The EU Whistleblower Directive (also known as the Whistleblower Protection Act) obliges member states to provide effective channels to report breaches of EU rules confidentially, and establish a robust system of protection against retaliation. It obliges companies with 50 or more employees, and all legal entities in the public sector, to implement a whistleblower system.
With Flowers software as your digital whistleblower system, you can easily comply with the requirements of the EU Whistleblower Directive. Read on to find out if your business is ready for the Digital Whistleblower Protection Act and what you need to know and do.
Who is affected?
Organizations operating in the EU with 50 or more employees must introduce secure whistleblower systems and companies with 50-249 employees have a transitional period until December 2023. The public sector is also affected: government agencies with 50 or more employees and cities and municipalities with more than 10,000 inhabitants are subject to the law.
What are the legal requirements?
- Whistleblowers are free to decide whether they want to report internally or via the external reporting office, but the law stipulates that internal reporting offices should be given priority.
- Companies should therefore create incentives to use internal reporting channels without impeding the submission of reports to external reporting offices. For example, companies should provide clear and easily accessible information on the use of internal reporting.
- The procedure for submitting the report must be verbal or in writing and, if desired, must also be possible in person. The prerequisite for this is that the offenses are punishable (criminal offense) or subject to a fine (administrative offence) and endanger health/life.
- The internal reporting office must confirm receipt of the report to the whistleblower(s) within 7 days.
- The reporting office must inform the whistleblower within three months of the measures that have been taken as a result, i.e., the initiation of internal investigations or the forwarding of the report to the competent authority.
- The law obliges reporting offices to process anonymous tips and to take precautions to enable anonymous communication with the reporting person.
- As required by the directive, the law aims to prohibit possible reprisals against whistleblowers and reverse the burden of proof, eg. an employer must prove there is no connection between the dismissal of an employee and a reported grievance.
Whistleblower Process Overview
Download our free Whistleblower Process Overview here !
What sanctions can non-compliant companies or individuals expect?
- In case of non-compliance with legal requirements, the law provides for sanctions against natural and legal persons.
- Violations are to be punished as administrative offenses with a fine. This includes obstructing reports or taking reprisals, but also knowingly disclosing inaccurate information.
- In the event of a violation of the ban on reprisals, the person providing the information must be compensated for the resulting damage. Whistleblowers can also demand compensation for immaterial damage.
- Persons who pass on incorrect information - intentionally or through gross negligence - must pay for the damage incurred.
Flowers makes process compliance easy
With Flowers software, you can define digital, transparent workflows that comply with the EU Whistleblower Directive. Read more about our Whistleblower Software Solution here.
Book an appointment now to learn more about how Flowers can help your organization comply with the Whistleblower Protection Act.