The term whistleblower refers to the Act of 1 July 2023 on the protection of persons reporting legal violations (Journal of Laws 2023, item 1234), commonly referred to as the Whistleblower Act. A whistleblower is someone who reports potential legal violations in a professional context. The Act concerns both the public and private sectors. This article outlines the obligations employers have toward whistleblowers. We will focus also on the consequences of non-compliance with the Whistleblower Act.
Table of Contents
What Types of Legal Violations Can a Whistleblower Report?
A whistleblower reports information about potential legal violations related to work. The legislator intentionally avoided the term “reporting legal violations by the employer”. A broader phrase has been used instead, i.e. “reporting legal violations in a work-related context.” This aims to include violations by entities other than the employer. Under the Act, the “work-related context” includes past, current, or future activities connected with work performed under an employment relationship or other legal relationships providing the basis for services, functions, or duties in or for a legal entity. The scope covers information on legal violations and potential retaliatory actions.
These violations may concern areas such as:
- consumer protection;
- public procurement,
- corruption and fraud;
- threat to the health and life of employees,
- environmental protection.
The primary goal of the Act is to protect whistleblowers from retaliatory actions. For example dismissal, demotion or other forms of repression. The responsibility for providing this protection is on the employer’s part.

Employer’s Obligations Toward Whistleblowers
Implementation of an Internal Reporting System
Employers with at least 50 employees must introduce an internal system for reporting violations. This system should allow whistleblowers to:
- Report legal violations anonymously.
- Provide information in a safe way.
- Receive confirmation of the report within seven days.
The reporting procedures must specify the whole reporting process. It should identify the designated compliance officer responsible for handling reports. The role of such a person is to verify the report. Next, the officer must take action to stop similar incidents in the future. These actions must align with the organization’s established reporting regulations.
Confidentiality and Personal Data Protection
A key employer obligation is maintaining the confidentiality of whistleblowers’ data. The reporting person may only be disclosed with his or her consent. The whistleblower’s identity may be also disclosed upon the request of competent authorities, such as the public prosecutor’s office. Employers must introduce technical and organizational solutions to prevent unauthorized access to reports. One of the possible methods is data encryption.
No Retaliation Rule
The prohibition of retaliation is, in a sense, the essence of the Whistleblower Act. Employers are strictly prohibited from retaliatory actions. Retaliation includes not only dismissal but also:
- refusal of promotion,
- negative employee evaluations,
- mobbing
- salary reduction
Violation of this rule may result in criminal and civil liability for the employer.
Documentation Requirements
Employers subject to the Act must maintain documentation related to the reporting system. This documentation should include:
- regulations for reporting violations,
- register of whistleblower reports,
- reports on the explanatory actions taken.
The employer must keep the reports for 5 years.

Who Must Introduce These Provisions?
The obligation to follow the regulations applies to:
- employers with at least 50 employees,
- entities from the public sector, regardless of the number of employees,
- entities operating in specific sectors, such as finance. It concerns also accounting offices with even one employee.
Some companies, despite the lack of a statutory obligation, decide to apply a whistleblowing system. It may be an element of building a culture of compliance and trust in the organization.

Benefits of Introducing a Reporting System
The Whistleblower Act provides many advantages, including:
- Increased organizational transparency
- Reduced legal risks related to violations
- Building a positive image of the employer as a responsible organization
- Strengthening trust among employees.
Adopting new regulations can help organizations avoid costly legal disputes and administrative penalties.
Who is a whistleblower? | A person reporting workplace misconduct, benefiting from legal protections. |
Scope of whistleblower’s protection | Anonymity, prohibition of retaliatory actions, protection against termination, sanctions for violating whistleblower rights. |
Employer’s obligations towards the whistleblower | Implementation of a system for receiving reports. Appointment of a person or department responsible for handling reports. Employee training. |
Whistleblower reporting channels: | Internal channel (organizational). External channel (reporting to a public authority). Public disclosure of information in certain cases. |
Who must introduce the Whistleblower Act? | Entities with at least 50 employees. Organizations in the public sector. Some smaller entities in specific industries. |
Sanctions for non-compliance with the Whistleblower Act | Fines, restrictions on freedom, or even imprisonment for up to 3 years for obstructing reports or retaliating against a whistleblower. |
Why is it worth following the Whistleblower Act, even if there is no such obligation? | Building trust and an ethical organizational culture. Minimizing the risk of violations. Meeting legal requirements. |
If you are an employer and would like to learn more about obligations related to whistleblower protection, contact us. Our team specializes in the implementation of whistleblower protection regulations and procedures. Ensure your organization’s compliance with the law and build a culture of trust today!
FAQ – Whistleblowers
What Are the Employer’s Obligations Toward Whistleblowers?
An employer has several obligations under the Whistleblower Protection Act. Key responsibilities include:
Implementation of an Internal Reporting System. The employer must create procedures that allow employees to report irregularities. The process must be safe, anonymous, and consistent with legal requirements.
Designating a Person or Department Responsible for Receiving and Verifying Reports. The designated person or department must act independently. They must ensure whistleblower protection and a reliable reporting process.
Informing Employees About the Procedures. The employer should conduct training or other educational activities. This is to ensure that employees know how to report violations and what rights they have.
Ensuring Protection for Whistleblowers. The employer must guarantee that whistleblowers will not face retaliation in any form. For example dismissal, demotion, or discrimination at the workplace.
What Consequences Does an Employer Face for Failing to Follow Whistleblower Protection Procedures?
Non-compliance with the provisions can result in serious legal and financial consequences, including:
Financial Penalties. There are fines for failing to introduce a reporting system or obstructing reports.
Criminal Liability. Retaliatory actions against a whistleblower, such as dismissal or bullying, carry serious consequences. Responsible individuals may face restricted freedom or up to 3 years of imprisonment.
Reputational Sanctions. A poor approach to whistleblowers can lead to a loss of trust among employees. Moreover, it can influence the opinion of clients, and business partners. This can have a negative impact on the organization’s image.
Why Is It Worth Implementing a Whistleblower Protection System in an Organization?
Implementing a whistleblower protection system brings many benefits, such as:
Building an Ethical Culture. An organization that supports reporting irregularities shows its commitment to honesty and transparency.
Minimizing Violation Risks. Reports help detect and address issues early, preventing serious legal or financial problems.
Meeting Legal Obligations. Following the Act eliminates the risk of penalties and lawsuits against the employer. Introducing whistleblower protection rules provides legal security and a strategic advantage.