The Wirecard insider who exposed the fraud that led to its collapse has attacked Germany’s whistleblower protection law, dismissing fines for non-compliance as a “slap on the wrist” and lamenting its failure to force companies to offer anonymous reporting channels to staff.
“It’s just crazy, because it’s thrown cold water on the objective of the whole thing,” Pav Gill told the Financial Times ahead of the Tuesday launch of his start-up, Confide. “Most whistleblowing is anonymous because of the real fear of reprisal and exposure.”
His comments come as whistleblowing and governance are in focus on both sides of the Atlantic. A recent US Supreme Court ruling has made it harder for companies to retaliate against whistleblowers.
Gill was a lawyer inside Wirecard when the German payments group was valued at €24bn and regarded as Europe’s most promising technology business. He was forced out after trying to investigate internal complaints of forged documents and suspect payments in Singapore. Helped by his mother, he blew the whistle, providing the FT with files that led to the unravelling of Wirecard’s accounting fraud in 2020.
The scandal gave impetus to an EU whistleblowing directive issued in 2019 that has since been implemented in a patchwork of laws across the bloc that all came into force by December, creating the opportunity for Confide to assist the half-million companies rushing to comply.
As with rules about data and online surveillance, or climate impact reporting, Europe sets standards for corporate behaviour that impose costs beyond its borders. “The EU’s biggest export industry is regulation,” joked Singaporean Gill, who is establishing Confide’s EU base in The Hague, a centre of international justice, with support from the city’s development agency.
Under the directive, companies with more than 50 staff must have channels to facilitate, log, assess and, where appropriate, investigate complaints, while some classes of business, such as those in finance or at risk of money laundering, must do so regardless of size. The tasks involved can be outsourced.
Confide’s platform allows whistleblowers to anonymously report complaints and respond to queries, offering companies secure case management, reporting and a paper trail to demonstrate compliance.
Gill contrasted Spain’s approach, which includes fines of up to €1mn for serious offences, with that of Germany where the maximum fine is just €50,000.
Passage of the defanged German law resulted from a political compromise after conservative opposition to the scope of initial legislation and its potential cost on business. Danyal Bayaz, a Green politician, said: “It seems that the memories from the Wirecard scandal are fading quickly not only among those accused of fraud.”
Pressure group Transparency International has argued that implementation fell short of the directive’s aims across Europe, with “a lack of general protection for whistleblowers who report corruption, and no obligation to examine their reports in several EU countries”, and that none of 20 countries examined “fully meets best practice”.
Confide, which offers encrypted channels and services for investigating and categorising complaints, highlights tensions in regulations that harden protections for whistleblowers in some countries, while also giving boardrooms greater opportunity to address issues in private.
“I want to help companies to have less Pavs out there, to have less of me,” said Gill. “If you have something workable, trustable in place, then you will have less external whistleblowing cases.”
He added: “I’ve been through it on both sides of the spectrum, I’ve sat from the general counsel side and I’ve seen how companies always struggle in dealing with misconduct issues when they are raised, how poorly it’s managed.”
“When you’re talking to people that actually use these systems, like a big mining company or a big oil and gas company, they are just completely inundated with thousands of these reports a month: ranging from ‘there is not enough coffee in the pantry’, to delayed shipments, procurement concerns, vendor concerns — but also real stuff like potential criminal, potential money laundering concerns.”
His pitch is not about empowering the rank and file. “Frankly, not many companies like that,” he said. “They may lip-service it, but it’s always seen as employees versus us.”
Instead, he frames it as “an early detection tool to suss out what’s going on” — and he accepts that unscrupulous leaders could benefit as they did at Wirecard.
At the German group, he said, “they created this hotline after I was investigating them, and the scary thing is that it was going straight to Jan Marsalek” — a senior executive with ties to Russian intelligence who remains on the run.
Hence the importance of anonymity. “You could be the most fraudulent company like Wirecard. What it allows them is to see how visible the fraud is to their own employees and vendors. The only difference now is they can’t go take revenge because they don’t know who they are,” he said.
An audit trail for internal concerns might also make it harder for senior executives to argue — like former Wirecard chief executive Markus Braun has in his ongoing criminal trial — that they were blind to issues inside the companies they ran.
Confide is raising seed capital, after initial funding from angel investors, and Gill is going after a market in which the “G” in ESG starts to receive the sort of attention and demands for reporting that has forced companies to account for their environmental and societal impact. “Whether it’s FTX, Boeing, the Post Office scandal, or even Wirecard, they are all governance failures,” he said.
Highlighting recrimination at Boeing, following a series of manufacturing and safety issues, Gill said: “A possible idea is that shareholders have access to whistleblowing reports. That would be a very powerful stick from a check and balance point of view.”
Read the full article here
