Whistleblowing – A Guide to Compliance: Part 7 - The Scope of Whistleblower Protection
Client Alert | 3 min read | 02.21.22
Crowell & Moring LLP’s series of client alerts: Whistleblowing – A Guide to Compliance is intended to provide companies with a practical guide to help them comply with their obligations under the EU Whistleblower Directive. Via our client alerts, Crowell & Moring LLP will explain the different steps that companies need to take for compliance and emphasize various points for consideration.
Step #7: Understanding the scope of the protection for whistleblowers
1. Are all whistleblowers protected irrespective of the size of the company and/or the number of workers within the company?
Whistleblowers are defined as natural persons who report or publicly disclose information on breaches acquired in the context of their work-related activities. They qualify for protection under the EU Whistleblower Directive provided that:
- they had reasonable grounds to believe that the information on breaches reported was true at the time of reporting and that such information fell within the scope of the EU Whistleblower Directive; and
- they reported either internally, or externally, or made a public disclosure.
These are the only two conditions enumerated by the EU Whistleblower Directive with regards to whistleblower protection, and the Directive therefore provides for a general protection for the workers of all companies, in both the public and the private sector, irrespective of the size of the company and/or the number of workers within the company. Hence, for the private sector, whistleblower protection is not limited to whistleblowers working within companies with 50 or more workers, despite the fact that it is only these companies that have the legal obligation to implement internal whistleblower channels and procedures.
2. Are the motives of the whistleblower relevant for the protection?
Having reasonable grounds to believe that the information on breaches reported was true at the time of reporting and that the information reported falls within the scope of the Directive, is sufficient. This first condition is an essential safeguard against malicious and frivolous or abusive reports as it ensures that those who, at the time of the reporting, deliberately and knowingly reported wrong or misleading information, do not enjoy protection. However, the actual motives of the whistleblower in reporting are irrelevant in deciding whether they should receive protection.
3. Is there an obligation to first use internal reporting channels in order to benefit from the protection?
The second condition for protection requires that the whistleblower reports in line with the reporting methods as provided for by the EU Whistleblower Directive. According to the Directive, this means that while whistleblowers should, as a general rule, be encouraged to first use internal reporting channels and report to their employer (if such channels are available to them and can reasonably be expected to function properly), they should always be able to choose the most appropriate reporting channel depending on the individual circumstances of the case. Hence, the EU member states may not impose an obligation on whistleblowers to first use internal reporting channels.
The EU Whistleblower Directive emphasizes, moreover, that encouraging whistleblowers to first use internal reporting channels also applies to cases where such internal channels were established without being required by EU or national law. Finally, the EU Whistleblower Directive makes it clear that, in the case of companies that do not provide for internal reporting channels, whistleblowers should be able to report externally to the competent authorities and that such whistleblowers should enjoy the protection against retaliation provided by the Directive.
***
Conclusion: Whistleblowers benefit from the protection of the EU Whistleblower Directive provided that they comply with the two conditions enumerated in the Directive. Hence, even companies with fewer than 50 workers may benefit from implementing internal whistleblowing procedures, and national legislators may not impose any additional conditions for protection on whistleblowers.
As regards Belgium, the Explanatory Notes to the Belgian draft law implementing the EU Whistleblower Directive expressly confirm that the national legislators have no room for maneuver regarding the protection of whistleblowers who report breaches within the scope of the EU Whistleblower Directive and in compliance with its conditions.
- Action point #7: Companies should reflect on the importance of setting up internal reporting channels and procedures for receiving and following up on reports, even if they have less than 50 workers.
Please also read our Alert no. 2 in our Whistleblowing Series – Understanding the importance of setting up an effective internal whistleblowing system
Contacts
Insights
Client Alert | 2 min read | 11.14.24
SEC ESG Enforcement Is Still Alive
On November 8, 2024 the SEC announced a settled enforcement action against Invesco Advisers, Inc. for making misleading statements about its integration of environmental, social, and governance (ESG) factors into the firm’s investment decisions. Invesco agreed to pay a $17.5 million civil penalty to settle the matter. This enforcement action makes it clear that, even though the SEC dissolved its ESG Task Force, the Commission continues to monitor firms’ statements and representations for misleading statements about ESG.
Client Alert | 8 min read | 11.12.24
Client Alert | 3 min read | 11.11.24
Allegations of a Litany of Lyin’: Penn State Settles Claims of Cybersecurity Noncompliance
Client Alert | 1 min read | 11.08.24
A Common-Sense Change to the Continuous SAM Registration Requirement at FAR 52.204 7