BankID app is launched directly without intermediate steps on the device where the login occurs. With this setup, the customer experience is simple and smooth, while security increases by reducing the risk of scammers exploiting intermediate steps in the login process.

Whistleblower services have, over the years, gone from being a tool used by certain larger or particularly committed companies, to a legislatively mandated necessity. These channels are suddenly widespread in the business sector, among authorities and organizations. This has led to new patterns when it comes to problems and challenges. One theme that is periodically discussed is erroneous reporting and its potential effects. There is occasional concern about how the operations can be harmed by misdirected reports. For example reports that are either not formally considered whistleblower cases or reports made in bad faith, meaning intentionally incorrect reporting. The concern revolves around the risk that as a manager or employee, one might be hesitant to do their job or make decisions that could be perceived as tough. The fear is that as a manager, one might be defenseless against fabricated accusations. It is, of course, desirable that problems are primarily discussed openly. However, as long as there is a willingness or tendency to report anonymously, it must be assumed that such a reporting avenue is a supplementary option that holds some kind of value. It may be viewed as a problem that employees want to report anonymously. But the solution is rather a long-term trust-building process through serious handling of problems, not eliminating the option to report anonymously. The notion that a manager would be defenseless against baseless accusations presupposes a fundamentally unprofessional handling of whistleblower cases and a lack of professional staffing. Incorrect reports should, of course, be assessed on their merits. They should either be referred to the right department or dismissed in cases where the information is incomplete or the accusations cannot be substantiated. The assessment of whistleblower cases should always be carried out by a limited circle of professional individuals. These individuals should have good judgment and high trust among colleagues. Some criticize whistleblower channels for being just another tool for gossip and mudslinging, as discussed in an article in the magazine Chef recently. However, in an organization where discerning individuals evaluate cases based on their actual merits, the whistleblower channel will become quite unattractive for spreading baseless accusations and incorrect reporting. The problem is likely often the lack of professional staffing in whistleblower processes. In many of the smaller organizations that now must have whistleblower systems, relevant internal resources are lacking. New legal obligations are often regarded as something to be handled as quickly and easily as possible. This tends to result in the channel functioning less effectively than it could and perhaps even contributing to a poorer organizational culture rather than a better one. Often, much of the work can be handled internally even in small organizations. But there are good reasons to have support from someone with experience in assessing and handling cases, understanding legislation and practice, establishing procedures to guide misdirected cases correctly, or managing correspondence with and feedback to a whistleblower to build a strong organizational culture and establish long-term credibility in the whistleblower channel.

It is common for municipalities to receive requests for information about cases in the whistleblowing channel. Requests can come from journalists, citizens, or other parties who, for various reasons, are interested in what is reported in the municipality's whistleblowing system. Some publications have made it a practice to regularly request all information that has been submitted to the municipality's whistleblowing system. In Sweden, the principle of transparency is a fundamental idea. Therefore, the so-called Principle of Public Access is often referenced when information from whistleblowing systems is requested. For affected municipalities, two different principles are thus pitted against each other: the Principle of Public Access and the principle that advocates for extensive confidentiality protection for whistleblowers and individuals identified in whistleblowing cases, as specified in the whistleblowing law. The balance is struck in different ways in different municipalities, and there is sometimes a clear tendency to focus on the Principle of Public Access. A recent example is Hässleholm municipality, which appears to have opened up completely to the media and participated in an article with detailed explanations of what has been reported. It is not always clear-cut when you cross the line and disclose too much information. In some situations, adequate confidentiality protection can be achieved by masking cases, but if masking is done very selectively, there is always the risk that contextual information may still reveal the individuals involved. Lantero's starting point is that municipalities, regarding cases in the whistleblowing system, should generally focus on the importance of confidentiality protection. This assessment is based on several different aspects: * The whistleblowing law imposes specific requirements on the handling of information in whistleblowing systems, while the Principle of Public Access is a more loosely defined guideline. * The harm to the individual can be significant if municipalities neglect this obligation. Both a reporting individual (who risks social or monetary costs) and an identified person (who may be wrongly identified but still has a legitimate need for protection). * The long-term credibility of a whistleblowing system relies on respect for the individual in case handling. Protecting confidentiality is thus a prerequisite for employees and other affected parties to dare and want to report. * The role that the whistleblowing system has to play is about silently identifying and addressing problems. In that sense, it becomes a valuable complement to the generally held principle of transparency (Public Access). At the end of 2022, there was also a decisive ruling in the Swedish Administrative Court. An authority was questioned for being too extensive in its masking of cases that had been requested by the media. The Administrative Court clearly sided with the authority and supported very extensive masking, emphasizing the importance of the confidentiality responsibility implied by the law.

The new requirements for whistleblower systems for all companies with at least 50 employees have been introduced in Sweden and several other countries. Lantero has been working with whistleblower solutions since 2014 and has different packages for various types of organizations to meet different priorities regarding cost, support, and functionality. During the fall, there has been intense work to assist new customers, but the picture is that many still haven't implemented a solution. Many questions still arise about the new rules and how to approach them as a slightly smaller employer. A common question for companies with around 50 employees is how to manage independence in case handling. It's more likely that conflicts of interest arise in a smaller organization, yet the number of reported cases is often low, and there is often greater sensitivity to costs. A whistleblower solution doesn't have to be expensive. At the same time, it may be unwise to choose a low-cost solution, as it may mean a lack of support from an experienced provider or that the provider's business model is structured in a way that potential follow-up dialogues risk being overpriced. We at Lantero are happy to engage in discussions if there are questions. We appreciate the dialogue and are eager to continuously gain a better understanding of the problems and concerns of existing and potential customers. New rules also mean that it may take time to establish a practice in the field. The organization setting up a whistleblower solution for the first time should ideally seek support from an established player to get a long-term functioning solution in place to the greatest extent possible. At the same time, it is not difficult to add features or change the whistleblower process if needs, preferences, or understanding of the issue change later on. It's also worth considering that it's not just the independence issue that is interesting when it comes to the support of external handlers. It can also be a question of competence, availability, or the need for internal political support from an external assessment. Get in touch, and we'll tell you more!

Lantero participated in an anti-corruption seminar on December 11th in Stockholm. The participants were mainly representatives from procurement and compliance in government agencies and larger organizations. The overall discussion focused on the development of corruption in Sweden. The discussion covered its connection to public legal awareness and self-perception, trends, and concrete work in the field, including processes based on the new legislation. Perspectives were shared by the police, academia, the Swedish Competition Authority, the National Anti-Corruption Unit, Business Owners, and Transparency International Sweden. Petter Tiger from Lantero contributed perspectives on the whistleblower issue, addressing how to establish and effectively work with whistleblower channels. The discussion actively involved examples of specific challenges and problems that may arise if an organization has insufficiently prepared in terms of processes, principles, or staffing. The whistleblower issue is evidently a current topic that has gained traction in many larger organizations. This is especially true for the public sector, resulting in a more systematic approach with well-thought-out processes. The fight against corruption is well-reflected in how an organization handles the whistleblower issue and structures work processes to support it. By adopting a serious approach in staffing, conditions for the favorable development of organizational cultures are also created. This requires, among other things independence in investigations and clear mandates in processes. In Lantero's presentation, the importance of organizational culture was emphasized as the focal point in whistleblower work. By focusing on values, clear principles, what the organization stands for, and wants to be, one can achieve benefits that essentially overshadow the utility of the whistleblower channel itself. Organizational culture determines not only whether to report an issue, but also whether miscunduct is committed in the first place. During the Q&A session after the seminar, topics included the international standard on whistleblowing, where Lantero has been involved in representing the industry in the development of the standard. A clear benefit of the standard was described as the international coordination resulting from a coordinated process. For example clarifying the understanding of what constitutes a whistleblower function and how to appropriately manage risks when developing relevant tools and processes.