Release highlights

This update introduces new security options, expands language support, improves auditability, and delivers a new scoring and risk profiling capability designed to help organisations better identify and monitor behavioural risk patterns.

  • Violation scoring and risk profiling for personages and managers
  • Two-factor authentication via standard TOTP authenticator apps
  • 10 new languages added to the Feedback portal and related intake flows
  • Improved audit precision with file hashes in Case Reports and seconds-level log timestamps
  • Bug fixes for anonymisation, notifications, and relationship data consistency


What’s new in this release

1. Violation scoring and risk profiling

This release introduces a new scoring engine that helps organisations quantify and monitor risk across reported cases. Scores can now be calculated and tracked for personages and managers, making it easier to identify patterns, support oversight, and maintain a stronger audit trail.

  • Configurable score calculation settings at organisation level
  • Scoring support for case sub-categories and position grade severities
  • Automation support through the new set_score action
  • Cumulative violation scoring for personages
  • Aggregated average scoring for managers
  • New risk profile events to support visibility and automation

These changes are designed to support organisations that want a more structured and data-driven approach to case-related risk profiling.


2. Two-factor authentication via authenticator apps

Users can now enable two-factor authentication using standard TOTP authenticator apps such as Google Authenticator or Authy. This provides a convenient alternative to SMS-based verification and reduces dependency on external SMS delivery providers.

Organisations can offer this method alongside existing authentication options, giving users more flexibility when securing their accounts.


3. Expanded language support

Language coverage has been extended with 10 new locales in the Feedback portal and related intake interfaces. This improvement helps organisations provide a more accessible and localised reporting experience for a broader range of users.

  • Chichewa (Nyanja)
  • Tagalog (Filipino)
  • Malagasy
  • Northern Sotho (Sepedi)
  • Quechua
  • Sinhala
  • Swati (Siswati)
  • Tajik
  • Tamil
  • Tok Pisin


With this addition, Ethicontrol now supports 72 languages in the whistleblowing channel.


Improvements

Case Report file hash

The Case Report now includes a cryptographic hash of the feedback file. This strengthens document integrity verification and supports organisations with stricter audit and evidentiary requirements.


More precise log timestamps

Timestamps in case file creation logs now display seconds. This provides better precision for audit review, operational troubleshooting, and forensic analysis.


Bug fixes

  • Fixed an issue where an anonymised case author could still appear in the Activity Log. Anonymisation is now applied more consistently.
  • Fixed the email notification hook on the contacts question in the registration form, which stopped working after the previous release.
  • Fixed an issue where notifications configured for conclusion events did not trigger correctly for Ticket-level roles.
  • Resolved a data consistency issue that could create duplicate user-manager relationships.


Why this release matters

This release focuses on four practical areas: stronger account security, broader accessibility, improved auditability, and more advanced risk insight. Together, these changes help organisations run a more secure, transparent, and scalable case management process.


Recommended next steps

Review whether your organisation would benefit from enabling TOTP-based two-factor authentication.

Assess whether the new scoring and risk profiling capabilities should be incorporated into your case handling process.

Confirm whether newly added languages are relevant for your reporting audience and intake channels.