Skip to content.

Secondary navigation

Get Your Demo
A woman in a striped shirt and white vest holds a tablet, sitting in a brightly lit office with a red wall. She appears thoughtful. In the background, two women are sitting at a desk engaged in conversation.

The Netherlands Whistleblower Protection Act

Explore the Netherlands Whistleblower Protection Law, including compliance requirements, scope, and how to support and protect reporting in your organization

Get your guide
Close-up of evenly spaced, diagonal blue paper sheets or slats creating a geometric, abstract pattern with varying shades of blue and teal, fading from light to dark.

Netherlands Whistleblower Protection Law overview

On February 18, 2023, the Netherlands implemented the EU Whistleblower Protection Directive, amending its existing House for Whistleblowers Act (Wet Huis voor klokkenluiders) and creating the Dutch Whistleblower Protection Act. 

The Netherlands already possessed comprehensive whistleblower protection through its House for Whistleblowers Act (Wet Huis voor klokkenluiders). The new legislation Act was amended to incorporate all the elements of the EU Directive into the existing law, strengthening the existing Dutch whistleblower protection framework.

The legislation requires organizations with 250 or more employees to comply immediately with the Act, while those with less than 250 employees have until December 17, 2023, to adjust and adhere.

A man sits on a gray sofa holding papers in one hand and a laptop on his lap. He wears a green shirt and jeans. Theres a yellow pillow beside him and a plant in the background, creating a cozy living room ambiance.

What does the Dutch Whistleblower Protection Act cover?

The Act adopts the minimum standards for whistleblower protection outlined in the EU Whistleblower Protection Directive. These requirements include: 

  • A secure and confidential channel for receiving whistleblower reports must be in place 
  • Acknowledgment of the receipt of every whistleblowing report must be provided to the whistleblower within seven days 
  • An impartial person or department must be appointed to follow up on the reports 
  • Records must be kept of every report received in compliance with confidentiality requirements 
  • There must be diligent follow-up of the report by the designated person or department 
  • Feedback on the follow-up or investigation must be given to the whistleblower within three months of receiving the report 
  • All processing of personal data must be done in accordance with the GDPR

What are the new rules outlined in the Dutch House for Whistleblowers Act?

  • The burden of proof for demonstrating retaliation against a whistleblower is shifted from the whistleblower to the employer, making it easier for whistleblowers to seek protection. 
  • There are stricter requirements around channels, intake and processing of reports, including receipt confirmation after a report is submitted, clear feedback deadlines and an obligation to maintain records in line with the GDPR. 
  • Reporters can now report directly to the House for Whistleblowers or other competent authorities, in certain circumstances detailed below. 
  • Both oral and written reporting facilities must be provided for reporters. 
  • The scope of whistleblower protections is expanded to include anyone working within an organization. This includes self-employed workers, volunteers, trainees, contractors and suppliers. 
  • A dedicated person per country for reports to be addressed to is not required as long as the minimum requirements for reporting channels are otherwise met. 
  • In addition to the work council’s agreement, the employee representation must also provide consent before adopting or changing how internal reporting processes operate within an organization. 
  • The concept of wrongdoing is expanded to include not only a suspicion of wrongdoing but also an imminent violation of EU rules of social interest, offering broader protections. 
  • The House for Whistleblowers authority may impose fines as penalties for non-compliance with the new legislation.

Two people are collaborating at a table, one is writing on a large sheet of paper. A laptop and a notebook are nearby. A potted plant is in the foreground, and a person partially visible stands in the background.

What other frameworks does the Dutch legislation cover?

While statutory requirements apply only to EU law infringements, confidentiality and personal data protection apply to reports on national law infringements, even when handled by non-designated authorities. 

The protection for reporters of suspected wrongdoing under national law and breaches of EU law is equal under Dutch law. However, the Act also offers protection for reporting suspected wrongdoing (or neglecting to do so) under national law, including violations of statutory provisions, threats to public safety, damage to the environment or acts detrimental to public services or enterprises.

There are two ways that the Dutch Whistleblowing Act does not apply the provisions of the EU Directive when a report is or could be made: 

  1. Requirements for an external reporting channel – there are multiple competent authorities able to receive externally-submitted reports in the Netherlands. These are specific to certain sectors covering financial, healthcare and data protection authorities. 
  2. The EU Directive allows the reporting of probable EU law breaches (“very likely” to happen) and actual breaches of EU law. However, this provision does apply similarly to potential national law violations. The Directive reports of actual or highly likely Union law breaches, but minor infractions may be exempt from further action by the competent authority.

The revised law grants the Dutch Whistleblowers Authority’s investigation department the power of enforcement. Interested individuals, including whistleblowers or ex-employees, can seek a civil order from a district court to enforce compliance. However, provisions on sanctions and anonymous reporting will be added at a later date.

Explore more resources on whistleblowing and regulatory compliance in the EU

Your Definitive Guide to Whistleblowing & Incident Management

A strong incident management system is critical to meeting Dutch whistleblowing laws, building trust, and protecting your organization.

Get your guide