Whistleblowing tech booms as new EU law comes into force

From the Facebook and Cambridge Analytica data harvesting scandal to the Uber files that revealed details of driver exploitation to speed up growth, whistleblowers have proven a vital tool in exposing recent corporate malpractice.

Yet recent scandals have also revealed the limited help available for individuals seeking to expose corporate behaviour in the public interest.

It’s against this backdrop that the so-called The EU Whistleblowing Directive, adopted by the European Parliament in October 2019, is setting out to offer better protections for whistleblowers to report any unethical actions or harmful non compliances they witness without fear of retribution.

The law aims to provide whistleblowers with a minimum standard of protection across the EU for employees reporting breaches in European law, such as fraud, misconduct or harassment.

Proponents of the directive – which is gradually being introduced by EU member states – argue that it could have led to earlier exposure of the VW emissions scandal. In 2015, the US Environmental Protection Agency uncovered systematic cheating on clean-air tests at Europe’s largest car.

The directive has already forced most large companies to deploy more robust internal reporting systems to report any misdeeds in confidence or complete anonymity by the end of 2021.

Those with 50 or more employees have until the end of this year (December 2023) to comply meanwhile, by which time it will affect some 400,000 companies in Europe.

As the laws are introduced, there’s been a spike of interest in whistleblowing solutions, according to Amsterdam-based People Intouch – which reports that its software logged 50,000 messages alone in 2022.

The firm’s software solution SpeakUp claims to enables its partner clients – which include Nestle, Randstad and KLM – to connect with and protect their employees, suppliers and the communities in which they are active, by providing an anonymous, user-friendly, secure and efficient way to report and correct irregularities and unethical behaviour.

People Intouch’s chief executive Maurice Canisius adds that even UK-based firms are not immune to new whistleblowing protections if they have offices in the EU, and the platform also helps support compliance with UK’s Public Interest Disclosure Act.

“Scandals such as the Royal Mail, Sellafield and NHS in the UK prove the necessity of having a next-generation whistleblowing mechanism,” he added.

The platform is now being used by around 500 mid-sized companies in over 60 countries and has just received a boost from B2B software investor VC Fortino Capital to scale the platform further.

The global governance, risk management and compliance (GRC) software market was pegged as a $1.3 billion industry last year, according to technology investor bible TechCrunch – a figure size that’s predicted to hit $1.9 bn within six years.

While existing legislation such France’s anti-corruption Sapin II law and the EU’s directive are playing a big part in this growth, a greater sensitivity to environmental, social and corporate governance (ESG) issues is also spurring growth in the market.

Other players in the market include ‘integrity platform’ Vault and the aptly-named Whistleblower Software while legacy SAAS-based software from Navex and EQS also offer similar solutions.