Regulations

Compliance Solutions for the EU Whistleblowers Directive

Benefit from a centralized, risk-based approach to compliance with the EU Whistleblowers Directive. Gain a thorough understanding of your obligations under the directive and ensure your organization has robust and effective procedures in place to protect whistleblowers and address their reports.

Book a Demo

Why GAN Integrity

GAN Integrity is how compliance teams get the tools and expertise to stay ahead of risk. With less effort but more reach, you finally get a better way to do your good work.

See everything – Gain a comprehensive view of regulatory risk and compliance in one platform for more effective program management.

Adapt to anything – Utilize a dynamic solution that adapts to regulatory changes and evolves with your program.

Get all the help you need – Receive dedicated support from GAN Integrity’s team of experts.

The EU Whistleblowers Directive (Directive (EU) 2019/1937) aims to provide stronger protection for individuals who report breaches of EU law. The directive requires companies and public bodies in the EU to establish secure reporting channels and ensure whistleblower protection.

Under this directive, companies with 50 or more employees, as well as public sector organizations, must implement internal reporting channels. The directive applies to reports of breaches in a wide range of areas, including public procurement, financial services, money laundering, product safety, and environmental protection.

Establish Internal Reporting Channels:

Companies must set up secure and confidential channels for whistleblowers to report breaches.
The reporting channels must allow for written and oral reports, including telephone lines and physical meetings.

Protection Against Retaliation:

Whistleblowers must be protected against any form of retaliation, including dismissal, demotion, or any other negative consequences.
Companies must implement measures to prevent retaliation and support whistleblowers throughout the reporting process.

Anonymous Reporting:

The directive encourages, but does not mandate, the acceptance of anonymous reports.
Companies should create an environment where whistleblowers feel safe to report breaches without fear of retaliation.

Follow-up and Feedback:

Companies must provide feedback to whistleblowers within three months of receiving the report, informing them of the steps taken or planned.
There should be a clear process for follow-up on reports, ensuring that all concerns are addressed promptly and effectively.

Public Disclosure:

Whistleblowers may be protected when they disclose information publicly if internal and external reporting channels have not functioned properly, or in cases of imminent or manifest danger to the public interest.

Setting Up Reporting Channels:

Establish secure, confidential, and easily accessible internal reporting channels.
Ensure that reporting channels are user-friendly and available to all employees and relevant stakeholders.

Developing Anti-retaliation Policies:

Implement policies that explicitly prohibit retaliation against whistleblowers.
Ensure that these policies are communicated effectively to all employees.

Training and Awareness:

Provide training for employees on the importance of whistleblowing and how to report breaches.
Raise awareness about the protections available to whistleblowers under the directive.

Monitoring and Reporting:

Implement systems to monitor the effectiveness of reporting channels and anti-retaliation measures.
Regularly review and update policies and procedures to ensure ongoing compliance with the directive.

Feedback and Follow-up:

Establish a process for providing timely feedback to whistleblowers.
Ensure that all reports are thoroughly investigated and appropriate actions are taken.

Disclosure Management

Consolidate your disclosures for conflicts of interest (COI), gifts, travel, entertainment, and political and charitable donations or contributions. Capabilities include:

Policy management: Develop and enforce comprehensive disclosure policies. Educate and engage your workforce with targeted training and policy attestations.
Flexible disclosure process: Simplify the submission of potential conflicts of interest with user-friendly forms, ensuring easy access for employees.
Automated approvals and reviews: Enhance compliance with automated approval and review workflows. Quickly escalate notifications to relevant stakeholders to address potential risks.

Learn more

Policy Management

Manage approvals, distribution, and attestation of policies, along with centralized portals for easy access to the latest policies and procedures. Capabilities include:

Regulatory change management: Identify policies that require updates and timely distribution to employees in response to regulatory changes.
Automated workflow: Optimize the review and approval process for policies, operating procedures, and work instructions with automated workflows.
Comprehensive reporting and documentation: Maintain a full audit trail and generate detailed reports to provide clear evidence of compliance to stakeholders and regulators

Learn more

Reporting and Documentation

See everything across your compliance program, and generate reports and dashboards to demonstrate compliance program effectiveness to stakeholders and evidence to regulators. Capabilities include:

Reporting and analytics: Executive, role-based dashboards to review the effectiveness of your compliance program initiatives.
Evidence-based compliance: Maintain an auditable trail of all activity with the platform’s integrated and automated audit log.
Compliance insights: See risk trends and patterns within your program, including third-party and supply chain risk, policies and disclosures.

Conflict of Interests Management

Manage employee conflicts of interest disclosures with an easy to use, configurable platform. Capabilities include:

Reporting and analytics: Role-based dashboards to identify areas of potential exposure with actions and remediation workflows to mitigate risks.
Campaign Management: Create conflicts of interest campaigns to inform and engage employees with training, policies and regular disclosure campaigns.
Third-party risk integration: Track conflicts of interest disclosures against third parties and suppliers for a comprehensive view of risk.

Learn more

Training

Deliver training and awareness compliance content to employees and key stakeholders. Capabilities include:

User governance: Automatically enroll new employees in the right programs and seamlessly roll out new training initiatives.
Embedded reporting and analytics: Customizable dashboards to track program performance and proactively address gaps.
Risk-based training and communications: Segment employees based on risk profiles to tailor the content and frequency of training and communications.

Learn more