The directive is intended to regulate the protection of persons who report irregularities in an organization.
It is possible to report shortcomings and violations through three channels.
It is recommended that irregularities should be reported first through internal channels, and then, if it is not possible to resolve them within the organization, forward them to external authorities. The Whistleblower system was created specifically to ensure safe and efficient communication between whistleblowers and verifiers of notifications. Check out our offer and choose the best one for you!
Central authority: Ombudsman.
Public authority: The President of the Office of Competition and Consumer Protection and other authorities accepting external reports concerning irregularities in the areas within their range of activities.
This channel is a last resort when none of the above actions have brought the expected result.
Public and private institutions employing more than 50 people or municipalities with more than 10,000 residents.
Private entities employing over 250 employees.
Financial market entities and entities dealing with AML / CF, regardless of the number of employees and the sector.
Legal entities in the private sector with 50-249 employees.
Internal channel reporting systems must ensure security and confidentiality. The Directive stipulates that the identity of the Whistleblower may not be disclosed to any unauthorized person who is not part of the group for receiving reports and solving problems.
The processing of personal data must be in accordance with the GDPR and Directive 2016/680. This refer to personal data processed under the Whistleblower Directive, including the exchange or transfer of personal data by competent authorities.
The employer is liable to a fine, imprisonment or imprisonment for up to 3 years if: