German Whistleblower Protection Law Brings New Obligations for Companies - What Employers Need to Know Now

6 minute read | May.24.2023

Deutsch: Das Hinweisgeberschutzgesetz kommt – Was Arbeitgeber jetzt wissen müssen

With a delay of almost one and a half years, the German legislator has implemented the so-called Whistleblower Directive (Directive (EU) 2019/1937) into German law: In mid-December 2022, the German Bundestag had passed the Whistleblower Protection Act (Hinweisgeberschutzgesetz – HinSchG) in the version proposed by the Legal Committee. The Bundesrat did not approve the law in February 2023. However, on May 12, the Bundesrat has now approved the bill after the original bill was amended in the mediation committee. The law will enter into force in mid-June 2023.

Companies must now immediately review the implementation of whistleblower systems. Failure to do so could result in heavy fines.

What is at Stake?

In the past, German law did not provide any specific protection for whistleblowers or rules on how companies should deal with reports of violations of the law. There was only a ban on disciplinary action: the employer was not allowed to discriminate against an employee by any agreement or measure if the employee exercised his or her rights in a lawful manner. This included reporting violations of the law. However, reports by employees to the press or to authorities about (alleged) violations and grievances against the employer could also lead to dismissal.

The Directive and its implementation in the HinSchG are now intended to provide better protection for whistleblowers who report violations of laws and regulations. This is to be ensured by internal reporting bodies within the companies and external reporting bodies at third parties, as well as the provision of appropriate reporting channels. However, whistleblowers should prefer to use internal reporting channels in the first instance if there is a case where effective internal action can be taken to address the violation.

Which Companies are in Scope?

Employers with 50 or more employees must establish internal mechanisms. This obligation will apply from the date of entry into force of the Act, i.e., one month after promulgation. However, even companies with fewer than 50 employees should also consider voluntarily implementing internal whistleblower systems to avoid reports that could potentially jeopardize their reputation.
Certain relief is available to mid-sized companies with 50 to 249 employees: They may establish and operate a joint central reporting office and, as an exception, have a grace period until December 17, 2023, to implement these reporting channels. For companies with more than 249 employees, however, the HinSchG will apply immediately after its entry into force, i.e., from mid-June 2023, without a transition period.
For companies that are part of a group, it is assumed that an independent and confidential body can also be established in another group company that is responsible for several group companies. For multinationals, this is good news, but it is questionable whether this group privilege is consistent with the Directive’s requirements. The EU Commission strongly denied that such centralized systems were in line with the Directive.

In addition to these reporting offices, there will also be contact points at the Federal Office of Justice, the Federal Financial Supervisory Authority, and the Federal Cartel Office.

Which Violations are Covered by the HinSchG?

The material scope of application of the HinSchG goes far beyond the Directive. While the Directive only covers violations in certain European legal and political areas, the material scope of application of the HinSchG goes beyond this and covers all violations of the law that are subject to penalties and fines.

For example, reports of the following violations are covered:

Violations of EU law
Violations of national criminal law
Violations of regulations that are punishable by fines and that are designed to protect life, limb, and health or to protect the rights of employees or their representatives.

Who is Protected?

Whistleblowers are any natural persons who, in the course of or in preparation for connection their professional activities, become aware of violations of law and report or disclose such information to the reporting channels provided for by law.

Thus, whistleblowers are understood to include, among others, employees, shareholders, employees of suppliers and persons who became aware of violations prior to commencing their employment. This broad scope is consistent with the Directive’s requirements.

The whistleblower is protected only if, at the time of the report, he or she had reasonable grounds to believe that a violation had occurred and that the reported violation fell within the scope of the HinSchG. As long as the report is made in good faith, the protection is not lost if it turns out later that a violation did not actually occur.

How Does this Protection Work in Practice?

Anonymous reporting channels should be established, and anonymous reports should be processed – but there is no legal obligation to do so.
No (threat of) retaliation: The person making the report must not suffer any disadvantage as a result of the report. This includes, in particular, sanctions under employment law such as transfer, pay cut, warning or dismissal, but also, for example, refusal to renew a fixed-term employment contract or to participate in further training. If there has been a retaliation against the whistleblower, they can claim damages from the employer.
Presumption rule: If a whistleblower suffers a detriment in connection with his or her job following a report, it is presumed that this detriment is a prohibited retaliation, if the whistleblower asserts this himself or herself. In this case, the employer has the burden of proving that the detriment was not caused by the whistleblowing. If the employer fails to do so, the action is invalid, and the employee may be entitled to damages. In addition, the employer may be liable for a fine of up to EUR 50,000.
Claim for damages of the whistleblower in case of violation of the non-retaliation rule.

Response Obligations Following a Report

The HinSchG establishes certain response obligations following a report, including:

Internal reporting offices must acknowledge receipt of a report to the person making the report within seven days.
Documentation of reports
Verifying the validity of the report
Take appropriate follow-up action
Within three months of acknowledging receipt of the report, the whistleblower must be informed of the action taken and planned.

To-Do's for Employers

The threat of fines of up to EUR 50,000, with the possibility of even higher fines if certain conditions are met, is the main reason why employers should address this issue and implement whistleblower protection systems if they do not already exist. This is particularly true for companies with more than 249 employees, for which no transition period is provided. Existing systems will need to be reviewed to ensure they meet the legal requirements.

Multinationals with entities in multiple EU member states should assess the local law requirements, given that the Directive gives EU member states some leeway in implementing its regulations. As a starting point, multinationals should be considering the legal requirement in their core markets first. In many cases these concepts can be used with some changes in other EU countries.

For advice on implementing a whistleblower protection system in Germany and other EU member states compliant with the new standards, please contact us.

Authors

Dr. André Zimmermann, LL.M. Partner, Technology Companies Group, Employment Law & Litigation

Dusseldorf; Munich

See my bio

D:+49 211 3678 7325
E: [email protected]

Practice:

Technology Companies Group
Employment Law & Litigation
Cross Border Employment Law Issues
Discrimination, Harassment & Retaliation
Pay Equity

vCard

See full bio

Dr. André Zimmermann, LL.M. Partner

Dusseldorf; Munich

André advises companies of all stages, pre-IPO startups, scaleups, unicorns and international corporations on a wide range of matters, having handled everything from day-to-day practical advice tailored to his clients’ needs, to complex multi-jurisdictional transactions from strategic planning through post-merger integration. Having long-standing experience in negotiating with works councils and unions in restructuring measures of all kind, a special focus of André's practice is on restructurings and headcount reductions.

He has advised on the employment law aspects in over 300 M&A transactions and financing rounds across various industries. Transactional advice includes employment law advice in complex, international technology transactions, M&A projects as well as private equity and venture capital investments, from due diligence to post-closing integration.

André has thorough knowledge of and a genuine passion for the tech industry. Over the last years, André has become the go-to-advisor of several Bay Area tech-companies, leaders in their market and high-growth tech companies. Most recently, he has advised leading global technology companies such as GoPro, Pinterest, GitHub, Nvidia, Sabre, Snap and Splunk on various employment matters.

André has received several awards for his work, inter alia:

Germany's leading lawyer ranking JUVE recognizes André as "frequently recommended" employment law expert since 2017;
Best Lawyers and Handelsblatt have listed André as one of Germany's best lawyers in employment law since 2020;
Germany's leading business weekly WirtschaftsWoche ranked André as one of the top employment lawyers in Germany in 2019;
IEL Elite, an in-house guide to the world’s leading employment and labour teams, recognized André as a "Key Lawyer" in 2022.

Clients recommend André to JUVE as “straight shooter" and "always refreshingly honest". Our clients praise his "creative and efficient style of working" and "a very practical and efficient style of providing advice", referring to him as "extremely responsive and always accessible" and as "an excellent advocate in court hearings". Clients appreciate André's "clear, sound and pragmatic real-world advice" and his "in-depth knowledge of the tech employment world".

Marianna Karapetyan Senior Associate, Employment Law & Litigation

Dusseldorf

See my bio

D:+49 211 3678 7127
E: [email protected]

Practice:

Employment Law & Litigation

vCard

See full bio

Marianna Karapetyan Senior Associate

Dusseldorf

She advises companies in all stages of growth, from pre-IPO start-ups to unicorns and investors to international corporations on a wide range of labor law matters. In addition to day-to-day employment law advice, this includes assisting companies with complex transactions, restructurings, and redundancies.

Her practice also focuses on employment law issues, such as employee leasing, service contracts for the management board or advice in the conclusion and negotiation of shop agreements.

Most recently, she has advised leading global technology companies such as Pinterest and Snap on various labor law issues and has been an important contact for many young technology companies since their foundation.

Marianna has been with Orrick since 2019.

Related Areas

Markets

Germany