On 27 July 2022, the Federal Cabinet adopted the draft of the Whistleblower Protection Act (HinSchG) submitted by the Federal Minister of Justice. Thus, Directive 2019/1937 of the European Parliament and of the Council of 23 October 2019 will be implemented. The Act serves to protect persons who report violations of EU and, in Germany, also national law.
Everyone knows whistleblowing from the media. People like Edward Snowden or Wikileaks with Julian Assange are now familiar to everyone. But here it also becomes clear how polarising and complex the topic of whistleblowing can be. On the one hand, whistleblowers are nominated for the Nobel Peace Prize, on the other hand, they are wanted on arrest warrants.
What do workers and companies need to know now?
According to the current draft, the Whistleblower Protection Act (HinSchG) is to come into force three months after its promulgation. Not too much transitional time is granted, as the EU Directive was supposed to be implemented by December 2021.
In the following, we would like to briefly present the essential contents of the HinschG and the necessary steps for its implementation:
- Internal and external hotlines: Whistleblowers have the right to choose whether to contact an internal or external hotline. The internal and external hotlines examine the reports received and take the necessary follow-up measures.Employers must establish internal hotlines to which employees can turn. The obligation to establish internal hotlines applies to the private sector as well as to the entire public sector, provided that the respective body usually employs at least 50 persons. However, companies with up to 249 employees will have until 17 December 2023 to set up internal hotlines. Companies with up to 249 employees can also operate a joint hotline with other companies. Furthermore, companies can also commission third parties as internal reporting offices or establish them centrally within the group at the parent company.External reporting offices are to be established at the Federal Office of Justice (BfJ), at the Federal Financial Supervisory Authority (BaFin) as well as at the Federal Cartel Office as further external reporting offices with special responsibilities.The goal of every company should be that employees use their own internal reporting system when they intend to make a report and report the tip to the “internal reporting office”. This is because if a whistleblower chooses the “external reporting office” to submit his or her report, the report goes directly to a public authority and there is no longer any possibility for the company concerned to clarify the incident internally and, if necessary, to close it.Companies should therefore design their “internal reporting points” in such a way that employees have confidence in their own internal system and prefer the internal system to “an external reporting point” for submitting reports.
- Confidentiality and anonymous reporting: An essential aspect for the HinSchG is the confidentiality of whistleblowers’ data. These are only to be released in absolutely exceptional cases, such as criminal proceedings. Currently, there is no obligation to offer anonymous reports. Nevertheless, it is recommended that whistleblowers be enabled to report relevant information anonymously in order to create the necessary trust in their own “internal reporting office”.
- Protection of whistleblowers: According to the HinSchG, whistleblowers are protected against reprisals (e.g. protection against dismissal, warning, discrimination or mobbing). The burden of proof is reversed in favour of the whistleblower.
- Claims for damages and sanctions: In the event of a violation of the prohibition of reprisals, the injured person must be granted compensation for damages. Conversely, in the event of a false report, the person providing the information must compensate the resulting damage. Violations of the provisions of the HinSchG are to be punished with a fine.
What do companies need to do now?
Companies that fall under the scope of the Whistleblower Protection Act (HinSchG) should promptly consider how the upcoming law can be implemented in a legally secure manner.
The following procedure is recommended:
Designation of a person or an external service provider to take over the function of the “internal reporting office”.
The focus here is on the independence and expertise of the “internal reporting office”. It is therefore advisable to appoint an external service provider to act as an “internal reporting office” in order to create the necessary trust among the staff to report information to the “internal reporting office” and not to “an external reporting office”.
Here, a legally secure, digital tool should be used, which enables anonymous and confidential submission of reports and does not create high technical hurdles.
Informing staff about the newly established whistleblowing system.
If required, we can take over the function of the “internal reporting office” for you. Our digital and user-friendly whistleblowing system fulfils all requirements of the EU Whistleblower Directive and the Whistleblower Protection Act (HinSchG).