Financial Crime World

Sweden Takes a Major Step Forward in Whistleblower Protection with New Act

Stockholm - A Significant Move towards Strengthening Whistleblower Protection

In a significant move, Sweden has become the second EU Member State after Denmark to fully transpose the Whistleblower Protection Directive into national law, ahead of the December 17, 2021 deadline. The new Whistleblowing Act came into effect on September 29, 2021, aiming to strengthen whistleblower protection in the country’s finance industry.

Key Features of the New Act

  • Builds upon Sweden’s existing whistleblowing legislation introduced in 2016
  • Provides legal protection for employee and consultant whistleblowers reporting serious misconduct
  • Extends scope of protection to cover reports regarding serious violations of Swedish law, as well as other serious misconduct
  • Introduces new guidelines for whistleblowers, requiring them to first raise an external concern with a relevant authority before going public

Compliance Requirements

  • Employers in the private sector with 250 employees or more, and those in the public sector, must implement a whistleblowing scheme by July 17, 2022
  • Private sector companies with between 50 and 249 employees have until December 17, 2023 to comply
  • Individual entities within a group structure with 250 or more employees must implement their own internal system for internal reports

Expert Insights

  • Experts at Fylgia, a leading Swedish law firm, note that the Act includes several key enhancements to existing whistleblowing protections and measures
  • Emphasize the importance of reviewing and updating existing policies, guidelines, and procedures to ensure compliance
  • Highlight the need for training and awareness, especially for management, to ensure employees and consultants have easy access to information on how to make a report through both internal and external whistleblowing systems

Implications and Recommendations

  • Companies considering outsourcing whistleblowing systems must be aware of the General Data Protection Regulation, particularly in relation to data processors
  • The scope of protection set out in the Act may be extended through collective bargaining agreements, but any agreed limitations cannot reduce the minimum level afforded under the Act
  • Companies in the finance industry are advised to take immediate action to ensure compliance with the new Act and its implications for their organizations.