Jump to content

Policy:Wikimedia Foundation Whistleblower Policy

From Wikimedia Foundation Governance Wiki
(Redirected from Whistleblower Policy)

We are serious about legal compliance and we are serious about protecting whistleblowers who in good faith bring instances of possible unlawful conduct or financial wrongdoing to our attention. Our trustees, officers, employees, volunteers, and independent contractors hired to perform services at the Wikimedia Foundation must comply with applicable laws and regulations in the conduct of their duties and responsibilities. This whistleblower policy applies to all such individuals.

We all share responsibility for ensuring that our workplace is free from unlawful conduct and financial wrongdoing. If you receive a complaint covered by this policy, or if you witness any conduct you reasonably believe may be covered by this policy, we expect you in good faith to report that complaint or conduct, and we encourage you to use the channels set forth in this policy. We also expect our employees and all others connected with the Wikimedia Foundation to fully cooperate with any investigations of complaints.

Scope and Objectives

This policy sets out the reporting procedures and whistleblower protections connected with complaints about potential legal violations and financial wrongdoing. It does not cover all types of complaints or misconduct, though the other policies that govern such complaints and misconduct also rigorously protect from retaliation those who make good faith reports/complaints. For example, sexual harassment, discrimination, disputes with a co-worker, and various types of conflicts of interest are covered by other policies. Those complaints may trigger different channels of reporting or investigation and should be reported to specific members of the Talent & Culture department or to the appropriate individual or department, as set out under the relevant policy.

The main objectives of this whistleblower policy are to:

  1. Encourage good faith reporting of suspected (a) illegal activity, or (b) fraudulent, dishonest, or unethical misuse of resources or property of the Wikimedia Foundation; and
  2. Protect those who report in good faith such activities to us or who use other reporting channels available under applicable law or regulations.

While this policy provides a reporting mechanism to alert the Wikimedia Foundation of any concerns, you may have additional reporting channels and rights under applicable local, state, or federal laws and regulations, including reporting directly to law enforcement. Nonetheless, we encourage you to file reports under this policy to ensure the Wikimedia Foundation can fully investigate your concerns.

Reporting process

What should you report?

As noted, if you reasonably and in good faith believe that you have witnessed or been informed about potentially unlawful conduct or misuse of Wikimedia Foundation resources or property, you should report such instances. We encourage you to use the Wikimedia Foundation channels stated under this policy to report any policy, practice, or conduct of the Wikimedia Foundation that you reasonably believe to be (a) illegal activity under applicable local, state, or federal laws and regulations; or (b) fraudulent, dishonest, or unethical misuse of resources or property of the Wikimedia Foundation, including but not limited to, misappropriation of funds; falsification of financial records; fraudulent financial reporting or actions that may lead to such fraudulent reporting; destroying, altering, concealing, or falsifying a document or official proceeding; fraudulently influencing or misleading any independent public accountant engaged in the performance of an audit of the Wikimedia Foundation's financial statements; or any other form of financial impropriety (this is not meant to be an exhaustive list but rather a guide to the types of improper behavior covered by this policy).

Who may submit a report?

Wikimedia Foundation Trustees, officers, employees, volunteers, and independent contractors hired to perform services at the Wikimedia Foundation.

How do you submit a report?

With respect to reports made within the Wikimedia Foundation under this policy, you may report your concerns verbally or in writing to any one of the following: your manager, the supervisor of your manager, a designated individual in the Talent & Culture department (namely, the Chief Talent and Culture Officer, the Chargée d'Affaires, or the People Relations and Inclusion Lead), the Chief Financial Officer, the General Counsel, the Executive Director, the Chair of the Audit Committee, or the Chair of the Board of Trustees. You may also report your concerns anonymously through our hotline with an independent service.

If the subject of your report is the Executive Director, you may report your concerns directly to the Chair of the Audit Committee or the Chair of the Board of Trustees. If the subject of any report is the Chair of the Audit Committee, you may report your concerns directly to the Chair of the Board of Trustees.

What happens after a report is submitted?

All reports will be subject to an initial assessment. Assuming the report falls within this policy, it shall be handled by the Chair of the Audit Committee, who is responsible for overseeing assessments and investigations of concerns about potentially unlawful activity or misuse of the Wikimedia Foundation resources or property reported under this policy. As noted above, if the subject of any report is the Chair of the Audit Committee, the report may be forwarded directly to the Chair of the Board of Trustees.

The Chair of the Audit Committee may request the assistance of others, including the General Counsel, the Chief Financial Officer, other members of the Audit Committee, other staff members, and potentially outside counsel in the investigation and resolution of the report. However, no trustee, officer, or staff member may participate in the investigation of a report of which he or she is the subject, or be present at any deliberation or vote.

All concerns of unlawful conduct forwarded to the Chair of the Audit Committee will be promptly assessed and investigated and, when warranted, corrective action may be taken.

Confidentiality

Reports covered by this policy will be kept confidential to the extent possible, consistent with conducting a complete and fair investigation and achieving an appropriate resolution. This may require sharing the information in the report with other people, such as appropriate staff members, other witnesses, the Board of Trustees, the Audit Committee, and the Wikimedia Foundation's outside accountants and lawyers.

Unless you submit your concerns anonymously, we will notify you about what actions will be taken (or not taken) to the extent that is reasonably possible and consistent with any privacy or confidentiality limitations. If there will be no further action or investigation, we will also provide an explanation to you to the extent that is reasonably possible and consistent with any privacy or confidentiality limitations.

What is the difference between reporting "anonymously" and reporting "confidentially"?

If you submit your report anonymously, we will not know your identity to the extent your report does not contain details that might identify you. All reports (and your identity, if you choose to disclose it) will be kept confidential within the reporting channel, consistent with our obligation to conduct a complete and fair investigation. We will share your report or otherwise disclose your report as appropriate only to conduct a complete and fair investigation and achieve an appropriate resolution, to review the Wikimedia Foundation operations in general, or to comply with applicable law.

Protection from retaliation

Consistent with this policy and applicable law, the Wikimedia Foundation will not discharge, demote, suspend, threaten, harass, or retaliate against you based on the fact that you (a) acted in accordance with this policy, when done in good faith; or (b) exercised your rights under local, state, or federal laws and regulations.

Activities protected from retaliation include:

  1. Submitting reasonable, good faith reports under this policy;
  2. Initiating, testifying in, assisting or otherwise participating in any investigation, lawsuit, or administrative action regarding violations of local, state, or federal laws and regulations;
  3. Providing, or expressing an intention to provide, in good faith a law enforcement officer with information relating to the commission or possible commission of any violation of local, state, or federal laws and regulations;
  4. Refusing to participate in any activity that is a fraudulent, dishonest, or unethical misuse of resources or property of the Wikimedia Foundation and filing a report about this issue in accordance with this policy; and/or
  5. Refusing to participate in any illegal activity in violation of applicable local, state, or federal laws and regulations.

If you reasonably believe you have been retaliated against in violation of this policy, you should follow the procedures for filing a report to any of the departments or individuals set out above. Any individual within the Wikimedia Foundation is subject to discipline if they retaliate against another individual who has reported in good faith a potential violation covered by this policy, who has cooperated in the investigation of such a violation, or who has otherwise acted in good faith in accordance with the terms of this policy.