Whistleblower reports from non-employees: conduct that can be reported

The employees and external staff of the Bank of Italy's contractors, external staff and advisors to the Bank, interns and trainees, as well as those in administrative, control, supervisory roles or representing the Bank, can report any wrongdoing by Bank employees that has come to their attention through their working relationships.

The following can be reported:

• civil, administrative, criminal and accounting offences;
• offences falling within the scope of European or Italian regulation in the following areas: public procurement; financial services, products and markets, anti-money laundering and counter-terrorism financing; product safety and compliance; transport safety; environmental protection; public health; consumer protection; privacy and personal data protection, and network and information system security;
• any conduct or omission affecting the financial interests of the European Union (EU);
• any conduct or omission concerning the EU internal market;
• any conduct or behaviour jeopardizing the intents and purposes of EU provisions.

You can use the 'Whistleblower report' form to submit a report. Put the report form in a sealed envelope marked 'Strictly confidential - whistleblowing' and send it to Banca d'Italia, via Nazionale 91, 00184 Rome, for the attention of the Anti-Corruption Officer. In addition to the report, the envelope must include a further sealed envelope containing your tax code, a copy of your identification document and your signature.

Alternatively, you can request a meeting in person with the Anti-Corruption Officer to make an oral report. The request can be made by telephone or by encrypted email to the Head of the Ethical Compliance and Anti-Corruption Division.

A whistleblower report may be filed externally, to the Italian National Anti-Corruption Authority (ANAC) and using the tools made available by the Authority, in any of the following circumstances:

• no internal whistleblowing channel is available, or the internal whistleblowing channel does not comply with legal requirements;
• there was no follow-up on an internal report;
• the whistleblower has reasonable grounds to believe that there would be no effective follow-up on an internal report or that there is a risk of whistleblower retaliation;
• the whistleblower has reasonable grounds to believe that the offence poses a risk of imminent or obvious harm to the public interest.

If you believe that you have been a victim of whistleblower retaliation, including any attempts at or threats of retaliation, you may notify ANAC using the online tool made available by the Authority.

Review of whistleblower reports

Whistleblower reports are reviewed by the Ethical Compliance and Anti-Corruption Division on behalf of the Anti-Corruption Officer. During the investigation, the whistleblower may be contacted for further information or clarification.

The whistleblower will be notified of the outcome of the investigation.

If it is well founded, the report shall be submitted to the competent offices or to the judicial authority, as the case may be, anonymously in order to ensure that the identity of the whistleblower remains confidential.

Privacy Notice

In accordance with the provisions of European and Italian privacy regulation, the personal data of the whistleblower and of the other persons involved are processed by the Bank of Italy for the purposes of handling their reports.

Personal data processing is required under Legislative Decree 24/2023 for compliance with legal requirements.

For the purposes of personal data processing and traceability, whistleblower reports and the attached documents are retained for five years from the date of notification of the final outcome of the whistleblowing procedure.

All reports are treated confidentially in compliance with the EU data protection regulation.

Whistleblowers' personal data may be disclosed to the Anti-Corruption Officer and to cleared employees in the Ethical Compliance and Anti-Corruption Division. The data will not be disclosed externally and may only be communicated to third parties in the cases provided for by Article 12 of the abovementioned Decree.

Whistleblowers may exercise the right of access to personal data and any other rights under the law by contacting the Data Controller - Banca d'Italia, Organization Directorate, Via Nazionale 91, 00184 Rome (Italy), email org.privacy@bancaditalia.it.

For all queries relating to personal data, please contact the Bank of Italy's Data Protection Officer at: responsabile.protezione.dati@bancaditalia.it.

If you consider that your rights have been infringed as a result of the processing of your personal data, you have the right to lodge a complaint with the Italian data protection authority (Garante per la protezione dei dati personali) at any time.