1. Introduction

In recent years, anti-corruption efforts have prompted many governments to enact laws on whistleblowing protection, e.g. the U.S. Sarbanes-Oxley Act ("SOX") and the UK Public Interest Disclosure Act. In parallel, international organizations such as the UN[1], the OECD[2] and the Council of Europe[3] established international standards and best practice principles in this regard. However, whistleblowing occurs not only in the sphere of corruption but far more widely[4] as the Dieselgate and Cambridge Analytica revelations show. In this sense, the European Commission proposed new rules to strengthen whistleblower protection in general as a mean to unveil unlawful activities (see Section 2 below). In Switzerland, EU legislation do not directly apply. Nevertheless, the international developments in whistleblowing protection have an impact on Switzerland's legislation and legal environment as will be illustrated in Section 3 below.

2. European Commission's Proposed Directive on Whistleblower Protection

Today, whistleblowers' protection in the 28 current EU member states is regulated diversely at national level and is often inadequate. In many cases, the national rules either are applicable to limited sectors only, or define the category of workers who can be protected very strictly.[5]

On 17 April 2018, the European Commission proposed new EU-wide standards[6] to guarantee a high level of protection for whistleblowers who report breaches of EU law, in particular in the areas of (i) public procurement; (ii) financial services, prevention of money laundering and terrorist financing; (iii) product safety; (iv) environment protection; (v) data protection; and (vi) competition law. According to the definition in the proposed directive, whistleblowers are reporting persons working in the private or public sector who acquired information on breaches in a work-related context. Besides the persons having the status of worker or self-employed, the directive shall, in particular, also apply to trainees, volunteers and any persons working under the supervision and direction of contractors, subcontractors and suppliers.

The proposed directive foresees a three-tier reporting system:

First, any misconduct needs to be reported internally. In particular, the following entities will have to set up respective reporting channels while ensuring confidentiality:

  • Any private legal entity of any size operating in the sector of financial services;
  • all (other) companies with more than 50 employees or with an annual turnover of over EUR 10 million; and
  • regional administrations and municipalities with over 10,000 inhabitants.

Second, reporting should be made to the competent authority, if internal channels do not work or could not reasonably be expected to work (for example, where the internal reporting could jeopardise the effectiveness of investigative actions by the authorities responsible).

Third, communication to the public or the media shall only be made if no appropriate action was taken after reporting through other channels, or in case of imminent or clear danger to the public interest or of irreversible damage.

Companies and authorities shall be obliged to respond to and to report the follow-up of whistleblowers' reports within three months (in duly justified cases six months).

Further, pursuant to the proposed directive, all forms of retaliation shall be forbidden and sanctioned. However, in case of retaliation, the whistleblower shall have access to free advice and adequate remedies, e.g. measures to stop workplace harassment or prevent dismissal. The burden of proof shall be reversed in such cases, i.e. the person or organization shall prove that they are not acting in retaliation against the whistleblower. Additionally, whistleblowers shall also be protected in judicial proceedings, e.g. they shall be exempted from liability of leaking confidential or protected information. Conversely, for persons making malicious or abusive reports or disclosures, the member states shall provide for effective, proportionate and dissuasive penalties.[7]

3. Swiss Legal Framework

As mentioned before, the international developments regarding whistleblowers' protection have a strong impact on the Swiss legal framework.

Internationally operating Swiss companies, in particular those whose securities are traded or whose holding company is listed on a U.S. stock exchange as well as auditors acting for such companies, are directly affected by international legal developments. Under the SOX, for example, a procedure for confidential and anonymous reporting by employees must be established.

In addition, the above-mentioned international developments have been reflected in the Swiss legislative activity in recent years.

In November 2013, the Swiss Federal Council proposed new rules on whistleblower protection in the private sector[8] (Teilrevision des Obligationenrechts: Schutz bei Meldung von Missständen am Arbeitsplatz).[9] In May and September 2015, respectively, the two chambers of the Swiss Parliament decided to reject the draft legislation due to its unclear language and bureaucratism. The Swiss Federal Council's revised draft is expected to be published in the course of this year.

In addition, a parliamentary initiative of 2012 proposed to add whistleblowing as a statutory defence in the Swiss Criminal Code.[10] The discussions in the Swiss Parliament have, however, been suspended until the Swiss Federal Council publishes its revised draft on whistleblowing protection since these two legislative proposals are closely linked.

Currently, it is uncertain whether and to what extent these legislative proposals on whistleblowing protection will come into force. Pending such legislation, in the private sector there are no specific whistleblower protection regulation in place (except for compensation in case of wrongful dismissal after having blown the whistle under art. 336a Swiss Code of Obligations).

It remains to be seen, whether the Swiss legislative eventually passes a law on whistleblower protection in the private sector and whether Switzerland autonomously implements the new EU directive once it enters into force. Such autonomous implementation – as performed many times before – would affect, in particular, a significant number of small and mid-size Swiss companies that would need to implement respective internal reporting systems.

In addition, whistleblowers in the private sector would be legally protected and exempted from criminal liability.