The Whistleblowing Directive in Europe

status of the EU whistleblowing directive

Source: EU Whistleblowing Monitor

Current Status of the EU Whistleblowing Directive

While the deadline for the transposition of the EU Whistleblowing Directive was in December 2021, many are the EU Member States to prolong the discussion. Currently, 11 countries have adopted the law, 15 have delayed the process, while Hungary is the only country to not have started the process at all. For the time being, none of the Member States have fully transposed the Directive into national legislation.

When it comes to the UK or Switzerland, the Directive will not be transposed. However, British or Swiss companies with subsidiaries in any of the Member States might still be concerned.

 

The Directive in a nutshell

The European Directive for the Protection of Whistleblowers first entered into force in 2019, aiming to establish and promote a high level of protection for citizens to report breaches of EU law. It grants protection to individuals reporting misconduct in a work-related context through a three-tier system:

  1. via internal (mandatory) reporting mechanisms of organisations;
  2. via external competent authorities;
  3. via public disclosures to the media.
Deadlines

Organisations with 250+ employees had until December 17, 2021 to comply.

Organisations with 50-249 employees must comply before December 17, 2023.

 

How to comply?

A whitepaper to answer all your questions.

Free download

Comply with SpeakUp®
What are the exact requirements for the internal reporting mechanism?

Organisations must:

  • process and store reports in a secure, GDPR-compliant manner
  • acknowledge the receipt of reports and follow-up within specific time-frames
  • allow whistleblowers to report via both written and verbal communication

SpeakUp® meets and exceeds the Directive’s requirements for the internal reporting channel.

How to comply

Highest Security & Privacy Standards
How to guarantee the safety of your reporting mechanism?

At People Intouch we accept nothing less than the very best for our clients. This is why we have implemented the most extensive control framework.

We are the only provider to be quarterly audited according to ISAE3000 Type II (eq. SOC2) on all aspects of our operations (including human translations!). Our ISAE3000 Type II assurance program fully encompasses and proves continuous adherence to the following standards:

  • ISO27001
  • ISO27002
  • ISO27701
  • GDPR

See certificates

European Solution
How is whistleblowing perceived in Europe?

As one of the first European providers, we understand the European whistleblowing culture better than anyone. This is what makes us excellent partners to hundreds of European organisations. Other than the EU Whistleblowing Directive, we’ve been helping our clients deal with:

  • GDPR (EU)
  • Schrems II (EU)
  • Sapin II (FR)
  • Lieferkettengesetz (DEU)
  • Public Interest Disclosure Act (UK)

In addition, we make sure that all SpeakUp® data are stored and processed within the EEA+.

Learn more

EU Whistleblowing Directive Whitepaper

What are the main requirements? What are the criteria described for the whistleblowing mechanism? Do the same rules apply in all EU Member States? What do I need to adjust in my whistleblowing policy?

All the answers are in this Whitepaper.