Prepare your organization for the EU Whistleblower Directive

Do you have at least 50 employees? Then the Whistleblower Directive applies to your organization. This EU directive specifies that you must provide a secure channel where whistleblowers can report misconduct within your organization.

EU Whistleblower Directive? Let's explain!

The EU Whistleblower Directive is a directive enacted by the European Union in 2019, requiring member states to ensure the protection of whistleblowers.

The process of implementing this directive into Belgian law took a significant amount of time. As a result, organizations in the private sector are now obligated to protect whistleblowers and establish reporting channels.

Providing protection

This new legislation aims to ensure that certain violations or misconduct are brought to light at an early stage. At the same time, it is designed to offer greater protection to whistleblowers—the individuals making such reports.

The Whistleblower Directive applies only in specific cases, depending on the nature of the report.

If the report concerns infringements related to public procurement, money laundering practices, social fraud, public health, and other related matters, the whistleblower enjoys enhanced protection.

The complete list can be found on the website of the Federal Public Service (FPS) Chancellery of the Prime Minister.

From 50 employees onwards

The law applies not only to large corporations and multinationals but also to every company with at least 50 employees.

If you have a smaller workforce, you are exempt from certain rules. For instance, you are not required to establish an internal reporting channel.

The legislation aims to provide more protection to whistleblowers.
The legislation aims to provide more protection to whistleblowers.

What does the EU Whistleblower Directive say?

The EU Whistleblower Directive comes with several rules. Here they are:

Setting up an internal reporting channel

This can be done, for instance, through a form on your company website or intranet. Companies need a means for employees and other stakeholders to report misconduct directly. These internal channels must be confidential and secure.

In addition, whistleblowers should have the opportunity to report both in writing and orally. A staff member or department within your organization will need to follow up on the reports.

Protecting whistleblower data

Keep the personal data of whistleblowers confidential and ensure they remain anonymous if they wish.

Organizing training sessions for reporters

Inform all employees and potential reporters about their rights and protections and provide insights and transparency into the reporting process.

Preventing retaliation

Organizations are required to take proactive measures to prevent retaliation by establishing a policy against reprisals or retaliatory actions (such as dismissal, suspension, loss of pay, etc.), conducting fair internal investigations, and supporting whistleblowers who face retaliation.

This rule also provides protection to anyone in the whistleblower's immediate environment, particularly partners, family members, and trusted individuals.

Use iubenda to place a whistleblower policy on your website
Use iubenda to place a whistleblower policy on your website

How you to quickly comply with the EU Whistleblower Directive

The fastest way to comply is through iubenda. That's our tool that assists you with GDPR solutions such as cookie banners, privacy policies, and now, a whistleblowers form has been added.

Open a form and follow-up on reports

Specifically, iubenda helps you set up a form on your website where whistleblowers can anonymously report misconduct within your organization.

In iubenda itself, you can then track and process these reports.

Choose iubenda Ultimate if you want to add the whistleblowers form to your website.

Frequently Asked Questions about the EU Whistleblower Directive