In a significant development for businesses with a presence in the European Union, the EU issued a proposal on April 23, 2018 for new legislation that would standardize and considerably expand whistleblower protections in European member states. The development follows a global trend toward greater security for corporate whistleblowers who expose themselves to potentially serious consequences by coming forward to report wrongdoing. In making the announcement, the EU specifically referred to recent high-profile corporate scandals, such as the widespread tax evasion revealed by LuxLeaks and the Panama Papers, and emphasized the critical importance of encouraging those with knowledge of wrongdoing to come forward. While this is a welcome development for prospective whistleblowers, the proposal is now subject to the EU’s cumbersome approval process, and remains many months, if not years, from implementation.
Inadequacy of current protections
At present, whistleblower protections across the European bloc comprise a patchwork of domestic laws passed by individual member states. Fewer than ten EU countries have well-developed systems to protect whistleblowers, and many states have no legislated protections at all. The current system has led to uncertainty for whistleblowers on the continent, where businesses and their employees very often operate across national borders within the union. In its press release announcing the proposal, the EU cited a 2016 study that indicated that 36% of whistleblowers who reported misconduct experienced retaliation through job loss or, often more seriously, through adverse effects to their reputation or their health.
The proposal contemplates a so-called “three tier” reporting system. In general, that means that a whistleblower would be required to first report misconduct internally within his or her organization. If reporting through those channels does not work or is not feasible, whistleblowers may report misconduct to the applicable competent authority and, as a last resort, directly to the media. The proposal would impose specific requirements on both companies and member states, including the following:
- Companies with more than 50 employees or with an annual turnover of more than €10 million will be required to set up internal procedures to receive and follow up on reports from whistleblowers, including procedures that will guarantee the confidentiality of the identity of the reporting person. As a part of this obligation, companies will be required to diligently investigate the substance of the whistleblower report, and to update the whistleblower about the company’s response within a reasonable timeframe.
- At the state level, the new legislation will require each member state to ensure that competent authorities have in place external reporting channels and procedures for receiving whistleblower reports, including by designating staff members dedicated to and specifically trained to handle such reports.
The legislation would prohibit all forms of retaliation against whistleblowers, and would impose sanctions against companies who retaliate (for example, measures to stop workplace harassment or prevent dismissal). The burden of proof would be reversed in such cases, so that the person or organization must prove that they are not acting in retaliation against the whistleblower. Whistleblowers will also be protected in judicial proceedings, in particular through an exemption from liability for disclosing the information. However, notably, the proposal does not at this time contemplate whistleblower rewards.
The trend toward greater whistleblower protections
The EU proposal is only the latest in a string of legislative developments in jurisdictions around the world aimed at strengthening whistleblower protections and encouraging whistleblowers to come forward and report wrongdoing. This blog has tracked the numerous and often staggeringly large whistleblower rewards granted by the Securities Exchange Commission and other law enforcement agencies in the U.S. Similarly, as we have previously written, the Ontario Securities Commission has adopted a new program that largely tracks the SEC model, though the OSC has not yet announced any rewards or successful prosecutions based on whistleblower information. Other Canadian provinces such as Alberta and Quebec have stopped short of offering whistleblower rewards, and have preferred instead to focus on the same priorities reflected in the EU proposal as a means of encouraging whistleblowers to report wrongdoing, namely, ensuring confidentiality and protection from reprisal.
As noted above, the EU proposal will require approval from EU countries and the European Parliament and then must be implemented by each member nation. This process may take several years to be completed. In the meantime, we will monitor developments and report them on the blog.
By Geoffrey Grove, Osler
Latest posts by Occasional Contributors (see all)
- Finance is doing a consultation on whether to increase the disbursement quota for Canadian registered charities - September 27, 2021
- Many charities with March 31 year ends need to file their T3010 by September 30 - September 13, 2021
- Reminder from Corporations Canada re: AGMs in 2021 for CNCA corporations - September 1, 2021