Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law was transposed by Law 361/2022 on the protection of whistle-blowers (“Law 361/2022”).
Law 361/2022 came into force at the end of December 2022, and it provides for: (i) a certain protection mechanism for persons (including employees) who report “breaches of the law”, either internally or externally, (ii) certain obligations for employers (under particular conditions), as well as for, (iii) rules regarding the reporting itself (either internal or external).
Barely entered into force, an amendment was soon brought to Law 361/2022 by means of Law 67/2023, which came into effect on 31 March 2023.
Prior to this legislative change, reporting that did not contain certain elements (e.g., the name, forename, contact data, and/or the signature of the whistle-blower) were examined, and resolved, to see if such reporting contained “sound clues” regarding breaches of the law.
According to the new amendment brought about by Law 67/2023, the above-mentioned requirement for such clues to be “sound” was deleted.
Therefore, beginning on 31 March2023, reporting that lacks the name, forename, contact data and/or the signature of the whistle-blower, shall be examined, and resolved, to see if they contain “clues” with regard to breaches of the law. Consequently, even though such clues may not be “sound” and/or the reporting be anonymous, the recipient entity is obliged to examine and resolve such reporting.
As a result, this new amendment may bring about more reporting to be accepted for examination and resolution, which may lead to more and more breaches of the law to be identified, and, thus, liability and sanctions might be established.
Considering the above-mentioned, it is highly recommended that private undertakings take increased measures so as to ensure compliance with Romanian (and EU) law and maintain integrity within their organization.