F-Secure

Whistleblowing

What is Whistle­blowing?

We at F‑Secure have a professional responsibility to speak up and report any possibly corrupt, illegal or other undesirable conduct and take required actions after such conduct is discovered. This is referred to as Whistle­blowing.

F‑Secure strongly encourages you to speak up if you suspect or witness any such behavior, activities or conduct. F‑Secure provides you with an effective, objective, confidential and secure reporting channel, the Whistle­blowing Channel, allowing you to openly and safely express your concerns. The Whistle­blowing Channel is available to you 24/7 at lantero.report/new/hhpartners. In case you encounter problems, you may need to whitelist the site manually, as it uses third party cookies. The site is whitelisted when using e.g. F‑Secure managed Chrome. The technical solution is provided by Lantero AB. F‑Secure will take all reports seriously. We have a responsibility to protect you, including not disclosing your identity and ensuring you are not subject to any retaliation.

This compass page summarizes the main elements of the Whistle­blowing Channel and the related F‑Secure Whistle­blowing Policy. A full version is available at Whistle­blowing Policy. In case you wish to file a whistle­blowing report, please read carefully the full Whistle­blowing Policy prior to filing the report.

What should you report through the Whistle­blowing Channel?

The Whistle­blowing Channel can be used to report breaches related to issues such as corruption, including offering or accepting bribes, money laundering, breaches of privacy regulations and many other types of matters relating to breaches of law.

The Whistle­blowing Channel is not meant for reporting normal employment or work related matters. Such matters should be reported to your line manager or PO&C.

Who can file a Whistle­blowing Report?

You can file a report if, as part of your work related activities, you have had access to information on conduct that may constitute a breach of law. For instance, a report can be filed by all current and former employees, subcontractors, job applicants, trainees, suppliers and the like.

How is the Whistle­blowing Report processed?

In order to ensure objective handling of reports and to avoid the report being reviewed by a person somehow connected to the breach, the Whistle­blowing Channel is operated by an external law firm, HH Partners, Attorneys-at-Law Ltd. All reports are initially reviewed by them and they will deliver credible reports onward to persons at F‑Secure who are best suited to address them, all the way to the upper management if necessary. The actual investigation and other actions possibly resulting from the report will be undertaken by F‑Secure.

Can you use the Whistle­blowing Channel anonymously?

The Whistle­blowing Channel provides the following three alternative means for handling your identity:

  • You can choose to remain fully anonymous and provide no contact details; or

  • You can provide just an e‑mail address; or

  • You can choose to disclose your identity.

Please note that if you provide your email address without choosing to otherwise disclose your identity, your email address is not disclosed to F‑Secure or to those receiving and handling the reports. Your email address is used by the Whistle­blower Channel to transmit messages between you and the person handling your report. To allow those handling the reports to ask you questions and clarifications via the platform, we recommend to provide your e‑mail address when filing a report.

Disclosing your identity is never mandatory, but it can allow for more effective investigation of the matter. Even if you choose to disclose your identity, all reports received through the Whistle­blowing Channel are handled confidentially. F‑Secure has the responsibility to protect your identity and the identity of any third party possibly mentioned in your report.

What protection is available to you as a whistle­blower?

In order to ensure that using the Whistle­blowing Channel is safe for you, you will receive the following protection concerning your report, as long as you have reasonable grounds to believe your report is true when filing it:

  • Your identity is not disclosed to F‑Secure, unless you have chosen to disclose it;

  • You will not be retaliated against due to filing the report through means such as threats, warnings or termination of employment;

  • If you are retaliated against despite the above, you are eligible for special compensation for it; and

  • You will receive civil, criminal and administrative liability protection as decreed in law.

If you deliberately file a false report, you will not receive the above protection.