Flick-passing the serious allegations have resulted in a damaging dithering around questions of fact, a process as harmful to the bank's reputation as the arrogance that has seen Wolfowitz lecturing developing countries about corruption while arranging deals for his paramour at the bank, the US State Department and the Pentagon. Wolfowitz and his lawyer, Robert Bennett, who represented Paula Jones in her harassment claims against former US president Bill Clinton, are expected to argue that the committee knew all about it.

Wolfowitz is basing some of his case around a "Dear Paul" letter he got from the committee's chairman, Ad Melkert. The committee had received two emails sent by an anonymous whistleblower, "John Smith", sent in January and February. They alleged ethical lapses by Wolfowitz, with the earlier one raising questions about the size of Riza's pay rise. In his letter, Melkert said the allegation "did not contain new information warranting any further review". With nowhere else to go, the whistleblower(s) took the damaging revelations to the media. In the US, the whistleblower protection organisation, the Government Accountability Project, put out a statement blaming the scandal on the committee.

"If whistleblower protections had been in place, the Riza affair could have been addressed internally, but as it is, our sources had no choice but to leak the information. An employee cannot report potential wrongdoing to an investigations unit whose only authority is to recommend corrective measures to senior management." Bjorn Rhode-Liebenau, whose Hamburg-based consultancy Rick Communication Concepts helps companies develop systems to handle whistleblowers, says the World Bank's whistleblowing processes are typical of many companies.

Rhode-Liebenau has prepared international best practice guidelines for whistleblowing for the European Parliament, which he outlines in a discussion paper at tinyurl.com/3y8blx. "A whistleblowing hotline is not a whistleblowing system, it is not a system at all, and it is not likely to produce the intended results," he told BusinessDay. "It is only part of a system. Management has to show it is listening and responding." Many companies had systems, he said, that failed to show employees were being taken seriously and that their allegations were being taken on board in a constructive and responsible manner.

"The big change would be to start seeing whistleblowing for what it is, important information that already exists inside the organisation that should be valued by management." What organisations need, he said, were incentives for management to monitor information. More importantly, organisations needed to remove, or at least modify, incentives that encouraged managers to disregard or dismiss it. He said laws brought in to protect whistleblowers were not effective because they always came too late.

Interestingly, a recent US study, Who Blows The Whistle on Corporate Fraud (go to tinyurl.com/33qmvn) shows that the whistleblower protection provisions of the Sarbanes-Oxley Act might not be working. After analysing in depth all reported cases of corporate fraud in companies with more than $US750 million of assets between 1996 and 2004, the researchers found that the number of employee whistleblowers fell after Sarbanes-Oxley came into effect, slipping from 21 per cent to 16 per cent. The paper does not make it clear whether this might reflect the tighter internal controls of US companies mandated by law post-Sarbanes Oxley. But the academics imply that laws, no matter how well-intentioned, cannot guarantee candour and total protection. Nor would it necessarily leave managers with a better grasp of reality.

"One possible explanation is that protecting the whistleblower's current job is a small reward given the extensive ostracism whistleblowers face," they write. "Another explanation could be that many firms either go bankrupt or are bought up after revelation of fraud. As a result, job protection in the pre-existing firm is but a small reward." In Australia, the whistleblower protections of the CLERP9 reforms have not been tested.

Paul Latimer, associate professor at Monash University's department of business law and taxation, said whistleblower protection laws around the world fell short of best practice. "No politician would speak against it but the record is not encouraging," he said. The law sets standards but the fundamental problem with whistleblower protection is that it can clash with the way organisations work. Operations are usually underpinned by formal communication channels with a heavy reliance on rules and procedures that censor and filter information. Apart from reprisals, damaging careers and running the risk of being branded a troublemaker, all organisations are replete with what Harvard University professor Chris Argyris calls "undiscussables" — issues that no one likes to talk about. Even the undiscussability is undiscussable. The key then is to develop systems that force managers to listen.

Ben Heineman jnr, who served as GE's senior vice-president and general counsel from 1987 to 2003, offers some clues in the April edition of the Harvard Business Review. His paper, Avoiding Integrity Land Mines, details how GE's managers are warned that they will be sacked for any ethical lapses. That also applies to those who claim they did not know about misdeeds.

It also sheds light on GE's system of ombudsmen operating around the globe in 31 languages. Employees are not only allowed to lodge concerns, anonymously if they want, they are expected to. If they fail to report red cards, there can be consequences. Rules, laws and standards are not enough to turn organisations into places where it is safe to speak the truth. That requires systems in which a manager, facing some tough decisions, has to think twice before bending the rules.