A pragmatic guide to the new duty to protect whistleblowers


Select companies and state organisations are already under the obligation to set up an internal channel for reporting unlawful conduct. In future, nearly all mid-size and large companies and organisations (companies with more than 25 employees, the public sector, etc.) will fall under this obligation. The requirements are outlined by Directive (EU) 2019/1937 on the protection of persons who report breaches of Union law.


What is the Directive on the protection of persons who report breaches of Union law? 

The goal of the Directive is to offer legal protection to persons who report harm to the public interest which they discovered through, or related to, their employment. The Directive defines harm to public interest as violations of the law in specified areas where EU institutions exercise their competence. These are, for example, public tenders, financial services, money laundering and terrorism funding, environmental protection and others. The Ministry of Justice recently submitted a bill regarding the protection of whistleblowers to the government and the obligations proceeding from it will be enforceable in the Czech Republic after the bill is approved, on 17 December 2021 at the latest.


What are your obligations? 

According to the new legislation you will need to implement processes and create a secure channel for receiving and investigating reports – an internal reporting system. Protection of the reporting person’s identity must be included in the process. You will also need to select a person responsible for receiving and investigating the reports. The whistleblower decides how to make the report, and as such the company must be able to receive the reports both in written and oral form. The whistleblower also has the right to be informed of the result of the investigation within 30 days of the day the report was received.


BDO solution: Ethical line

An effective way to make it easier to receive the reports and to motivate the whistleblower to use the internal reporting system is an easily accessible and user-friendly internet app. Our whistleblowing tool allows the whistleblower to point out problems using a secure form. This centralisation will help you keep individual reports under control, follow deadlines and protect the whistleblower’s personal data.

Our specialists will regularly prepare overviews of potential reports and suggest the best ways to resolve them.


Why choose our solution? 

  • Peace of mind: Be the first to know about missteps in your company. Have things under control. Act with due diligence. Prevent legal, financial and reputation risks.
  • Swift and easy: The web app has a responsive design and can be accessed from a PC, a phone or a tablet. It’s easy to use for everyone.
  • Discretion: Prevent your internal information from being disclosed to the public authorities or the police and give your employees the option of reporting solely to you.
  • Efficiency: The service is available 24/7.
  • Reliability: Our solution guarantees the highest order of protection of the whistleblower’s identity.
  • Everything under one roof: Our team of experienced internal audit and risk management advisers will help you manage the connected area of risk management, from internal guideline and process preparation to internal investigation assistance and legal advisory, including representation in potential disputes.