Whistleblower Channel

Whistleblowing statement

At Visma, we are firmly committed to maintaining the highest standards of integrity and professionalism. We do not accept any form of improper behavior or unacceptable conditions—this includes, but is not limited to, breaches of laws, internal procedures, ethical principles, or workplace policies. Examples include workplace bullying, harassment, discrimination, corruption, money laundering, and other forms of financial misconduct. We strive to provide a lawful, respectful, and safe working environment across all entities and operations.

We adhere strictly to all relevant legal frameworks and promote responsible, ethical conduct. Any violation of applicable national or European laws may lead to serious consequences, such as disciplinary measures, employment termination, or referral to legal authorities.

We guarantee full anonymity and confidentiality throughout the entire case process.

Our reporting process is in full alignment with the European Union’s Whistleblower Protection Directive (Directive (EU) 2019/1937) and relevant national occupational safety and whistleblower protection legislation. In certain jurisdictions, our regulatory obligations as a licensed entity require us to maintain a dedicated whistleblowing mechanism in accordance with local financial oversight rules.

Who Can Submit a Report

This reporting process is available to anyone who becomes aware of, or suspects, a violation of applicable national or EU/EEA laws, or a breach of internal guidelines such as our organization's Code of Conduct.

The protection offered through this process also extends to individuals associated with the reporter—such as coworkers or family members—who may be at risk of retaliation due to their connection to the report.

If you choose to raise a concern, you are legally safeguarded against unfair treatment, including dismissal or other negative consequences, simply for speaking up. All submitted concerns are handled impartially and will never be reviewed by anyone directly involved in the reported issue. This ensures confidentiality, fairness, and protection for the person making the report.

We encourage the reporting of all concerns related to misconduct or policy breaches. Once a report is received, our intake team ensures that it is directed to the appropriate, impartial case handler.

What You Can Report

Reports should be made in good faith and based on reasonable suspicion. You don’t need to provide concrete proof, but the intention must not be to cause harm or knowingly submit false information. In other words, the issue you raise should serve the public interest rather than reflect a purely personal grievance.

To assess whether your report qualifies as being in the public interest, consider the following:

• How many people are potentially affected
  
  
• The seriousness or impact of the issue
  
  
• Who is involved in the matter
  
  
• The overall severity and context
  
  

In general, a legitimate report should address more than just a personal dispute or dissatisfaction.

Examples of reportable concerns may include:

• Criminal conduct such as fraud, corruption, or money laundering
  
  
• Threats to health and safety
  
  
• Environmental harm or risks
  
  
• Instances of injustice or abuse of legal processes
  
  
• Breaches of laws or regulatory requirements, such as lack of proper insurance
  
  
• Deliberate concealment of misconduct
  
  
• Workplace harassment, bullying, or toxic behavior
  
  
• Inappropriate or unsafe psychological work conditions
  
  
• Cases of sexual misconduct or abuse of power (#MeToo-related issues)
  
  

Note! It is important that you read and understand the privacy notice for employees before submitting your report (see link on the right side). Any personal data that is clearly not relevant to your report should not be submitted. We may delete it without informing you if you still submit such information.

Your report

Your report should contain the following information

• The type of misconduct you wish to report.
• Where it has taken place.
• When it happened. Provide time and date and if anything is recurring.
• Documentation in any form if you have access to it. If you don’t have access but know documentation exists, include what type of documentation it is and where it can be found.
• Details of any other action that you have taken in relation to the misconduct

How your report is handled

Based on current legislation, the organisation will make an initial assessment of your report to determine whether it is applicable for being handled in the whistleblowing channel.

All reports will be assigned a unique case number, and you will receive a verification code to confirm receipt of your report.

You will receive the confirmation within seven days of acknowledgement of your report. You can use the verification code to submit additional information or get feedback on the case.

The company will get in touch with you on how the case has been handled within 90 days.

Anonymity

You remain completely anonymous when you submit a report unless you voluntarily provide personal information. There is no obligation to provide any personal information.

Privacy statement

Persons registered in connection with the Whistleblower Policy, including the accused person and the whistleblower, have the right to request access to data registered about them to check its accuracy and rectify it if inaccurate, incomplete or outdated.

The personal data processed in connection with the Whistleblower Policy will be stored for as long as needed, for the purpose for which it was collected. This may be dependent on whether the report is investigated, and if there are legal proceedings following the investigation.