Search

Publikacje

WHISTLEBLOWER PROTECTION UNDER NEW WHISTLEBLOWER REGULATIONS

The deadline for implementation of Directive (EU)
2019/1937 of the European Parliament and of the
Council of 23 October 2019 on the protection of
persons who report breaches of Union law (“Directive”)
by Member States expired on 17 December 2021.
However, the Polish Parliament has not managed to
meet it, and hence the implementing regulations are still
at the drafting stage. The Directive lays down common
minimum standards for the protection of whistleblowers
falling into three categories:

  • internal market rules (for example
    breaches of EU competition and State
    aid rules, corporate tax law)
  • financial interests of the Community
    (breaches affecting the interests of the
    European Union as set forth under
    Article 325 TFEU and in the relevant
    measures)
  • falling within the scope of the EU acts in
    specific areas (for example public
    procurement,
    protection
    of
    the
    environment, public health, consumer
    protection).

The Directive also provides for potential extension of
the scope of protection as set forth under the Directive
to further breaches under national legislation enacted
by individual Member States.

Individuals who report such breaches (known as
whistleblowers) are afforded special forms of
protection. The whistleblowers include not only
employees of the relevant company, but also any other
individuals who obtain and report such information.
These can include interns, subcontractors, or former
employees. The Directive stipulates that whistleblowers
are not subject to liability for such acts as breach of
confidentiality, copyright, or business secrecy to the
extent covered by their reporting. Also, no form of
retaliation can be applied against them. The list of
forms of retaliation given in the Directive is open-
ended, with examples including such measures as
reduction in wages, suspension, lay-off, or demotion. To
be protected, a whistleblower is required to report a
breach in one of three predetermined ways.

The first of these are the internal reporting channels.
The Directive provides for Member States to require
businesses to put in place internal reporting channels for
whistleblowers. In this case, the breach is handled
without the involvement of any external authorities. The
legislators have imposed certain minimum standards
that the internal channels are required to meet. These
include among others the appointment of an impartial
person or department to receive reports and the ability
to provide feedback to the whistleblower within three
months of receiving the breach report. The internal
channels are also required to ensure privacy and
confidentiality.

The next option are the external reporting channels. In
this case, the report is submitted to authorities
specifically designated for that purpose by individual
Member States. Such authorities must be impartial and
independent. Receipt of a report must be
acknowledged without delay. The external authorities
also inform whistleblowers about the outcome of the
investigation.

The last way to report breaches is by public disclosure.
This is a procedure that the whistleblower may employ
if the two previous channels have been used and the competent authorities have not taken any action. The
whistleblower will also be able to rely on this option if
the breach constitutes a danger to the public interest or
in the case of external reporting, there is a risk of
retaliation against the whistleblower. Public disclosure
involves communication of information to an authority or
institution that is not specified under law as authorized
to receive information through the external channels
(e.g. the press). Such disclosure results in the
whistleblower being protected to the same extent as
when reporting through internal and external channels.

Thus, as becomes evident, the Directive has opened up
new possibilities for reporting breaches of EU law.
While the new whistleblower regulations seem well
thought out, they require a lot of work on the part of
Member States and businesses. This type of system must
be watertight and reliable, as otherwise whistleblowers
will be afraid to use it.

Disclaimer: This publication has been prepared for clients and professional associates of Miller Canfield. It is intended to provide only a summary of certain recent legal
developments of selected areas of law. For this reason the information contained in this publication should not form the basis of any decision as to a particular course of action;
nor should it be relied on as legal advice or regarded as a substitute for detailed advice in individual cases. The services of a competent professional adviser should be obtained
in each instance so that the applicability of the relevant legislation or other legal development to the particular facts can be verified.