The EU Council has proposed a new EU directive to protect whistleblowers who report EU law breaches.1 The current draft of this directive was passed by the European Parliament's legal affairs committee on 20 November 2018, after several months of discussion within the parliament. Debate on this proposal is not over, as it now needs to be reviewed in light of (sometimes conflicting) EU principles like data protection and GDPR.

The proposal provides EU Member States with minimum standards for protecting whistleblowers who report breaches of EU law, as well as of facilitators or anyone assisting a whistleblower. More precisely, the proposal aims to:

  • protect whistleblowers (and those assisting) from retaliation in all forms, civil prosecution, and corporate lawsuits, such as lawsuits that might arise from breaking confidentiality clauses in employment contracts
  • oblige private, mid-size firms to set up formal processes for internal breach-reporting; whistleblowers may also report externally, of course, which would naturally have a much different reputational impact; "mid-size" is defined as firms with 50+ employees or €10+ million in annual turnover or total assets (possible exclusions include private entities with fewer than 250 employees or an annual turnover under €50 million, and those with an annual balance sheet total under €43 million)

The new standards would consider a broad range of violations reportable, like violations of tax law, equal professional treatment of women and men, consumer health, and competition law.

Regarding tax, following the latest report published on 26 November 2018, the directive would cover not only tax evasion schemes and tax fraud but also tax avoidance. Thus, taxpayers and tax professionals should pay particular attention when monitoring, as the wording of the directive does not clearly define avoidance. Rather, the preamble of the proposal refers to breaches as "arrangements whose purpose is to obtain a tax advantage that defeats the object or purpose of the applicable corporate tax law".

The proposal would cover a wide range of whistleblowers (and their facilitators), due to the broad definition of "workers": any former, current, or future employee of a firm, paid or unpaid trainee, or third-party provider is in scope.

Although the proposal provides wide protection for whistleblowers, it also stresses that they would not be immune from criminal actions (theft of documents, for example). Also, they would only be protected by these new rules if they have "reasonable" or "well-founded" concerns when reporting (otherwise they would not be shielded from, for example, being prosecuted for defamation).

This debate is a very sensitive one that will—no doubt—trigger a lot of controversy and uncertainty for mid-size and big organizations.

Whatever happens in terms of implementation or interpretation of these rules, the reporting process of many corporations will need to be reviewed and communicated adequately.


1 Proposal for a directive of European Parliament and of the Council on the protection of persons reporting on breaches of Union law (COM(2018)0218 – C8-0159/2018 – 2018/0106(COD)).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.