Internal reporting office according to the German „Hinweisgeberschutzgesetz“
Complaints procedure according to the German Supply Chain Due Diligence Act (LkSG)
Employers with generally at least 50 or more employees need to set up an internal reporting office. Regardless of the number of employees, this obligation applies in particular to employers in the financial services sector.Special requirements must be considered if the federal government or a federal state is the employer, as well as for municipalities and associations of municipalities and those employers that are owned or controlled by municipalities and associations of municipalities.
Special requirements must be considered if the federal government or a federal state is the employer, as well as for municipalities and associations of municipalities and those employers that are owned or controlled by municipalities and associations of municipalities.
The internal reporting channel must be independent and have sufficient expertise. It shall examine whether a reported violation is valid and whether the organization concerned needs to initiate further measures. It shall maintain contact with the person making the report.
The internal reporting office must operate a reporting channel that meets the legal requirements for confidentiality and documentation. It must ensure that incoming reports are processed confidentially.
To take sufficient account of the legal complexity of the reports to be processed, experts experienced in handling confidential information should be entrusted with the tasks of the internal reporting office.
Our lawyers are experienced in handling confidential information and act independently as data protection officers.
With our reporting system HintPilot, we offer a modern reporting channel that meets all legal requirements for confidentiality and documentation.
Our services
Trustful partner with greatest possible transparency and self-control of company management
Case management by individually selected lawyers
Confidential receipt of reports and communication
Ensuring legally required acknowledgement of receipt and feedback to the person making the report
Initial legal classification and communication with company management
Permanent and easy availability 24/7
Initiation of appropriate follow-up measures (internal investigation, document review, witness interviews)
Individual collaboration
- We take over the case management
- We check the validity of allegations and whether action is necessary for your company
-
Together with you we define
- individual roles and responsibilities within the internal reporting office
- the flow of information in the case of valid reports
- the procedure for initiating follow-up measures
- the involvement of internal/external experts in the final evaluation of reports
- the procedure for involving government agencies and investigative authorities
- Individual organization of the registration office possible
Implementation of HintPilot
Advantages of the HintPilot
- Confirmation and documentation of the receipt of the report to the reporting person
- Confidential communication, documentation and case management within the system
- Maintaining confidentiality of the identity of the whistleblower and third parties mentioned in the report
- Documentation of required consents
- Whistleblower system as an essential element of a Compliance Management System (CMS)
- Deletion of non-relevant data in compliance with legal requirements
- Multilingualism
Advantages of the HintPilot as a system-based reporting channel
| Personal Conversation | Phone | System based reporting channel | ||||
|---|---|---|---|---|---|---|
| Anonymous reporting | no | no | yes | yes | yes | |
| Anonymous communication | no | no | yes | no | yes | |
| Data protection compliance | unknown | unknown | yes | unknown | yes | |
| Implementation of deletion & authorization concepts | unknown | unknown | yes | unknown | yes | |
| 24/7 availability of the reporting channel | no | no | yes | yes | yes | |
| Automation of steps | no | no | yes | no | yes | |
| Digitalization | no | no | yes | no | yes | |
| Confidentiality | no | no | yes | unknown | yes | |
Overview of the HintPilot functions
Isolated data storage
End-to-end encryption
2 factor authentification
Removal of meta data
Case-Management
Case support through processing steps
Deadline management
Multilingualism (24 languages)
Multi-client capability for corporations and groups of companies
Anonymous reports
Anonymous dialogue
Automatic communication
PDF Export Function
Individual branding
Security of HintPilot
Ensuring confidentiality through end-to-end encryption and removal of meta data from file attachments
ISO 27001 certification of the provider's information security management system
Hosting of data in an ISO 27001 certified data center in Germany
Regular positive auditing with extensive penetration testing of the system by external auditors
Compliance with deletion and authorization specifications
Ensuring the integrity of the data through audit security
Ensuring the availability of data and information through system availability of 99.9% per year (subject to software maintenance)
GDPR compliance (Art. 28 und 32 GDPR)
Conditions
Monthly fixed costs
EUR 275,–
plus VAT
Provision of web-based reporting channel included
One consultant hour per month for processing reports included
Conditions optional functions
Phone reporting channel
EUR 69,- / month plus VAT
Email reporting channel
EUR 39,- / month plus VAT
Legal background
Obligation to set up an internal reporting office
-
The "Whistleblower Directive" (EU/2019/1937) should have been implemented by all EU member states by 17.12.2021 by passing a national law.
-
In Germany, the Whistleblower Protection Act has been in force since July 2, 2023.
-
Employers with generally at least 50 employees must set up an internal reporting office. Regardless of the number of employees, this obligation applies in particular to employers in the financial services sector.
-
Special requirements must be considered if the federal government or a federal state is the employer, as well as for municipalities and associations of municipalities and those employers that are owned or controlled by municipalities and associations of municipalities.
-
Further information can be found here: Internal reporting office according to the German „Hinweisgeberschutzgesetz“
Complaints procedure according to LkSG
Procedure in accordance with coordinated rules of practice
Confirmation of receipt and confidential communication with parties involved/Whistleblowers
Documentation of measures taken by the company in response to complaints
Easy accessibility for potential parties involved/Whistleblowers
Enabling anonymous complaints
Impartiality of the persons involved in the complaints procedure
Protection of the confidentiality of the identity of the parties involved/Whistleblowers outside the complaints procedure according to § 8 para. 4 LkSG
Option of a joint contact point for complaints according to LkSG and reports according to HinSchG
Option to set up a separate complaints channel with an individual role and rights concept
Background - LkSG
- As of January 1, 2023, the LkSG (German Supply Chain Due Diligence Act) applies to companies headquartered in Germany that employ more than 3,000 employees in Germany.
- As of Jan. 1, 2024, the LkSG applies to companies that employ more than 1,000 employees in Germany.
- Under the LkSG, companies must ensure that an appropriate complaints procedure is in place to draw attention to human rights-related environmental risks or the violation of corresponding obligations
How can we help you?
-
Scheja & Partners GmbH & Co. KG
Adenauerallee 136
53113 Bonn
Tel.: +49 228 227 226-0
Fax: +49 228 227 226-26