EU Whistleblowing Directive – Germany 

Whistleblowers protection already in place

Before the introduction of the Directive

Germany only had national regulations in place regarding whistleblowers protection, for the financial service sector and regarding the protection of business secrets.

In other domains, whistleblowing protection has been primarily shaped by case law, and is still considered limited compared to the Directive requirements.

Current implementation status

The Bundestag and Bundesrat have passed a whistleblowing protection law and implemented the EU Whistleblowing Directive withe the new Whistleblower Protection Act passed on May 12th, 2023.

After its promulgation, the Whistleblower Protection Act is expected to come in to force in June 2023. 

Fines can be imposed on employers 6 months later if they have not set up the required internal whistleblowing platform.

New Requirements

Scope

Employers with more than 50 employees must set up internal reporting offices that whistleblowers can contact confidentially.
The Whistleblower network will insist that it is not just a mere compliance check.

The material scope of the Whistleblower Protection Act is limited to information on criminal offenses and certain administrative offences. The following areas are largely excluded from the material scope of application:

• Significant misconduct or grievances below the threshold of clear violations of the law. Whistleblowers point out, among other things, government regulation and control gaps.
• Violations of the law when dealing with matters of national security or classified information.

Reporting obligations

Employers with more than 50 employees must set up internal reporting channels that whistleblowers can use confidentially.

Whistleblowers are free to choose whether to contact a state (“external”) whistleblower office directly or initially to one (“internal”) provided by the employer.

Previously, priority was given to internal reports. Whistleblowers are the best judges of which is the most promising and trustworthy path.

However, the recently adopted HinSchG stipulates that whistleblowers should prioritize internal reporting in cases where effective measures can be taken internally to address violations (Art. 7, Paragraph 1). The text also requires companies to provide “incentives” to encourage whistleblowers to use internal reporting channels as their first option. Furthermore, external reporting services are required to highlight the possibility of internal reporting when they receive external reports.

Whistleblowing platform and Hotline

Internal reporting channels must allow both oral and written reports, including telephone or other voice transmission methods.

If whistleblowers request it, a personal meeting for reporting must also be made available. With the whistleblower’s consent, this personal meeting can also be conducted via video and audio transmission.

Cross-company internal reporting systems (group solution)

The HinSchG allows for the establishment of a cross-company internal reporting mechanism within a company (referred to as a group solution), but only for companies with fewer than 249 employees. Employers with 250 employees or more are required to establish their own internal reporting system and cannot use the group’s mechanism.

The possibility of using a group reporting mechanism contradicts the position of the European Commission, which states that each company must have its own internal reporting mechanism. However, according to information from the German government, discussions had taken place with the European Commission prior to the adoption of the HinSchG, during which the possibility of using a cross-company reporting mechanism at the group level was confirmed.

Public disclosure and to the media

The domains excluded by the material scope of the Whistleblower Protection Act mentionned above, as well as strict requirements for public whistleblowing, are making journalistic work more difficult.

Disclosures to the media are only protected in a few exceptional cases, above all in the case of an “immediate or obvious endangerment of the public interest” (as stated in paragraph 32). 

Sanctions and protections

The new law will not completely prevent reprisals, and does not include a right to compensation for immaterial damage (e.g. as a result of bullying) or a support fund to finance compensatory services and legal and psychological advice for whistleblowers (although this violates the European requirements).

Get a Head Start 

Having a flexible platform that can adapt to any legislation and regulations can give you a great head start. With Whispli, you can build up your solution according to your current needs, and modify it at any time. 

You can start by complying to the minimum requirement of the EU Directive today and adjust to your local legislation later. 

Get in touch with one of our expert and get a guided demo to see how Whispli can help your Organization to comply with the Directive.