Counterarguments against an anti phishing procedure


Consider the procedure below. What are your counterarguments, related to both security and user experience?

This is a follow up on my previous question on the same topic.

Step one: An employee submits an e-mail to coworkers (non-internal roles are also covered):

enter image description here

Step two: The e-mail server intercepts all incoming mails and substitute hyperlinks to non whitelisted sites, e.g.
surveymonkey.com/my-survey with
redirect.contoso.com/surveymonkey.com/my-survey, and send known authors the following message:

enter image description here

Obviously, if the GUI of the e-mail client can be modified, the verification can happen as the mail is authored.

Step three: If the author takes no action, the recipients get the e-mail after three minutes, but are presented with this message when they click the (doctored) link:

enter image description here

Over time, the user-vetted whitelist could be augmented with white- and blacklists provided by the security part of the organization.

The assumption is that this would intercept most link-based phishing attacks with a message of caution, while also keeping employees alert, due to the two factor authentication involved, without significantly degrading the user experience or imposing excessive policing of the employees.

So again, what are your counterarguments, related to both security and user experience?