Article 32 Reporting of infringements
1. Member States shall ensure that competent authorities establish effective mechanisms to enable reporting of actual or potential infringements of this Regulation to competent authorities.
2. The mechanisms referred to in paragraph 1 shall include at least:
(a) specific procedures for the receipt of reports of infringements and their follow-up, including the establishment of secure communication channels for such reports;
(b) within their employment, appropriate protection for persons working under a contract of employment, who report infringements or are accused of infringements, against retaliation, discrimination or other types of unfair treatment at a minimum; and
(c) protection of personal data both of the person who reports the infringement and the natural person who allegedly committed the infringement, including protection in relation to preserving the confidentiality of their identity, at all stages of the procedure without prejudice to disclosure of information being required by national law in the context of investigations or subsequent judicial proceedings.
3. Member States shall require employers who carry out activities that are regulated by financial services regulation to have in place appropriate internal procedures for their employees to report infringements of this Regulation.