A secure, customized web platform to facilitate the submission and processing of complaints.
We offer you everything you need to comply with the new Whistleblower Protection Act with guarantees and without risk.
The outsourced complaint management service, through our certified IT auditors, our computer forensic experts, our criminal lawyers, and our private detectives.
The guarantee that our investigation will minimize the criminal risks your company may incur. Our multidisciplinary team guarantees maximum effectiveness if you receive a complaint.
An effective, subsidized training program to train all your employees and comply with the law.
These are the main features of our Service
Ease of use
A secure, customized web platform to facilitate the submission and processing of complaints.
- We have applied a responsive design to all areas of the web platform so that users can carry out all tasks from their mobile phone or tablet.
- We have created a “frequently asked questions” section to provide whistleblowers with support and assistance.
- We have developed an easy and intuitive “control panel” for channel managers.
- We have implemented an alert system to give advance notice of the various actions that must be taken within the time frame established by law.
We ensure and guarantee the confidentiality of information.
Confidentiality and anonymity are the most important aspects that the law requires to be protected.
At Exartia, as certified IT auditors and security experts, we have designed and developed a web platform that guarantees, from start to finish, the confidentiality of the whistleblower, as well as their anonymity, if they so desire.
- We guarantee 100% anonymity for the informant, if that is their wish.
- We guarantee 100% confidentiality of the information provided by the informant.
- We guarantee 100% of the communications between both parties.
We certify the security of the entire process.
Our team is made up of internationally certified IT Auditors in Information Systems (CISA, CISM, and CGEIT) by ISACA, an international organization that regulates the requirements necessary to practice as an IT Auditor worldwide.
- We guarantee the security of the information and the entire process.
- As certified IT auditors, we act as a “trusted third party” between the whistleblower and the company/organization.
We guarantee the best investigation and protect you from any criminal risks you may incur.
Let us handle the management of complaints and minimize your criminal risks.
- We guarantee the impartiality and independence of the investigation.
- We guarantee that we are always up to date with the latest legislation and regulations in force at any given time.
- We guarantee the confidentiality, protection, and safeguarding of the information processed.
- We avoid potential conflicts of interest.
- We avoid the potential mismanagement of the complaint due to lack of knowledge.
- We investigate all complaints using a multidisciplinary approach to clarify the facts.
- We offer all the support, advice, and legal coverage necessary to minimize any criminal risks you may incur.
We take care of training your employees
- Exartia Auditores Informáticos, S.L. is an organization that offers subsidized courses, accredited by the State Foundation for Employment Training (Fundae), to provide training courses within the state subsystem of vocational training in employment.
- Therefore, the training we provide may be subsidized. We will take care of all the paperwork.
- Through our e-learning platform, we provide the necessary training for your employees, enabling you to demonstrate that your company/organization has complied with this legal requirement.
These are the main features of our web platform
Regarding the “Informant”:
- Allows complaints to be recorded, enabling the identification of the informant or their anonymity.
- You can attach any type of document (audio, video, etc.) to the complaint.
- Allows you to check the status of the complaint.
- It offers completely secure communication between the whistleblower and the manager through our Secure Communication Channel.
In relation to the “Channel Manager Area,” if the company/organization wishes to manage complaints internally:
- It allows you to fully manage the complaint lifecycle.
- It offers a completely secure channel of communication with the whistleblower through our Secure Communication Channel.
- It offers a comprehensive system for storing and consulting all audit movements related to stored cases.
Why should you choose our Internal Information System?
Frequently asked questions
Depending on the size of your organization and the rules and regulations applicable to your sector, implementing an Internal Reporting System could be a legal obligation or a voluntary decision. If your company/organization has 50 or more employees, Directive (EU) 2019/1937 of the European Parliament and of the Council requires you to establish internal reporting and follow-up channels and procedures.
However, even if your company/organization is smaller, there may be specific regulations in your sector that require an Internal Reporting System. For example, in financial services and in the prevention of money laundering and terrorist financing, reporting requirements may apply. Ultimately, establishing an Internal Reporting System can be a valuable tool for detecting and preventing irregularities in your organization, regardless of any legal requirements.
Although financial penalties are an important component of the sanctions imposed in the new Law 2/2023 of February 20, which regulates the implementation of reporting channels in companies and public administrations, it is essential to take into account other repercussions, such as criminal and reputational ones.
Financial penalties can range from €1,001 to €300,000 for individuals and from €100,000 to €1 million for legal entities, and failure to comply with the regulations may lead to a ban on access to subsidies and public contracts in certain cases.
In addition, the reputational and criminal consequences can be even more damaging. Without an effective reporting channel, irregular practices may not be discovered in time, seriously damaging the organization’s public image. This can have significant negative long-term effects.
On the other hand, if a company does not have an effective reporting channel, this may indicate that the crime prevention plan has not been properly implemented, which could result in the loss of the entity’s exemption from criminal liability under Article 31bis 5 of the Criminal Code.
“To establish a mechanism within the company/organization that allows employees to report irregularities, deficiencies, or misconduct in a safe and confidential manner.”
Legislation in several European countries requires certain companies/organizations to have this type of whistleblowing system in place.
This system is usually an online platform that is independent of the company/organization’s other communication channels, thus ensuring anonymity and protecting employee information.
At our company, we strive to offer a service that strictly complies with current legal requirements. We also work hard to provide an optimal experience for both you and your employees.
To guarantee the security of your company/organization’s data, our platform features end-to-end encryption and is hosted on highly secure servers. This ensures that your data is protected at all times and against any type of threat.
In addition, we are committed to customizing our platform to suit your specific needs. This includes the possibility of incorporating your brand and using the language that best suits your company/organization.
In addition to the best and most intuitive Internal Reporting System processing platform, we also offer our complaint management service.
Our team of certified IT auditors will manage everything related to the complaint on your behalf:
- We will act as an intermediary with the whistleblower, acting as a “trusted third party.”
- We will advise you at all times to find the best solution for each case.
- We will protect the information we receive and the identity of the informant.
It is important that an organization’s internal information or reporting channel is not restricted solely to its employees, but is also available to third parties who have some kind of relationship with the company/organization, such as suppliers, administrators, partners, or freelancers who collaborate with it.
Some of the situations that could be reported through the Internal Reporting System:
- Behavior that violates occupational safety regulations and endangers the physical and mental well-being of workers.
- Circumstances in which conflicts of interest arise, company assets are diverted for personal purposes, or the resources of the company/organization are improperly managed and handled.
- Serious crimes that pose a threat to public health, the environment, or national security.
- The misappropriation of property belonging to others, whether on a personal or professional level, whether through robbery, theft, or misappropriation.
- Any behavior that involves the misuse of power and intimidation in the workplace, whether sexual in nature or other types of harassment.
- Conduct contrary to labor rights and the regulations of the employee’s statute and collective agreement.
- Discrimination against an employee compared to their colleagues based on factors unrelated to their job performance.
- The disclosure, alteration, or dissemination of confidential information.
- Tax evasion, fraud, bribery, misappropriation of funds, money laundering, or any form of corrupt activity.