The whistleblower programme and complaint procedure

The Whistleblower Programme

The purpose of the whistleblower programme is to ensure that employees and selected groups can report matters in EIFO as well as matters concerning managed entities or subsidiaries of EIFO without fear of retaliation. Reports are submitted via a web portal, which is maintained by the external supplier, Plesner Advokatpartnerselskab.

The scope of the whistleblower programme covers:

• breaches of EU law that fall within the scope of the Whistleblowing Directive
• serious offences or other serious matters 

In addition, under the Danish Anti-Money Laundering Act, EIFO is obliged to establish a whistleblower programme where violations or potential violations of the Danish Anti-Money Laundering Act and rules issued pursuant thereto can be reported.

It is a prerequisite for using the whistleblower programme that information about violations reported via the whistleblower programme has been obtained in a work-related situation for EIFO or the other companies covered by the whistleblower scheme.

Read more about who can use EIFO’s whistleblower programme and how to report below.

Policy for Whistleblowing and other complaint procedures

(This policy is published on the EIFO website in its entirety)

The Export & Investment Fund of Denmark ("EIFO") has a whistleblower programme that you can use to report matters in EIFO as well as matters concerning managed entities or subsidiaries of EIFO.

The whistleblower programme ensures that employees and certain groups can report critical issues without fear of retaliation.

The whistleblower programme is divided into the following three schemes:

A whistleblower programme established pursuant to the Danish Act on the Protection of Whistleblowers (the Whistleblower Act) ("The Statutory Scheme")
A whistleblower programme established pursuant to Section 35 of the Danish Act on Measures to Prevent Money Laundering and Financing of Terrorism (the Anti-Money Laundering Act) ("The Sector-Specific Scheme")
A whistleblower programme set up on a voluntary basis ("The Voluntary Scheme")
The whistleblower programme to which the individual managed entities and companies are subject is listed below:

The Statutory Scheme:

• The Export & Investment Fund of Denmark (hereinafter "EIFO")

The Sector-Specific Scheme:

• EIFO
• EKF Denmark's Export Credit Agency (hereinafter "EKF")

The Voluntary Scheme:

• Dansk Vækstkapital K/S
• Dansk Vækstkapital Komplementar ApS
• Dansk Vækstkapital II K/S
• Dansk Vækstkapital II Komplementar ApS
• Dansk Vækstkapital III K/S
• Dansk Vækstkapital III General Partner ApS
• DVK III Feeder K/S
• Vækstfonden Growth K/S
• Vækstfonden Growth General Partner ApS
• Project Sprout K/S
• Project Sprout Management ApS
• Innovation Investment K/S
• Innovation Investment Komplementar ApS
• Innovation Investment II K/S
• Dansk Landbrugskapital K/S
• Dansk Landbrugskapital Komplementar ApS
• DVK II HoldCo I ApS
• DVK III HoldCo I ApS

Managed entities and companies listed under the Voluntary Scheme are collectively referred to as "Other Companies".

The companies listed under the Statutory, Sector-Specific and Voluntary Schemes are collectively referred to as "The Companies".

Different rules apply depending on whether a report relates to the Statutory Scheme, the Sector-Specific Scheme or the Voluntary Scheme.

It is therefore important to read this text carefully before reporting.

Who can use the whistleblowing programme?

The whistleblower programme can be used by:

1. Workers (employees of the Companies).
2. Self-employed professionals. These can be, for example, self-employed persons with whom the Companies work.
3. Members of the Executive Board and the Board of Directors.
4. Paid or unpaid interns.
5. Individuals working under the supervision and direction of contractors, subcontractors and suppliers. This group of people includes employees of an organisation with which the workplace has a contractual relationship. This group of people also includes employees of a company that is a supplier or subcontractor of goods or services to the workplace.
6. Individuals who report or disclose information to which they have gained access in an employment relationship that has since ended. This group of people also includes people who were employed at the workplace before the Whistleblower Act came into force.
7. Individuals whose employment relationship has not yet begun, who report information about offences accessed during the hiring process or other pre-contractual negotiations. This group of people includes both those who are hired by the workplace at a later date and those who are not subsequently employed.

It is a prerequisite for using the whistleblower programme that information about violations reported via the whistleblower programme has been obtained in a work-related situation for EIFO, EKF or the Other Companies covered by the whistleblower programme.

What can be reported?

Information about breaches of EU law that fall within the scope of the Whistleblowing Directive, serious offences and other serious matters can be reported.

Breaches of EU law can be in relation to, among other things:

• Public tender
• Money laundering
• Product safety and compliance
• Transport safety
• Food and feed safety
• Animal health and welfare
• Environmental protection
• Public health
• Consumer protection
• Privacy and personal data protection
• Network and information systems security

Serious offences or other serious circumstances may include, but are not limited to:

• Breach of any confidentiality obligations
• Misuse of financial resources
• Theft
• Fraud
• Embezzlement
• Fraud
• Bribery
• Breaches of occupational safety
• Any form of sexual harassment
• Gross harassment, such as bullying, violence and harassment based on race, political or religious affiliation.
  Serious or repeated violations of the principles of administrative law, including the principle of investigation, the requirement of objectivity, the principle of abuse of power and proportionality.
• Deliberately misleading citizens and business partners.

Information of a trivial nature, information about other matters, including information about violations of internal guidelines on sick leave, smoking, alcohol, clothing and private use of office supplies or violations of ancillary provisions such as non-compliance with documentation requirements will not fall within the programme.

In addition, under the Danish Anti-Money Laundering Act, EIFO and EKF are obliged to establish a whistleblower programme where violations or potential violations of the Danish Anti-Money Laundering Act and rules issued pursuant thereto can be reported. Both serious and less serious offences can be reported, and offences that are not of vital importance to the Company can also be reported. For example, offences that would only trigger an order or reprimand from the Danish Financial Supervisory Authority.

To the extent you have knowledge or reasonable suspicion, please provide the following information:

• a description of the issue,
• who is involved,
• whether others are aware of the suspected issue,
• whether management is aware of the issue,
• whether documentation of the issue can be found,
• where additional information for the issue can be found,
• how long the issue has been going on, and
• whether you are aware of any attempts to conceal the violation
  
  

How is a report processed?

An external supplier, Plesner Advokatpartnerselskab ("Plesner"), will receive any reports.

When Plesner screens reports, it is assessed whether the reporter and the reported matter are covered by the whistleblower programme. If this is not the case, the report will not be processed further under the whistleblower programme and you will be informed accordingly.

If the report is covered by the whistleblower programme, the report is forwarded to a designated employee in the whistleblower unit. Before the report is forwarded, the external supplier, Plesner, conducts an impartiality assessment of who in the whistleblowing unit can handle the report.

An internal whistleblowing unit has been appointed and is responsible for;

1. Receiving reports and liaising with the reporter,
2. Following up on reports and

Providing feedback to the whistleblower.

Subsequently, the whistleblowing unit must provide feedback to you. This means that the whistleblowing unit must, as far as possible, inform you of the actions taken or planned to be taken and why the whistleblowing unit has chosen this follow-up.

Guidance for the reporter

As a whistleblower, you will receive:

• An acknowledgement of receipt of the report within seven (7) days of submission; and
• Feedback as soon as possible and generally within three (3) months from the acknowledgement of receipt of the report.

There may be a need to extend the timeframe for feedback due to the specific circumstances of the case, in particular the nature and complexity of the report, which may require a lengthy investigation. If this is the case, you will be notified.

Is it possible to report anonymously?

Yes, it is possible to report anonymously. To ensure full anonymity, it is recommended that you use a private PC or a publicly accessible PC. If you wish to remain anonymous, you should not use an EIFO internal connection or EIFO equipment.

A communication module is provided to enable you to communicate anonymously with the external supplier, Plesner, in order to provide additional information about the reported matter, which Plesner will pass on to the whistleblower unit in the Companies. If you choose to report anonymously, it is thus possible for you to communicate and share additional information anonymously with Plesner via the communication module.

The communication module is accessed via the link that you can find under "Where can I report?". If you have chosen to remain anonymous, it is important that you regularly access the communication module to check whether Plesner has asked questions, as Plesner has no other way of contacting you, including notifying you that additional questions or similar have been sent.

In connection with your anonymous reporting, a one-time unique code is generated to ensure anonymity. It is therefore important that you save the code and remember to log in to the communication module to communicate with Plesner and the whistleblower unit. 

How are you protected as a whistleblower?

General

As mentioned previously, different rules apply depending on which company a report relates to, i.e. whether your report relates to EIFO, EKF or the Other Companies and thus the Statutory Scheme, the Sector-Specific Scheme or the Voluntary Scheme, as defined in the introduction.

You can read more below about how you are protected, depending on which scheme your report relates to.

If your report relates to EIFO or EKF:

You are protected under the Whistleblower Act if you have reported to

• EIFO's or EKF's whistleblower programme,
• The Danish Data Protection Agency's external whistleblower scheme (see more below)

You are protected under the Whistleblower Act if you had reasonable grounds to believe that the reported information was correct at the time of reporting and that the information fell within the scope of the Whistleblower Act or the Anti-Money Laundering Act.

It is a prerequisite for obtaining protection that you have a good faith belief in the accuracy of the information and that good faith existed at the time of the report. Individuals who knowingly report false information are not protected.

When these conditions are met, you are protected from retaliation, including any threat or attempt of retaliation as a result of making an internal or external report. You are also protected against being prevented or attempted to be prevented from submitting a report.

If the report concerns EIFO or EKF, you are also protected against retaliation under the Danish Anti-Money Laundering Act.

In addition to the group of persons defined in the section "Who can use the whistleblower programme", the protection in this section also includes the following persons:

• Mediators
• Third parties connected to the whistleblower who are at risk of retaliation in a work-related context (e.g. a colleague)
• Companies and authorities that the whistleblower owns or works for or is otherwise connected to in a work-related context (for example, a company that the whistleblower owns).

Information about your identity or other information from which your identity can be directly or indirectly deduced will only be disclosed to parties other than the whistleblower unit after obtaining your explicit consent.

However, information about your identity may be disclosed to other public authorities without consent if disclosure is made to prevent offences (for example, a criminal act that has not yet taken place) or to safeguard the rights of defence of the persons concerned. If your identity is disclosed without consent, you will be notified, including a justification for the disclosure, unless the disclosure would jeopardise related investigations or legal proceedings.

Your identity may also be disclosed in the event of legal proceedings regarding the reported incident.

If you have intentionally disclosed your identity in connection with the publication of a reported matter, the special considerations for the protection of your identity do not apply. In such cases, information about your identity may be disclosed in accordance with the rules of the General Data Protection Regulation.

Other information from the report, and thus information that does not reveal your identity, is only disclosed to persons outside the whistleblowing unit as part of a follow-up to a report or to address a potential violation of the conditions stated in the section "What can be reported?".

If the whistleblowing unit collects additional information when processing the report, this information is not covered by the Whistleblower Act, including the special duty of confidentiality under the Whistleblower Act. This information will thus be subject to the general rules on the data subject's right of access under Section 22 of the Danish Data Protection Act. The duty of confidentiality therefore only covers the information included in the reports.

Your report relates to Other Companies:

If your report does not concern EIFO or EKF, you are not covered by the Danish Whistleblower Act and the protection provided by law. You are also not covered by the protection of the Anti-Money Laundering Act. However, if you report in good faith, you will not be subject to retaliation, including employment sanctions, if you are employed by EIFO or EKF.

Conversely, a reporter who makes a report in bad faith, knowing that the information reported is not correct, will not be protected from retaliation, etc.

The identity of the person making the report will generally not be disclosed to the person to whom the report relates. However, it should be noted in this context that, according to Article 15 of the Personal Data Regulation, the data subject in principle has a right of access, unless the data subject's request can be exempted pursuant to Section 22 of the Data Protection Act. Your identity will also be disclosed if it is found that a deliberately false report has been submitted or if the Other Companies have a duty to disclose the information.

Your identity may also be disclosed for the purpose of any legal proceedings relating to the reported matter.

How is the affected person protected?

The data subject can be both the person to whom your report or disclosure relates and a natural or legal person related to the data subject (e.g. a spouse). A report can involve multiple affected individuals.

Once a preliminary investigation has taken place and all relevant evidence has been secured, the affected person, i.e. the person reported under the whistleblowing programme, is informed, among other things, of: 

• The identity of the Case Handler(s) in the whistleblowing unit responsible for the investigation of the report; and
• The issues to which the report relates.

If the report concerns EIFO or EKF, the notification will be made in accordance with the rules of the Danish Whistleblower Act, including confidentiality and protection of the reporter's identity. According to the Whistleblower Act, the person concerned has the right to protection of his or her identity during the investigation and the right to an effective defence.

Additionally, the data subject will in certain circumstances have the right to access information about the identity of the whistleblower if this is necessary for the data subject to exercise his/her right to an effective defence.

The companies also observe the rights of the person concerned in accordance with the General Data Protection Regulation. Please refer to EIFO's personal data policy, which can be accessed on EIFO's website, where you can read more about the processing of personal data and the rights of the data subjects.

We ensure that the identity of the person concerned is protected in the processing of the case and that the person has access to an effective defence, including by registering reports. We are also aware of the data subject's rights under data protection legislation, as they may have the right, for example, to access, delete or rectify data.

The Danish Data Protection Agency's external whistleblower scheme

If you do not wish to use the internal whistleblower programme, you can report to the Danish Data Protection Agency's external whistleblower scheme. The same matters can be reported to the external whistleblowing scheme and it is not a requirement that you have first reported via the internal whistleblowing programme. We encourage the internal programme to be used if the offence can be effectively addressed internally and you assess that there is no risk of retaliation.

The Danish Data Protection Agency's external whistleblower programme can be accessed via https://whistleblower.dk/.

If you intend to make a report regarding EIFO or EKF, you can also choose to report via the Danish Financial Supervisory Authority's whistleblower scheme https://www.finanstilsynet.dk/whistleblower.

Processing of personal data

You can read more about how EIFO, EKF and the Other Companies process your personal data when you report via the whistleblower programme, in EIFO's personal data policy, which is available on the website. 

Other complaint procedures

Other matters that are not covered by EIFO's whistleblower programme can be reported via the e-mail address [email protected], which serves as EIFO's second complaint procedure.

The complaint procedure is set up in line with the UN Guiding Principles on Business and Human Rights (UNGPs) and the OECD Guidelines for Multinational Enterprises, as well as in accordance with EIFO's transparency and disclosure policy.

You can use the grievance procedure to report issues in EIFO, including to:

• Complain about EIFO's business and/or projects in which EIFO is involved; and
• Report violations and other matters that are not covered by EIFO's whistleblower programme.

EIFO's complaint procedure is described in more detail on our website and in our Policy for ESG and Sustainability and Policy for Transparency and Disclosure.

Publication

In accordance with Section 27 of the Whistleblower Protection Act, EIFO publishes information about EIFO's whistleblower programme at least once a year. The information includes the number of reports received and the status of the follow-up on the reports, as well as a description of the overarching themes.

You can find the latest published report on the whistleblower programme on our website.