Is your company ready for the Whistleblowers Act?
November, 2023 - Esther Soetens, Emma Van Caenegem
The company already has a whistleblowing scheme in place….isn’t that sufficient?
Your company might already have a whistleblowing scheme in place that allows employees to report irregularities relating to the “code of conduct“, transgressive behaviour, bribery, fraud, insider trading, etc.
However, this does not mean that you can ignore the provisions of the Whistleblowers Act. Indeed, the Whistleblowers Act contains a (minimum) list of reporting areas in which reporters can report breaches. Moreover, these reports must be made within the framework set out by the Whistleblowers Act. Therefore, companies that already have a whistleblower scheme in place are advised to check if and to what extent adjustments to their scheme are necessary.
The company is part of a larger international group. The group works with an external service provider who provides a whistleblowing tool (hotline, platform) that is used for the whole group, including the Belgian subsidiary. Is this allowed?
According to the European Commission’s guidelines, it is not enough to merely maintain a central whistleblowing scheme at the group level. Subsidiaries (legal entities with at least 50 employees) must also have their own internal reporting channel.
However, even though the Whistleblowers Directive and the Whistleblowers Act[3]are not conclusive in this respect, it can be justified, based on a pragmatic interpretation of the legal obligations, that if the group uses a common technical platform and where within this group platform there is a specific channel for the Belgian entity (Belgian hotline number and/or a specific page for Belgium,[4]and/or a Belgian e-mail address, etc.) then that is sufficient to be a ‘proper channel’ for the Belgian legal entity.
Moreover, for subsidiaries with less than 250 employees, there is the possibility of sharing resources and to appeal to the parent company’s investigative capacity for the receipt and the investigation of reports.[5]
Who should I appoint as the reporting administrator (“whistleblower officer”)?
The company has a certain freedom when appointing the reporting administrator(s). It is only required that the reporting administrator operates independently and does not have a conflict of interest. The reporting administrator may not receive instructions on the handling of a specific case and must be able to report directly to the head of the company.
So, it is possible to designate for instance the HR manager as the reporting administrator, but this person could potentially be conflicted in case of a report of social fraud.
An employee makes a report…now what?
Setting up an internal reporting channel is one thing. At least as important is working out a policy that enables the company to adequately follow up on a report. This means verifying whether the allegations made in the report are correct and need to be addressed. In practice, this will often result in a need to start an internal investigation.
The Whistleblowers Act itself does not specify how to conduct an internal investigation, nor what requirements an internal investigation must meet. Therefore, it is recommended that you, as an employer, proactively work out an internal roadmap to serve as a guideline for an internal investigation. Given that the nature of reports can be very diverse, each report requires a specific follow-up and approach. However, certain questions will recur in every internal investigation, including:
- What is the breach about? Which allegations should be investigated? How can I best investigate these allegations?
- Who is part of the investigation team keeping in mind potential conflicts of interest in this respect.
- Does the company itself have sufficient resources to conduct the investigation? Might it be useful to call upon an external investigator (e.g. an expert)?
- What are the appropriate investigative acts (e.g. the monitoring of emails)?
- How can I remedy a breach? Are there any additional points to consider when I take action and/or penalise any employee (e.g. a dismissal for serious cause)?
Can I take any investigative action when a report is made?
No. For any investigative act, it must be checked whether there are any legal restrictions. For example, monitoring the use of e-mails and internet is only possible subject to compliance with the requirements of the Collective Bargaining Agreement n° 81. So, it could be useful to consider whether the company can proactively take additional steps now to enable certain investigative acts at a later stage.
What about the confidential counselor and the prevention advisor psychosocial risks at work?
The Whistleblowers Act does not change the powers of the confidential counselor and the prevention advisor psychosocial risks at work. They remain competent for the psychosocial aspects at work.
For the sake of completeness, as from 1 December 2023, the designation of a confidential counselor will become compulsory in all companies with at least 50 employees.
Common pitfalls
Based on an analysis of various whistleblowing schemes, it can be concluded that companies regularly overlook the following elements:
- Compliance with the language legislation;
- Omitting to inform the employees about the external reporting channel options;
- ‘Losing sight’ of legal deadlines, namely: confirmation of receipt of a report within seven days; providing feedback to the reporter within three months of the confirmation of receipt. However, the latter does not mean that the (internal) investigation must also be effectively completed within three months.
- Only allowing a report through an external reporting channel if a report through the internal reporting channel was ineffective, whilst the reporter has the choice to either revert to the internal or the external reporting channel;
- Compliance with GDPR requirements.
This blog post does not contain a comprehensive overview of all the obligations under the Whistleblowers Act. It is based on questions and considerations from practice. If you have any further questions on this topic, please do not hesitate to contactEsther SoetensorEmma Van Caenegem.They will be happy to further assist you.
Footnotes: [1] Financial sector companies falling within the scope of the provisions on financial services, products or markets and/or money laundering and terrorist financing, for whom the law already came into force on 15 February 2023 and this is regardless of the number of employees. [2] A legal entity in the private sector. [3] Act of 28 November 2022 on the protection of reporters of breaches of Union or national law established within a legal entity in the private sector, Belgian State Gazette of 15 December 2022. [4] In the correct language in accordance with the Belgian language legislation’s requirements. [5] Although, under the European Commission’s guidelines, the reporter would have the right to object to his/her report being investigated at the parent company level and to request that the reported conduct is only investigated at the subsidiary level. |