Whistleblowers protection already in place
There were initially no Whistleblowing Systems regulations in place in Denmark.
Some whistleblowing schemes and whistleblowers protection existed only in certain specific areas, such as financial services providers and anti-money laundering.
However, regardless of the lack of regulation, many Organizations had already voluntarily implemented their own whistleblowing systems and protection schemes.
Current implementation status
Denmark passed its Whistleblower Protection Act on June 24th, 2021, making it the first EU country to transpose the Directive into national law.
According to the Directive, Organizations with more than 50 employees are obligated to set up internal reporting channels. Organizations that previously had a whistleblowing system voluntarily set up must update their policy to comply with the new Act, regardless of their number of employees.
Scope of Reporting
The scope of the Directive is extended with the Act and includes reports of violation of Danish law in addition to EU laws breaches.
Denmark expends the protection for any serious violations of Danish law and other serious matters, such as criminal offences, theft, fraud, embezzlement, bribery, etc. Further, the scope of the Act includes reports of sexual harassment or other severe person related conflicts at the workplace.
Whistleblowers must be able to make oral or written reports through internal reporting channels. An external reporting policy is introduced by the new Act, allowing whistleblowers to choose to directly report to the Danish Data Protection Agency and remain protected.
Global Organizations need to be careful if they decide to outsource their handling and processing of incoming reports, since third parties must be able to comply with the most extensive protection implemented by each Member State they operate in, while also meeting the Danish requirements.
Whistleblowers can also be protected if they chose to report publicly, in the case of an imminent threat or if the whistleblower believes that internal or external reporting is innefective or counterproductive.
Confidentiality and Protection
There is no obligation for Organizations to process anonymous reports. However, it is strongly recommended for them to accept anonymous reporting in order to encourage whistleblowers to use internal reporting channels instead of external channels.
Concerning the processing of personal data, Organizations must directly refer to the GDPR or the Danish supplementary data protection law. Whistleblowing systems established outside of the scope of the Act or by Organizations with less than 50 employees are not covered by the new law.
Make sure you’re compliant with the new requirements.
Evaluate your reporting system in place and highlight areas of improvement with our self-assessment template.
You're in Good Company
Whispli is an award-winning platform recommended by partners and clients alikeRead our Latest Customer Success Story: VodafoneZiggo
"Whispli is hands down the most watertight way to catch and manage wrongdoing in your organization. If you're not using it, then you're not serious about preventing fraud or corruption."
Group Risk & Compliance Manager, Topshop Topman
"I have had the opportunity to implement this type of tool in the past and this is the first time I have worked with a partner who knows how to turn this sensitive subject into an opportunity. The platform is clear, modern and easy to use."
Chief Compliance Officer, Auchan Retail
"Exceptional Client Service. Whispli product and customer success teams are its biggest asset. They are flexible, always available for support and ready to stretch beyond their roles to help the clients."
Senior Associate, Ernst & Young