The bill on Whistleblower Protection is approaching the Chamber of Deputies after a long delay. The aim of the law is to provide protection and a framework which will enable whistleblowers to draw attention to unlawful activities that they encounter in the course of their work contacts of all kinds
It is the implementation of the EU directive, which is directly effective as of 18 December 2021 with regard to defined public authorities – state authorities, the authorities of local self-governing units (regions and municipalities with more than 10,000 inhabitants) and other public institutions (VZP – the Public Health Insurance Company, public universities, CEZ – energy company) that have to comply with the obligations set out in the directive from that date, in particular introducing an internal reporting system. Private entities – employers who employ more than 50 employees, insurance brokers and other entities involved in the European financial system – will also have this obligation under the law.
Within the internal system a designated person must be appointed to manage the whistleblower agenda (this person can be an employee of the obliged party). The Ministry of Justice will operate an external reporting system and will receive all reports. The respective designated persons are to ensure a smooth and fair procedure for receiving reports, whether by informing the whistleblower that their report has been received, by filtering reports that are not substantiated or by keeping the anonymity of the whistleblower, together with maintaining impartiality.
A whistleblower has the right to be informed about the results of an assessment within 30 days. If a report is deemed to be substantiated, the responsible person shall be required to not only recommend a remedy to the obliged entity but also inform the relevant public authority. This will be the police in the case of suspicion of a criminal offence or the supervising authority in the case of a breach of public law.
The reporting system must be communicated in a way that allows remote access (a website can be expected). Obliged entities must publish the ways in which reports can be made, both through their own system and also via the Ministry of Justice’s portal, as well as other information according to the law. For at least five years, records must be kept of reports, to which only the designated person has access.
The bill explicitly allows a whistleblower to break contractual or statutory confidentiality or bank secrecy and it lists the types of confidentiality that cannot be broken by a report necessary to uncover an illegal act, in particular a criminal offence or violation of regulations regarding tax, finances, consumer protection, environmental protection, competition law or, for example, nuclear safety (and others): this includes not only the protection of classified information but also the attorney client privilege or medical duty of confidentiality.
The law does not apply to anonymous whistleblowing either. Obliged entities and responsible persons by law do not have to deal with anonymous whistleblowing.
The whistleblowing system created by the obliged entities is to help protect whistleblowers. Furthermore, the law prohibits retaliation against whistleblowers, such as termination of employment, and if this does occur, whistleblowers have the right to adequate compensation, even if no material harm has occurred. Whistleblowers are also entitled to this protection if they have made a report directly to a public authority or to the police. Whistleblowers are therefore not forced to use the whistleblowing system of their employer or of the person on whom they are dependent for work or business. In narrowly defined cases, a whistleblower also has the right to make this report public. The law also sets out penalties for retaliatory measures and non-compliance with the whistleblowing system.