Docaro

Whistleblowing Disclosure Categories In The United Kingdom

Created:
Understand key whistleblowing disclosure categories in the United Kingdom and how they help identify protected concerns. For broader guidance, see our AI Generated Whistleblowing Policy for use in the United Kingdom.
Disclosure category
Disclosure description
General indicators
Distinction from grievance
Policy prominence
Statutory category
Criminal offence
Information tending to show that a criminal offence has been, is being or is likely to be committed.
Theft, assault, fraud, bribery, falsification, unlawful access or other suspected criminal conduct.
Focuses on suspected crime affecting the organisation, public or others, not only a personal workplace dispute.
High
Breach of legal obligation
Information tending to show failure to comply with a legal duty.
Ignoring statutory duties, licence conditions, court orders, contracts required by law or regulatory obligations.
A personal contractual complaint is usually a grievance unless it reveals a wider legal breach or public interest issue.
High
Miscarriage of justice
Information tending to show that justice has been or may be wrongly denied or distorted.
Suppressed evidence, false statements, witness intimidation, manipulated investigations or knowingly inaccurate records.
Concerns integrity of legal or disciplinary outcomes, not dissatisfaction with an unfavourable workplace decision alone.
High
Danger to health and safety
Information tending to show risk to the health or safety of any individual.
Unsafe equipment, ignored risk assessments, dangerous working practices, infection control failures or serious welfare risks.
Covers risk to workers, service users or the public, not only discomfort with management style or workload allocation.
High
Environmental damage
Information tending to show that the environment has been, is being or is likely to be damaged.
Illegal discharges, waste mismanagement, pollution incidents, habitat damage or concealment of environmental breaches.
Concerns environmental harm or legal compliance, not personal disagreement with sustainability priorities.
High
Deliberate concealment of wrongdoing
Information tending to show deliberate concealment of any statutory whistleblowing matter.
Destroyed records, altered logs, pressured silence, misleading reports or obstruction of audits and investigations.
Covers intentional cover-up of serious wrongdoing, not mere poor communication or dissatisfaction with transparency.
High
Statutory category, Good practice category
Bribery and corruption
Offering, requesting or accepting improper advantages, or failing to prevent bribery.
Unusual gifts, facilitation payments, inflated commissions, sham consultants or supplier favouritism.
Concerns improper inducements or corrupt decisions, not dissatisfaction with commercial choices alone.
High
Fraud
Dishonest conduct intended to make a gain, cause loss or expose another to risk of loss.
False invoices, expense abuse, forged documents, revenue manipulation or misappropriation of assets.
Involves dishonesty or financial loss risk, not an ordinary dispute about pay, bonus or expenses treatment.
High
Statutory category, Good practice category, Organisation-specific category
Money laundering
Handling, concealing or facilitating the movement of criminal property.
Unusual transactions, opaque ownership, unexplained source of funds, structuring or suspicious third-party payments.
Concerns suspected criminal finance or regulatory duties, not routine disagreement with payment processes.
High
Statutory category, Organisation-specific category
Terrorist financing
Funds, assets or services suspected of supporting terrorism.
Suspicious payments, high-risk jurisdictions, unexplained beneficiaries or links to proscribed organisations.
Concerns national security or criminal financing risk, not dissatisfaction with customer or supplier onboarding delays.
Medium
Sanctions breach
Dealing with sanctioned persons, restricted goods or prohibited services contrary to UK sanctions rules.
Name screening hits, ownership masking, sanctioned destinations, evasion requests or blocked payment workarounds.
Concerns legal restrictions on dealings, not frustration with commercial approvals or compliance checks.
Medium
Statutory category, Good practice category
Facilitation of tax evasion
Associated persons helping another evade UK or foreign tax.
False invoices, offshore secrecy, cash-only arrangements, misleading tax advice or undocumented rebates.
Concerns dishonest tax evasion assistance, not a personal dispute about payroll deductions or tax codes.
Medium
False accounting and financial misstatement
Dishonest falsification of accounts or records, or misleading financial reporting.
Unsupported journals, premature revenue, concealed liabilities, altered reconciliations or pressure to misstate figures.
Concerns integrity of records or reports, not disagreement with budgets, targets or appraisal metrics.
High
Statutory category, Organisation-specific category
Market abuse or insider dealing
Insider dealing, unlawful disclosure of inside information or market manipulation.
Suspicious trading, leaked price-sensitive information, spoofing, misleading announcements or manipulation of benchmarks.
Concerns market integrity and investor harm, not dissatisfaction with dealing restrictions or compliance approvals.
Medium
Financial services regulatory breach
Conduct breaching FCA, PRA or financial services legal and regulatory requirements.
Mis-selling, client asset failures, misleading disclosures, weak controls or consumer duty concerns.
Concerns customer, market or prudential harm, not personal disagreement with compliance workload.
High
Statutory category, Good practice category
Data protection or privacy breach
Misuse, unlawful disclosure or insecure handling of personal data.
Unreported breaches, excessive access, insecure sharing, ignored deletion requests or covert monitoring.
A personal data request issue may be individual
systemic privacy risk or unlawful processing may be whistleblowing.
Medium
Good practice category, Organisation-specific category
Cyber security failure
Serious weaknesses or incidents exposing systems, data or services to unauthorised access or disruption.
Unpatched critical systems, ignored alerts, credential sharing, ransomware indicators or concealed incidents.
Concerns security risk to systems or data, not dissatisfaction with IT support or equipment quality.
Medium
Statutory category, Organisation-specific category
Safeguarding concern
Risk of abuse, neglect or exploitation of children or adults at risk.
Unexplained injuries, neglect, unsafe supervision, grooming signs, poor reporting or ignored allegations.
Concerns protection of children or adults at risk, not a personal disagreement with rota or care allocation.
High
Good practice category, Organisation-specific category
Patient safety or clinical risk
Serious risk to patients from unsafe care, clinical systems or professional practice.
Unsafe staffing, medication errors, ignored clinical incidents, poor infection control or falsified care records.
Concerns patient harm or safety systems, not only a personal dispute with clinical management.
High
Statutory category, Organisation-specific category
Abuse or neglect in care services
Poor treatment, neglect, unsafe care or abuse in regulated health or social care services.
Rough handling, unexplained deterioration, missed medication, poor nutrition, degrading treatment or unsafe staffing.
Concerns service-user welfare and regulatory standards, not ordinary employment dissatisfaction in a care setting.
High
Food safety breach
Unsafe, unhygienic or misleading food production, storage, labelling or sale practices.
Contamination, allergen failures, falsified dates, pest issues, temperature abuse or misleading origin claims.
Concerns consumer safety or food law compliance, not dissatisfaction with kitchen management or shift patterns.
Medium
Product safety defect
Unsafe products, inadequate warnings or failures to recall dangerous goods.
Known defects, injury reports, failed tests, missing warnings, unsafe imports or suppressed recall data.
Concerns consumer safety or product law compliance, not disagreement with quality targets alone.
Medium
Building or fire safety risk
Serious fire, structural or building safety risks affecting occupants or users.
Blocked exits, unsafe cladding, ignored defects, missing fire checks, faulty alarms or falsified safety certificates.
Concerns risk to occupants or legal safety duties, not general dissatisfaction with workplace facilities.
High
Statutory category, Good practice category
Modern slavery or human trafficking
Forced labour, servitude, trafficking or exploitation in operations or supply chains.
Withheld documents, debt bondage, restricted movement, intimidation, excessive hours or suspicious recruitment fees.
Concerns exploitation or coercion, not an ordinary dispute about workload, management or holiday approval.
High
Statutory category, Organisation-specific category
Illegal working or immigration breach
Employing or facilitating work by people without the required right to work, or related document abuse.
Forged documents, ignored right-to-work checks, cash-in-hand arrangements or exploitative recruitment practices.
Concerns immigration compliance or exploitation risk, not personal dissatisfaction with onboarding procedures.
Medium
Statutory category, Good practice category
Systemic discrimination or harassment
Wider unlawful discrimination, harassment or victimisation affecting workers, applicants, customers or service users.
Biased selection, tolerated harassment, discriminatory service rules, retaliation or ignored repeated complaints.
A personal discrimination complaint may be a grievance
systemic or public interest concerns may be whistleblowing.
Medium
Workplace sexual harassment risk
Failure to take reasonable steps to prevent sexual harassment or address repeated harassment risks.
Repeated incidents, ignored reports, high-risk events, abusive messaging, retaliation or unsafe client interactions.
Individual harassment complaints often use grievance routes
wider prevention failures may justify whistleblowing escalation.
Medium
Systemic employment law breach
Widespread failure to comply with employment law duties affecting groups of workers.
Unlawful deductions, denied breaks, sham self-employment, unpaid holiday or repeated contract breaches.
Individual pay or contract issues are usually grievances unless they show wider unlawful practice or public interest.
Medium
Statutory category, Organisation-specific category
National Minimum Wage breach
Underpayment of statutory minimum wage or manipulation of records to hide underpayment.
Unpaid time, deductions for uniforms, false hours, unpaid training, travel time abuse or off-payroll pressure.
A single pay query may be a grievance
systematic underpayment or false records may be whistleblowing.
Medium
Working time or rest breach
Serious or repeated failures to provide legal working time limits, rest breaks or paid holiday.
Excessive hours, falsified timesheets, denied rest, unsafe fatigue or pressure to opt out improperly.
Individual scheduling disputes are grievances
unsafe or widespread legal breaches may be protected disclosures.
Low
Good practice category
Bullying or abuse creating wider risk
Bullying, intimidation or abuse that indicates systemic risk, safety danger or unlawful conduct.
Threats, repeated intimidation, retaliation, silencing safety concerns or abusive culture affecting multiple people.
Personal bullying complaints usually use grievance routes unless they reveal wider legal, safety or public interest risk.
Low
Good practice category, Organisation-specific category
Misuse of public funds
Improper, wasteful or unauthorised use of taxpayer, grant or public money.
Unauthorised spending, poor value contracts, grant misuse, false claims or spending outside approved purpose.
Concerns stewardship of public resources, not disagreement with internal budget allocations affecting one role.
High
Statutory category, Organisation-specific category
Procurement irregularity
Unfair, unlawful or corrupt tendering, purchasing or contract award practices.
Rigged specifications, undisclosed conflicts, split contracts, bid leaks, sham competition or supplier favouritism.
Concerns fairness, legality or corruption in procurement, not dissatisfaction with a purchasing decision alone.
Medium
Good practice category, Organisation-specific category
Undeclared conflict of interest
Personal, financial or other interests improperly influencing decisions or being concealed.
Related-party awards, hidden ownership, gifts, family links, outside roles or unexplained decision changes.
Concerns decision integrity and improper influence, not resentment that another person received an opportunity.
Medium
Serious governance failure
Major failures in oversight, accountability, controls or lawful decision-making.
Suppressed board information, ignored audit findings, bypassed approvals or misleading stakeholder reporting.
Concerns organisational integrity or control failure, not dissatisfaction with local management decisions.
Medium
Statutory category, Organisation-specific category
Charity misconduct or mismanagement
Serious charity governance failure, misuse of charity funds or trustee misconduct.
Private benefit, unmanaged conflicts, false fundraising claims, safeguarding failures or unauthorised payments.
Concerns charity assets, beneficiaries or regulatory duties, not personal disagreement with trustees or managers.
High
Competition law breach
Cartels, price fixing, bid rigging, market sharing or abuse of dominance.
Competitor pricing discussions, agreed bids, customer allocation, exclusionary conduct or suspicious trade association exchanges.
Concerns market harm and unlawful collusion, not disagreement with commercial strategy or pricing targets.
Medium
Consumer protection breach
Unfair, misleading or unsafe practices causing consumer harm.
Misleading claims, hidden fees, unfair terms, pressure selling, poor complaint handling or unsafe services.
Concerns consumer harm or unlawful trading, not an internal disagreement about customer service targets.
Medium
Good practice category, Organisation-specific category
Professional misconduct
Serious breach of professional standards creating legal, safety, financial or public interest risk.
Dishonesty, unsafe practice, conflicts, falsified credentials, misuse of client money or serious competence concerns.
Concerns professional integrity or public protection, not ordinary disagreement with a colleague's style or competence.
Medium
Research misconduct
Fabrication, falsification, plagiarism or unethical research practices.
Invented data, manipulated results, missing consent, undisclosed conflicts or unsafe trials.
Concerns integrity of research and participant protection, not authorship or supervision disputes alone.
Low
Education or exam malpractice
Improper conduct affecting assessment integrity, learner welfare or education regulation.
Exam cheating, grade manipulation, unsafe supervision, false attendance, maladministration or suppressed incidents.
Concerns learner protection or qualification integrity, not personal disagreement with teaching allocation or appraisal.
Medium
Statutory category, Organisation-specific category
Transport or road safety risk
Unsafe vehicles, drivers, transport operations or journey practices creating serious risk.
Defective vehicles, falsified tachographs, overloaded loads, fatigue, ignored maintenance or unsafe driving pressure.
Concerns public or worker safety, not preference about route allocation, fleet quality or shift pattern.
Medium
Waste crime or environmental permit breach
Illegal waste handling, dumping, exports or breach of environmental permit conditions.
Unlicensed carriers, fly-tipping, false waste notes, illegal exports or repeated permit exceedances.
Concerns environmental harm or waste law, not disagreement with office recycling or housekeeping standards.
Medium
Animal welfare breach
Cruelty, neglect or unlawful treatment of animals in organisational activities.
Poor conditions, untreated injuries, improper transport, illegal experiments or falsified welfare records.
Concerns animal welfare or legal compliance, not personal disagreement with operational animal care preferences.
Low
Statutory category, Good practice category
Victimisation for raising concerns
Detriment, dismissal or retaliation because a worker raised a protected concern.
Demotion, exclusion, threats, disciplinary action, poor references or dismissal after reporting wrongdoing.
The retaliation complaint may be personal, but it is linked to protection for the original whistleblowing disclosure.
High
Breach of court order or legal restriction
Ignoring injunctions, reporting restrictions, undertakings or other binding legal orders.
Orders bypassed, prohibited disclosure, contempt risk, unauthorised contact or deliberate non-compliance.
Concerns compliance with binding legal restrictions, not dissatisfaction with litigation strategy or legal advice.
Low
Good practice category
Falsification of records
Deliberate creation, alteration or destruction of records to mislead or conceal wrongdoing.
Backdated entries, missing audit trails, altered logs, fabricated evidence or destruction after an incident.
Concerns dishonesty or concealment, not ordinary record errors or disagreement over note-taking style.
Medium
Good practice category, Organisation-specific category
Misuse of confidential information
Improper access, disclosure or use of confidential, client, patient, commercial or personal information.
Snooping, unauthorised downloads, leaks, selling data, sharing files externally or accessing records without need.
Concerns confidentiality or privacy harm, not routine frustration with access permissions or information silos.
Medium
Statutory category, Good practice category, Organisation-specific category
Unlawful or unsafe automated decision-making
Automated or AI-assisted decisions causing legal, safety, discrimination, privacy or consumer harm.
Opaque scoring, biased outputs, no human review, unsafe deployment, inaccurate data or ignored model failures.
A personal decision challenge may be a grievance
systemic unlawful automated decisions may be whistleblowing.
Low

What Disclosure Categories Should A UK Whistleblowing Policy Cover?

A UK whistleblowing procedure should clearly cover the statutory protected disclosure categories in the Public Interest Disclosure Act 1998 framework: criminal offences, breach of legal obligation, miscarriage of justice, danger to health and safety, environmental damage and deliberate concealment. These should be given high prominence because they determine whether a worker may qualify for whistleblowing protection.

When Should A Policy Go Beyond The Statutory Categories?

Good policies often add practical categories such as bribery, fraud, money laundering, sanctions breaches, data protection failures, safeguarding concerns, modern slavery and regulatory non-compliance. These categories help workers recognise reportable concerns, but the policy should explain that protection depends on whether the disclosure fits the legal test and is made in the public interest.

How Should A Policy Distinguish Whistleblowing From Grievances?

The key drafting point is to separate disclosures about wider wrongdoing, risk or legal breach from complaints about an individual worker\'s own employment position. Concerns about bullying, pay, discrimination or management decisions may be grievances unless they reveal wider legal, safety, safeguarding, regulatory or systemic risk.

Which Categories Need Organisation-Specific Treatment?

Regulated sectors should adapt the categories to their risk profile. Financial services firms should highlight FCA/PRA rule breaches, market abuse, financial crime and consumer harm. Healthcare, education and care providers should highlight patient safety, safeguarding and abuse. Public sector and charity bodies should highlight misuse of public funds, procurement irregularities, conflicts of interest and serious governance failures.

Whistleblowing disclosure categories
Want to Generate Your own Whistleblowing Policy?
Docaro AI can help you write your own Whistleblowing Policy for use in the United Kingdom in minutes.
Generate Your Document Now

FAQs

Whistleblowing disclosure categories in the UK are the types of wrongdoing protected under whistleblowing law, including criminal offences, legal breaches, miscarriages of justice, health and safety risks, environmental damage, and cover-ups.
Show All FAQs

You Might Also Be Interested In

Whistleblowing policy section checklist
United Kingdom checklist for key whistleblowing policy sections, helping employers review reporting, protection, and compliance content.
People covered by a whistleblowing procedure
Understand who is covered by a whistleblowing procedure in the United Kingdom, including workers, employees, and other protected groups.

References and Information Sources