Mandatory Reporting Channel In Whistleblowing: Who Is Covered?

Yulia Landbo

Yulia Landbo

Last updated: Nov 24, 2023 4 min read

Navigating the world of whistleblowing and complaints channels can be challenging for businesses aiming to maintain compliance and foster a culture of transparency. 

In this article, we'll explore the ins and outs of mandatory reporting channels, from understanding what a mandatory reporting channel is, to identifying which companies are required to have one. We'll also delve into the types of violations that can be reported, and the essential requirements for an effective whistleblowing channel, while also providing actionable insights to help organizations excel in their compliance efforts.

What is a mandatory reporting channel?

A mandatory reporting channel in whistleblowing is a designated, mandatory pathway through which employees or individuals can report concerns or suspected misconduct, such as fraud, corruption, or illegal activities, within an organization. 

Why is it mandatory? 

It is often a legal requirement in specific industries or countries to ensure transparency, accountability, and compliance with relevant regulations. For example, in Europe, it is the EU Whistleblowing Directive that introduced requirements for companies in member states to have a mandatory reporting channel in place. According to the Directive, all countries need to develop a legal framework according to which companies will set internal reporting channels. 

This compulsory channel may take various forms, such as a confidential phone line, a dedicated email address, a digital whistleblowing system, or an external ombudsman.

Which companies are required to have a mandatory reporting channel?

According to the EU Whistleblowing Directive, companies and public sector organizations in all member countries are required to establish a mandatory reporting channel, depending on their size and nature. This is applicable for:

Private sector companies with 50 or more employees. However, some member states may decide to extend this obligation to smaller companies, especially those operating in high-risk sectors.

Public sector organizations, including state, regional, and local organizations. The Directive provides some flexibility for smaller municipalities with fewer than 10,000 inhabitants, allowing member states to determine whether these municipalities should be exempted from the requirement.

It is important to note that EU member states can set more stringent requirements than those outlined in the Directive, meaning that the specific implementation rules may vary across different countries. 

In Spain, for example, Congress approved the Directive (Ley de Protección de Informantes) in February 2023. Thus, all companies with 250 or more employees and public sector entities must implement a whistleblowing channel within a period of 3 months after the entry into force of Law 2/2023. In the case of municipalities with less than 10,000 inhabitants and companies with 50 to 249 workers, the deadline is extended until the 1st of December, 2023.

Deadlines for implementation of the reporting channel

In the European Union, the deadline for the transposition of the Whistleblower Protection Directive into national law was the 17th of December, 2021. However, some countries are still in the implementation process or have recently completed it.

Spain

In Spain, the whistleblowing law came into force on the 13th of March, 2023. Organizations have a maximum period of 3 months from the law's entry into force to establish internal systems. This deadline was set following the law's publication in the Official State Gazette on 21st February 2023, which marked the commencement of the 20-day period leading up to its enforcement.

Germany

The HinSchG was adopted by the Bundesrat and Bundestag in mid-May 2023. It was then signed by the Federal President on the 2nd of June 2023 and entered into force on the 2nd of July 2023. 

France

France initially adopted a whistleblower protection law in 2013, followed by a second law in 2016, known as the "Sapin 2" law, which furthered the protective mechanisms for whistleblowers. In September 2022, France enacted new whistleblower protection legislation to transpose the EU Directive on whistleblowing. This new legislation reforms the existing "Sapin 2" law and goes beyond the minimum standards required by the Directive.

The Netherlands

In January 2023, the Netherlands adopted a new whistleblowing law to transpose the Directive. While the EU Commission considered the Netherlands to be among the 9 EU Member States with comprehensive whistleblower protection, some changes were still necessary to comply with the Directive. The existing protection was provided under The House for Whistleblowers Act (Wet Huis voor klokkenluiders), which required amendments to fully align with the Directive and ensure compliance with Dutch law.

Which violations can be reported through mandatory reporting channels?

In general, whistleblowing reporting channels are designed to address a wide range of misconduct, unethical behavior, and illegal activities, including:

How does the reporting channel work?

The process of setting up a reporting channel may differ depending on the size and industry of the organization. However, it usually comprises the following steps:

What essential requirements must an internal whistleblowing channel meet?

While the specifics may vary depending on the jurisdiction, industry, and organization size, the key requirements for an internal whistleblowing channel generally include:

How to implement a whistleblowing channel?

Besides legal requirements, why is a reporting channel a good idea?

A well-implemented whistleblowing channel will:

The cost of non-compliance: what happens if companies don’t implement a compliant channel 

The cost of non-compliance can be significant for companies that fail to implement a compliant whistleblowing reporting channel. Key consequences can include high fines and penalties. For example, in Spain, fines for non-compliance range from €1,001 to €1,000,000. Besides fines, non-compliance can also result in reputational damage, legal actions, and liability, loss of business and partnership opportunities, as well as reduced employee morale and engagement.

Check out our state-of-the-art reporting platform by taking part in an online guided tour to experience first-hand its user-friendly interface, and powerful features and also discover how our platform can make a difference for your business.

Sign up now and start your journey toward a more compliant, transparent, and ethical workplace.

Book a demo

5/5 stars on G2