If your company has more than fifty employees, the answer is YES.
With the entry into force of Law 2/2023, of February 20, regulating the protection of people who report regulatory infractions and the fight against corruption (hereinafter, Whistleblower Protection Law), it is transposed into the legal system. Spanish legal Directive (EU) 2019/1937 of the European Parliament and of the Council, of October 23, relating to the protection of persons who report infringements of Union Law , (known as the Whistleblowing Directive ) and is intended to give a further step in the culture of information and corporate compliance, to prevent and detect certain threats to the public interest.
It regulates, on the one hand, the protection of natural persons who, in the work or professional context, report irregular practices committed by public or private entities and, on the other, the requirements and guarantees that effective communication mechanisms must comply with. this information (complaint channels), by companies and other obligated public bodies.
In accordance with this regulation, companies are required to approve whistleblower protection policies and implement internal information system protocols, which make available to people who have the status of whistleblowers, mechanisms to communicate, within the entity itself, information on irregular practices of which they are aware, guaranteeing at all times the application of the rights of the informant and the established protection measures.
