Better protection for whistleblowers – com! professional

The implementation of the Whistleblowing Policy is a stalemate. But what is actually the content of the directive and why is it worthwhile for companies to act now?

The primary goal of the EU Whistleblower Directive is to protect people who have received information about violations in connection with their professional activity and who report this to an internal or external reporting office. Whistleblowers should be protected from reprisals, such as dismissal.

The type of violations that can be reported is diverse and includes breaches of criminal regulations as well as topics such as combating money laundering and terrorist financing, product safety, road safety, consumer protection, protection of privacy and personal data, security of network and information systems. It is planned that companies with at least 50 employees must set up an internal reporting office. For companies with 250 or more employees, the requirements apply immediately, for the others there is a grace period for implementation as soon as the law comes into force in Germany. The directive, which was passed in 2019, should have been implemented into German law by December 17, 2021, but the draft legislation failed several times. At the beginning of 2021, the draft of the Whistleblower Protection Act was presented in Germany for the first time. The last draft failed in early 2023 in the Federal Council. But Germany is not alone: ​​After 24 EU member states had not implemented the directive or only partially implemented it, the EU Commission has already initiated infringement proceedings.

establishment of registration offices

Companies must set up internal reporting channels (e.g. a digital whistleblower system). Resources are also required to look after the system and respond to reports, because there are obligations to react: After seven days, the report must be confirmed to the whistleblower; after three months at the latest, the whistleblower must be informed of the follow-up measures taken. Finally, all reports and the measures must be documented in compliance with data protection. There are penalties for non-compliance: If no internal reporting channel is implemented, a fine of up to 20,000 euros can be imposed. If it turns out that reports have been obstructed, whistleblowers are the target of reprisals, or protection of the confidentiality of the whistleblower’s identity has been violated, this can cost up to 100,000 euros.

Trading is worthwhile

Even if the law is not yet in force in Germany, the specifications from the directive are known. The time until then should definitely be used, because the implementation of a system does not happen overnight. Irrespective of the fulfillment of legal requirements, a whistleblower system can serve the interests of the company: Internal grievances are a common reason for economic damage – early intervention can prevent or reduce damage. Finally, it also strengthens the trust of (potential) business partners, suppliers, employees and applicants, since the management signals that any abuses will not be tolerated.

Source: com! professional by

*The article has been translated based on the content of com! professional by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!