The European Parliament and the European Council’s Whistleblower Protection Directive has been in the works for several years and is expected to be implemented by December 17, 2021.
With just over a month until this deadline, companies operating in the EU are working quickly to ensure that their policies and procedures are compliant.
So what should companies know about the Whistleblower Protection Directive? And, what steps should companies take to update or introduce whistleblower reporting channels for their employees? We’ve got you covered. Keep reading to find out!
According to the Official Journal of the European Union, the purpose of the Directive is to “enhance the enforcement of Union law and policies by laying down common minimum standards providing for a high level of protection of persons reporting breaches of Union law.”
In short, the EU Whistleblowing Directive ensures that whistleblowers who report violations of EU law are protected against retaliation from their employers, managers, or colleagues.
Within this context, a whistleblower is defined as a natural person, not an entity, such as a self-employed person, shareholder, current or former employee, subcontractor, job applicant, contractor, unpaid trainee, volunteer, and any other relevant individual who reports violations of EU law encountered in the context of work or work-related activities.
Retaliation in this context is defined broadly and includes discrimination, withholding of training, demotion, dismissal, suspension, disciplinary action, and intimidation.
The Directive enforces a minimum standard for whistleblowing that member states must adhere to. However, because this new initiative is a directive and not a regulation, individual EU countries are able to introduce their own specific and extended protections to further shield whistleblowers from retaliation. Therefore, companies will need to build a compliance plan that takes into account the EU Directive and the specific regulations that are eventually rolled out by the member state(s) they operate in.
The Directive concerns all businesses and government bodies that employ 50 or more employees. Companies with between 50-249 workers will need to be compliant by December 17, 2023. Companies with 250 or more employees must be compliant by December 17, 2021. There currently are no directives for companies with fewer than 50 employees.
Whistleblowing is defined as the disclosing of suspected wrongdoing, that reveals either direct employer violation or misconduct by third parties.
The EU Directive specifies common minimum standards for whistleblowing concerning the following areas:
This specified scope differs from UK law, where whistleblowing protection applies across all sectors, with more stringent provisions imposed on particular sectors. Under this EU directive, there are some general scopes that are common to most businesses, such as consumer protection and antitrust law, as well as more unique scopes such as radiation protection and nuclear safety.
The directive protects whistleblowers that report breaches of EU law if they file a report in good faith, have reasonable grounds to believe that the information they reported was true at the time of reporting, and file a report that falls within the aforementioned scope of the EU Whistleblowing Protection Directive. Whistleblowers can file reports internally, externally, or publicly, such as to the media. Specific reporting channels are not specified by the Directive meaning the whistleblower may choose where they file a report.
The Directive allows for external disclosures to be protected where internal reporting channels do not exist, create a conflict of interest, or do not work effectively. In limited circumstances, protection will be extended to public disclosures where the internal or external reporting channels do not function effectively.
Under the Directive, whistleblowers are protected by:
The Directive also extends protection beyond the individual whistleblower to individuals who may have aided the whistleblowing, such as colleagues and relatives, in the same workplace.
Several challenges can be anticipated by companies adjusting their plans to adhere to this Whistleblowing Protection Directive. Being aware of and keeping these challenges top of mind will make the process much easier. Some of these challenges include:
Although the process of creating or updating an organization’s compliance plan can seem overwhelming, taking the right steps and actions will make the process easy as pie. As the December 17 date draws closer, here are some key things to keep in mind:
A key aspect of a comprehensive compliance plan is a whistleblower vendor or platform. These third-party organizations provide effective and confidential reporting channels that help support your initiatives and ensure that your employees feel secure reporting, and safe from retaliation. When selecting a whistleblower platform, be sure to look for features that are Directive compliant and compatible with any additional workplace culture requirements your organization may have, integrations with your current software, ease of accessibility, secure encryption, partnerships, support services and resources, and overall trustworthiness.
Should these characteristics interest you, don’t hesitate to reach out to us here at AllVoices. The AllVoices employee feedback management platform is whistleblower compliant, yet more current, mobile, and user-friendly than a standard whistleblower hotline. We are well versed with the EU Whistleblowing Directive and can provide you with a comprehensive, low-cost method to ensure that your company complies with these Directive standards and the values of today's modern workplace.
Schedule a demo today to learn how we can help you be ready by December 17!