SecuReveal

SecuReveal

Corporate Compliance

Recent cases of corruption, fraud and fraudulent accounting have resulted in businesses having a stronger focus on compliance. The legislator also imposes more and more obligations on businesses to ensure compliance with applicable law, regulations and voluntary obligations by introducing internal policies. Such policies, referred to as compliance codes or codes of conduct, do not only ensure legal compliance but can also protect businesses effectively from financial and reputational damage.

The establishment of a compliance code is for many businesses the first step towards the implementation of a compliance management system. However, only a monitoring system that allows the verification of compliance with such codes ensures that it can and will be used as an effective management tool.

Online-based whistle-blowing platform

The online-based whistle-blowing platform SecuReveal supports businesses in the monitoring of their compliance with the respective policies. It allows whistle-blowers worldwide and at any time to notify a specific department of the company or group on a confidential basis of internal irregularities and breaches of regulations and, thus, to contribute to an effective corporate compliance. As a result, a company can obtain knowledge of potential irregularities in advance, investigate allegations in an organised way and take the adequate measures.

SecuReveal provides employees and suppliers with the opportunity to submit notifications on an anonymous basis and to communicate with the competent department of the company via a secure online tool.

Data protection and security

SecuReveal ensures the individual encryption of the entire content of a notification, mailbox and processed data and protects such data from the unlawful access by third parties. Only legitimate recipients can decrypt and read data.

In this context SecuReveal uses an integrated private-public-key encryption method whereby a key pair is generated consisting of a private and public key. The public key is used to encrypt text and is generally available to multiple individuals (e.g. whistle-blower, compliance officer), who can encrypt messages with such key. The private key is only available to the relevant user and allows such user to decrypt previously encrypted messages. In addition, the private key is password protected. Hence, the decryption requires the private key and the individual password.

Furthermore system administrators and developers are never granted access to the private keys and passwords. Only the compliance officer has access to the data records and stored information.

SecuReveal performs all encryption automatically so that the security of the system does not impair its usability.

SecuReveal runs on dedicated servers in certified data centres in Austria (certified according to ISO 27001:2013). The system as such, in particular, the tools to protect notified information and the communications process between the end user and the company complies with Austrian data security standards and the requirements of the Austrian Data Protection Act (DSG 2000).

Advantages for businesses

SecuReveal offers a lot of advantages:

  • SecuReveal is provided as a software-as-a-service (SaaS). Consequently, the application runs as soon as accessed online and requires only a minimal implementation effort.

  • SecuReveal is parametrised in accordance with specific compliance policies and any notification is limited to specified areas.

  • SecuReveal can also reflect complex company structures and is in particular suitable for the use within an international group.

  • SecuReveal supports multiple languages and can be adjusted to individual requirements.

  • SecuReveal ensures the highest data security of ISO 27001 certified data centres and guarantees the physical location of the data in Austria.

  • Technical and legal implementation by established, Austrian technology companies.

  • Fair and transparent pricing.

SecuReveal has been developed in close cooperation with compliance officers of Austrian companies and provides practicable solutions for anyone working in a compliance department.

  • SecuReveal only permits notifications in connection with specific compliance policies.

  • SecuReveal allows the setting up of an anonymous mailbox, which permits communication on an anonymous basis between a whistle-blower and the responsible department.

  • SecuReveal records received notifications in a clear format and provides general reports and statistics. Evaluations do not relate to the whistle-blower but are only made in connection with the notification as such.

Advantages for the whistle-blower

SecuReveal allows employees at any time and worldwide to notify any alleged irregularity within a company and breaches of compliance policies.

At the same time SecuReveal fully protects whistle-blowers from any negative consequences: A platform that does not betray the user’s confidence is established by the full protection of confidentiality and – if requested by the whistle-blower – by technically ensuring that anonymity is fully guaranteed.

  • Complete Privacy

  • Securing 100% anonymity possible.

A multilevel login procedure including a self-selected username and password ensure the whistle-blower’s anonymity. The subsequent use of SecuReveal by the whistle-blower does not require any technical authentication procedure.

SecuReveal does not only provide for the mere notification of irregularities but also the opportunity for compliance officers to contact the relevant whistle-blower via an anonymous mailbox if this is requested by the whistle-blower.

Any communication via SecuReveal is individually encrypted and can only be read by the whistle-blower and the responsible departments of the company.
SecuReveal does not only encourage whistle-blowers to notify breaches but rather to play an active role, even though, on an anonymous basis, in the further handling of a case.