1.1. Grant Thornton Baltic OÜ (registry code 10384467) (the "Company") is committed to compliance with the laws and regulations to which it is subject and to maintaining high standards of business ethics and corporate governance.
1.2. The purpose of this policy (the “Policy”) is to set out the Company’s policy on, and commitment to, whistleblowing and the protection of whistleblowers, and to provide details of how reports of improprieties can be made. The whistleblower system should only be used for improprieties that may result in serious consequences for the Company.
1.3. The Company therefore requires all employees and encourage third parties to report concerns about improprieties relating to the Company. Compliance with this Policy is mandatory for all of the employees.
1.4 Local legislation [1] and regulatory practice shall prevail over the statements of this Policy and adjustments can be done to comply with the legal and regulatory regime. These adjustments must be done as annexes to this Policy and presented together with the original Policy.
1.5. The Policy shall be updated once every 5 (five) years or if and when required in order to reflect changes in regulation or other important circumstances.
1.6. Please contact Company's HR Department for clarifications on the Policy and to report noncompliance with the Policy.
2.1. Whistleblowing refers to a situation where an employee or a third person, e.g. applicants for employment, clients, contractors or the general public (each a “Whistleblower”) reports concerns about any suspected or actual Improper Activities relating to the Company.
2.2. Improper Activities include:
2.2.1. criminal offences or breaches of other legal or regulatory requirements, failure to observe a legal obligation, corrupt or fraudulent behaviour (e.g., economic offence, fraud, accepting valuable gifts in return for discounted price offer for clients etc.);
2.2.2. improper conduct or unethical behaviour (e.g., making inappropriate comments at work-related events etc.);
2.2.3. breaches of contract (e.g., knowledgeable breach of a client contract etc.);
2.2.4. misappropriation of the Company`s property (e.g., unsupervised usage of Company´s property in a public place etc.);
2.2.5. putting people’s health and safety at risk (e.g., non-compliance with work organisation rules etc.);
2.2.6. financial and non-financial administrative malpractice, e.g. not observing proper procedures (e.g., providing false information on invoices such as providing incorrect data regarding the bank account etc.);
2.2.7. fraud or deliberate error in the preparation, evaluation, review or audit of financial accounts and records (e.g., conscious processing of false information, deliberately providing inadequate consultation to clients etc.);
2.2.8. participation in or condoning a reportable wrongdoing through wilful suppression or concealment of any information relating to a wrongdoing (e.g., failure to report harassment cases etc.);
2.2.9. non-compliance with environmental, social responsibility or governance framework (e.g., improper sorting of garbage etc.);
2.2.10. personal grievances by employees or third parties. Personal grievance is a concern, problem or complaint that is specifically related to the person (e.g., bullying by co-workers, unfair treatment by supervisors, dissatisfaction with the terms and conditions of employment contract, etc.).
2.3. For the avoidance of doubt, the examples provided under clause 2.2 do not contain the exhaustive list of violations and is provided for informational purposes only.
3.1. Reports of allegations of suspected Improper Activities must be submitted through a form available here.
The forms' recipient address is Marge.Litvinova@ee.gt.com that is managed by Grant Thornton Baltic´s Head of People & Culture.
3.2. For the avoidance of doubt, the Company requires Whistleblowers to report in Estonian. Any reports made in another language might need further translation and the Company cannot guarantee the same level of judgement as there remains possibility of information being misinterpreted through translation.
3.3. Although the Whistleblower is not required to furnish any more information than what he/she wishes to disclose, it is essential for the Company to have all critical information in order to be able to effectively evaluate and investigate the allegation. The report of Improper Activities should provide as much detail and be as specific as possible, including names and dates, in order to facilitate the investigation.
3.3.1. To the extent possible, the disclosure must include the following:
3.3.1.1. type of concern (what happened);
3.3.1.2. when it happened: a date or a period of time;
3.3.1.3. where did it happen;
3.3.1.4. names of the employee(s), and/or outside party or parties involved in the Improper Activities;
3.3.1.5. some proof of allegations, if possible;
3.3.1.6. who to contact for more information, if possible.
3.4. Improper Activities reports are received and analysed by the Head of People & Culture who must record and store every report in full details alongside the decision taken on the report and the reasoning thereof. Improper Activities reports must be reviewed immediately, but not later than within (7) seven working days after receipt.
3.5. In case the Whistleblower has a fear of distrust in the report being analysed by the Head of People & Culture to, the Whistleblower is allowed to send her/his concern to the Head of Legal Department., whereas the Head of Legal Department will then take the full responsibility of handling the report with the instructions and requirements established in this Policy.
3.6. For the avoidance of doubt, all reports of Improper Activities are analysed in accordance with the applicable legal regulations governing the protection of personal data, in particular based on Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
4.1. If the Whistleblower makes a report of Improper Activity in good faith and reasonably believing it to be true, but it is not confirmed by the investigation, the Company will recognise the concern, and no negative consequences will follow. If, however, the Whistleblower makes an allegation frivolously, maliciously or for personal gain, appropriate actions, including disciplinary action according to § 319 of the Penal Code, may be taken.
4.2. Whistleblowers may be contacted for further information by the person responsible for handling the Improper Activity report.
4.3. Whistleblowers must provide sufficient corroborating information to justify the commencement of an investigation. All reports will be taken seriously and investigated as fully as possible, but without sufficient information, it may be more difficult to evaluate the credibility of the allegations and, therefore, less likely to cause an investigation to be initiated.
4.4. Whistleblowers are "reporting parties", not investigators. They are not to act on their own in conducting any investigative activities, nor do they have a right to participate in any investigative activities other than as requested by the person handling the case.
4.5. Whistleblowers are informed about the status of their report and, if possible, also the steps that Company has taken to investigate the facts of the report, unless legal requirements or Company`s reasonable interests prohibit disclosure of status of the investigations. Such feedback shall be submitted to the Whistleblowers as soon as possible, but no later than 3 (three) months or, in justified cases, 6 (six) months after receiving the report.
4.6. The law in force establishes fine for Whistleblowers who report knowingly incorrect information. The Whistleblower may be punished with a fine of up to 300 (three hundred) units. It shall be emphasized that all and any reports must be submitted in good faith.
5.1. All information received will be treated with confidence, except where the Company is required by law or regulation to disclose it, for legal or audit purposes or where the Company refers the matter to relevant regulators or law enforcement authorities.
5.2. The protection of a Whistleblower’s identity will be maintained to the extent possible within the legitimate needs of law and the investigation. The Company will make every effort to keep the identity of the Whistleblower confidential. However, there may be circumstances where, due to the nature of the investigation, it will be necessary to disclose the Whistleblower’s identity.
5.3. In order not to jeopardise the investigation, the Whistleblower is also required to keep confidential the fact that a report has been made, the nature of the impropriety concerned and the identities of those involved, unless required to disclose such information by law or regulation.
6.1. The Company is committed to the fair treatment of all persons making genuine and appropriate reports of Improper Activities under this Policy, including the protection of Whistleblowers against unfair dismissal, victimisation, or unwarranted disciplinary action. Reasonable steps will be taken by the Company to protect the Whistleblower from reprisal or inconvenience as a result of making a report of Improper Activities under this Policy.
6.2. It is a breach of this Policy for any employee to cause inconvenience to a Whistleblower who makes any report under this Policy in good faith.
6.3. A Whistleblower shall immediately report any alleged or apparent retaliation to the Head of People & Culture. The Company will promptly investigate claims of retaliation and changes in employment that might constitute retaliation against any employee who has engaged in any of the protected activities. The Company reserves the right to take appropriate action against any person who initiates or threatens to initiate retaliation against Whistleblowers who make reports under this Policy.
6.4. A Whistleblower’s right to protection from retaliation under the corresponding state laws does not extend immunity for any complicity in the matters that are the subject of the allegations or an ensuing investigation.
This Policy document will be reviewed once every 5 (five) years.
This document was last updated in November 2024.
[1] Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law, according to which Estonia has adopted an Act on Protection of Persons Who Report Work-Related Breaches of European Union Law.