3 Min

New Whistleblowing system: What you need to know

The deadline to set up an internal reporting channel was in December 2023. The new regulation applies to all organisations with more than 49 employees. Read further to explore why your organisation should manage whistleblowing matters internally and how it helps build trust with your employees. 

Why is it relevant now?  


As of July 2, 2023, the Whistleblower Protection Act (HinSchG) has been applicable to organisations with 250 or more employees, and was extended to those with 49 or more employees in December 17, 2023. One of the key requirements is the establishment of a secure whistleblower system that allows reports to be submitted in writing, verbally, or in person if desired. 

Additionally, the external Federal Reporting Office maintains a "regular professional exchange" with the whistleblowing offices of the Federal Cartel Office and the Federal Financial Supervisory Authority. This highlights the urgency for organisations to have an internal reporting solution in place, enabling in-house resolution without external oversight. A recent publishment by Federal Office of Justice, where more than 100 people in the period from July to September 12, 2023, reported to the authorities, underscore the significance of taking whistleblowing seriously. 

 

 

Key takeaways for your business

 

Reporting via the internal reporting channel should be the preferred option for organisations. It offers the possibility of directly and internally investigating and remedying the reported violation – if grounded and validated through respective plausibility and sanity checks. Once the internal reporting system is in place, it is advisable to make your own employees aware of the system and how it can be used. Employees are closest to the day-to-day operations of your business and are therefore most likely to come into contact with potential grievances. 

Futhermore, a whistleblowing system builds trust within an organisation because it offers employees a confidential avenue to report wrongdoing, unethical conduct, or compliance breaches. When employees are aware that they can report such issues without fear of reprisal, it cultivates a culture of transparency, accountability, and integrity. This, in turn, fosters trust among employees, as they have confidence that their concerns will be treated seriously and resolved appropriately. 

 

 

 

Legal background

 

The Whistleblower Protection Act (HinSchG) has been in force since July 02, 2023. It implements the EU Whistleblowing Directive, which already came into force on December 16, 2019.  

If a report is made via the whistleblower system, organisations must confirm receipt of the report within 7 days and provide information on the measures taken (if any) within 3 months. This may include, for example, an investigation committee set up to clarify the reported violation.  

 

If, despite the existing obligation, an internal reporting channel is not established, this constitutes an administrative offense that can be punished with a fine of up to €50,000. 

 

What are the next steps? 

 

Your organisation has more than 49 employees and no Whistleblowing System in place?

Book DataGuard’s Whistleblowing solution now to 

✅ enable your employees to report misconduct such as corruption, abuses of power or discrimination internally before complaints become public,

✅ get everything you need to comply with the EU Whistleblowing Directive,  

✅ receive eye-level support to review case plausibility and to provide best practices and recommendations. 

✅ Our team of experts will help you set up and optimise your whistleblowing system. 

Book your Whistleblowing package now via self-checkout on your platform! 

 

Further resources: 

Demo of our Whistleblowing platform (EN) 

Sources:
https://www.heise.de/news/Ueber-100-Whistleblower-Hinweise-an-externe-Meldestelle-des-Bundes-9307579.html 

 

About the author

DataGuard Compliance-Experten DataGuard Compliance-Experten
DataGuard Compliance-Experten

Dive into our compliance resources to keep up with regulatory pressure, growing consumer awareness and changing compliance requirements. Our certified compliance specialists are here to share their knowledge around topics like whistleblowing, due diligence, and digitization to resolve any compliance roadblocks with minimal disruption to your daily business – all while adhering to current and changing legislation.

Explore more articles

Contact Sales

See what DataGuard can do for you.

Find out how our Privacy, InfoSec and Compliance solutions can help you boost trust, reduce risks and drive revenue.

  • 100% success in ISO 27001 audits to date 
  • 40% total cost of ownership (TCO) reduction
  • A scalable easy-to-use web-based platform
  • Actionable business advice from in-house experts

Trusted by customers

Canon  Logo Contact Hyatt Logo Contact Holiday Inn  Logo Contact Unicef  Logo Contact Veganz Logo Contact Burger King  Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line  Logo Contact

Get to know DataGuard

Simplify compliance

  • External data protection officer
  • Audit of your privacy status-quo
  • Ongoing GDPR support from a industry experts
  • Automate repetitive privacy tasks
  • Priority support during breaches and emergencies
  • Get a defensible GDPR position - fast!

Trusted by customers

Canon  Logo Contact Hyatt Logo Contact Holiday Inn  Logo Contact Unicef  Logo Contact Veganz Logo Contact Burger King  Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line  Logo Contact

Get to know DataGuard

Simplify compliance

  • Continuous support on your journey towards the certifications on ISO 27001 and TISAX®️, as well as NIS2 Compliance.
  • Benefit from 1:1 consulting
  • Set up an easy-to-use ISMS with our Info-Sec platform
  • Automatically generate mandatory policies
Certified-Icon

100% success in ISO 27001 audits to date

 

 

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide consultation and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

Trusted by customers

Canon  Logo Contact Hyatt Logo Contact Holiday Inn  Logo Contact Unicef  Logo Contact Veganz Logo Contact Burger King  Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line  Logo Contact

Get to know DataGuard

Simplify compliance

  • Proactive support
  • Create essential documents and policies
  • Staff compliance training
  • Advice from industry experts

Trusted by customers

Canon  Logo Contact Hyatt Logo Contact Holiday Inn  Logo Contact Unicef  Logo Contact Veganz Logo Contact Burger King  Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line  Logo Contact

Get to know DataGuard

Simplify compliance

  • Comply with the EU Whistleblowing Directive
  • Centralised digital whistleblowing system
  • Fast implementation
  • Guidance from compliance experts
  • Transparent reporting

Trusted by customers

Canon  Logo Contact Hyatt Logo Contact Holiday Inn  Logo Contact Unicef  Logo Contact Veganz Logo Contact Burger King  Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line  Logo Contact

Let's talk