PayTechTalk 60 – The New Whistleblower Regulation

PayTechTalk 60 - Die neuen Hinweisgeber-Regelungen
Please click here and accept cookies to load the SoundCloud player.

In this episode of PayTechTalk we talk to Maraja Fistanic and Dr. Thomas Altenbach on the Whistleblower-regime, which is going to be effective in Germany from this year.

Goal of the new regime

In the future, whistleblowers are to be better protected in a uniform manner throughout the EU. The Whistleblower Directive, which prescribes uniform standards, has already come into force and must be implemented in the individual EU member states this year.

The new directive covers many key areas of EU law. This applies, for example, to anti-money laundering, data protection, protection of the Union’s financial interests, food and product safety, as well as public health, environmental protection and nuclear safety.

As of December 17, 2021, whistleblowers should be able to rely on secure channels to share information both within companies and with authorities. Therefore, the following regulations are to apply soon:

  • Creation of channels of reporting within companies/administrations: there is an obligation to create effective and efficient reporting channels in companies of over 50 employees or municipalities of more than 10 000 inhabitants.
  • Hierarchy of reporting channels: whistle-blowers are encouraged to use internal channels within their organisation first, before turning to external channels which public authorities are obliged to set up.
  • A large number of profiles protected by the new rules: Persons protected include those with a range of profiles who could acquire information on breaches in a work-related context. e.g. employees, including civil servants at national/local level, volunteers and trainees, non executive members, shareholders, etc.
  • A wide scope of application: the new rules will cover areas such as public procurement, financial services, prevention of money laundering, public health, etc. For legal certainty, a list of all EU legislative instruments covered is included in an annex to the directive. Member states may go beyond this list when implementing the new rules.
  • Support and protection measures for whistleblowers: the rules introduces safeguards to protect whistle-blowers from retaliation, such as being suspended, demoted and intimidated. Those assisting whistle-blowers, such as colleagues and relatives are also protected. The directive also includes a list of support measures which will be put in place for whistleblowers.
  • Feedback obligations for authorities and companies: the rules create an obligation to respond and follow-up to the whistleblowers’ reports within 3 months (with the possibility of extending this to 6 months for external channels in duly justified cases);


Until now, the protection of whistleblowers in the EU has been regulated only inconsistently. Most EU countries only grant partial protection in certain business sectors or for certain categories of employees (in Germany so far only for regulated institutions according to KWG and ZAG as well as obligated persons according to GwG).

The Directive has been signed and published in the Official Journal. The member states have until December of this year to transpose the regulations into national law. Furthermore, the European Commission encourages the individual member states to expand the scope of application when implementing the directive. This is to ensure a comprehensive and coherent legal framework at national level.

The Podcast is in German.


More on Maraja Fistanic and Dr. Thomas Altenbach:

Dr. Thomas Altenbach

Thomas is founder and CEO of the LegalTech startup LegalTegrity, the digital whistleblower solution for small and medium-sized companies. In addition to his work for the LegalTegrity, Thomas is a lawyer at the commercial law firm AC Tischendorf in Frankfurt a.M.. Previously, he worked for many years at Deutsche Bank AG and Daimler AG in their legal and compliance departments in various management roles. As a compliance specialist, Thomas is one of the leading consultants for the topics of compliance and corporate liability, conceptual design and implementation of compliance management systems, antitrust compliance and implementation of LegalTech tools with artificial intelligence.

Maraja Fistanic, MBA

Maraja is the founder and CMO of LegalTegrity. Previously, she was Managing Director of a European law firm group and Project and Marketing Manager of a law firm in Frankfurt a.M. With a passion for digitization, she completed her MBA in Digital Transformation Management, focusing on the success of business model innovations in legal tech companies.



Cover picture: Copyright © PayTechLaw

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like