The EU Whistleblower Directive – are Swiss companies also required to act?

Olivier Künzler
insight featured image
EU Directive 2019/1937 on the protection of persons who report breaches of Union law («Whistleblower Directive») entered into force on 16 December 2019. The Whistleblower Directive is intended to facilitate the disclosure of breaches of EU law and guarantee a uniform, high level of protection for whistleblowers throughout the entire EU. It has far-reaching consequences and is also relevant for Swiss companies with a presence in the EU area.

Scope of application

The Whistleblower Directive applies to all private sector companies in the EU with at least 50 employees, to financial firms and to public sector bodies. It also applies to whistleblowers who are not employed at a company site within the EU, but who report a breach at such a site. The affected companies are obliged to establish safe channels for whistleblowers and clear reporting processes and must also take measures to protect whistleblowers. The Directive generally applies only to breaches of EU law (including the relative national transposition laws), such as EU antitrust law or the European General Data Protection Regulation (GDPR). However, many Member States are planning to or have already declared the requirements of the Directive applicable to breaches of national law.


The most important key points of the Whistleblower Directive at a glance

The Directive establishes detailed, mandatory requirements for handling reports of compliance breaches and for the treatment of whistleblowers. Companies affected by the Directive must be prepared to comply with the following provisions:

  • Duty to establish an (internal) reporting system: In addition to being available to the company’s own employees, the system must also be accessible to external persons, such as independent advisors, trainees, job applicants, shareholders and the employees and support workers of suppliers and subcontractors.
  • Detailed specifications for the design of the reporting system: Whistleblowers must be able to submit reports in different forms. The system used must guarantee the anonymity of whistleblowers. Companies must confirm receipt of a report to whistleblowers within seven days. Whistleblowers must be informed of the follow-up measures taken as a result of the report within three months of confirmation of receipt of the report. Only persons with special authorisation are permitted to access the report.
  • No cascading sequence: Whistleblowers are not obliged to contact the relevant internal office at the company in the first instance. Whistleblowers are, in principle, free to submit a report directly to the competent authorities or the media, where appropriate. However, this requires the threat of an imminent or manifest danger to the public interest or the concern that submitting a report to the company could lead to reprisals or have no effect.
  • Protection against retaliatory measures: Whistleblowers must be protected against reprisals such as discrimination, dismissal, denied promotions, redeployment or disadvantageous performance evaluations. To guarantee this protection, the Directive introduces a procedural reversal in the burden of proof. In the case of dismissal, for example, employers must prove that the job has not been lost in connection with the whistleblowing.
  • Duty to introduce penalties for employers: The EU Member States are obliged to introduce «proportionate and dissuasive penalties», including for cases in which employees hinder or attempt to hinder reporting or breach the duty to maintain the confidentiality of the identity of reporting persons.


Practical advice for Swiss companies

The Whistleblower Directive does not apply directly to Switzerland, as it is not an EU Member State. In 2020, the most recent proposal by the Federal Council to establish a national whistleblowing law was rejected by the National Council for the second time (thus rendering it definitely rejected for the time being). Due to the high level of economic integration with the EU, however, Swiss companies should keep a close eye on further developments and take the following measures in particular:

  • Conduct an internal clarification process with regard to compliance with the Whistleblower Directive.
  • Revise (internal) processes for the handling of relevant reports under consideration of the applicable rules.
  • Establish or revise a system for the reporting of compliance breaches.
  • Provide internal information to employees on the rules and processes relating to the handling of potential compliance breaches and the available reporting channels.

Due to the high level of integration with the EU and/or increasingly strict internal compliance regulations, it is also assumed that – despite the absence of statutory provisions – an increasing number of Swiss companies will also introduce systems for the reporting of compliance breaches. With this in mind, Grant Thornton Switzerland/Liechtenstein has already implemented an internal whistleblowing system for reports made by its own employees and external persons, which can be accessed at this link.


Support from Grant Thornton

Are you planning to introduce a whistleblowing system at your company? Working together with the developer of our in-house tool, we are also able to offer the system we use to our clients. Our experts will be happy to provide further information and answer any questions you may have on the topic of whistleblowing. We look forward to hearing from you!