What are our obligations under the new EU Whistleblower Protection directive?

January 7, 2020

QUESTION 1:Now that the new directive has been passed, compliance and legal officers in all public and private organisations with 50 or more employees should be asking, “What are the obligations of the EU Whistleblower Protection directive? In a nutshell, your organisation must provide a whistleblowing channel. But this is not enough. The channel must also adhere to these requirements:

  1. Confidentiality of the identity of the whistleblower. Channels for receiving reports must be set up to ensure the confidentiality of the whistleblower and prevent access to non-authorised persons.
  2. Response times: There must be an acknowledgment of receipt of the report within seven days.
  3. Impartial receiver(s) of reports need to be appointed. Such person(s) should have the competence to follow up on reports and to communicate with the whistleblower.
  4. Follow-up: Diligent follow-up to the report and a reasonable timeframe to provide feedback to the whistleblower is required.
  5. Communication: There should be information regarding the conditions and procedures for reporting externally, for example to competent authorities and to the media as a last resort.
  6. GDPR compliance: Any processing of personal data carried out pursuant to the Directive must comply with the GDPR.
  7. Record keeping: Organisations must keep records of every report received, in compliance with the confidentiality requirements. Reports shall be stored for no longer than necessary.

The good news is that WhistleB’s whistleblowing system has everything organisations need to comply with the new directive.

Aside from the functioning of the whistleblower channel, though, the EU Whistleblower Protection directive requires penalties against those who attempt to hinder reporting, retaliate against whistleblowers, attempt to bring proceedings or who reveal the identity of the whistleblower. Any threats or attempts to retaliate against whistleblowers are also prohibited. Organisations therefore need to communicate zero-tolerance for such behaviour and inform employees that it is indeed illegal.

What are the obligations of the new EU Whistleblower Protection directive? For more detailed information and our recommendations, read our Top Tips for EU Whistleblower Protection directive readiness.  You can also download a pdf of our Checklist for preparing for the EU Whistleblower Protection directive.

For more information about the EU whistleblower protection directive contact us.

Contact:
Karin Henriksson,
Founder and Partner at WhistleB
+46 70 444 32 16
karin.henriksson@whistleb.com

Contact us

Your message was successfully send. We will get in contact with you as soon as possible.

There seems to be some problem when sending your message. Try again soon.

Founders blog

December 29, 2020 Season’s greetings from WhistleB: 2020 highlights for whistleblowing solutions
See all ›

WhistleB news

EU whistleblower directive April 13, 2021 More questions about the European Whistleblower Protection Directive
See all ›

Webinars

best practices whistleblowing April 20, 2021 Best practices for whistleblowing
See all ›

Media

New book helps companies establish a whistleblowing solution Sharp increase in number of whistleblowers during Corona Anonymity essential to trust in whistleblowing, according to new WhistleB customer survey