Anticorruption
ANTICORRUPTION
South Africa Speakup
For corporates · POPIA · Protected Disclosures Act

Your own confidential
Anticorruption Gateway.
Built for South African companies.

Anticorruption Gateway gives your organisation a private, branded whistleblowing channel — POPIA-aligned, encrypted end-to-end, hosted on South African soil, and operated by an independent third party so your people can speak up without fear of internal retaliation.

Request a corporate demo Verify an evidence bundle
What we deliver
  • A private tenant URL, branded with your logo & colours
  • Confidential 4-step reporting wizard with allegation matrix
  • Investigator console with role-based access
  • QR-verifiable, tamper-evident evidence bundles
  • Automated monthly compliance digests
  • Geo-locked hosting — refuses to boot outside ZA
Anonymous by design
No login. No tracking. We never store identifying metadata against your report.
Forensic-grade evidence
Every uploaded image is stripped of EXIF and GPS data before it reaches storage.
Tenant-isolated
A discriminator on every record. Client A cannot read Client B's data — by design.
Why an anticorruption gateway

Corruption thrives in silence.
A trusted channel breaks it.

South African organisations lose billions a year to procurement fraud, kickbacks, supplier collusion and bribery. The single most effective control — adopted by every JSE-listed company and championed by King IV — is an independently operated, anonymous reporting channelwith documented investigation workflows.

Anticorruption Gateway runs that channel for you. We provision an isolated tenant inside our forensic-grade platform, brand it as your own, and route every tip-off to your nominated compliance lead — with a copy in our Johannesburg vault for chain-of-custody assurance.

  • King IV & POPIA aligned

    Demonstrable controls for the Social & Ethics Committee, board fiduciary duty under s.76, and personal-information processing rules under Act 4 of 2013.

  • Independent of management

    Reports land with an external operator first. Reduces the chilling effect that keeps whistleblowers quiet when their line manager is the wrongdoer.

  • Audit-ready evidence

    Every action — submission, message, file upload, status change — recorded in a tamper-evident hash chain. Export an evidence bundle for forensic review in one click.

  • Backed by humans

    Our investigators triage and route every report. Critical allegations escalate to your nominated board contact, never just to a generic inbox.

How a corporate tenant works

From handshake to live Anticorruption Gateway in under 10 working days.

Four phases. Your compliance team owns the configuration, we own the platform reliability.

1
Scoping call

We map your reporting landscape, escalation rules, conflict-of-interest list and notification recipients.

2
Tenant provisioning

We spin up an isolated workspace under your slug — branded with your logo, colours and tagline. Your compliance lead gets a client_admin account.

3
Internal launch

Share the QR code through your channels — posters, intranet, payslip footers, email signatures, stickers on branded company vehicles or trucks — and any phone with a camera can open the secure reporting form in seconds.

4
Ongoing operation

Real-time email notifications to your compliance team. Automated monthly digest PDFs. Quarterly reviews with our forensic operations lead.

Scan · Don't type

Easy QR scanning to access
your Anticorruption Gateway.

Place the QR code anywhere your people will see it — printable, digital, or both — and anyone with a smartphone can open the secure reporting form in seconds.

  • Opens straight from your phone camera.
  • No app to install.
  • You stay anonymous.
Get the corporate proposal
Staff scanning the printed QR poster on a phone camera to open the confidential reporting form
Who deploys us

Trusted across the sectors that move the SA economy.

From mining and logistics to public sector and financial services — each tenant gets an isolated postbox with their own brand, their own administrators and their own escalation rules.

  • Mining & resources
  • Logistics & supply
  • Financial services
  • Public sector
  • Healthcare
  • Manufacturing
Compliance & standards

Built to South African and international compliance standards.

Every report is handled inside a regulatory perimeter designed for the people who need protection the most — backed by South African statute and aligned with the leading international standards for information security and anti-bribery.

  • POPIA — Act 4 of 2013

    Lawful, minimal, purpose-bound personal-information processing. Subject rights honoured. Operator obligations met.

  • Protected Disclosures Act — 26 of 2000

    Whistleblower protections engineered in: identity is never required, never shared, and never disclosed to the employer without consent.

  • ISO/IEC 27001

    Information-security management aligned: access control, encryption, audit logging, incident handling, and continual improvement.

  • ISO 37001

    Anti-bribery management principles applied — independent escalation routing, conflict-of-interest controls, executive-protected lists.

  • Companies Act — 71 of 2008

    Supports directors' fiduciary duties (s.76) and the social-and-ethics committee mandate (Reg. 43) for in-scope companies.

  • TLS 1.3 · AES at rest

    Encrypted end-to-end on the wire and inside the database. Issued under Google Trust Services PKI.

IP addresses are never recorded.

Every tenant on this platform runs in zero_ip_mode by default. Your reporter's network address is dropped at the boundary — there is no field to retrieve, no log to subpoena, and no admin who can see it. POPIA-stronger than the statutory minimum, by design.

Chain of custody

Bundles you can verify with your phone.

Every evidence bundle we issue carries a deterministic SHA-256 fingerprint and a scannable QR. Anyone holding the printed cover sheet can confirm — in under ten seconds, with no special tooling — that the document is real, untampered, and issued by us. No app to install, no account to create.

Try the verification pageHow verification works
Document integrity · SHA-256
1472b92e513886ad7c0075973c208163af755eef5037f4cb1b3a69a672068bb1
anticorruption.co.za/verify/…068bb1

Example panel. The real QR on your cover sheet links directly to a public verification page that returns the URN, issue date and file count — and nothing else.

Frequently asked

Corporate anti-corruption — answered.

Everything you need to know about deploying your own branded Anticorruption Gateway under POPIA.

Do you offer corporate anti-corruption programmes for businesses?

+
Yes — that is the only thing we sell from this site. South African companies deploy Anticorruption Gateway as their own private tenant — branded with their own logo and colours, fully isolated from other clients, with role-based investigator access and full POPIA compliance. Submit the form below for a demo and indicative pricing.

Is the reporter's identity protected?

+
Yes. The Protected Disclosures Act and POPIA together create the legal protection — we add technical anonymity on top: no login, no tracking pixels, no phone-number requirement, EXIF/GPS scrubbing on every upload, and TLS 1.3 encryption via a Google Trust Services SSL certificate.

How can we stop corruption inside our company?

+
Stopping corruption requires both prevention and reporting. Strong anti-corruption policies, transparent procurement, regular audits, robust whistleblower protection under the Protected Disclosures Act, and a safe channel for employees, contractors and suppliers to come forward together create real accountability. Anticorruption Gateway provides that safe channel — anonymous by design, encrypted end-to-end, and POPIA-compliant.

What makes a strong report?

+

Be specific. Strong reports name people, places, dates and amounts. They explain how a decision was made or how the misconduct occurred and give a clear timeline.

Be credible. Verifiable information turns a tip into a case. Internal documents, official emails, audit reports, tender records, payment information, photos, recordings — anything that lets an investigator follow the paper trail.

Cover the basics. What happened, who was involved, how it happened, when and where, how much money was involved, and the result — the loss, harm or impact.

Where is the data hosted?

+
All tenant data is stored on Google Cloud infrastructure in the africa-south1 (Johannesburg) region. The platform refuses to boot from any other region — a sovereignty guarantee, not just a configuration.
Talk to us

Enquire about your own corporate Anticorruption Gateway.

Tell us about your organisation and one of our forensic operations team will reach out within one business day with a tailored proposal and live demo of the platform.

info@anticorruption.co.za
Hosted in Johannesburg · ZA sovereign
Reply by phone available on request

By submitting you agree we may process your details under POPIA to respond to this enquiry. We never share your details with a third party.

Anticorruption
ANTICORRUPTION GATEWAY

A confidential reporting service operated under POPIA. Reports are anonymous by design and all data is encrypted.

All communications on this website are encrypted in transit (TLS 1.3) using an SSL certificate issued by Google Trust Services.

Secured by
Google Trust Services
Reach us
info@anticorruption.co.za
Compliance
  • POPIA — Act 4 of 2013
  • Protected Disclosures Act — 26 of 2000
  • ISO/IEC 27001 · ISO 37001 aligned
  • Companies Act — 71 of 2008
  • TLS 1.3 in transit · AES at rest
  • EXIF / GPS metadata stripped on upload
  • IP addresses never recorded
Johannesburg · Firebase verified

Your report stays on South-African soil. The server refuses to boot from any other region.

© 2026 Anticorruption GatewayForensic Standard · Multi-Tenant Isolated