Ethics and Compliance Glossary

Process of passing information without revealing one’s identity. Remaining anonymous means that the person making a report is unidentifiable, untrackable and untraceable.

Translation carried out automatically from a language to another, allowing a smoother communication and removing the need to share data with third parties. It enables employees to report in their native language and case managers to respond in the language of their choice.

The application of ethical principles and standards to business behaviour, including governance, fairness, integrity and social responsibility.

The offering, giving, receiving or soliciting of something of value to influence the actions of a person in charge of a public or legal duty. Bribery constitutes a criminal offence.Automatic translations enable employees to report concerns in their native tongue, and the case manager to respond in the language of their choice, without disturbing the exchange.

The repeated use of force, coercion, hurtful teasing or threats to abuse, dominate or intimidate another person, physically, mentally or emotionally.

The person responsible for handling whistleblowing reports, including acknowledgement, investigation and follow up.

A structured approach to transitioning individuals, teams and organisations from a current state to a desired future state.

A core management function that ensures information sharing, dialogue and engagement, including enabling employees to speak up safely.

All processes ensuring that an organisation and its employees comply with legal, regulatory and ethical standards.

The system of rules, practices and processes by which an organisation is directed and controlled.

A software solution allowing organisations to manage whistleblowing cases, including intake, investigation workflows, secure storage and data confidentiality.

An approach focused on long term value creation by integrating ethical, social, environmental and economic considerations.

Repeated aggressive behaviour intended to harm that is hidden from or unacknowledged by authority figures.

Bullying or harassment carried out through electronic means such as emails, social media or online platforms.

Dishonest or criminal behaviour by a person or organisation in a position of authority for personal gain.

The specification of the geographic location where data is stored.

The principle that data is subject to the laws of the country where it is collected, processed and stored.

A requirement that data be stored and processed within the borders of a specific country.

Unfair or prejudicial treatment of individuals or groups based on characteristics such as race, gender, age or sexual orientation.

The conversion of information into coded form so that it can only be accessed using a specific key.

Environmental, Social and Governance criteria used to assess a company’s ethical impact and sustainability practices.

European legislation providing protection and reporting channels for whistleblowers across EU member states.y.

Work performed involuntarily under threat of punishment, often linked to exploitation in supply chains.

A deliberate act of deception intended to obtain an unauthorised benefit for oneself or another party.

The General Data Protection Regulation governing the processing and protection of personal data in the European Union.

Governance, Risk and Compliance, a framework for managing organisational governance, risk management and regulatory compliance.

Illegal behaviour causing mental or emotional harm, including repeated unwanted contact, threats or offensive conduct.

The outsourcing of server infrastructure and data storage to a third-party hosting provider.

A telephone-based reporting channel allowing individuals to report concerns directly.

An automated phone system allowing users to submit reports through recorded voice interactions.

Reports made by employees using reporting channels provided by their own organisation.

An international standard defining best practices for information security management systems.

A system used to create, manage, store and control encryption keys for accessing sensitive data.

The exploitation of individuals through coercion, threats or abuse of power, including forced labour and human trafficking.

A software architecture where multiple customers share the same system while keeping data isolated.

Incidents that could have resulted in injury or damage but did not, and should still be reported.

Any information relating to an identified or identifiable individual.

Chinese legislation regulating the collection, storage and processing of personal data.

A GDPR principle requiring data protection to be embedded into systems and processes from the outset.

A former EU-US data transfer framework invalidated in 2020.

A data protection technique replacing identifying information with pseudonyms to reduce identifiability.

Disclosure of wrongdoing through public channels such as the media or social platforms.

A written or spoken account of observed or investigated misconduct.

The method through which a report can be submitted, such as a platform, hotline or email.

A system where only one organisation or user has access to the software instance.

An authentication method allowing users to access multiple systems with one set of credentials.

Openness and clarity around processes, decisions and accountability within an organisation.

A logically isolated cloud environment dedicated to a single organisation.

An individual who reports wrongdoing or misconduct within an organisation.

A secure tool enabling confidential two-way communication between whistleblowers and investigators.

Legal and organisational measures designed to protect whistleblowers from retaliation.

The act of reporting wrongdoing, misconduct or unlawful behaviour.

An internal document defining procedures, responsibilities and protections related to whistleblowing.

The set of tools and processes enabling individuals to submit and manage whistleblowing reports.

Behaviour that violates organisational policies, ethical standards or codes of conduct.

Behaviour inconsistent with legal, ethical or organisational obligations.