Core Tools
Infrastructure
Product previews
From zero to regulator-ready
See how ComplyBridge walks you through a full MiCA CASP application — from entity setup to final submission package.
See how it works →The only AI that knows your firm
Reasons across the live EU rulebook and your own policies, KYB data, UBOs, and integrations.
Explore capabilities →Confide
Whistleblowing, turnkey
A confidential reporting line your institution can stand up in an afternoon. Anonymous by default, multilingual, with a two-way thread the reporter can come back to. Branded for your institution. Hosted by ComplyBridge. No NAVEX-tier procurement.
What the Directive asks for. What we actually built.
EU Whistleblower Directive 2019/1937 has been mandatory for firms with 50+ employees since December 2023. Confide ships the entire internal-channel side of the obligation — intake, triage, response, retention.
Anonymous by default
No name, no email, no IP logged. The reporter is identified only by a report number they save and a password they set — we can't recover either for them.
Two-way thread
The reporter returns with their credentials to read replies and add detail. Internal notes between your reviewers stay hidden from the reporter. The trail is one continuous case file.
Multilingual + multi-category
Reporter picks the language they want to write in. Nine regulated-finance-tailored categories (corruption, financial misconduct, AML / sanctions, market abuse, discrimination, health & safety, data protection, conflict of interest, other) drive the inbox triage.
Your brand, our infrastructure
White-label channel — your institution's logo, your accent colour, your tagline. The URL can run on confide.complybridge.xyz or a subdomain of your own. The legal operator footer stays for Directive compliance.
Audit trail by default
Every status change, every reply, every reviewer action time-stamped. Retention controls aligned with the Directive's record-keeping requirements. Exportable bundle for the auditor or the national authority.
Directive-aligned status workflow
New → triaged → under review → resolved. Reporter-visible status chip kept honest — acknowledgement within 7 days, substantive feedback within 3 months, as the Directive prescribes.
Standing up the channel takes an afternoon.
Compare to the multi-quarter NAVEX / EQS procurement cycle a firm with 200+ employees would otherwise run.
Configure the channel
Brand it (logo, accent, tagline), pick the categories your institution wants on the inbox, choose the languages you'll respond in. 10 minutes.
Publish the link
Drop the embed snippet in your website footer, your intranet, your employee handbook. The link is public; the inbox is private behind your SSO.
Reporter files anonymously
Four-step wizard — language → credentials → context (relation + category) → message + attachments. Generated report number + reporter-set password are the only identifiers.
Your team triages
Inbox sorted live-work-first. Reply in-thread or add internal notes. Advance the case through new → triaged → under review → resolved with full audit trail.
Sharper than the incumbents on the things that matter.
NAVEX, EQS Integrity Line, and the rest were built for generic enterprise compliance. Confide is built for the regulated- finance reporter and reviewer — the categories, the framing, the audit trail, and the retention controls all reflect that.
- Categories are tailored to regulated finance — AML/sanctions and market abuse are first-class entries, not buried in 'other'.
- The reporter sees status meaning, not jargon: 'New' means the institution hasn't seen the report yet; 'Triaged' means a reviewer has read it.
- Multi-language out of the box — reporter picks any of the languages you've enabled for the channel; you reply in the same language where possible.
- Encryption in transit and at rest, EU-only data residency, retention controls aligned with the Directive's record-keeping requirements.
Confide — common questions.
Yes. Confide implements the internal reporting channel side of the Directive — anonymous intake, acknowledgement within 7 days, substantive feedback within 3 months, retention controls, the works. Your firm still appoints the impartial person or function that handles the reports; we provide the infrastructure they use.
The Directive requires firms to inform reporters about the external channel (your country's national authority) and not to obstruct external reporting. Confide includes that disclosure in the public landing copy and routes nothing — external reporting goes to the national authority directly, as the Directive intends.
Yes. We don't ask for name, email, or IP. The reporter is identified only by the report number we generate (CF-XXXX-XX) and the password they set. Your reviewers see the report content, the category, the language, and the reporter's stated relation to the institution — nothing more.
Those platforms target generic enterprise compliance with long procurement cycles and per-seat pricing that scales with employee count. Confide is part of ComplyBridge — one contract, no separate vendor, regulated-finance-tailored categories, and the reporter-side flow is genuinely modern (sticky progress, document attachments, two-way thread). For a firm with 50–2,000 employees that doesn't already have an incumbent, we're a better fit than the heavyweight legacy vendors.
Yes — every channel ships with logo + accent colour + tagline configurable per institution. The 'Powered by ComplyBridge' footer is optional and on by default; turn it off in the channel config if you want a fully white-labelled experience. The URL itself can run on confide.complybridge.xyz/your-slug or under your own subdomain.
It stays in the audit log under your firm's retention policy (default: 5 years post-resolution, configurable per local law). The reporter can still sign in with their credentials and read it. Retention controls and deletion follow the Directive's record-keeping requirements and your jurisdiction's data-protection rules.