Last update 18 April 2023

They are using Whispli

Whistleblowers protection already in place

Before the introduction of the Directive

Austria didn’t have a comprehensive whistleblowing protection law in place.

Civil society urges the government to expand EU Directive’s requirements and to make further recommendations on the scope of application, in order to cover national crimes and competition law.

Current implementation status

The Austrian Parliament announced that the draft whistleblowing law passed the National Council and has been referred to the Federal Council’s Committee on Labour, Social Affairs and Consumer Protection, on 1 February 2023.

The Whistleblower Protection Act – HinweisgeberInnenschutzgesetz (HSchG) has been adopted on 16 February 2023 and came into force on 25 February 2023.

For the implementation of an internal whistleblower system, the affected companies and legal entities in the public sector are generally granted a period of six months from the entry into force of the law.

Companies and legal entities in the public sector with 50 to 249 employees are granted an extended implementation period until December 17, 2023.

New Requirements

The Whistleblower Protection Act – Hinweisgeberlnnenschutzgesetz (HSchG) only contains general rules for the set-up and operation of an internal Whistleblowing System (sufficient financial and human resources, impartiality, confidentiality). The systems must be technically and organisationally suitable in accordance with Art. 25 of the GDPR and the processing of personal data is strictly regulated in line with GDPR principles (e.g. in regard to documentation and transmission of the reports). 

Other specific regulations for certain private sectors and whistleblowing systems already in place are not affected: several professions (e.g. certain lawyers and tax advisors, financial and credit institutions) have the legal obligation to report suspected cases of money laundering to the competent public authority.

Extended material and reporting scope

The material scope of the HSchG is extended to also protect persons reporting breaches to anti-corruption laws.

In addition to the reporting topics listed in the Directive, persons reporting breaches of criminal anti-corruption laws are protected.

All private sector entities are obliged to set up an internal Whistleblowing System allowing reporting by its workers and any external parties linked to the organization (leased persons, or überlassene Arbeitskräfte). Other persons having a work-based relationship with the organization are also protected under the HSchG.

In principle, there are no limitations regarding who can be subject of a report via the Whistleblowing System.

Specific processes and requirements

As long as the internal Whistleblowing System is operated in line with the HSchG, global organizations are allowed to transfer the tasks of an internal unit for the collection, review and processing of reports to a third party or a joint established unit.

The HschG does not explicitly determine a German language requirement. However, the internal Whistleblowing System will normally need to be in the local language to allow for a barrier-free communication. 

Concerning anonymous reports, the anonymity of the whistleblower remains voluntary.

Get a Head Start 

Having a flexible platform that can adapt to any legislation and regulations can give you a great head start. With Whispli, you can build up your solution according to your current needs, and modify it at any time. 

You can start by complying to the minimum requirement of the EU Directive today and adjust to your local legislation later. 

Get in touch with one of our expert and get a guided demo to see how Whispli can help your Organization to comply with the Directive.



Whistleblowing Assessment Template