The Greek Whistleblower Protection law
Like all other members of the European union, Greece is required to transpose the EU Whistleblower Protection Directive into its national law, which will become the Greek Whistleblower Protection law. The EU Directive obliges businesses with 50 employees or more to have a reporting channel for a broad spectrum of potential whistleblowers, and forbids reprisals against whistleblowers. The deadline for transposition was 17th December 2021, which Greece did not meet.
What is the current status of the Greek Whistleblower Protection law?
There is no Greek Whistleblower Protection Law. In July 2020 the Greek government established a special legal drafting committee for the preparation of a draft law. The committee has not completed it work and questions have been raised by civil society about the transparency of and cooperation in the transposition process.
It is not yet known when the Greek Whistleblower Protection law is expected to be enacted.
Greece has no whistleblower protection, and it is not yet known if any will be enacted. Though, like all EU countries, Greece is required to transpose the EU Whistleblower Protection Directive into Greek national law.
What to do while awaiting the Greek Whistleblower Protection law
There is good news for companies in Greece who would prefer to start preparations for compliance now rather than wait for the Greek Whistleblower Protection law to come into effect. The EU Directive sets a number of minimum standards that will apply in all member states and to all organisations with more than 50 employees. Organisations may therefore choose to familiarise themselves with these minimum requirements (see below), prepare for the establishment of an internal reporting mechanism, and avoid retaliation measures against whistleblowers.
- A secure channel for receiving whistleblower reports must be put in place.
- Acknowledgment of the receipt of the report must be provided to the whistleblower within seven days.
- An impartial person or department must be appointed to follow up on the reports.
- Records must be kept of every report received, in compliance with confidentiality requirements.
- There must be diligent follow-up of the report by the designated person or department.
- Feedback about the report follow-up must be given to the whistleblower within three months.
- All processing of personal data must be done in accordance with the GDPR.