The government bill on the protection of whistleblowers (Parliamentary Document No. 1150) (hereinafter the “Whistleblower Protection Act”) is intended to bring a number of innovations to the Czech legal system in the area of protection of persons who report an unlawful act of which they become aware in connection to their work.
Although the exact form of the future statutory regulation is not yet known, the interpretation of the relevant provisions of the Whistleblower Protection Act can also be based on the EU regulation that the bill is intended to transpose, namely the Directive (EU) 2019/1937 of the European Parliament and of the Council from 23 October 2019 on the protection of persons who report breaches of Union law (the Whistleblowing Directive) (hereinafter the “Directive”).
With the transposition deadline expiring on 17 December 2021, the issue of the Whistleblower Protection Act can be expected to grow in importance in the months to come.
It is also worth mentioning another government bill amending certain acts in connection to the adoption of the Whistleblower Protection Act (Parliamentary Document No. 1151/0), which brings accompanying changes in connection to the implementation of whistleblower protection into the Czech legal system. These newly implemented changes include provisions amending the Code of Civil Procedure, which will allow the whistleblowers to apply for a precautionary measure and the application of a reverse burden of proof in a dispute between the whistleblower and the employer. Other acts that are being amended include the Competence Act and the Labour Inspection, however more acts are being amended in the respective matter.
This article will discuss selected aspects of reporting information on breaches under the Whistleblower Protection Act that obliged entities may encounter when implementing an internal reporting channel.
An important consequence of the adoption of the Whistleblower Protection Act will be the obligation of the so-called obliged entities to ensure the establishment and functioning of an internal reporting channel and to designate a competent person who should receive and assess the reasonableness of reports submitted through such a reporting channel.
Another equally important obligation is the information obligation in relation to employees and other potential whistleblowers. In addition, information on reporting methods must be published in a way that allows remote access in accordance with Section 9 (a) of the Whistleblower Protection Act.
A somewhat surprising aspect of the Czech bill is the fact that it defines the range of obliged entities more strictly than the Directive requires. According to the government bill, the obliged entity is an employer who employed on average at least 25 employees in the last calendar quarter. There is a striking difference between the bill and the Directive, which imposes the obligation to set up the reporting channel on employers who employed more than 50 employees in the specified period.
It should be added that the whistleblower does not have to be an employee. It can also be a person in a service relationship, a self-employed person, a member of an elected body of a legal person or, for example, an intern or a volunteer. A whistleblower may also be a former employee or a person who has applied for employment. A whistleblower may even be a person who becomes aware of a breach in the course of exercising rights and obligations under a contract for the provision of supplies, services, works or other similar services. In practice, this could be, for example, an employee of the supplier. This definition of whistleblowers is very broad and it will be particularly important for the obliged entity to ensure that all potential whistleblowers are properly informed of the possibility to submit a report.
A whistleblower under the Whistleblower Protection Act will not be a person who has learned about a possible breach from the news or has only witnessed such a breach. The status of a whistleblower is only established if the whistleblower becomes aware of information on breaches in connection with the performance of work for the obliged entity.
What actions can be reported in protected mode?
The Whistleblower Protection Act provides broader protection for whistleblowers than the Directive itself. Article 2 of the Directive defines the areas in which a report of information on breaches may be made. These areas include, for example, public procurement and financial services, prevention of money laundering and terrorist financing, product safety, transport safety, public health, consumer protection, protection of privacy and personal data, and security of network and information systems.
However, the Czech legislator stipulates in Section 2 of the Whistleblower Protection Act that the report is a notification by a natural person containing information about a possible illegal act that has the characteristics of a criminal offence or an offence or violates a legal regulation or a regulation of the European Union in specified areas. In practice, this provision will mean that a natural person will be able to report any unlawful act that has the characteristics of an offence or a criminal offence under the Czech law. The conduct that can be reported can be both intentional and negligent. It may be an act or an omission, and it may be an act that has already taken place or an act that has yet to take place.
On the other hand, it should be emphasized that it is not possible to resolve, for example, employee disputes or other employee complaints through the reporting channel if they do not report conduct that has the characteristics of an offence or a criminal offence. The reporting channel is only intended for reporting conduct that has the specified characteristics.
How will reports be made?
In order to motivate whistleblowers to report information on breaches, the law and the Directive allow for reports to be made through as many channels as possible. Thus, under the bill, reports can be made in writing, verbally and also in person, where the obliged entity must allow the use of all these channels.
These methods of reporting allow for both paper and electronic report (e.g. by an e-mail, online form or an app). It will also be possible to make a report by a phone call to a specific number, as well as, for example, by leaving a voice message. If the whistleblower wishes, it is also possible to submit a report in person.
The obliged entity must therefore carefully consider how to set up the internal reporting channel and what technical possibilities and measures it will use to do so. In this respect, it seems very practical to use complex aggregated sophisticated solutions from external suppliers, which can guarantee the possibility of filing a report in virtually all ways, however, they generally do not allow for in person reports. One of these external channels is, for example, the NNTB solution from FaceUp Technology.
The current bill provides that the obliged entity will designate a so-called competent person who will be in charge of dealing with reports submitted under the reporting channel for a particular employer. The identity of the whistleblower will always be known to this competent person.
The legislation does not explicitly address the submission of anonymous reports. The reason for this approach is primarily due to concerns about possible abuse of the reporting channel in the form of false reports, but also stems from a purely legal-technical perspective. If the report is anonymous, there is no one to protect, and thus the reporting person is simply undetectable.
Obliged entities may, however, choose to accept anonymous reports. Accepting anonymous reports can contribute to the prevention of wrongdoing within a company and can therefore be an effective and functional tool in ensuring the compliance of internal company processes. At the same time, accepting anonymous reports may also motivate more employees to make reports in general. This form of guarantee of anonymity may help to reduce whistleblowers’ fears of reporting and the potential risk of employer retaliation.
Protection against abuse of the law
As already mentioned, any reporting channel may be subject to abuse by a whistleblower who makes a false report. Even in such a case, the competent person will have to assess the report and evaluate its validity, as there is a presumption of protection for the whistleblower until it is proven that the report was not rightfully submitted. It is appropriate to ask whether there are tools to defend against abuses of the law to the detriment of employers.
Section 4 of the Whistleblower Protection Act provides a general prohibition of retaliation against a whistleblower. It is further provided in Section 4 (3) of the Whistleblower Protection Act that ‘protection from retaliation cannot be claimed by a person who has knowingly made a false report’. The provision in question provides that protection cannot be sought where a whistleblower makes a knowingly false report. On the other hand, if a whistleblower believes that a breach of law may have occurred and makes a report, and upon further assessment it comes to light that no such breach by the employer or its employees has occurred, the whistleblower cannot be sanctioned for such conduct. In fact, the whistleblower made a report that was not knowingly false, but merely untrue.
The form of culpability will then be a key factor in assessing false reports. A whistleblower who knowingly makes a false report may be guilty of an offence under Section 24 of the Whistleblower Protection Act. For this offence, the whistleblower may be fined up to CZK 50,000. As part of the amendments to the bill, it is proposed to increase the upper limit of this fine to CZK 250,000. However, it is questionable what the future decision-making practice in the area of whistleblower offences will look like. It can be assumed that it will be very difficult for an administrative authority to prove that a whistleblower has knowingly made a false report.
Since when and how?
If the Whistleblower Protection Act passes through the Chamber of Deputies and the Senate of the Czech Republic, it should be adopted by 17 December 2021 at the latest, as the transposition deadline expires on this day. It is open to question whether the legislative process can be successfully completed by that date and we are rather sceptical in this respect. The Whistleblower Protection Act itself sets the deadline for the introduction of the internal reporting channels for obliged entities on 31 March 2022.
However, it should be noted, that in view of the case law of the Court of Justice of the EU, the rights arising from the untransposed Directive can be claimed by persons who are entitled to such rights – in the present case it would mean that from 17 December 2021, even if the Czech law is not adopted by that time, whistleblowers will be able to claim protection from possible retaliation.
In order to comply with the obligations under the Whistleblower Protection Act, it will be very important for obliged entities to establish the internal reporting channels and to clearly define, establish and retrospectively demonstrate that they have sufficiently informed their employees of the possibilities and forms of reporting. To avoid exposing the employer to the risk of potential sanctions, attention should be paid particularly to adequately instructing employees on how they can make reports to the employer and to making the system effectively functional, secure and transparent.
At the moment, we can only wait for the final form of the Whistleblower Protection Act and possible methodological guidelines for the implementation of the whistleblowing systems, which may allow us to overcome problems in the interpretation of new legislation. However, we recommend not to underestimate the preparation.
In the future, decision-making practice will certainly provide valuable guidance that will allow employers to draw implications arising from the case law in connection to the implementation of the legislation and forms of reporting channels in companies.
We will keep you informed about the upcoming development of the Whistleblower Protection Act in the Czech Republic.
If you have any questions on this topic, do not hesitate to contact us.
JUDr. Daniela Chvátalová, junior lawyer – email@example.com
Mgr. Jakub Málek, partner – firstname.lastname@example.org
31. 08. 2021