What new legal regulations apply to public entities due to the Whistleblower Protection Directive?

The Whistleblower Protection Directive introduces new legal regulations for public sector entities employing over 50 employees. Despite the fact that the act implementing the provisions of the directive in many countries has not yet been passed, because the legislative work at the government levels is still ongoing, employers are required to implement the Whistleblower protection system from December 17, 2021.

Who is covered by the Whistleblower Protection Directive?

The Whistleblower Protection Directive applies to both private and public entities. In the case of the public sector, the Act covers local government units and entities that are owned or controlled by them. Consequently, also communes, poviats, voivodships, and entities controlled by them are obliged to establish internal channels for receiving and reporting infringements of the provisions of the directive.

What obligations does the Directive impose on public entities?

The Whistleblower Protection Directive obliges public entities to create an internal channel to report breaches, receive notifications, and take follow-up action. The employer is also obliged to inform employees about the possibility of reporting misconduct using internal procedures and should help his employees understand the intricacies of the new directive to create an atmosphere of mutual trust in the workplace.

Importantly, the internal channel for reporting violations must ensure the protection of the confidentiality of the identity of the Whistleblower and the person to whom the report relates. It is also important that there is two-way communication between the reporting person and the one receiving the notification. The declarant should be informed within 7 days from the notification of the irregularity about the receipt of the notification, and the feedback on taking remedial actions should be given up to 3 months.

In terms of follow-up, each organization should designate an individual, or a department as a whole, to be impartial and fair in verifying the accuracy of reports. Such units undertake internal investigations, actions to resolve the case and close the entire procedure.

Public entities are also required to keep a register of all received notifications. It should be remembered that the register should contain the number of the case, the subject of the violation, the date of notification, information on remedial actions, and the date of completion of the case.

The internal channel for receiving requests may be the system. Whistleblower is modern software that meets all the legal requirements of the directive and ensures full protection of the confidentiality of the identity of persons who report violations.

What does the Polish act say on the obligations of public entities in the field of Whistleblower protection?

At the moment, most national legislators have still not established the necessary legislation to implement the directive's guidelines. Therefore, it is not known exactly what obligations will be imposed on public entities and local government units, both those owned and controlled by them. The scope of obligations resulting from the directive is binding but minimal. State legislators may impose greater obligations on public entities than are contained in the provisions of the directive.

However, it is important that employers must provide their employees with internal channels for reporting breaches, which, until the emergence of national laws, will be in line with the guidelines of the Whistleblower Protection Directive. Therefore, offices must be prepared and should provide their employees with the best channel for reporting irregularities. Whistleblower is a system for handling notifications that allows you to register and manage notifications, access to the full history of communication, and many more useful functionalities.