Skip to content
Home / Ethics & Compliance platform / Use cases / EU Directive for Whistleblowers' Protections

Professional solution for EU Whistleblowing Directive

Protect whistleblowers and the company’s reputation with our online platform
whistleblowing directive mobile 2
Clock (1) Unlimited_2 ISO_green_and_blue_2

72 hrs to go live with a default setup

Unlimited users, reports, cases etc.

Certified info-security and privacy management

whistleblowing directive 1

Must-do's

Connection_2

Multichannel

A reporter should be able to submit reports:
- In writing via an online system;
- A mailbox or by post;
- Orally via a telephone hotline or answering machine system.
Companies are also obliged to offer a personal meeting should the whistleblower request it.

Tracking_2

Trackability

Whistleblowers should have the ability to check the status of their reports.
The reporting person needs to be informed of the receipt of the report within 7 days and provided feedback no later than in 3 months.
There is no defined time limit within which the follow-up actions need to be completed.

Mentor_2

Responsibility

Companies must determine the “most suitable” person to receive and follow up on reports internally.
This could be a:
- Compliance officer;
- Head of HR;
- Legal counsel;
- Chief Financial Officer (CFO);
- Executive board member or management;
- Companies can also outsource the processing of reports.

Secure_2

Confidentiality and data safety

Companies must ensure that the identity of the whistleblower is kept confidential regardless of which reporting channel is used.
The hotline should follow the principles of the General Data Protection Regulation (GDPR).
All the involved should be guaranteed protection from data leak: reporting person, concerned person, and third people mentioned in the report. Only authorized persons can have access to gathered information.

7
 
days to acknowledge the receipt of the report and inform the whistleblower
 
 
 
3
 
months timeframe for an investigation and informing a reporting person about the outcome
 
 
 
6
 
months timeframe extension is possible where necessary due to the specific circumstances
cheatsheet
7
 
days to acknowledge the receipt of the report and inform the whistleblower
 
 
 
3
 
months timeframe for an investigation and informing a reporting person about the outcome
 
 
 
6
 
months timeframe extension is possible where necessary due to the specific circumstances

15 key introductions

1_  
Obligation to have a whistleblowing channel for EU organizations and its subsidiaries (anywhere) of any ownership type regardless of the industry with a headcount over 250 since 31/12/2021, and over 50 since 17/12/2023
 
1_-1
 
Obligation to provide a choice to whistleblowers between internal and external channels.
The channels can be organized by a third party.
   
 
 
 
 
 
1_-2   Protection of whistleblowers in case of public disclosure   1_-3
  The response staff should be professionally trained
             
1_-4   The internal channel should be available to the company’s workers and may expand to other people   1_-5
  Roles should be clearly defined. Each report should have a single responsible person
             
1_-6   The reporting channels should be “friendly” and support continuous communication. Optional for anonymous whistleblowers.   1_-7
  Records should be safeguarded and stored
             
1_-8   Most of the breaches of public interest to be covered as channels topics   1_-9
  Rights of alleged wrongdoers to be informed and heard
             
1_-10   Obligation to acknowledge receipt, report on progress, receive/give feedback   1_-11
  Relief from NDAs and criminal offenses for secret disclosure if the information is legally obtained
             
1_-12   The legal protection of whistleblowers should not depend on motives, employment, legal status, nationality, or other factors.   1_-13
  Protection from retaliation — both for the whistleblower and related persons
             
1_-14   Right of whistleblowers to be wrong (shifted burden of proof)        
1_  
Obligation to have a whistleblowing channel for EU organizations and its subsidiaries (anywhere) of any ownership type regardless of the industry with a headcount of over 250 since 31/12/2021, and over 50 since 17/12/2023
1_-1   Obligation to provide a choice to whistleblowers between internal and external channels.
The channels can be organized by a third party.
1_-2   The internal channel should be available to the company’s workers and may expand to other people
1_-3   The reporting channels should be “friendly” and support continuous communication. Optional for anonymous whistleblowers.
1_-4   Most of the breaches of public interest to be covered as channels topics
1_-5   Obligation to acknowledge receipt, report on progress, receive/give feedback
1_-6   The legal protection of whistleblowers should not depend on motives, employment, legal status, nationality, or other factors.
1_-7   Right of whistleblowers to be wrong (shifted burden of proof)
1_-8  
Protection of whistleblowers in case of public disclosure
1_-9   The response staff should be professionally trained
1_-10   Roles should be clearly defined. Each report should have a single responsible person
1_-11   Records should be safeguarded and stored
1_-12   Rights of alleged wrongdoers to be informed and heard
1_-13   Relief from NDAs and criminal offenses for secret disclosure if the information is legally obtained
1_-14   Protection from retaliation — both for the whistleblower and related persons

Start from 89 EUR per month

Our online platform is 100% compliant with the Directive and goes much beyond it

Our online platform is 100% compliant with the Directive and goes much beyond it

svgexport-20-2
 
svgexport-21
 
svgexport-22-1
 
 
Clock (1)

Unlimited

 

60+

 

10+

 
 

72 hrs

Reports, users, employees, cases

 

Intake languages and features of machine or manual translations

 

Dedicated intake channels

 

 

To go live with the default settings

svgexport-23
 
svgexport-24
 
svgexport-25
 
Secure_1-1

Turnkey solution

 

Framework friendly

 

GDPR aware

 

Secure

Our experience and our numerous client's expertise are embedded into the platform with a ready-made business process

 

Compliant with other laws and frameworks: FCPA, UKBA, SAPIN II, PIDA, ISO 37001, ISO 37002, ESG

 

At policy, entity, and platform levels. Our Privacy Information Management System is certified under ISO 27701

 

Data stored within the EU in certified data centers.
We are certified under ISO 27001

svgexport-20-2
 
svgexport-21
Unlimited
 
60+

Reports, users, employees, cases

 

Intake languages and features of machine or manual translations

svgexport-22-1
 
Clock (1)
10+
 
72 hrs

Dedicated intake channels

 

To go live with the default settings

svgexport-25
 
Secure_1-1
GDPR aware
 
Secure

At policy, entity, and platform levels. Our Privacy Information Management System is certified under ISO 27701

 

Data stored within the EU in certified data centers.
We are certified under ISO 27001

svgexport-23
 
svgexport-24
 
Turnkey solution
 
Framework friendly
 

Our experience and our numerous client's expertise are embedded into the platform with a ready-made business process

 

Compliant with other laws and frameworks: FCPA, UKBA, SAPIN II, PIDA, ISO 37001, ISO 37002, ESG

 

Comply in three steps

 

Choose your plan

Select the features suitable for your company’s needs

 

Test and adjust

Customize the platform and get to know the features

 

Promote and use

Spread awareness among your employees and start resolving the cases

Recent blog posts

Casino sign in the city Cliff
EU Whistleblowing Directive — what's in for betting and gambling industries?
 
 
The outsider of the whistleblowing campaign is slowly turning its attention to the market - that's for the betting and gambling industries. Any special requirements and risks for your company?
 
EU flag against the sky
EU Whistleblowing Directive — The most comprehensive protection for whistleblowers?
 
There are always two kinds of people: those who don't pay taxes and those who keep silent about it. The new EU Directive is aimed to fix both issues and has announced stringent measures to complete it. We prepared a long-awaited important long read about benefits - will you notice some pitfalls?
Systems engineering animated
EU Whistleblowing Directive — how to prepare your business?

 

New whistleblowing regulation in the EU requires not only the public sector but private business owners (and partners) to communicate with and protect whistleblowers. What is the guide for new regulation?

Casino sign in the city Cliff
EU Whistleblowing Directive — what's in for betting and gambling industries?

The outsider of the whistleblowing campaign is slowly turning its attention to the market - that's for the betting and gambling industries. Any special requirements and risks for your company?

communication using e-mail (1)
EU Whistleblowing Directive — 2021 Progress Report 

The deadline to implement the EU Whistleblowing Directive is coming soon - each EU country has to introduce its whistleblowing law in 2022. What is the progress, and who is an outsider?

EU flag against the sky
EU Whistleblowing Directive — The most comprehensive protection for whistleblowers?

There are always two kinds of people: those who don't pay taxes and those who keep silent about it. A new EU Directive is aimed to fix both issues and has announced stringent measures to complete it. We prepared a long-awaited important long read about benefits - will you notice some pitfalls?

Systems engineering animated
EU Whistleblowing Directive — how to prepare your business?

New whistleblowing regulation in the EU requires not only the public sector but private business owners (and partners) to communicate with and protect whistleblowers. What is the guide for new regulation?