EU Whistleblowing Directive Summary
Historically, whistleblower protections within the European Union have varied considerably. That’s set to change with the implementation of the new EU Whistleblower Protection Directive. These new rules, which were formally adopted by the European Parliament on October 7, 2019, give member states two years to implement the protections into their own national laws. This change brings new opportunities as well as challenges to firms operating within the EU; while many companies may have to update or improve their internal reporting policies and procedures, they now have a single, unified standard to meet.
The major components of the EU Directive, which applies to public and private organisations with 50 or more employees, revolve around the explicit protection of all whistleblowers who report a violation of EU law. One of the primary requirements of the directive is the implementation of internal reporting channels and processes, which the legislation encourages whistleblowers to use and offers access to a range of legal, financial and psychological support when doing so. The directive also extends whistleblower protections to include trainees, volunteers and self-employed workers (in addition to employees). In all, the new EU Directive takes significant steps to empower and protect reporters.
What protections does the Directive offer?
The new rules will require the creation of safe channels for reporting both within an organisation - private or public - and to public authorities. These should be designed and implemented in a way that ensures confidentiality for the whistleblower, the person named in the report, and any third parties referred to in the report.
Upon receiving a report, organisations will be expected to acknowledge receipt of it within seven days and “provide feedback to the reporting person within a reasonable timeframe not exceeding three months”.
The Directive will protect whistleblowers against dismissal, demotion and other forms of retaliation and require national authorities to inform citizens, and require national authorities to inform citizens and train public officials on how to deal with whistleblowing.
The Directive also outlines the grounds upon which protection will be granted. Unlike whistleblower protections in other countries, under the EU Directive a worker must simply have “reasonable grounds” to believe that the information they report is true (provided it falls within the scope of the Directive).
Who will be affected by the Directive?
Protected parties
The Directive covers workers in the public and private sector, including:
- civil servants
- the self-employed
- shareholders
- management
- administrative or supervisory bodies
- volunteers
- paid or unpaid trainees
- contractors, subcontractors and suppliers
- individuals disclosing breaches during a recruitment process
- former workers
Affected organisations
Companies with 50+ employees and municipalities with 10,000 inhabitants or more will be required to comply with the Directive. I
s your organisation affected? Talk to us about establishing compliant reporting channels.
Timescales and deadlines
Member States will be required to write the new rules into law by October 2021.
Organisations of 250 employees or more must be ready to comply with the law immediately from that point. Smaller organisations (50-249 employees) will be given two further years to comply.