Glossary
Compliance Officer
The senior executive accountable for an organisation's compliance management system. In whistleblowing, the compliance officer is most often the designated person under EU Directive 2019/1937 Article 8(5), operating the internal channel, training case handlers, and reporting to the board on volume and outcomes. The role is regulated in finance and increasingly expected at 250+ employees.
Full definition
The compliance officer (also: Chief Compliance Officer / CCO) is the executive accountable for the organization's compliance management system. In the whistleblowing context, the compliance officer is most often the 'designated person' under EU Directive 2019/1937 Article 8(5), operating the internal reporting channel, training case handlers, and reporting to the board on case volume and outcomes. The role is regulated in heavily-regulated sectors (banks under MiFID II, asset managers under AIFMD, listed companies under MAR) but increasingly expected as a separate role in companies of 250+ employees regardless of sector.
Related terms
- Designated Person The individual or department formally responsible for handling whistleblower reports inside an organisation. EU Directive 2019/1937 Article 8(5) requires the designated person to be impartial and trained. The role can be the compliance officer, DPO, an external ombudsperson, or a dedicated investigator, and may be outsourced, though legal responsibility stays with the organisation.
- ISO 37301 The international standard for compliance management systems, published in 2021. ISO 37301 defines requirements for organisations to identify their compliance obligations, manage compliance risk, and maintain a culture that enables compliance. Whistleblowing channels are explicitly listed as a control. Organisations often pursue triple certification across ISO 37001 (anti-bribery), ISO 37002 (whistleblowing), and ISO 37301.