Skip to main content
Version status: Applicable | Document consolidation status: Updated to reflect all known changes
Version date: 1 January 2018 - onwards
Version 3 of 3

Article 28

1. Competent authorities shall establish effective mechanisms to enable reporting of actual or potential infringements of this Regulation to them.

2. The mechanisms referred to in paragraph 1 shall include at least:

(a) specific procedures for the receipt of reports of actual or potential infringements and their follow-up;

(b) appropriate protection for employees who report infringements committed within their employer at least against retaliation, discrimination and other types of unfair treatment;

(c) protection of the identity both of the person who reports the infringements and the natural person who is allegedly responsible for an infringement, at all stages of the procedure unless such disclosure is required by national law in the context of further investigation or subsequent judicial proceedings.

3. Member States may provide for competent authorities to establish additional mechanisms under national law.

4. Member States may require employers engaged in activities that are regulated for financial services purposes to have in place appropriate procedures for their employees to report actual or potential infringements internally through a specific, independent and autonomous channel.