An effective whistleblower system helps protect your company’s reputation. It gives employees the opportunity to report violations (such as fraud or corruption but also other misconduct) confidentially, provides an early warning system for risk control, and helps protect the company and management from liability in the event of compliance violations.
Regardless of whether you are an international corporation or a nationally operating family business – at the latest with the implementation of the European Whistleblower Directive, all organizations concerned should address the question of the appropriate whistleblower system.
“In the past two years, just under one-third of the companies surveyed have been affected by white-collar crime (32 percent). The level of concern increases with the size of the company.” KPMG study “White-collar Crime in Germany 2020
“The establishment of the whistleblower system had a significant positive impact on the respondents. In each case, one in five respondents had discovered a fraudulent act through the system or had received a tip that was crucial to clarifying the incident. Just under half also perceive a strengthened compliance culture.” (KPMG study “White-collar crime in Germany 2020”)
KPMG Law provides strategic and operational advice to companies of all sizes and in all industries on all issues related to the use of whistleblower systems, nationally and internationally with the support of KPMG’s network of independent member firms.
Business consulting services are provided by KPMG AG Wirtschaftsprüfungsgesellschaft (KPMG AG). An interdisciplinary team of experienced experts supports your company in the implementation and ongoing operation of your whistleblower system. This is how you reduce your risk of damage! We will be happy to answer any questions you may have or to arrange an initial meeting.
The EU Directive on the “Protection of Persons Reporting Breaches of Union Law,” adopted by the European Council in October 2019, will require certain companies to establish internal reporting channels in the future. The reporting process must also ensure the follow-up of the notice and designate a person responsible for this. The directive must be transposed into national law by December 17, 2021. Companies with 50 to 249 employees have until Dec. 17, 2023, to implement internal reporting channels.
Private companies with more than 50 employees are required to set up an internal reporting system to receive tips. In addition, companies in certain sectors (e.g. financial sector) also have to comply with this obligation, regardless of their size. This obligation also applies to all state administrative bodies, all regional administrations and departments, municipalities with more than 10,000 inhabitants, and legal entities under public law.
Establish transparent reporting channels and trusted communication channels. The organizations concerned must implement an internal reporting process that allows internal and external parties to report their indications anonymously. Notices must be given by telephone, in writing, or in person. The follow-up of the information must be ensured and a person responsible for this within the organization must be appointed and trained accordingly. Information on the reporting process must be provided in a transparent and easily accessible manner.
Whistleblowers are encouraged to first report the grievance internally (if appropriate reporting channels exist for this purpose). If the report is not processed by the competent body within three months, whistleblowers may turn to a competent authority.
Under certain circumstances, whistleblowers may also do so directly: E.g., when the violation to be reported may pose an immediate or obvious threat to the public interest, such as in an emergency situation or when there is a risk of irreversible harm. In such cases, for example, messages can be passed on directly to the media.
There is a requirement that the whistleblower must be informed within three months of the action taken as a result of his report.
Protection and mechanisms to avoid retaliation.
The directive aims to protect whistleblowers from retaliation, such as workplace harassment, discrimination or dismissal.
In addition, the reversal of the burden of proof applies, which means that should legal proceedings ensue as a result of reprisals suffered by a whistleblower, the employer must prove that the disadvantage suffered is unrelated to the whistleblower’s report. Persons who have supported the whistleblower (e.g. trusted persons, colleagues or relatives) are also protected.
In the event that employers do not fulfill their obligations, do not ensure the anonymity of whistleblowers or do not initiate follow-up measures, they must expect sanctions. Exactly which ones will depend on the concrete implementation of the legislator.
How the whistleblowing system is designed, which reporting channels should be available to employees, and how reports are processed and handled should be customized for each company.
For this reason, KPMG Law has developed the “KPMG Integrity Service” together with the experts from KPMG AG Wirtschaftsprüfungsgesellschaft and EQS. This is a web-based whistleblowing system that employees can access simply and easily via a link. The platform is available in up to 60 languages and is therefore also ideally suited for internationally operating companies. Furthermore, the system enables communication with the whistleblower – while preserving his or her full anonymity.
Our experts support you in the implementation and ongoing operation of the whistleblowing system: from the receipt of information to internal investigations and representation in legal proceedings, we cover all technical and legal aspects of whistleblowing worldwide and from a single source.
Our KPMG Integrity Service represents a fully comprehensive service. We take care of the conceptual design, technical set-up and maintenance of the system and also offer case management. Companies receive meaningful reports and status reports for management or the board of directors at predefined intervals. The cooperation of the Compliance and Data Protection, Forensic and Law departments enables us to offer an individual full service from a single source, ranging from case management and legal advice to the conduct of internal company investigations in the event of an incident. In addition, we are available to you 365 days a year with the help of our worldwide FairCall centers. This enables your company to receive and process concerns in a timely manner and respond appropriately.
The KPMG Integrity Service combines the services of KPMG Faircall, KPMG Law, KPMG Forensic and EQS Group into a holistic solution.
Stuttgart Site Manager
Head of Compliance & Corporate Criminal Law
tel: 0711 781923418
© 2024 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit https://home.kpmg/governance.
KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.