Working Party Issues Opinion on Application of EU Data Protection Rules to Internal Whistleblowing Schemes in the Context of Accounting & Financial Crime

On February 1, 2006, the Working Party established under Article 29 of Directive 95/46/EC issued an opinion providing guidance on how internal whistleblowing schemes can be implemented in compliance with the EU data protection rules contained in Directive 95/46/EC. The opinion is limited to the application of EU data protection rules to internal whistleblowing schemes in the fields of accounting, internal accounting controls, auditing, matters, fight against bribery, banking and financial crime. One of the primarily reasons for the preparation of the opinion is the Sarbanes-Oxley Act (SOX) adopted by the U.S. Congress in 2002 following various corporate financial scandals. SOX requires publicly held U.S. companies, their EU-based affiliates, and non-U.S. companies listed in U.S. stock markets to establish within their audit committees "procedures for the receipt, retention and treatment of complaints received by the issuer regarding accounting, internal accounting controls or auditing matters; and the confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters". In addition, Section 806 of SOX provides for the protection for employees of publicly traded companies who provide evidence of fraud from retaliatory measures taken against them for making use of the reporting scheme … [more]