Independent advice on whistleblowing can be sought from Protect (a whistleblowing charity).

You may also raise your concerns directly with our regulators the Financial Conduct Authority and Prudential Regulatory Authority.

Among a number of methods of external reporting, protected disclosures may be made to the Office of the Protected Disclosures Commissioner (not yet established) who will act as the competent authority for external whistleblowing. Furthermore, the Commissioner shall be assisted by the Office of the Ombudsman.

Pre-approval Controlled Function (PCF) role holders must report directly to the Central Bank of Ireland (CBI) where they believe an issue will be of material assistance to them. They are exempt from this requirement if the information has already been disclosed by another person or if the disclosure could incriminate the reporter. Reports made in good faith are considered protected disclosures and attract the relevant legal immunity for the reporter. Anonymous disclosures are not classed as protected and do not attract immunity. Persons holding PCF roles can make a disclosure under the Central Bank (Supervision & Enforcement) Act 2013 by completing the form available in the link above and submitting it either by e-mail or post.

For non-PCF role holders, reports can be made directly to the CBI in relation to breaches of financial services legislation which a staff member learned about in connection to their employment. Protections may apply where the employee reasonably believes that: (i) the relevant wrongdoing falls within matters as appears appropriate by reason of the nature of the responsibilities or functions of the CBI (i.e. financial services legislation); and (ii) the information disclosed, and any allegation contained in it, are substantially true.

Poland has not yet designated the competent authority for external whistleblowing.

In the meantime, the Polish Financial Supervisory body (Komisja Nadzoru Finansowego) could be contacted for guidance.

The Dutch Whistleblowers Authority provides advice and support for employees who want to report a possible wrongdoing within their organization.

Reports on an infringement of European Union law can also be made to the following competent authorities: the Netherlands Authority for Consumers and Markets (ACM), the Netherlands Authority for the Financial Markets (AFM), the Netherlands Data Protection Authority (AP) and the Dutch Central Bank (De Nederlandsche Bank N.V.).

The Federal Financial Supervisory Authority (BaFin) acts as external reporting authority for the financial market sector for breaches of capital market and securities law and provides country level oversight for specific violations. An external reporting office is also likely to be established by the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

The competent authority for whistleblowers in France is the High Authority for Transparency in Public Life. It is responsible for receiving and processing whistleblower alerts concerning corruption, fraud, favouritism, or other serious offenses committed in the context of public life.

The Autorité des marchés financiers (AMF) and Autorité de contrôle prudentiel et de résolution (ACPR) have implemented whistleblowing policies that may be used to report breaches of European Commission regulations relating to their activities, provisions of the French Monetary and Financial Code or general regulations of the AMF.

Several Swedish authorities have been assigned to receive and investigate whistleblower complaints. The Swedish Competition Authority ('Konkurrensverket') has, for example, the responsibility for the area of public procurement and irregularities within the internal market, and the Swedish Financial Supervisory Authority ('Finansinspektionen') accept notifications on regulatory violations. A notification must refer to a concrete suspicion that a firm or an individual acted in violation of a regulation. The Swedish Work Environment Authority is responsible for the areas where no other authority is competent to receive and investigate whistleblower complaints and also has the responsibility to exercise supervision considering the issue of whether employers have established internal reporting channels or not.

A number of Luxembourg authorities are competent to deal with whistleblower reports (external reporting) and ensure the protection of whistleblowers. This includes the Luxembourg Competition Authority and the National Commission for Data Protection (CNPD).

Any person, and in particular employees or former employees of entities of the financial sector in Luxembourg, may submit a report directly to the Commission de Surveillance du Secteur Financier (CSSF) in a confidential and secure manner if that person has reasonable grounds for believing that the report will show breaches of applicable regulation by entities or persons of the financial sector which fall under the supervision of the CSSF. The whistleblowing procedure should not be used to report breaches of a criminal nature, such as the unlawful exercise of activities of the financial sector. Persons becoming aware of facts which may constitute a crime or an offence are requested to inform the State prosecutor.

According to the Whistleblower Protection Act, the Office of the Finnish Chancellor of Justice (OCJ) acts as a centralised external reporting channel for whistleblower protection. The OCJ is responsible for forwarding all reports to the competent authority that has a statutory duty to supervise the compliance, breaches, and process in any given case. More specific instructions on how to make a report may be found on the OCJ website.

With respect to breaches regarding financial market regulations, the Financial Supervisory Authority (FIN-FSA) will continue to act as the competent authority. Pursuant of section 71 (a) of the Act on the Financial Supervisory Authority, the FIN-FSA maintains a whistleblowing system for receiving reports of suspected infringements of financial market provisions. Financial market provisions are acts and other statutes supervised by FIN-FSA. Suspected infringement does not only mean suspicion of a crime; it covers all suspected violations of provisions.

External reports can be made to the designated competent authority the National Anti-Corruption Authority

Employees or consultants of a bank or other intermediary supervised by the Bank of Italy can use the Bank of Italy whistleblowing channel to report possible regulatory violations or management misconduct in such organizations. The Bank of Italy guarantees the confidentiality of the whistleblower's personal data, and to protect them from any possible reprisals, according to the applicable privacy laws (Article 52-ter of the Consolidated Law on Banking (TUB), Article 4-duodecies of the Consolidated on Finance (TUF) and Law 179/2017).

Individuals who are not employees or consultants of intermediaries supervised by the Bank of Italy can also report possible regulatory violations or alleged management misconduct within these organizations. The information provided is processed by the Bank of Italy in such a way as to guarantee the privacy of the reporting party.

The Independent Authority for Whistleblower Protection (A.A.I) will act as the Competent Authority for receiving whistleblowing reports in Spain.

In the meantime, the financial regulators Direccion General de Seguros and Comisión Nacional del Mercado de Valores could be contacted for guidance.

The National Transparency Authority is the competent authority to receive, manage, and follow up external reports in Greece.