(Articles 2 i 5)
The obliged entities must have a specific internal reporting channel, adequate to the requirements of the Directive and the Law, so that the persons referred to in article 3 can communicate information about the breaches provided for in article 2.
On the other hand, Law 2/2023 determines that the obliged entities must implement an internal reporting system, and that the different internal reporting channels that can be established within the entity form part of this system (art. 5.2 d) of the Law).
The implementation of the internal reporting channel is compatible with the fact that the entity has other information flows beyond the personal or material scope of application of the Law. This would be the case, for example, of the channels established in relation to the Next Generation Funds, which would have to be kept operational. In any case, it is important that clear information is provided about the features of the channel and the associated protection and that the person who uses it is not misled. This consideration can be extended to violations of the code of ethics or behaviors constituting harassment, for example, in which it is necessary to explain what the planned procedure is and the level of protection they have recognized as well as the external channel of reference.