On November 25, 2019, Ireland published the new European Union (Money Laundering and Terrorist Financing) Regulations 2019, amending the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (“the Act”), and giving further effect in Ireland to the 4th EU Money Laundering Directive 2015/849. These regulations provide that specified financial institutions must put in place appropriate procedures for workplace whistleblower protections for employees who anonymously report violations of the Act, such as financial fraud and money laundering:
“(6A) A designated person shall have in place appropriate procedures for their employees, or persons in a comparable position, to report a contravention of this Act internally through a specific, independent and anonymous channel, proportionate to the nature and size of the designated person concerned.”
These new provisions, integrated with prior mandatory reporting requirements (such as the Central Bank (Supervision and Enforcement) Act 2013 (Section 48(1)) (Investment Firms) Regulations 2017) should harmonize and thus ensure all information reported via whistleblowers within financial institutions regarding legal violations is acted upon by senior officials and reaches appropriate regulators.
While adding whistleblower provisions to the Act is a step in the right direction in terms of encouraging reporting, its sparse language leaves gaps in whistleblower protection. In fact, this regulation does not contain any provisions to protect whistleblowers against retaliation, despite the dangers of workplace whistleblower retaliation. For such protection, whistleblowers must turn to the Protected Disclosures Act, which only provides protection for workplace whistleblowers (i.e., employees or officers).
Furthermore, neither law provides rewards for whistleblowers whose complaints are meritorious or lead to successful enforcement actions.
However, on October 7, 2019, the European Union formally approved a “Whistleblower Directive,” which EU member states, including Ireland, must implement by 2021. This directive, when applied in Ireland, may fix some of these glaring holes in Ireland’s current whistleblower laws. For example, this directive will require protection for any persons who disclose information to which they had privileged access and will protect whistleblowers who report internally, externally, or publicly. This directive also includes a more comprehensive list of retaliatory actions that are prohibited. Therefore, when united with the Act, legislation enacting the Whistleblower Directive should ensure that all whistleblowers who report corporate fraud will receive more extensive protection.
Nevertheless, while this directive requires that a workplace whistleblower have access to legal remedies and compensation, there is no provision providing rewards for successful disclosures.
Therefore, when it comes to global financial institutions with a presence in the United States, whistleblowers are better off reporting to the United States Securities & Exchange Commission (“SEC”). The SEC Whistleblower Program, which contains comprehensive anti-retaliation regulations and unique whistleblower reward provisions, remains superior to the new Irish AML whistleblowing regime.