

The Directive on the Protection of Persons Reporting on Breaches of European Law was first proposed in April 2018.
Aimed at overhauling the rights and legal protections of whistleblowers in Europe, it followed a series of high-profile disclosures relating to scandals such as Cambridge Analytica, the Panama Papers and LuxLeaks.
The murder of journalists Daphne Galizia (Malta) and Jàn Kuciak (Slovakia), who were attempting to expose corruption in their respective countries, only strengthened the drive to protect whistleblowers.
The Directive provides significant improvement in protecting whistleblowers and moves member states towards a unified legal framework.
Historically, whistleblower protections within the European Union have varied considerably. That’s set to change with the implementation of the new EU Whistleblower Protection Directive. These new rules, which were formally adopted by the European Parliament on October 7, 2019, give member states two years to implement the protections into their own national laws. This change brings new opportunities as well as challenges to firms operating within the EU; while many companies may have to update or improve their internal reporting policies and procedures, they now have a single, unified standard to meet.
The major components of the EU Directive, which applies to public and private organisations with 50 or more employees, revolve around the explicit protection of all whistleblowers who report a violation of EU law. One of the primary requirements of the directive is the implementation of internal reporting channels and processes, which the legislation encourages whistleblowers to use and offers access to a range of legal, financial and psychological support when doing so. The directive also extends whistleblower protections to include trainees, volunteers and self-employed workers (in addition to employees). In all, the new EU Directive takes significant steps to empower and protect reporters.
The new rules will require the creation of safe channels for reporting both within an organisation - private or public - and to public authorities. These should be designed and implemented in a way that ensures confidentiality for the whistleblower, the person named in the report, and any third parties referred to in the report.
Upon receiving a report, organisations will be expected to acknowledge receipt of it within seven days and “provide feedback to the reporting person within a reasonable timeframe not exceeding three months”.
The Directive will protect whistleblowers against dismissal, demotion and other forms of retaliation and require national authorities to inform citizens, and require national authorities to inform citizens and train public officials on how to deal with whistleblowing.
The Directive also outlines the grounds upon which protection will be granted. Unlike whistleblower protections in other countries, under the EU Directive a worker must simply have “reasonable grounds” to believe that the information they report is true (provided it falls within the scope of the Directive).
Protected parties
The Directive covers workers in the public and private sector, including:
Affected organisations
Companies with 50+ employees and municipalities with 10,000 inhabitants or more will be required to comply with the Directive. I
s your organisation affected? Talk to us about establishing compliant reporting channels.
Member States will be required to write the new rules into law by October 2021.
Organisations of 250 employees or more must be ready to comply with the law immediately from that point. Smaller organisations (50-249 employees) will be given two further years to comply.
One of the primary requirements of the directive is the implementation of internal reporting channels and processes, which the legislation encourages whistleblowers to use and offers access to a range of legal, financial and psychological support when doing so. The directive also extends whistleblower protections to include trainees, volunteers and self-employed workers (in addition to employees).
Provide multiple channels for employees report incidents: By giving multiple ways to report incidents, this increases the chances that these channels will be used and that issues within your organisation will be visible to the relevant teams. These channels can include telephone whistleblowing helpline programme, web intake options, or report forms and whistleblowing software to capture open door conversations
Consistent processes for all reports: Use role and rule-based routing and automated workflows that can systemise and streamline your processes from intake to investigation to case closure.
Learn everything you need to create an effective case or incident management programme - from planning to implementing to measuring results - with our comprehensive guide.
Data and analysis to help you benchmark your ethics and compliance programme against the world’s largest whistleblowing hotline and incident management database.
What are the current trends in employee complaint and hotline programs? Hear the latest findings from the world’s largest database of hotline reports and expert analysis of key year-over-year industry benchmarks.
NAVEX Global’s comprehensive solutions can help you to prepare for and comply with the Directive, contact us today to find out how we can help.
Thank you for subscribing! Please be sure that @navexglobal.com is on your company's safe sender list to ensure our emails reach your inbox!