What should a whistleblower arrangement support?

Share this post

If you have 50+ employees, your company is obliged to establish a whistleblower arrangement by 17 December 2023. Here you can read more about what your company must pay attention to meet the whistleblower requirements.

What is a whistleblower arrangement?

The purpose of establishing a whistleblower arrangement internally in the company is to protect whistleblowers so they can confidentially report violations of the law in the company. With the arrangement, the company’s management gets an extra opportunity to bring illegalities such as sexual abuse, criminal behaviour, and abuse of power to light to get something done about the violations. As the cases can be sensitive and of an explosive nature, they must be handled correctly.

About the whistleblower rules

In 2019, the EU adopted rules on whistleblowers, which were introduced into Danish law in 2021. The whistleblower rules aim to ensure that it is easy and safe to report violations of the law, that these reports are followed up on, and that whistleblowers are protected against any reprisals. The rules set some minimum requirements for reporting channels and the protection of whistleblowers.

If you have 50-249 employees, you must have set up a whistleblower arrangement before the 17th of December, 2023. If you have 250 employees or more, you are already obliged to have a whistleblower arrangement.

Requirements for the whistleblower arrangement

A whistleblower arrangement must contain the following 3 points:

1) A reporting channel (internal or external) 2) A procedure for handling reports 3) A whistleblower policy

Below we will go deeper into the 3 points. You will also get an insight into how you should behave if you already have a whistleblower arrangement.

Your reporting channel

First and foremost, your company’s whistleblower arrangement must consist of a secure reporting channel that complies with GDPR regulations and other security requirements. It is your company’s responsibility to establish and maintain the reporting channel. It is up to you whether the reporting channel should:

1) Handled internally in the company 2) Consist of an external IT handling system, where you as a company handle the cases and the dialogue with the whistleblower 3) The case is handled by an external partner (lawyer, accountant or similar)

There are the following requirements for the reporting channel

All employees must be able to report orally, in writing, or both, through the reporting channel
Other people who are connected to your company can also be given the opportunity to use the reporting channel
Those responsible for the reporting channel must be impartial and competent

Your reporting procedure

The reporting procedure is also subject to a number of requirements – these deal with how the reported information is handled appropriately and on time. The requirements ensure that whistleblowers are protected against reprisals.

Requirements for the procedure

The reporting channel must be designed so the whistleblower and the other persons mentioned in the report are kept confidential
A person responsible must be appointed to communicate with the whistleblower and follow up on the cases.
The whistleblower must receive confirmation of the report within 7 days and feedback on the case outcome (including justification) within 3 months.
There must be clear and easily accessible information on how whistleblowers can report information to external whistleblower schemes.

Requirements for whistleblower protection

Whistleblowers who use the reporting channel are entitled to protection – their identity must not be disclosed to unauthorised persons.
The information in the report may only be passed on as part of follow-up on the case and the processing of the personal data must follow the GDPR rules.
Reports may only be kept for as long as necessary.
Threats and attempts at reprisals against whistleblowers or other persons associated with the case are prohibited.

If you already have a whistleblower reporting channel

Even if your company already has an established whistleblower reporting channel, we recommend that you do a follow-up check of the channel to confirm that it meets the above requirements.

If your company is covered by the new rules and you must have established a whistleblower arrangement, you can contact us on phone: +45 70 70 72 71 or by email: info@aety.io. With Jira Service Management, we can support your future whistleblower arrangement.

Sarah Asklund

Explore others

aety

New partnership with Re:solution

Aety partners with Re:solution to enhance Atlassian solutions for Danish customers. Aety has entered a new partnership with Re:solution, a renowned Atlassian Marketplace app vendor that delivers innovative and user-friendly

Melissa Vallentin Frazao de Oliveira 25. September 2024

aety

Useful AI features in monday.com

With artificial intelligence integrated into the monday.com platform, you gain access to improved workflows that help you optimize and streamline your daily tasks! Who can use monday AI? To start

Sarah Asklund 20. August 2024