Publication of the draft law on whistleblowers in Poland – What you need to know?22/10/2021
On Monday 18th October, a Bill on the protection of persons who report breaches of law was published, with the purpose of implementing Directive (EU) 2019/1937 of the European Parliament and of the Council on the protection of persons who report breaches of Union law.
Lawyers at our firm have analyzed the proposed legal solutions in terms of the requirements to be imposed on the entities obliged to adapt their organization to the planned solutions and the criminal risks for senior officers and managers of companies.
We would like to emphasize in particular that the proposed provisions:
• specify when an obligation to have an internal irregularity reporting (whistleblowing) procedure arises;
• require undertaking specific measures to verify the report;
• prohibit retaliation against the person who reported a breach;
• introduce criminal liability imposed generally on company management boards and managers for not having an internal procedure for reporting breaches of the law and for retaliation against the whistleblower, among others.
Our experience in the practice of disputes and daily advisory services, including in the context of international legal and ethical standards, highlight that entrepreneurs need to answer the following questions:
1. Who will be subject to the obligations stipulated in the bill?
2. How to effectively limit the liability of persons who manage the organization under the proposed provisions?
3. How to verify the reporting person’s good faith while maintaining their anonymity?
4. Should the organization extend the catalogue of breaches of the law with internal and ethical regulations which do not constitute an exhaustive catalogue, and what are the possible associated consequences?
5. What kind of procedural solutions should be adopted within international capital groups, including those subject to FCPA regulations or the UK Bribery Act?
6. Do all obliged institutions within the meaning specified in the anti-money laundering and counter-terrorism financing Act have the duty to comply with the Act starting from 17 December 2021?
7. How to prepare the breach reporting procedures and channels so that they comply both with the provisions of the bill and with GDPR?
8. Are there any efficient IT tools to facilitate the fulfillment of the new obligations?
We will answer these questions and any others our clients might have at individual consultations and business breakfasts which are open to anyone interested.