Skip to main content

Clifford Chance

Clifford Chance

Regulatory Investigations and Financial Crime Insights

Poland begins to implement the EU Whistleblower Directive

On 4 October the Polish government published official guidelines regarding the new law implementing the EU Whistleblower Directive. The guidelines reflect the provisions of the Directive, but in some instances the government goes a step further.

The time is now

Directive (EU) 2019/1937 of the European Parliament and of the Council on the protection of persons who report breaches of Union law (the "Directive") should be implemented by Member States no later than by 17 December 2021. See our briefing on the Directive (EU) 2019/1937 here.

Although lively discussions about its implementation into the Polish legal system have been ongoing, no draft laws transposing the Directive have been published.

A little over two months before the implementation deadline, the government published official guidelines regarding the new law implementing the Directive (the "Guidelines"). The Guidelines are of a generic nature, but outline the key concepts to be reflected in the new law. We highlight them in this post.

Not many surprises

In general, the Guidelines reproduce the provisions of the Directive in that the future Polish law will provide protection for whistleblowers who report breaches concerning only the areas covered by the Directive (among others: public procurements, financial services, prevention of money laundering and terrorist financing or consumer protection).

However, in some instances the Polish government chose to extend the scope of protection.

Not only reports on breaches of EU law

The Directive is aimed at protecting whistleblowers who report breaches of specific acts of EU law, but allows its application to be extended to national laws.

According to the Guidelines, Poland intends that the new law implementing the Directive will also cover breaches of Polish law.

It is yet to be seen how exactly this scope will be done. For example, the Directive refers to breaches of EU law affecting the financial interests of the EU. The future Polish act will also cover breaches of Polish law concerning the EU's financial interests but not of the financial interests of the Polish state or private entities.

Broad level of protection

The Directive requires Member States to adopt preventive measures aimed at prohibiting any form of retaliation against whistleblowers.

The Guidelines state that the future Polish act will provide a general rule that whistleblowers may not be exposed to any harm or charges because they made a report or a public disclosure. They also announce specific procedural mechanisms to achieve this goal, i.e. the act will provide that:

  • if a whistleblower is dismissed because of the report made, the burden of proof will be reversed, meaning that the employer will need to prove that the report was not the direct cause of the whistleblower's dismissal and there were other justified grounds therefor;
  • if a whistleblower is employed on the basis of a civil law contract (not an employment contract), any attempt by the employer to terminate such a contract because of the report having been made by the whistleblower will be ineffective;
  • conducting any disciplinary, criminal or civil action against a whistleblower concerning defamation caused by the report will be prohibited;
  • a whistleblower will not bear liability for any damage caused to anyone because of the report made.

Reporting options

The Directive offers three reporting options to whistleblowers which must be ensured by the Member States in their national legislation: (i) internal reporting; (ii) external reporting; and (iii) public disclosure.

The Guidelines state that the same options will be provided under the future act. They stay in line with the Directive and encourage internal reporting first.

Internal reporting channels

The Directive provides that Member States must oblige legal entities with over 50 workers, in both the private and public sectors, to implement specific internal reporting channels to ensure that the whistleblower's identity is kept confidential.

According to the Guidelines, Poland intends to extend this obligation. Legal entities from the financial sector (i.e. banks, investment funds and fund management companies, insurance and reinsurance companies, hedge funds, pension funds and companies, brokerage houses) will be obliged to implement internal reporting channels regardless of how many workers they employ. The Guidelines do not elaborate further on this broader scope, but this likely results from the fact that the financial institutions are already obliged, under specific sectoral regulations, to introduce channels for anonymous reporting of breaches of law or ethical standards.

The Guidelines also clarify that internal procedures concerning reporting channels will form part of the workplace rules and regulations. Employers will be obliged to consult the content of such procedures with trade unions or representatives of employees.

Central authority responsible for providing feedback – the Ombudsman for Civil Rights

The Directive provides that Member States must designate the authorities competent to receive, provide feedback and follow up on reports.

The Guidelines state that such authority in Poland will be the Ombudsman for Civil Rights. However, the Ombudsman will not verify the reports or conduct its own investigations but rather refer the reports to the competent authorities (such as the public prosecutor's office or the Office for Competition and Consumer Protection). The Ombudsman will be also obliged to provide feedback to whistleblowers.

What's next?

The Polish government announced that it plans to publish a draft act implementing the Directive in Q4 2021 and refer it to Parliament. The final version of the draft may be slightly different from the Guidelines, which are rather generic (especially if the government decides to change it after public consultations).