Laws & Regulations

Overview of all laws, regulations and standards related to whistleblowing and compliance worldwide.

Law / Regulation / Standard

Region

Focus Area

Description

Industry

UK Public Interest Disclosure Act (PIDA)

UK

Workplace complianceWhistleblowing

A primary piece of UK legislation and the chief local whistleblowing law, protecting workers who make qualifying disclosures in the public interest from retaliation.

Private Sector, Public Sector

Corporate Sustainability Due Diligence Directive (CSDDD)

EU

Workplace complianceWhistleblowing

An EU directive requiring large companies to identify, prevent, and remedy actual and potential human rights and environmental harms across their operations and value chains.

Private Sector, Public Sector

Corporate Sustainability Reporting Directive (CSRD)

EU

Workplace compliance

The General Data Protection Regulation, or GDPR, is the EU's primary data protection law, governing how organizations collect, process, and store personal data of individuals in the European Union and the European Economic Area (EEA).

Private Sector, Public Sector

COSO Internal Control Integrated Framework (ICIF)

Global

WhistleblowingWorkplace compliance

A voluntary US-origin framework for designing, implementing, and evaluating systems of internal control, applicable globally across all sectors, with particular use in compliance with the U.S. Sarbanes-Oxley Act.

Private Sector, Public Sector

ISO 37301 Compliance Management Systems

Global

WhistleblowingWorkplace compliance

An international voluntary standard designed to specify requirements and provide guidance for establishing, developing, implementing, evaluating, and improving compliance management systems (CMS).

Private Sector, Public Sector

Saudi Nazaha Law

Saudi Arabia

WhistleblowingWorkplace compliance

Saudi Arabia’s primary anti-corruption framework focused on combating fraud, bribery, and illegal personal enrichment across all public-sector entities and private companies with government ownership stakes.

Private Sector, Public Sector

General Data Protection Regulation (GDPR)

EU

WhistleblowingWorkplace compliance

The General Data Protection Regulation, or GDPR, is the EU's primary data protection law, governing how organizations collect, process, and store personal data of individuals in the European Union and the European Economic Area (EEA).

Private Sector, Public Sector

False Claims Act (FCA)

USA

WhistleblowingWorkplace compliance

A U.S. federal statute and the primary civil tool for recovering lost funds in federal program fraud, allowing individuals to sue on the government’s behalf and collect a share of the recovery, making it one of the most significant whistleblower statutes in the world.

Private Sector, Public Sector

Evaluation of Corporate Compliance Programs (ECCP)

USA

WhistleblowingWorkplace compliance

A compliance framework designed by the U.S. Department of Justice Criminal Division for assessing whether a company’s compliance program is effective, with direct consequences for charging decisions and penalty calculations in criminal investigations.

Private Sector

Norma Regulamentadora No.1

Brazil, LATAM

WhistleblowingWorkplace complianceEmployee relations

A core Brazilian workplace safety regulation designed to protect employees from physical and psychosocial harm by requiring employers to implement structured processes for identifying, managing, and preventing workplace risks.

Private Sector, Public Sector

1
2