Non-financial reporting is a major step towards holding companies accountable for their declared values and actions in support of responsible business, an ethical work environment and employee well-being. When an organisation implements the idea of ​​ESG (Environmental, Social, Corporate Governance) compliance, it brings benefits to everyone involved: the organisation itself, its employees, customers and stakeholders. ESG goes hand in hand with corporate governance and risk management, forming a system that works together harmoniously. This compliance system – an element of corporate governance in its broadest sense – has traditionally been founded on issues such as whistleblowing & investigations, counteracting corruption and verifying business partners, among other things. Undoubtedly, ESG reporting will further strengthen the role of compliance management in organisations.


Recent discussions on compliance issues in Poland have focused on the still unimplemented EU Whistleblower Directive, the tightening of corruption laws and the verification of business partners in the wake of sanctions packages introduced by the EU/UN in connection with the Russian aggression against Ukraine.


Whistleblowing

Poland does not yet have legislation introducing a general obligation to report irregularities at the workplace. Such obligations only exist in specific business sectors – for example on the financial market in terms of anti-money laundering. The implementation of whistleblowing systems is still a choice for many companies, though they often decide not to implement them unless there is a legal obligation. Such a trigger could be the adoption of a whistleblowing law as part of the implementation of the EU directive (the deadline for implementation passed in December 2021). Given these circumstances, Polish businesses already seem to be tired of the increasing legal uncertainty and many draft laws that have not lived to be passed to the Polish parliament, even despite being described as 'final' drafts. However, this may soon change, after the new Polish government declared that this particular legislation process will be prioritised. There are also indications that the scope of the reporting obligation will be broader than under the EU directive and will cover HR violations and corruption offences. This would be a significant and highly impactful change for employers, which we may see in the coming months.


Anti-corruption

In recent years, the Polish legislator has definitely neglected its role as an educator showing organisations how to counteract one of the biggest risks for doing business – the risk of corruption. There has been a lack of any real legal action to prevent corruption and no educational campaigns. On the other hand, attention has been focused on the response to misconduct. There was recently a major criminal law amendment in terms of punishing corruption offences. The threat of imprisonment for corruption in Poland is now as high as 20 years! This clearly shows how critical the risk of corruption is to businesses operating in Poland. Proportionate to this risk must be the organisations’ actions in terms of anti-corruption programmes, which should be one of the top priorities.


Third-party due diligence in the context of managing sanctions

Russia's aggression against Ukraine, Poland's neighbour, has hit legal, business and social relations. Economic sanctions packages introduced by the EU and the UN require businesses to thoroughly verify business partners, their affiliates and the countries of origin of the goods. The careful selection of business partners and tracing the supply chain has become more important than ever.

In addition to international regulations, Poland has implemented national law in this area, requiring the verification of suppliers. A supplier due diligence, the verification of beneficial owners, sanction clauses and declarations are now an everyday reality for many companies, as business cannot carry on as usual without taking the role of compliance seriously. As no specific verification activities are in place to assess the sanctions risk, companies have to work this out themselves, which forces them to take an even more serious approach to compliance management.

Businesses that want to do business responsibly should review their organisation's activities in the areas outlined above, bearing in mind the potential benefits to the organisation and people, but also protecting themselves from the serious consequences of non-compliance incidents.