The Whistleblower Protection Act came into force on 2 July 2023. It obliges companies with 50 or more employees to set up an internal whistleblower system. Smaller companies with between 50 and 249 employees are granted a transition period until 17 December 2023.
If you would like to learn more about SONNTAG's digital and legally compliant whistleblowing system, click here. Guidelines and requirements for employers under the Whistleblower Protection Act The Whistleblower Protection Act aims to ensure comprehensive protection for whistleblowers and to protect them from possible reprisals. To this end, the Act contains the following requirements:
- Companies and organisations with at least 50 employees must introduce and operate internal whistleblower systems. Smaller companies between 50 and 249 employees have until 17 December 2023 to implement this.
- Once a tip is received, the internal reporting office must confirm this to the whistleblower within seven days.
- Within three months, the reporting office must inform the whistleblower of the measures taken, for example, the initiation of internal compliance investigations or the forwarding of the report to a competent authority, such as a law enforcement agency.
- In addition, the Federal Office of Justice will establish and operate an external reporting office as an equivalent option for reporting tips. The federal states also have the option of setting up their own reporting offices.
- Whistleblowers are free to decide whether they want to submit a report to their company's internal reporting office or use the external reporting office.
- Anonymous tips are also to be followed up. However, there is no legal obligation to design reporting channels in such a way that they enable the submission of anonymous reports.
- To protect whistleblowers from possible "reprisals", the law contains a comprehensive reversal of the burden of proof: If a whistleblower is "disadvantaged" in connection with his or her professional activities, it is presumed that this disadvantage constitutes reprisal, insofar as the whistleblower claims to have suffered this disadvantage as a result of making a report. In addition, whistleblowers may claim damages for reprisals suffered.
- Violations of the Whistleblower Protection Act may be subject to fines of up to €50,000. For legal entities and associations of persons, the fine can even be increased tenfold in certain constellations.
Significance of the Whistleblower Protection Act for practice In addition to the obligation to set up and operate an internal reporting office in the company, it is also necessary to establish clear guidelines on how to deal with possible incoming reports from whistleblowers. If a reporting office and corresponding guidelines already exist in the company, they must be reviewed to see whether they are in line with the provisions of the new Whistleblower Protection Act. In companies where there is a works council, a longer lead time must regularly be planned. Depending on the design of the
whistleblower system in the individual case, various co-determination rights of the works council come into consideration, which must be taken into account. If the identity of the whistleblower is known, even the non-inclusion of the whistleblower in upcoming promotions, transfers or the non-extension of his fixed-term employment contract could be considered a potential "reprisal". In such cases, the burden of proof is on the employer to show that this was not a disadvantage to the whistleblower because of his or her report. If this exculpatory evidence cannot be provided, the whistleblower may face claims for damages and fines.