CLIENT ALERT – BULGARIA: Employers are to provide for protection of whistle-blowers

The EU Whistleblowing Directive is yet to be implemented in Bulgarian law; still, the employers should already start planning the protection policies.

Alike the GDPR compliance a few years ago, the EU Whistleblowing Directive (Directive (EU) 2019/1937 on the Protection of Persons Who Report Breaches of Union Law) is to impact the majority of the enterprises and businesses in the EU.

The objective is to set out safeguards for whistle-blowers i.e., persons – both in the public and private sectors, who file reports or publicly disclose information about breaches of Bulgarian or EU law that they have discovered in the course of or in relation to their employment duties. Most notably, such protection is to cover not only the employees in public or private sector, but also contractors under civil contracts, self-employed persons, volunteers, interns, owners and members of the management bodies of legal entities, job applicants, persons whose employment relationship has been terminated, as well as to other persons related to the reporting person.

The EU Whistleblowing Directive should have been transposed in the Bulgarian law by now. However, because of the recent political turmoil in the national government, the bill to adopt the relevant law has been delayed and is likely to reviewed only after the national elections later in the fall. The bill is published online at the website of the Parliament – hence, prudent employers can already get acquitted with the obligations and requirements that are likely to be in the future law such as the rules for reporting breaches and making public disclosures and the relevant obligations that will arise for employers. According to the bill:

  • The whistleblower will be entitled to protection as long as he/she has reasonable grounds to believe that the information he/she reports is true at the time the report is filed. There is no requirement to collect or present any evidence to that regard – it is the duty of the competent authorities to investigate.
  • All employers in the public sector and employers in the private sector with more than 50 employees will be obliged to provide for internal reporting channels. Employers in the private sector with less than 50 employees will also be required to provide for such channels if their activity falls within the scope of the EU acts specified in the annex to the bill (public procurement, environmental protection, personal data, etc.).
  • The main obligations of employers will be to:
    • set out a channel (policy) for internal reporting that meets certain requirements, keep records of the reported breaches and to duly document all submitted written and/or verbal reports;
    • designate a person (from their team or an external one) who shall receive, record and investigate on the submitted report and maintain follow-up correspondence with the whistleblower in connection with the processing of the submitted report;
    • direct the whistleblower to the relevant competent authorities and to take the necessary precautions to protect whistleblowers against possible victimisation as a result of the report, as well as to protect their personal data.
  • The administrative sanctions for employers that fail to comply will be significant enough to command attention and motivate timely compliance.

In summary, the employers should plan to bring their business policies in compliance ahead of time since creating a workable and sustainable internal whistleblowing policy requires time for upfront research and development.

Scroll to Top