Skip to content.

Secondary navigation

Get Your Demo
Two men in business suits have a serious discussion in an office. One is older with white hair and glasses, gesturing with his hands, while the younger man listens. A flip chart is visible in the background.

The Greece Whistleblower Protection Act

Explore the Greece Whistleblower Protection Law, including compliance requirements, scope, and how to support and protect reporting in your organization

Get your guide
Close-up of evenly spaced, diagonal blue paper sheets or slats creating a geometric, abstract pattern with varying shades of blue and teal, fading from light to dark.

Greece Whistleblower Protection Act overview

Greece enacted a whistleblower protection law at the end of 2022 to transpose the EU Whistleblower Protection Directive’s requirements into national law. The amendments define new and expanded whistleblower protections for anyone reporting violations of EU law only – not violations of Greek national law as well. 

The new legislation covers all public and private organizations with at least 50 employees, requiring them to establish mechanisms to allow for whistleblower reports and to protect whistleblowers. Employers must also appoint someone to investigate whistleblower claims, and this can be an internal manager or an external third party. 

The law protects whistleblowers and those assisting them from retaliation for submitting a report. It also allows them to report their concerns externally to Greece’s National Transparency Agency; or even directly to the press if the whistleblower believes reporting via the other two channels will be ineffective.

A man sits on a gray sofa holding papers in one hand and a laptop on his lap. He wears a green shirt and jeans. Theres a yellow pillow beside him and a plant in the background, creating a cozy living room ambiance.

What does the Greek whistleblower protection law cover?

The law adopts the minimum standards for whistleblower protection outlined in the EU Whistleblower Protection Directive. These requirements include: 

  • A secure and confidential channel for receiving whistleblower reports must be in place. 
  • Acknowledgment of the receipt of every whistleblowing report must be provided to the whistleblower within seven days. 
  • An impartial person or department must be appointed to follow up on the reports. 
  • Records must be kept of every report received in compliance with confidentiality requirements. 
  • There must be diligent follow-up of the report by the designated person or department. 
  • Feedback on the follow-up or investigation must be given to the whistleblower within three months of receiving the report. 
  • All processing of personal data must be done in accordance with GDPR.

What are the rules outlined in the Greek whistleblower protection law?

Known as formally as Law 4990/2022, Greece’s whistleblower protection law covers all organizations with at least 50 employees. Organizations with 250 or more employees had to establish their whistleblower programs by May 11, 2023; smaller organizations must do so by the end of 2023. Organizations with fewer than 250 employees are also allowed to establish a joint whistleblower program in coordination with other small businesses. Financial service firms need to establish an internal reporting system even if they have only one employee.

A group of medical professionals walking and smiling. Two women in white coats are in the foreground, one with curly hair and the other with short hair. In the background, a woman and a man in blue scrubs are partially visible.

All covered business must meet the following basic requirements

The law requires all covered businesses to 

  • Set up a whistleblowing system with comprehensive whistleblower protections
  • Adopt a policy on reporting legal violations and other misconduct. Businesses must also train employees on how to use the hotline and on the importance of non-retaliation.
A woman in a tan coat stands beside a modern escalator with metallic sides and a green wall background, looking slightly upward with a thoughtful expression.

Confidentiality, retaliation and disclosures

Companies are allowed to outsource the management of their hotline to a third-party service provider, although companies that do so are still responsible for responding to whistleblower complaints on the timelines outlined above. 

Greece’s law does not expressly encourage anonymous reporting, but does say that if an anonymous reporter’s identity is discovered at a later point, that person is entitled to the same whistleblower protections as any other reporter.

A person with a white beard, wearing a colorful feather boa and a floral shirt, smiles at a party. Balloons are hanging in the background near a window. Another person stands behind them, partially visible.

Anonymous report intake and management

Whistleblowers are allowed to submit reports in writing, verbally or in person; and the company must preserve a record of every report submitted. The law also prohibits retaliation of any kind against whistleblowers: harassment, pay cuts, withholding of promotion, canceling expected employment contracts, and so forth. Whistleblowers who believe they’ve suffered retaliation are entitled to free legal advice, and can receive compensation if their retaliation claims are proven true.

A woman wearing an orange safety vest and headset operates a forklift in a warehouse, surrounded by shelves filled with boxes and goods.

What are the risks of non-compliance?

Companies that fail to implement the required whistleblower program can be subject to fines ranging from €10,000 to €500,000

Explore more resources on whistleblowing and regulatory compliance in the EU

Your Definitive Guide to Whistleblowing & Incident Management

A strong incident management system is critical to meeting Greek whistleblowing laws, building trust, and protecting your organization.

Get your guide