The whistleblower protection bill has passed the senate and is now heading to the president. Its effective date is expected at the end of the summer. The bill implements the EU directive on the protection of persons who report breaches of law at the workplace (whistleblowers) and will bring new obligations for a wide range of obliged entities, including all employers of more than 50 employees. These entities will be obliged to establish an internal reporting system and ensure the protection of whistleblowers who use it.

Reporting system and other obligations

The law remains silent on the form of the reporting system. This means that employers may choose how to ensure the receipt, assessment, and resolution of reports by their employees and other persons – such as trainees or job applicants, as these will also have the right to report law abuse in writing, orally, and even in person if requested. Employers will have to deal with the reports within statutory deadlines and ensure appropriate communication with the whistleblower and the protection of the reported information. The most common solution will probably be an internal reporting system provided in an external supplier’s software solution.

To operate the reporting system, the obliged entity will have to appoint a relevant person who will be responsible for receiving the reports, notifying the reporting persons within the set deadlines of the receipt and resolution of their reports, and proposing resolutions. Our experience shows that numerous companies intend to appoint one of their employees as the relevant person; however, the bill also allows an external person to be the relevant person.

The bill requires whistleblowers to be protected against retaliation, i.e., against any act or omission following their report and relating to the whistleblower’s work or other activity that may cause them harm. Retaliation may include the termination of employment, removal from a senior position, wage reduction or not granting a bonus, transfer to another job, etc.

Whistleblower protection and anonymity

The protection of whistleblowers, particularly anonymous ones, has been one of the most discussed and principal issues of the bill. Under the bill, anonymous whistleblowers are not protected from the beginning, but only after their identity becomes known to those who may expose them to retaliation. Foreign experience shows that in entities where an internal reporting system is in place, the most serious breaches of law are often reported anonymously. Excluding anonymous whistleblowers from protection may make them significantly less willing to report.

A regulation and an opportunity

The introduction of internal reporting systems and the related protection of whistleblowers is often perceived as just a ‘ratting’ tool that places an unnecessary administrative burden and considerable risks on the obliged entity. 

However, we believe that the implementation of a reporting system also contributes to employer protection. By giving employees the opportunity to report suspicious conduct, employers increase their awareness of what is happening in their companies, which fosters a transparent corporate culture. As a result, employers may respond to any misconduct in a timely, efficient and, most importantly, internal manner. As a bonus, they can avoid significant penalties and reputational damage. Ultimately, they may be able to prevent the loss of customers or, in the case of publicly traded companies, a significant decrease in their value.