On 16 December 2019 after its approval by the European Parliament, the Whistleblowing Directive came into force.  The new legislation is seen as a vital legislative cog in attempting to prevent breaches of EU law such as fraud and corruption and providing comprehensive protection for whistleblowers across the whole of the EU. 

Member States are required to transpose the Whistleblowing Directive and to adopt their own version of the directive as national law by 17 December 2021. As a minimum, the national laws must include all the whistleblower protections listed in the EU directive, although countries do have some flexibility for including more protections if they so wish.

Who does the WB Directive apply to?

The Directive includes new rules that will impact thousands of organisations in the public and private sectors.

The Directive requires organisations with more than 250 employees (from 2021) and more than 50 employees (from 2023) to introduce whistleblower schemes. This employee threshold does not apply if there is an obligation to establish a whistleblower scheme under other special legislation, including the money laundering regulations or financial services regulations. All public authorities are required to form an internal whistleblower system.

The adoption of safe and secure reporting channels is a primary objective of the Directive and is explicit in specifying that such channels should be designed, established and operated in a secure manner that ensures the confidentiality of the identity of the whistleblower and the protection of any third party mentioned in the report.

Many businesses across the EU will need to implement new or revised whistleblowing processes and policies to comply with the requirement to include internal whistleblower solutions.  However, whilst it may take some time for EU countries to begin their journey to full compliance, the Directive should ensure businesses will now be working towards putting measures in place.

Reporting Channels

The Directive has introduced a 3-tier reporting structure that allows whistleblowers to report their concerns through the following channels -

1. Internal Reporting – enabled by the business through their own established channels or supplied by external providers specialised in providing such services
2. External Reporting – enabled by appropriate national authorities or EU institutions
3. Public Reporting Channels – when employees go directly to the media or social forums such as Facebook or Twitter

What can whistleblowers report on?

The Directive refers to protecting individuals who report breaches of EU Law. Whistleblowers will be able to raise concerns on a range of issues and remain protected from recrimination when they do so.

Issues include anti-money laundering and corporate taxation, data protection, protection of the Union’s financial interests, environmental protection, food and product safety and nuclear safety

How are whistleblowers protected?

The Directive (Article 6) provides that the whistleblower may qualify for protection if he/she makes a public disclosure, but only if:

1. They had reasonable grounds to believe that the information on breaches reported was true at the time of reporting and that such information fell within the scope of this Directive; and
2. They reported either internally in accordance with Article 7 or externally in accordance with Article 10 or made a public disclosure in accordance with Article 15.

What policy areas are covered?

The protections in the Directive will be triggered regarding breaches of the EU law in several identified policy areas as noted below:

• The implementation of whistleblowing services to enhance compliance with changes in EU whistleblowing laws.
• Public procurement;
• Financial services, products and markets, and prevention of money laundering and terrorist financing;
• Product safety and compliance;
• Transport safety;
• Protection of the environment;
• Radiation protection and nuclear safety;
• Food and feed safety, animal health and welfare;
• Public health;
• Consumer protection;
• Protection of privacy and personal data, and security of network and information systems.

Business should be aware that the WB Directive presents the minimum level of cover for whistleblowers expected. If, however, EU member states wish to create further comprehensive laws inside their own country, they have the flexibility to do so.

How to comply?

Implementation of confidential reporting channels is seen as the first step towards compliance with the Directive. 

As leading providers of whistleblowing solutions in Europe, SeeHearSpeakUp can assist in the implementation of whistleblowing services to ensure compliance with changes in EU whistleblowing laws. 

SeeHearSpeakUp can offer organisations a number of clear and easily accessible reporting channels tailored to their unique service requirements and provide assurances that full independence, confidentiality and data protection are fulfilled.

Our qualified staff ensure that whistleblowers are dealt with in a professional, sensitive and confidential manner. Our services are available 24 hours-a-day, 365 days-a-year

If you would like further information about implementation of an independent external whistleblowing service please follow this link, or alternatively, please contact our sales team on +44(0)1224 625111