Fraud is costly, and early detection is crucial to mitigate losses both financial and reputational. Yet, as the economies of Southeast Asia grow, questionable ethical practices persist, posing a risk to business stability. Among them are the absence of a strong integrity culture, a weak whistleblowing system, and inadequate governance, to name a few. Given that accountants and auditors are well-placed to detect wrongdoings, fraud – from red-flag early detection to mitigation – are topics that feature prominently across ISCA’s platforms and events. CA Lab, for example, has discussed them in “Navigating Integrity Challenges In Southeast Asia”, “Fraud Risk Management In the Public Sector”, “ISCA Breakfast Talk: Enhancing Whistleblowing Practices”, and “No Organisation Is Immune To Fraud”.
According to ACFE’s 2024 Report to the Nations, organisations with a robust whistleblowing system experienced 50% lower fraud losses than those without one. While it is clear that businesses should have a trusted and transparent whistleblower system, with the leadership to enforce it, an inaugural study on whistleblowing policies among Singapore-listed companies reveals gaps in whistleblowing policies, raising concerns about their overall effectiveness in ensuring good corporate governance.
The study, Will You Listen?, analysed whistleblowing disclosures in the latest annual and sustainability reports for FY2023 and FY2024, as well as on corporate websites from 536 Singapore Exchange (SGX) primary-listed issuers. Each policy was evaluated against the SGX listing requirements and good practices using a custom-developed 20-item Whistleblowing Scorecard.
The findings indicated an average score of 20.6 out of 40, with only 54.7% of issuers achieving a score of 20 or above, and less than 10% reaching 30 or higher. This reinforces the gaps in the whistleblowing policies of most issuers. The study was conducted by the Centre for Investor Protection (CIP), NUS Business School, and the report was launched in February 2025.
Gaps remain in issuers’ compliance with SGX rules
While all issuers have a whistleblowing policy in place, significant gaps remain in their compliance with specific SGX requirements, such as an independent function to investigate complaints and how protection of confidentiality of the whistleblower is ensured:
On the matter of confidentiality, although 85.1% of issuers committed to maintaining confidentiality, they failed to specify the procedures in place, and 6.2% did not disclose any information about keeping the whistleblower’s identity confidential.
The report further highlights issues related to the protection of whistleblowers against reprisals. Most issuers fell short of detailing the support mechanisms available during the investigation period:
Regarding oversight, 19.8% of issuers did not go beyond a generic reference to Provision 10.1 of the Code of Corporate Governance, on the duty of the Audit Committee to review the policy and arrangements for whistleblowing. Although 69.0% stated that their Audit Committee oversaw whistleblowing matters, they did not disclose how this oversight was conducted.
Shortcomings in other aspects of whistleblowing practices
Less than half of issuers (46.3%) have published their whistleblowing policy on their website, and only 35.4% extend their policies to cover environmental, social, and governance (ESG) issues – including breaches related to health, safety, and human rights violations. Although all policies permit employees to report misconduct, only 9.7% allow members of the public to do so. Moreover, while 64.7% of issuers express a commitment to communicating their whistleblowing policy, only 8.2% provide specific details on how this is achieved.
Transparency is further compromised, with 80% of issuers failing to disclose whether they acknowledge complaints, which may lead whistleblowers to feel they are ignored. In terms of complaint management, less than half of issuers (42%) confirmed that all complaints are reviewed – primarily by Audit Committees; just 28% said they investigate all complaints, and another 31% said they investigate some complaints. Training on the policy is provided by a mere 15.5% of issuers.
Last but not least, 29.3% did not disclose the number of complaints, and 66.2% said they did not receive a single complaint. The lack of complaints may indicate a lack of trust in the policy rather than an absence of misconduct.
These findings raise serious concerns about the effectiveness, transparency, and overall governance of whistleblowing mechanisms among SGX-listed issuers.
“Many corporate scandals could have been prevented if organisations have in place robust and rigorous whistleblowing policies that foster trust amongst employees and other stakeholders,” said Professor Mak Yuen Teen, Director, CIP. “Our study shows that a significant number of policies are poorly designed, and are unlikely to build necessary confidence for effective whistleblowing. However, effective implementation goes beyond merely fulfilling the required formalities, it necessitates the cultivation of a healthy corporate culture and effective board oversight and monitoring.”
“Whistleblowers are individuals who demonstrate genuine concerns for their organisations’ long-term well-being by courageously bringing questionable practices to light,” said Associate Professor Susan See Tho, Department of Accounting, NUS Business School and member of CIP. “Even before they step forward as whistleblowers, they carefully assess the effectiveness of the whistleblowing policy and whether the leadership will ‘walk its talk’ by addressing the issues with utmost confidentiality and while assuring personal protection. Any ineffectiveness in the policy or the leadership, even if they are perceived, would lead individuals away from the act of whistleblowing and this could mean missed opportunities for preventing corporate disasters.”
© 2024 Institute of Singapore Chartered Accountants
