Last update 1 March 2023

They are using Whispli

Whistleblowers protection already in place

Croatia had a Whistleblowing legislation in place since 2019.

The aim of this Act is the effective protection of whistleblowers, which includes ensuring accessible and reliable ways of reporting irregularities.

Current implementation status

The new Whistleblowers Protection Act (fully transposing the Directive into Croatian legal system) came into force on 23 April 2022.

New requirements

Companies under the scope of the Act should:

  • Adopt a new internal policy for reporting before 23 June 2022
  • Appoint a confidential person trusted to receive the reports of irregularities (among other duties) together with a deputy before 23 July 2022

Even if companies were compliant with the legal framework that was previously in place, the new implementation deadlines should be respected nevertheless.

In case of non-compliance with the Act, fines of up to HRK 50,000 (approx. EUR 6,600) for a company and HRK 30,000 (approx. EUR 4,000) for the responsible individual may be triggered.

Extended scope of application

Under the new Act, “irregularity” is defined as any action or an omission that is illegal and refers to the scope of application and regulations covered by the Act or is contrary with the goal and/or purpose of such regulations.    

Irregularities that are within the scope of application of the new Act are irregularities: 

  • covered within the scope of application of the EU regulations dealing with the following areas:  public procurement, financial services, products and markets and prevention of money laundering and terrorist financing, product safety and compliance, traffic safety, environmental protection, protection from radiation and nuclear safety, safety of food and food for animals, animal health and welfare, public health, consumer protection, protection of privacy and personal data,  security of network and information system,
  • affecting financial interests of the EU (Article 325 of the Treaty on Functioning of the European Union), 
  • relating to the internal market (Article 26 para 2. of the Treaty on Functioning of the European Union), including violations of the EU rules on competition and state aid, as well as violations of the internal market in relation to the acts violating rules on the income tax rules, or arrangements whose purpose is to realize tax advantage that is contrary to the goal or purpose of applicable income tax law,
  • relating to other regulations of the national law, when irregularities also endanger the public interest

The WP Act broadly defines a “whistleblower” as any natural person reporting irregularities that are related to the work environment.

The scope of persons able to submit a report through a whistleblowing system include the following status: employment, self-employment, work outside employment (e.g. based on a service contract, engagement through an employment agency, etc.), volunteering, student work, participation in the recruitment process as a candidate, holders of stocks or shares In the company, persons who are members of the supervisory, management or other boards of the company, persons who work under supervision and in accordance with the contractor’s or vendor’s instructions, as well as any other persons participating in activities of a natural or legal entity.

Whistleblowing systems must be localized

A central whistleblowing system operated on behalf of the whole group would not comply with the new Whistleblowers Protection Act. 

The new Act allows for a wider definition of a person of confidence, which now includes employees of non-local companies in the group. As a result, it is possible to use external service providers for whistleblowing while adhering to the Whistleblowers Protection Act rules on protection of identity, personal data, and confidentiality.

Protection of whistleblowers and anonymity requirements

According to the new Act, anonymous whistleblowing is generally not recognized because the mandatory contents of the report must include information about the person submitting the report.

However, there is an exception to this rule. If an anonymous report meets all the conditions required by the new Act for qualifying for whistleblower protection, and the whistleblower’s identity is later determined within the procedure, they will be entitled to the same protection as whistleblowers who have disclosed their identity. This includes protection against retaliation, even if the whistleblower initially chose to remain anonymous.

The organization is prohibited from retaliating against whistleblowers. Prohibited actions include suspension, dismissal, degradation, discrimination, harassment, financial sanctions, and other measures that disadvantage the whistleblower.

The organization must protect the whistleblower’s identity, personal data, and confidentiality by all means necessary and allowed by law. If the whistleblower experiences harmful retaliation, they are entitled to protection in court, including the prohibition of further harmful actions, compensation for damages, and publication of a court judgment in the media.

Next steps

Make sure you’re compliant with the new requirements.
Evaluate your reporting system in place and highlight areas of improvement with our self-assessment template.



Whistleblowing Assessment Template