What type of whistleblowing is protected under the New WB Act?
The Directive provides protection for a wide range of disclosures of breaches of specific EU regulations, such as product safety, consumer protection, financial services, etc. The New WB Act has broadened the scope of the Directive by also including tax fraud and social fraud. Unlike the text of the Directive, the New WB Act does not list the specific applicable regulations falling within its scope as such. Every breach of a specific regulation that relates to the listed areas falls within the scope of the New WB Act. It is thus clear that the legislator intends that the New WB Act is as broad as possible.
Like the Directive, the New WB will apply to all whistleblowers who have acquired information on breaches in a work-related context. This includes, besides those persons who are employees or self-employed workers, shareholders and persons belonging to the administrative, management or supervisory body of an undertaking, including non-executive members. It also includes volunteers and paid or unpaid trainees and any persons working under the supervision and direction of contractors, subcontractors and suppliers, etc.
Those persons assisting whistleblowers, such as facilitators, or third persons who may suffer retaliation in a work-related context (colleagues or relatives) are also protected, as well as legal entities that the reporting person owns, works for, or to which they are connected in a work-related context.
Please note that if the report of a breach relates to financial services, products and markets, and the prevention of money laundering and terrorist financing, the whistleblower is protected even outside of a work-related context.
When does a whistleblower qualify for protection under the New WB Act?
Reporting persons will be protected if:
- They had reasonable grounds to believe that that the reported information was true at the time of reporting and that such information fell within the scope of the New WB Act, and
- They reported by using a protected reporting channel, ie (i) through an internal reporting channel, (ii) through an external reporting channel, or (iii) via a public disclosure. These are 3 distinct reporting channels to which specific rules and conditions apply.
Contrary to what was first provided for when the European Commission proposed the Directive, protection is not conditional on the whistleblowers first reporting internally, except for public disclosures for which additional conditions apply (see below).
What are the obligations for private companies?
- Companies will have to set up internal reporting channels and procedures for the internal follow-up of reports.
The social partners must be consulted, in accordance with the usual cascade system: works council, trade union delegation, health and safety committee, or directly with the employees of the company.
The internal reporting channel should at least be accessible to the employees, but the company may decide to allow access to other people, for example, self-employed workers.
The channels must be designed, established and operated in a secure manner.
A person or department within the company must be appointed to receive the reports. The choice on who to appoint will depend on the structure of the company, but their function must in any event guarantee that they can work independently and without conflict of interest. It is also possible to outsource the internal reporting channel to an external provider. We will examine the scope of what can be outsourced, and what implications this has on internal investigations in another eAlert in this series.
A reporting manager (meldingsbeheerder/gestionnaire de signalement) must be appointed to follow up on the report, maintain communication with the whistleblower, and where necessary, ask for further information and provide feedback. This can be the same person or department who was appointed internally to receive the reports.
After the whistleblower has made a report, the reporting manager must follow up on the report within 3 months and provide feedback to the whistleblower on this follow-up.
- Companies must provide clear and accessible information regarding the procedures for reporting internally and externally.
According to the parliamentary works, this means that the information on the procedures must be displayed at a clearly visible location for employees, and on the website of the company. The information on the procedures may also be addressed during training and seminars on ethics and integrity.
- A duty of confidentiality applies, and strict rules must be observed regarding the processing of personal data and the keeping of the report records.
Do all companies need to set up an internal reporting channel?
The obligation applies to each separate legal entity with 50 or more workers, even where such legal entities belong to a group of companies. This means that under the New WB Act, it is not sufficient to set up a channel at group level. We will explore the cross-border implications and provide guidance on how to organise a reporting channel in a corporate group context in one of our next eAlerts in this series.
For private entities with activities related to financial services, products and markets, and the prevention of money laundering and terrorist financing, the obligation applies regardless of the number of employees.
This obligation will apply as soon as the New WB Act enters into force, ie 2 months after publication in the Belgian Official Gazette. Legal entities with 50 to 249 employee, with the exception of entities active in the area of financial services, products and markets and the prevention of money laundering and terrorist financing, will have until 17 December 2023 to establish internal channels.
Are there penalties if the new obligations are not duly observed?
Companies who do not comply with their duties may be sanctioned with administrative fines and even criminal penalties. There are also (criminal) penalties for persons who intentionally make false reports or make false information public.
What are the external reporting channels?
External reporting means the oral or written communication of information on breaches to the competent authorities.
The Federal ombudsman will act as Federal Coordinator for external reporting in the private sector.
A Royal Decree will appoint the authorities competent to receive reports, provide feedback and offer follow-up on notifications. If no appointment takes place, or no authority considers itself competent, the federal ombudsman will act as competent authority.
The New WB Act provides for obligations and procedures that the external reporting channels must comply with. It is the duty of the government to observe these obligations.
For companies, it is nevertheless important to note that :
- Their information duty also extends to the procedures for reporting externally (see above).
- Persons reporting externally will also qualify for protection under the WB Act. There is no obligation to first report internally.
Can whistleblowers approach the media directly?
Persons who publicly disclose information on breaches are entitled to protection if any of the following conditions is fulfilled:
- The person first reported internally and externally, or directly externally, but no appropriate action was taken in response to the report within the relevant timeframe; or
- The person has reasonable grounds to believe that:
- The breach may constitute an imminent or manifest danger to the public interest, such as where there is an emergency situation or a risk of irreversible damage; or
- In the case of external reporting, there is a risk of retaliation or there is a low prospect of the breach being effectively addressed, due to the particular circumstances of the case, such as those where evidence may be concealed or destroyed or where an authority may be in collusion with the perpetrator of the breach or involved in the breach.
Is anonymous reporting allowed?
Legal entities in the private sector, the competent authorities, and the federal coordinator must receive anonymous reports of breaches and must ensure that they are followed up. Legal entities with fewer than 250 employees are not obliged to handle anonymous reports.
What type of protection is offered to whistleblowers?
Whistleblowers are protected against retaliation. This includes protection against all kinds of actions including suspension, dismissal, negative performance assessment, withholding of training, change of employment conditions, disciplinary sanctions, etc. Retaliation against protected persons is criminally sanctioned.
The Federal Institute for the Protection and Promotion of Human Rights is the central information point for the protection of whistleblowers, and is responsible for providing and monitoring the necessary support measures to whistleblowers.
The protection measures against retaliation are far-reaching and include, for example, access to an out-of-court protection procedure (steered by the Federal Coordinator), a possible claim for damages of 18-26 weeks’ salary for employees and access to the labour courts where a reversal of the burden of proof applies.
We will provide a detailed overview on the protection measures and whether these imply a new type of hidden protection in one of our following eAlerts in this series.