Compliance guide
Whistleblower Policy Template
A whistleblower policy gives your people a safe, confidential way to report serious wrongdoing, and protects them from retaliation when they do. Whether you call it a whistleblowing, whistleblower protection or whistleblower reporting policy, it's the same document, and this guide gives you a free template plus a done-for-you option.
Last updated
Key takeaways
- A whistleblower policy sets out what can be reported, how to report it confidentially, and how reporters are protected from retaliation.
- Whistleblower, whistleblowing and whistleblower protection policies are the same document, just different names.
- It's underpinned by whistleblower laws that vary by country, such as the US Sarbanes-Oxley / Dodd-Frank regime, the UK Public Interest Disclosure Act (with ACAS guidance), Australia's Corporations Act regime, and the EU Whistleblowing Directive.
- It works alongside your code of conduct and anti-bribery policy as a core governance document.
- Write your own from the template below, or have a tailored, ready-to-issue version done for you.
What is a whistleblower policy?
A whistleblower policy is an internal document that encourages people to speak up about serious wrongdoing, such as fraud, corruption, illegal activity, or a danger to health and safety, and assures them they can do so safely and confidentially. It sets out what counts as a reportable disclosure, who can make one, how to report it, and how the business protects reporters from victimisation.
The names vary, whistleblower policy, whistleblowing policy, whistleblower protection policy and whistleblower reporting policy all describe the same document.
Why your business needs one
- Legal compliance, whistleblower laws in many jurisdictions (e.g. US Sarbanes-Oxley/Dodd-Frank, UK PIDA, Australia's Corporations Act regime, the EU Whistleblowing Directive) expect organisations to protect people who report wrongdoing.
- Catch problems early, a safe internal channel surfaces fraud, misconduct and safety risks before they escalate or go public.
- HR and procurement reviews, larger clients and tenders increasingly ask suppliers for a whistleblowing policy alongside their code of conduct.
- Culture and trust, showing people they can speak up without fear builds an honest, accountable workplace.
Examples of whistleblowing
People speak up more readily when they can see what "whistleblowing" actually looks like. Common examples include:
- Reporting fraud, theft or false accounting.
- Flagging bribery, corruption or an undisclosed conflict of interest.
- Raising a serious health and safety danger that's being ignored.
- Reporting discrimination, harassment or bullying that management won't address.
- Disclosing a breach of the law, a regulation or the company's own code of conduct.
A complaint about someone's own job or pay usually belongs in your grievance procedure rather than the whistleblowing channel. A good policy spells out that distinction so the right issues reach the right process.
What to include: whistleblower policy template structure
Adapt this outline to your business and jurisdiction:
- Purpose and scope, why the policy exists and who it covers (employees, contractors, suppliers, former staff).
- Policy statement, your commitment to a safe, retaliation-free reporting environment.
- What can be reported, reportable conduct such as fraud, corruption, illegal activity, breaches of policy, or dangers to health and safety.
- Who is protected, the people who can make a disclosure and qualify for protection.
- How to report, the channels available, a named contact or whistleblowing officer, a hotline, and an anonymous option.
- Protection from retaliation, your promise that reporters won't be dismissed, demoted or victimised.
- Confidentiality, how the reporter's identity and the report are kept confidential.
- How reports are handled, who assesses and investigates disclosures and what reporters can expect.
- Responsibilities, what the business, managers and the whistleblowing officer must do.
- Review and approval, who owns the policy, how often it's reviewed, and sign-off.
Download the editable whistleblower policy template
Add your email and we'll send the complete whistleblower policy template in Word and PDF, including a sample reporting procedure you can adapt.
How to implement your whistleblower policy
A policy only protects people if they know it exists and the channels actually work.
- 1
Adapt it to your jurisdiction
Match the protections, eligible reporters and reportable conduct to the whistleblower law where you operate.
- 2
Set up reporting channels
Name a whistleblowing officer or contact, and offer a confidential, ideally anonymous, way to report.
- 3
Approve and communicate
Have it approved by management, then share it with all staff and include it in induction.
- 4
Train managers
Make sure managers know how to receive a disclosure and never retaliate.
- 5
Handle disclosures consistently
Assess and investigate reports fairly, protect the reporter, and keep records.
- 6
Review regularly
Review the policy at least annually and when the law changes.
Free template vs done-for-you document
Comfortable adapting the wording and setting up your own reporting channels? The free template is all you need. Want it sorted properly without the legwork? Here's how the done-for-you version compares.
| Free template | Done-for-you document | |
|---|---|---|
| Price | £0 | Fixed fee |
| Effort from you | A few hours editing | A short intake form |
| Matched to your country's law | You research it | Done for you |
| Reporting channels | You design them | Set out for you |
| Ready to issue | You format it | Signed-ready PDF |
| If it needs changes later | You redo it | We revise it free |
Prefer your whistleblower policy done for you?
Tell us about your organisation and where you operate, and we'll prepare a tailored, ready-to-issue whistleblower policy with reporting channels and protections set out for you.
Requests for the whistleblower policy are reviewed and prepared manually, we'll follow up by email.