EU Directive Transposition
“Wijziging van de Wet Huis voor klokkenluiders“READ THE FULL BILL (NL)
Last update 27 February 2023
Whistleblowers protection already in place
Before the introduction of the directive
The Netherlands already had a comprehensive framework for whistleblowers protection in place with The House of Whistleblowers Act (Wet Huis voor klokkenluiders).
However, changes need to be introduced in order to comply with the Directive.
Current implementation status
The transposition of the EU Whistleblowing Directive is transposed and implemented into the Dutch Whistleblower Protection Act (‘the Act’).
The new Dutch Whistleblower Protection Act entered into force for public and private entities with 250 employees or more on 18 February 2023.
Private entities with 50 to 249 employees are given a period to adjust to the new rules. The Dutch Whistleblower Protection Act will apply to them from 17 December 2023 onwards. Until this date, the former Dutch Whistleblowing Act applies.
The new Dutch Whistleblower Protection Act differs from the Directive, as the Dutch legislator has chosen not to implement all national discretion options.
However its scope remains fairly extended with few restrictions regarding the operating and processes for a whistleblowing system.
Implementation of an internal reporting system
If a works council is established, the works council must approve the implementation, amendment or revoking of whistleblowing procedure. The employer must inform the works council at least once per year about the Whistleblower System and its effects.
There are no language requirements regarding the policy, procedure and operation of the Whistleblowing System. However, it’s recommended that it is operated in Dutch.
There are no limitations in the new Dutch Whistleblower Protection Act regarding:
- The persons allowed to file a report
- Topics that can be reported through the Whistleblowing System
- Concerned Persons (who can be subject of a report via the Whistleblowing System)
The Dutch data protection authority takes the position that alerts may only be escalated beyond the local group company if it regards serious misconduct that exceeds the level of the local group company (e.g. misconduct that takes place at a higher management level).
Sending the alert to a centralized external service provider would not collide with the position of the data protection authority, as long as the alert is then send back to a local management level only. However, it is noted that alters will often by their nature exceed the local level.
A whistleblower should receive an acknowledgement of receipt within seven days counting from the moment of receipt of the report by the employer. (Article 2 (2)(h) Dutch Whistleblower Protection Act)
The Whistleblower should be provided with information on the assessment and, if applicable, on the follow-up on the report within a reasonable period but no later than three months after confirmation of receipt sent by the employer. (article 2 (2)(i) Dutch Whistleblower Protection Act)
Protection against retaliation
Anonymity is voluntary. However, the identity of the Whistleblower, the person(s) who conducted the misconduct/infringement, and the person(s) to whom the misconduct/infringement is attributed should be kept confidential.
In addition, the Whistleblower may not be disadvantaged during and after the handling of a report under certain circumstances.
Article 17f Dutch Whistleblower Protection Act states that the Whistleblower may not be liable for an infringement of any restriction on the disclosure of information under certain circumstances.
The new Dutch Whistleblower Protection Act doesn’t have any special requirements for the operation of a non-local (group-wide) Whistleblowing System.
This means that a centralized Whistleblowing System can be operated, even if it is in another country.
Get a Head Start
Having a flexible platform that can adapt to any legislation and regulations can give you a great head start. With Whispli, you can build up your solution according to your current needs, and modify it at any time.
You can start by complying to the minimum requirement of the EU Directive today and adjust to your local legislation later.
Get in touch with one of our expert and get a guided demo to see how Whispli can help your Organization to comply with the Directive.
You're in Good Company
Whispli is an award-winning platform recommended by partners and clients alikeRead our Latest Customer Success Story: Decathlon Read our Latest Customer Success Story: ZyGen
"Whispli is hands down the most watertight way to catch and manage wrongdoing in your organization. If you're not using it, then you're not serious about preventing fraud or corruption."
Group Risk & Compliance Manager, Topshop Topman
"I have had the opportunity to implement this type of tool in the past and this is the first time I have worked with a partner who knows how to turn this sensitive subject into an opportunity. The platform is clear, modern and easy to use."
Chief Compliance Officer, Auchan Retail
"Exceptional Client Service. Whispli product and customer success teams are its biggest asset. They are flexible, always available for support and ready to stretch beyond their roles to help the clients."
Senior Associate, Ernst & Young