Bird & Bird’s innovative support in adapting internal processes and procedures regarding whistleblowing.

Ensuring the protection of whistleblowers will soon become a necessity for the business community and other organisations.

To ensure effective implementation of procedures for reporting irregularities, Bird & Bird offers comprehensive solutions, including a unique IT tool, designed to support clients in this area.

Bird & Bird has established a partnership with WhistleB, one of the leading companies offering a tool used to report abuse anonymously and further identify it properly.

Bird & Bird is the first law firm in Poland to offer its clients, in cooperation with WhistleB, this integrated, comprehensive solution, allowing for quick and low-budget implementation of whistleblowing processes and procedures. 

What is whistleblowing?

Whistleblowing is a procedure under which broadly understood infringements (illegal acts or omissions, damage to the public interest) that occur in connection with the activities of public or private entities are reported by so-called “whistleblowers”.

For this process to function properly, it is necessary to ensure confidentiality, as well as effective protection of whistleblowers, in particular against retaliatory actions.

Under the Directive on the protection of whistleblowers (the “Directive”), "whistleblowers" are defined as persons obtaining information about these infringements in a work or cooperation context (the definition is broad), and then reporting them. Whistleblowers may be:

  • employees, regardless of the basis of employment, and so also self-employed, volunteers and trainees;
  • candidates participating in recruitment processes and former employees;
  • members of the company’s corporate structures, including its shareholders and members of management and supervisory bodies; 
  • employees of external collaborators of a given entity, i.e., contractors, subcontractors and suppliers.

In some cases, whistleblowers are entitled to notify the public of an infringement, which will have a direct impact on the organisation’s reputation.

In order to standardise whistleblowing procedures and ensure a minimum level of protection for whistleblowers, in 2019 the European Union authorities adopted the Directive.

These provisions are to be implemented in the national legislation by 17 December 2021.

Secure channels of communication and procedures for whistleblower submissions and follow-up actions must be put in place:

  • Before 17 December 2021 by:
    • public sector entities; and 
    • private sector legal entities with at least 250 employees. 
  • Before 17 December 2023 by:
    • private sector legal entities with: 
      • 50 to 249 employees; and 
      • less than 50 employees if the scale of the activity or the risk assessment of the entity’s activity justifies such implementation.

Please note that these are the requirements of minimum harmonisation of law, and so the implementation of the Directive in Poland may introduce more far-reaching solutions.

New requirements for businesses

The Directive provides a number of regulations covering both public and private sector entities. The new obligations concern introducing or adapting internal processes and procedures, in particular introducing secure, internal or external, reporting channels and follow-up to eliminate irregularities.

It is worth mentioning that the introduction of these solutions will require entities to ensure high standards of personal data protection both for the whistleblowers themselves, and for the businesses concerned.