Kapolyi Law Firm continues to be ranked among the top Hungarian law firms by The Legal 500. The firm has been ranked among the most prominent for years for its involvement in major projects such as the successful share issue of the AutoWallis Group, and has been mandated to represent the firm before the MNB in the licensing process of a credit institution, an electronic money issuer and a payment institution.

The Legal 500 is one of the world’s most respected independent legal publications, ranking annually the best performing law firms and lawyers in business law. The rankings are compiled based on 300,000 client feedbacks, applications and peer interviews. In the latest edition of the Legal 500, Kapolyi Law Firm was again rated Tier 2 in the areas of banking, finance and capital markets, and real estate and construction law. The firm, which is celebrating its 25th anniversary, has also achieved a Tier 3 rating in corporate law/M&A and dispute resolution categories.

Our law firm has also received several awards based on individual performance. Sándor HABÓCZKY, Head of the Real Estate and Construction Practice Group, was once again named one of the best in The Legal 500 “Leading Individual” category. Viktor KREZINGER, Head of the Capital Markets Practice Group, has been included in the elite list of “Next Generation Partners” for the fourth consecutive year. In addition, Martin GORTVA, Head of our Global Immigration and Mobility Practice Group, was also recognized in the “Rising Star” category for his work in the field of real estate and construction law.

The firm’s head, József KAPOLYI, emphasized that the recognition reflects not only client satisfaction, but also the firm’s efficient, task-oriented and individual needs-focused approach. And their flexible and practical solutions are key to meeting clients’ changing needs.

The morning economic and public affairs programme on Radio Jazzy focused on typical problems with property sales contracts. The guest and expert of the Business Class broadcast on 19 February was Martin Gortva, LL.M., Head of our Global Immigration and Mobility Group and Deputy-Head of our Real Estate Law Group.

The interview can be listened at the following link: https://bit.ly/OurexpertonRadioJazzy

The AutoWallis Group, listed in the Premium category of the Budapest Stock Exchange, is celebrating five years’ anniversary of its carreer on the stock exchange, which we have been providing legal advice to its domestic and international transactions since its listing. The automotive company commemorated the past years with a bell-ringing ceremony on 12 February, during which it became an international player with an outstanding, trend-setting growth and a turnover of almost €1 billion.

 

On November 8th, our guests had the opportunity to ask their questions about the introduction of DORA and IT Governance issues affecting the domestic financial sector, while enjoying an exceptional breakfast at Larus Restaurant.

Viktor KREZINGER, Head of our Capital Markets Team, and Éva KAZELLA, Head of our IT Practice Group, gave presentations on behalf of our firm.
Their aim was to raise awareness among the institutions concerned about their management responsibilities under the DORA regulation and the supervisory sanctions that may result from a breach of the regulation. The presentations also covered practical methods for compliance.

At the business breakfast, organised jointly with Rubrik, our speakers were joined by Dávid BOKROSSY, Head of Customer Relations for the Central European region of Rubrik, presenting the most important information on the subject matter of the presentations and some practical aspects of the regulation.

If your company is also concerned by the issue, please contact our experts for help!

On 23 May 2023, the Parliament adopted the Hungarian Act No. XXV of 2023 on the Rules on Complaints, Whistleblowing and Reporting Abuses of Public Interest (the „Act”)  – implementing and transposing the EU Directive 2019/1937 on the protection of persons who report breaches of Union law (the “Directive“) -,  which has been also published on 25 May 2023 in the Hungarian Gazette. The Act sets a tight deadline for preparation, as most of those affected will have to apply the rules from the 60th day of the Act’s publication, while some business entities will have to comply by 17 December 2023 at the latest. Taking into account the provisions of the Act, the entry into force thereof will expectedly impose significant administrative burden on employers, so those affected will need to act quickly. In the following article, we briefly summarise the key provisions of the Act and our related comments.

Background and purpose of the regulation

The European Union has made it an objective and goal for the Member States to detect infringements of law. This objective has led to the adoption of the Directive, which aims to lay down minimum requirements for the procedures on reporting breaches of law. The Act sets out the detailed rules within the framework established by the Directive under which reporting persons may report information on breaches of law through various channels and under the protection, in the order established by the Act.

Which business entities are obliged by the Law

In line with the Directive, the Act requires all enterprises having 50 or more workers under an employment relationship to set up internal reporting channels. However, we consider it important to point out that, regardless of the number of workers, certain companies falling within the scope of the Act are affected by the obligation for setting up the mandatory internal reporting channels. These include, for example, credit institutions, financial service providers, auditors, fiduciaries and law firms.

The Act used the possibility of relief provided for by the Directive enabling employers with 50 and to 249 persons to jointly establish internal reporting channels.

It should be noted that the calculation of the number of workers shall not be reduced on the number of persons currently employed by the employer only. The personal scope of the notifiers and the potential difficulties in this regard are described in more detail below in this article.

What can be the subject of report

The Act defines the scope of the report more broadly than the Directive. Under the provisions of the Act, any unlawful or suspectedly unlawful act, default or other information related to infringement may be subject of the report.

Who can be a reporting person

The personal scope of the Act is defined broadly, in principle, reporting person can be an employed person, i.e. any natural person who performs an activity for and under the direction of an employer in the context of an employment relationship for remuneration or who performs an activity for his own account. It is important to underline that, in addition to employees, trainees and persons under a contract of mandate concluded with the employer may also be included. The Act establishes other categories of reporting persons too, therefore the scope of application also includes, for example, persons who are not yet considered as employed but have already started the procedures and processes for the establishment of a legal relationship, such as job seekers, as well as persons whose employment relationship has already ended, such as former employees. It is important to underline that the legislation thus provides employees with another means of enforcing their claims against their employer in the event of termination of their employment relationship, in addition to the already existing options, such as initiating an employment lawsuit or a procedure before a government office.

As emphasized above, in determining the number of employees in each business entity, not exclusively the currently employed persons shall be taken into account, but all persons who are considered to be employed in the context of the reporting parties. As such, it may be a suggested step for business entities to review their contractual relationships when determining the number of employees under the Act and determine any further steps that may be taken in this regard. Of particular interest is that the current legislation requires the system to be set up per employer for groups of companies also, which is likely to cause difficulties in the development of internal rules among employers under single management.

The Act also provides for the possibility of anonymous reporting, the investigation of which may be waived, but if a person has reported anonymously and the investigation has not been waived, the Act extends the protection to such anonymous persons, too. Logically, this may be relevant if the identity of the reporting person is later discovered. In view of the fact that the reports will thus expectedly be received under the assumption of the reporting person’s identity, the question of who will act in the cases in question is of particular importance.

How to make the report

Following the logic of the Directive, the Act also established three reporting stages: internal reporting channels set up by employers, separate reporting channels set up by designated public bodies, and the institution of lawful disclosure. The purpose of the above threefold structure is to encourage those concerned to seek to resolve the matter first through internal or separate reporting channels and, if these fail, to go public only.

The operation of the internal reporting channels

The reporting channels can operate through several communication channels, thus contact can be made in writing, verbally, in the latter case in person or even by telephone.

Due to the nature of the reporting channels, the Act requires the operation thereof by an impartial person or department designated within the employer for this purpose. A further possibility is for the employer to contract a whistle-blower protection lawyer or other external organisation to operate an abuse reporting system.

In both of the above cases, whether the responsible person is appointed within the organization or as an external professional, the impartiality of the person acting is of particular importance, as only by ensuring this requirement can a system be envisaged that works reliably in practice and complies with the requirements of the Directive and the Act. Impartiality can be more smoothly ensured in the case of an external expert, whereas if an employer wishes to set up internal reporting channels, it may be advisable to consider the possibility of creating a separate job title for this purpose.

In addition to impartiality, it is also important to ensure that the person acting in this capacity has the necessary expertise to ensure that its activities are always carried out in accordance with the law and the employer’s internal rules, for example, to effectively screen out unfounded or fictitious reports and to take appropriate action in accordance with the obligations laid down in the Act. For example, even by filing a denunciation if a notification justifies the initiation of criminal proceedings.

The detailed rules for the operation and functioning of the system are recommended to be laid out in a comprehensive and detailed internal regulation of the employer.

The protection for the reporting person

The Law lays down the rules on the protection of persons who lawfully report under a separate sub-chapter. The Act considers a whistleblowing report to be lawful if it was made through one of the reporting channels, the reporting person obtained the reported information in the course of his employment, and the reporting person had reasonable grounds to believe that the reported information was true.

In light of the above, it can be concluded, and should be emphasized, that the reporting person is therefore not protected in the case of intentionally false reports. Furthermore, employers have the possibility to develop an effective, proportionate and dissuasive system of sanctions against reporting persons who deliberately make false reports. In all cases, however, it is important to bear in mind that the prospect of sanctions should not be aimed at preventing genuine reporting.

The protection afforded to lawfully reporting persons includes, inter alia, that the reporting person should not be subject to adverse action, the reporting person should not be considered to be in breach of the law on disclosure of a protected secret and that, except in the case of a criminal offence, the reporting person should not be liable for obtaining or having access to the information contained in the whistleblowing.

Sanctions for the breaches of the law

The Directive requires Member States to provide for effective, proportionate and dissuasive sanctions for natural or legal persons who prevent or attempt to prevent the submission of the reports. The national legislator provides for the sanctions required by the Directive in the area of misdemeanours, according to which anyone who obstructs or attempts to obstruct the submission of the report on breaches of law under the Act on Complaints, Reports of Public Interest and Rules on Reporting Abuse commits a misdemeanour and is subject to the sanctions provided for in the Misdemeanour Act. The system of legal sanctions has not been precisely defined on the basis of the published provisions, therefore evolving practice and experience are expected to shape the system in the near future.

As in Hungary, the Directive has been implemented in several EU Member States in recent months, but in many cases with a significantly stricter sanction-system. The Italian legislation, for example, allows for sanctions against the employer ranging from €500 to €2,500 for non-compliance or breach of the rules, and from €10,000 to €50,000 for major grievance. In view of the above, it is recommended to domestic employers to implement and comply with the provisions of the Act in the strictest possible manner, as the consequences of non-compliance may become significantly more severe in the future.

In addition, it is important to stress that failure to carefully implement reporting channels and thus possible breaches of data protection rules may, inter alia, lead to the imposition of data protection fines on employers.

Summary

After a long wait, the Directive has been implemented into the domestic legal system through the recently adopted and published Act. The affected employers now have a short period of time to assess whether they are affected and, if so, to develop the necessary principles for their whistleblowing systems, appoint the persons responsible for the operation thereof, develop the details of their procedures, adopt their respective internal rules and provide adequate information to their employees. In view of the short timeframe and some specific aspects outlined in this article, we recommend to those concerned to seek assistance from an external expert for the successful preparation and implementation.