Whistleblower law in Malta #
Malta implemented Directive (EU) 2019/1937 by amending the Protection of the Whistleblower Act (Cap. 527). Malta’s framework combines the usual 50-worker private-sector trigger with a visible public-service reporting-officer model.
Applicable law #
Who must establish an internal channel #
Private employers with at least 50 workers must establish an internal reporting procedure. Malta’s public-service framework also requires whistleblowing reporting officers across ministries and public entities.
External reporting authority #
Malta uses competent authorities and reporting officers rather than one single universal external authority. The official whistleblower.gov.mt portal and its guidance pages explain the Maltese reporting-officer model for the public service.
Data protection authority #
For complaints about the handling of whistleblower data, the relevant authority is the Information and Data Protection Commissioner (IDPC) .
Key compliance points #
- Malta’s public-service model is operationally visible: each ministry has a whistleblowing reporting officer and public-facing procedures.
- The public guidance stresses that identified reporting is important to obtain formal whistleblower status and protection, even though anonymous submissions may still surface concerns.
- Organisations operating in Malta should explain clearly whether they are describing the statutory whistleblowing process or a broader grievance / speak-up workflow.
Official sources #
- Protection of the Whistleblower Act (Cap. 527) — official text
- Government whistleblower portal
- Government whistleblower guidance
- Government whistleblower questions and answers
- IDPC — file a complaint
Deploy your reporting channel →
Last updated: