Manage cross-border complexity with this free online comparative tool. Dentons, with the support of the Nextlaw Referral Network, created the “Whistleblower Systems” interactive tool, which is designed to assist you with the requirements of the regulations throughout over 80 countries, with more to be added soon.

This innovative comparative tool presents a compilation of frequently asked questions in relation to implementing–or updating–a whistleblower system in an ever-changing regulatory context with the answers prepared by a team of dedicated lawyers for each jurisdiction presented below. We see this tool as the first point of call for the legal and compliance personnel of globally active companies who need to comply with regulations across multiple jurisdictions. This information is not designed to provide legal or other advice. You should not take, or refrain from taking action based on its content. Please feel encouraged to contact the lawyers indicated for each jurisdictions if you have questions or queries.

Whistleblower system

  • An important element of a Compliance Management System (CMS) 
  • Required by most modern anti-bribery laws and international standards (e.g. ISO)

When your company is implementing a whistleblower system or updating it to comply with changing regulations you want to:

  • Compare and contrast relevant regulations (data privacy, limitations on Whistleblowing Reports, notification requirements et al.), and
  • Have country complexity ratings in a single source

Having the ability to compare and contrast relevant regulations in a single source allows you to quickly determine and address the appropriate next steps.

Common term definitions:

  • Whistleblower System: Technical tool for employees, and potentially third parties, to provide information on potential violations within a commercial legal entity (e.g. via hotline, internet-based communication platform).
  • Whistleblower: Individual who reports information on potential violations acquired in the context of his or her work-related activities.
  • Report: Information on potential violations
  • GDPR: EU General Data Protection Regulation of April 27, 2016
  • Concerned Person: An individual associated with the potential violation in the Report.
  • Third Party: A natural or legal person, public authority, agency or body other than the company or their managers or employees.
  • Anonymity: No one knows the identity of the whistleblower (e.g. due to technical precautions).
  • Confidentiality: The recipient of the report (e.g. the operator of the whistleblower system or the ombudsperson) knows the identity of the whistleblower but is not permitted to disclose it to the company without the whistleblower's consent. Reports may only processed and disclosed on a need-to-know-basis.
Select up to two additional countries or locations to compare with (optional).
Select key points (optional)
  • Applicable Laws
  • Involvement of Authorities
  • Involvement of Employees and Employee Representations
  • Limitations on Whistleblower Reports
  • Measures avoiding Retaliation against Whistleblowers
  • Language Requirements