Whistleblower protection act. All you need to know

9 July 2024 | Knowledge, News

The Whistleblower Protection Act[1] was published on 24 June 2024 and will come into force after three months, i.e. on 25 September 2024.[2] Companies should start preparing now to implement an appropriate procedure for receiving whistleblowing reports.

Purpose

The Act implements EU legislation on the protection of whistleblowers into Polish law.[3]

Who is covered

Whistleblowing procedures should be put in place by any entity with at least 50 workers[4] (as at 1 January or 1 July of the relevant year)
This includes full-time equivalent employees or persons who perform work for remuneration on a basis other than employment, if the entity does not employ other persons, regardless of the basis of the relationship

What can be reported

A whistleblower may report breaches of the law, i.e. acts or omissions that are unlawful or intended to circumvent the law, in areas including but not limited to:
- Corruption, public procurement, financial services, products and markets, prevention of money laundering and terrorist financing, product safety and compliance, transport safety, environmental protection, food and feed safety, animal health and welfare, public health, consumer protection, protection of privacy and personal data, security of ITC networks and systems, constitutional human and civil rights and freedoms

Can companies expand the list of breaches

Yes, by adding the possibility of reporting violations of their internal rules or ethical standards
When the Act was being drafted, labour issues were removed from the list of breaches that can be reported by whistleblowers. However, employers are free to expand the statutory list of breaches to include labour issues

Who is a whistleblower

A whistleblower is a natural person who reports or publicly discloses information on a breach of the law acquired in a work-related context, including: an employee, a temporary employee, a person working on a basis other than employment, including under a civil law contract, an entrepreneur, a holder of commercial power of attorney (Polish: prokurent), a shareholder or partner, a person working under the supervision and direction of a contractor, subcontractor or supplier, an intern, a volunteer, an apprentice.

Whistleblower protection

Retaliation against a whistleblower, as well as attempts or threats to do so, are prohibited
The Act contains an illustrative list of retaliatory actions
In the event of a dispute, it is the employer who must prove that the action taken against the whistleblower was not retaliatory
The retaliated whistleblower may claim compensatory damages (not less than the average monthly salary) or damages for pain and suffering
The whistleblower is protected provided that they had reasonable grounds to believe that the information they reported was true and that it signalled a breach of the law

Liability of whistleblowers

Anyone who has suffered damage as a result of a whistleblower knowingly reporting or publicly disclosing false information is entitled to compensatory damages or damages for pain and suffering from the whistleblower.

Obligations of companies

Establish the internal reporting procedure
Consult with trade unions or workers’ representatives (if there are no trade unions) on the procedure
Publish the procedure (the procedure takes effect 7 days after publication)
Establish the means by which whistleblowers can report breaches (reporting channels)
Designate a unit/person authorised to receive reports
Designate a unit/person authorised to follow up on reports
Acknowledge receipt of the report – within 7 days of receipt
Provide feedback to the whistleblower – within a maximum of 3 months
Ensure protection of personal data, appropriate data processing authorisations and privacy notices
Keep a record of the reports
Retain personal data and information in the record of reports for a period of 3 years after the end of the calendar year in which the follow-up was completed

Anonymous reporting

Anonymous reporting is acceptable – as long as it is allowed by the internal reporting procedure.

Penalties

It is a criminal offence to prevent or substantially hinder a whistleblower from making a report, to retaliate against a whistleblower, a facilitator or a person connected with a whistleblower, to disclose the identity of the aforementioned persons, or to fail to establish an internal reporting procedure.

Practical challenges

When implementing the Whistleblower Protection Act in an organisation, the following should be considered:
- Selecting employee representatives for the purposes of introducing the procedure
- Aligning internal procedures (including compliance, anti-corruption, anti-bullying, etc.)
- Aligning local whistleblowing procedures with group policies
- Selecting reporting channels appropriate to the needs of the business
- Designating individuals or departments responsible for receiving and handling whistleblower reports
- Possibility of using external service providers to organise the receipt of reports
- Possibility of using shared resources within the group

Questions? Contact us

Anna Gwiazda

[1] The Whistleblower Protection Act of 14 June 2024 (Journal of Laws of 2024, item 928)

[2] Certain provisions, in particular those relating to external reporting, will enter into force on 25 December 2024.

[3] Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law

[4] The rules on internal reporting apply to certain entities regardless of the number of employees (e.g. entities operating in the fields of financial services, products and markets and prevention of money laundering and terrorist financing, transport safety and environmental protection)

Latest Knowledge

How to structure a family foundation wisely

One of the key advantages of a family foundation is the flexibility to shape its internal structure as required. The legislature has granted the founders considerable freedom in this respect, enabling the foundation to be adapted to specific financial, family and business needs.

New rules for employing foreigners

The long-awaited Act on the Conditions for the Admissibility of Entrusting Work to Foreigners in the Republic of Poland came into force on 1 June 2025, replacing the previous legislation on employment promotion and labour market institutions.

Non-EEA IT vendors – growing challenges in the face of geopolitical change

As geopolitical tensions rise, critical infrastructure organisations will undoubtedly focus on mitigating the risks associated with using IT services from non-EEA providers.

Banking sector overview | Banking today and tomorrow | June 2025

Geopolitical turbulence will have a significant impact on the economy, including the Polish financial market, which, however, is well prepared for these global challenges.

The UDER2 draft: (theoretically) strengthened principle in dubio pro tributario

This principle, which states that doubts should be resolved in favour of the taxpayer, is set out in Article 2a of the General Tax Code and applies only in cases involving vague regulations. In practice, this leaves the tax authorities with considerable leeway for arbitrary application in proceedings where factual findings are crucial.

The Polish Deposit and Return System: a guide to the legal and tax rules

The Polish Deposit and Return System launches on 1 October. This is a real revolution for businesses, whether they are producers, importers, distributors or traders. Indeed, its implementation brings with it a number of challenges, including, perhaps less obviously, concerning VAT. Here is a brief guide to the most important issues relating to the Polish Deposit and Return System.

Act Amending the Labour Code or Poland’s response to the Equal Pay Directive

On 3 April 2025, a new draft Act Amending the Labour Code appeared on the website of the Sejm. Prepared by the Extraordinary Committee for Codification Amendments, it differs significantly from the original parliamentary draft implementing the Directive (print no. 934), the first reading of which took place on 6 February 2025. On 9 May 2025, the Sejm adopted the bill without amendments.

Pharma Review – Amendment to address the shortage of medicines in the European Union

We take a look at the changes the pharmaceutical industry should prepare for.

How a family foundation can protect itself from ‘black sheep’

Every family may unfortunately have members who can be confrontational, aggressive and uncooperative, who are in addition convinced that they are always right and that the world is always against them. They can create chaos and confusion, are a source of constant conflict or simply do not fit into the overall harmony. Sometimes we call them ‘black sheep’ because they cause difficult situations, place stress on relations or fail to meet expectations.

Key changes in tax scheme reporting (MDR)

The significant changes in the tax environment and the growing expectations for fiscal transparency have prompted the legislature to streamline the existing provisions on the system for reporting tax schemes (MDR), thereby eliminating some procedural ambiguities. According to ministerial announcements, the main aim of the amendments is to improve the readability, clarity and consistency of the reporting system and more closely align it with that in force in the wider EU.

Contact us:

Anna Gwiazda

Attorney at Law, Partner, Head of Labor Law Practice

+48 660 765 903

a.gwiazda@kochanski.pl