Conformity Vocabulary Catalogue

Criterion: Protection of Identity and Non-Retaliation

Version 1.0.0 | Status: Active
UN conformity topic code:

Requirements for whistleblower protection and non-retaliation policies

Full Description

D5. Protection of Identity and Non-Retaliation

Code 8.0

Programs that ensure the confidentiality, anonymity, and protection of supplier and employee whistleblowers* shall be maintained, unless prohibited by law. Participants shall have a communicated process for their personnel to be able to raise any concerns without fear of retaliation.

Elements to Demonstrate Compliance to RBA Code

1. Policy

Ensure facility ethics and/or protection of identity and non-retaliation policy includes the following elements:

  • a. Protection of personal identity and non-retaliation of workers who bring forward information, grievances, allegations in any form.
  • b. Protection of whistleblowers and/or users of the grievance mechanism(s) (internal and external)

2. Procedures & Practices

Procedures & Practices are in place such that:

  • a. The gathering, follow-up, and investigation of reports of ethical or legal misconduct are done while protecting the identity of the reporting source.
  • b. There are clear communications channels so that workers are comfortable reporting violations or issues of concern without fear of reprisal.
  • c. Reporting violations is encouraged.
  • d. There is adherence to policies that prohibit retaliation for worker reporting.
  • e. Workers can anonymously report suspected violations of business conduct standards in a manner that prevents possible retaliation.
  • f. Workers understand how the process works.
  • g. External stakeholders such as sub-tier suppliers understand how the process works and can make use of it. Workers and external stakeholders have written information from the facility on how to report ethical or legal concerns.

3. Controls & Monitoring

Controls & Monitoring should include:

  • a. Investigations are conducted in a manner to not breach the protection of identity.
  • b. Records created, maintained and access controlled so as not to breach the protection of identity.
  • c. Communication and records and access to them are reviewed to ensure that this is upheld.

4. Serious conditions that will result in a severe finding

  • There are cases of confirmed retaliation of workers.
  • There are confirmed breaches of confidentiality of identity of whistleblowers or those who have filed a grievance.
Profiles using this criterion

RBA Assessment Program

Conformity Alignment

Priority

Pass: No
Definition: "Critical non-conformance requiring immediate action"
Remediation: 30 days

Major

Pass: No
Definition: "Significant non-conformance requiring corrective action"
Remediation: 90 days

Minor

Pass: Yes
Definition: "Non-conformance with limited impact"
Conditions: Corrective action plan required
Remediation: 180 days

Opportunity

Pass: Yes
Definition: "Opportunity for improvement identified"

Conformance

Pass: Yes
Definition: "Full conformance with criterion requirements"

Related Criterion

VAP: Business Integrity and No Improper Advantage

Relationship: Related
Reporting ethical violations without retaliation

VAP: Privacy

Relationship: Related
Protection of personal identity information

VAP: Ethics Management System

Relationship: Parent
Management system for ethics practices

VAP: Labor Management System

Relationship: Related
Worker grievance mechanisms

Change Log

1.0.0 (2024-01-01)

Initial release.