Implement the EU directive on the protection of whistleblowers now with rexx systems.
Implement the EU directive on the protection of whistleblowers now with rexx systems.
The professional whistleblower system
With the rexx whistleblowing software, employees and external persons have the opportunity to report serious violations or misconduct in matters of data protection, corruption, violence, unequal treatment or general compliance violations to the responsible authorities in the company.
rexx not only offers simple reporting, but also comprehensive Whistleblower Protection Act management, in which responsibilities, workflows and data structures of the report are controlled individually for each company depending on the report category – optionally also with the involvement of external experts, such as. B. an external data protection or information security officer.
All reports and inquiries are treated as strictly confidential and worthy of protection, i.e. fully compliant with GDPR and the EU Whistleblower Directive.
Setting up the whistleblowing software in the rexx Suite is easy and can be done within a day. The costs are low and far below those of a fine. Better than a physical mailbox, more efficient than the slogan “My door is always open” and more secure than by telephone, email or letter – this is only possible with the whistleblowing software from rexx systems.
The whistleblower can view the status of the report at any time to check whether action has been taken. Confirmation of receipt must be received seven days after receipt of the report. Likewise, the whistleblower’s report can be supplemented at any time with further information or the persons authorized to receive it can report back for further important information that will help solve the problem. The employer is obliged to provide feedback on how the report is handled within three months.
By the way, the rexx reporting platform can also be used universally, for example for suggestions for improvement. The processing workflows can be adapted and controlled depending on the report category.
Example form for whistleblowing:
Whistleblowing policy: what needs to be considered
The whistleblower system should make it clear to whom the report is addressed, who has access to it, how queries are handled and within what deadline a response should be given.
It must be possible to report these violations verbally or in text form. The focus is on protecting the anonymous whistleblower, people who support the whistleblower and people who are the subject of the report.
Unrestricted access to a whistleblower system, which protects the identity of the whistleblower and any third parties and prevents unauthorized persons from accessing it, is intended to enable internal investigation in a protected, non-public setting.
Professional whistleblower protection law management must ensure that all people who receive reports receive regular training. All whistleblower processes are documented by the whistleblower system and then checked for validity and relevance.
This test is also automatically documented in the software. Appropriate follow-up measures such as internal investigations or handover to other responsible bodies will then be initiated if necessary.
In addition, the number, type and actual relevance of whistleblower reports should be regularly evaluated, broken down by report category, and reported to the company’s management and those responsible – this can be done quickly with the whistleblowing software from rexx!
Introduce whistleblowing software now
The EU directive on the protection of whistleblowers came into force on December 16, 2019 and should be converted into national law by the EU countries by December 31, 2021. After some back and forth, the time has now come in Germany: The Whistleblower Protection Act (HinSchG) has finally been published and came into force on July 2nd, 2023!
For companies with more than 250 employees, this means that an internal reporting point must be set up.
Smaller companies with 50 to 249 employees have an extended set-up deadline until December 17, 2023. To save costs, these companies are allowed to set up a jointly operated reporting center with other companies.
The reporting channel applies to legal violations in everyday professional life for employees, customers and other third parties. Companies in the financial sector are hit particularly hard because, regardless of the number of employees, they have to introduce internal whistleblower systems.
From December 1, 2023, affected companies and associations will face a fine (possibly up to 50 thousand euros) if they do not comply with their legal obligation to set up an internal reporting office.
Mandatory introduction depending on company size.
Group size | Subsidiaries | Obligation of an internal reporting point | Valid from |
---|---|---|---|
< 50 Employees |
- | No obligation | - |
50 < 249 Employees |
- | Obligation to have an internal reporting point for the parent company. | 17.12.2023 |
> 250 Employees |
< 50 Employees |
Obligation to have an internal reporting point for the parent company. No obligation for the corporate subsidiary. |
02.07.2023 |
> 250 Employees |
50 < 249 Employees |
Obligation to have an internal reporting point for the parent company. Subsidiaries can join the parent's process. |
02.07.2023 |
> 250 Employees |
> 250 Employees |
Obligation to have an internal reporting point for the parent company. Large subsidiaries require their own system. The operation can be carried out by the parent company, but the processing of the notice must be carried out by the subsidiary company. |
02.07.2023 |
Whistleblowing policy: only with anonymous exchange
To ensure anonymous access to the report at all times, a secure key is generated after the information is submitted. The employee is asked to copy this key and confirm it via the checkbox.
This means the whistleblower can continue to follow up on the existing report without having to reveal their username and password.
All the user has to do is enter the generated key. Communication with the whistleblower is easily controlled using the ticket’s comment function. The whistleblower’s answers are also returned to this field as comments and the authorized persons receive a notification.
software now for free