It can be a complicated task to track all the changes in the whistleblowing regulations in the EU: however, in Germany, there weren't many of them. The attempt to amend the existing legislation regarding whistleblowers was made in 2013 and didn't get support from the parliament. In 2019 we can see significant growth in freedom of speech and a range of tools for reporting.
Two events have changed the German approach to whistleblowing: a reform by Federal Financial Supervisory Authority (or BaFin in short) in 2016 and the well-known General Data Protection Act (GDPA) in 2018. In 5 years, Germany has moved from partial protection guaranteed by the Labour Code and European legislation to the middle-level system of whistleblower protection.
Despite the real cases resolved in favor of whistleblowers and strict compliance with the law, Germany has no specific law for whistleblowing and, consequently, can't be on the list of countries with comprehensive whistleblower protection. |
We can guess from the name of the 2016 Act: employees of financial structures, banks, etc. are more protected since the Act was specifically designed to detect cases of bribery and fraud. At the same time, GDPA intensifies the seriousness of investigation processes and ensures whistleblower's security.
On a closer look, this Act is the first (and so far the last) which defines a whistleblower and whistleblower hotlines legally. With its emergence, all the financial structures in the public sector were obliged to create an effective system for reporting under the control of BaFin.
BaFin introduced to the whistleblower a variety of reporting methods: email, voice message, and personal appointment. In a year, BaFin developed the functionality of their hotlines from confidential to anonymous, providing the employee with the opportunity to choose between an internal hotline and BaFin's (or even consent to disclose their identity).
Germany has a relatively low rate of whistleblower protection for this specific reason. Only the requirement to report in good faith brings private, public, and financial (as exceptionally protected) sectors together.
Changes in data protection regulations in 2018 were positive for all the countries in the EU: Germany also has something to say about it. Firstly, all the information which can cause a violation of human rights should be strictly protected according to the German Data Protection Act. Whistleblower's reports can be considered fully eligible in this case. So, the most prominent update: anonymous reports should be encouraged. Before the GDPA, anonymous reports were almost equal to no chance for investigation.
In case the whistleblower makes a confidential report, the employer is obliged to inform the accused person of the source of information. The rule emerged with GDPA and makes anonymous reports more beneficial: you can imagine how revealed accusations change the atmosphere in the workplace.
It is an expected question if you have nothing to do with finances but still own a company. Without a requirement to have a compliance system in general, many companies choose this way of running a business for a few reasons. Germany has many companies of international importance, and it sets certain standards, but the main point is that employees are not punished for reporting misconduct externally.
The employer should really think about defining a trade secret within the company and informing the employee about it. Otherwise, there is a risk to lose the reputation of the company and its clients. |
The German government can penalize a whistleblower for disclosing a trade secret only if it was documentarily enshrined and the maximum penalty is compensation. It is not only a trend but a reasonable choice - resolve the complaints internally.
You inform the work council about the whistleblower hotline, and comply with data protection standards - then you can legally protect your employer's rights and offer good work conditions.