Skip to content

By January 1st 2020, specific companies operating in Australia will need to have a mandatory whistleblowing policy in place

Related people
Geoff Simpson

Partner

Perth

View profile →

Galic Goran
Goran Galic

Partner

Perth

View profile →

Meredith Campion

Partner

Perth

View profile →

Kenavan Aaron
Aaron Kenavan

Partner

Sydney

View profile →

Parshall Michael
Michael Parshall

Partner

Sydney

View profile →

Palmer Jamie
Jamie Palmer

Partner

Sydney

View profile →

Denisenko Jason
Jason Denisenko

Partner

Sydney

View profile →

Tony Sparks

Partner

Sydney

View profile →

Luke Nicholls

Counsel

Perth

View profile →

Jennifer Wyatt

Lawyer

Perth

View profile →

17 December 2019

The window for establishing and implementing a specific whistleblower policy has now almost closed. 

If they have not already done so, public companies, ‘large’ proprietary companies1 and all proprietary companies that are trustees of registrable superannuation entities (excluding trustees of SMFSs) (relevant entities) are reminded to adopt a whistleblower policy by 1 January 2020 which complies with the Corporations Act 2001 (Cth) (Corporations Act).

Background

Amendments to the Corporations Act and the Tax Administration Act 1958 (Cth) (which came into effect on 1 July 2019)2 significantly broadened Australia’s whistleblowing regime. Among other changes, relevant entities are required to adopt a compliant whistleblower policy by 1 January 2020, covering items such as:

  • the protections available to whistleblowers;
  • who may qualify for these protections;
  • how and to whom a whistleblower can make a disclosure;
  • how the company will support whistleblowers and protect them from detriment; and
  • how the company will investigate disclosures and ensure fair treatment of employees who are mentioned in, or are the subject of, disclosures.

What ASIC expects - regulatory guide 270

On 13 November 2019, ASIC released Regulatory Guide 270, which is designed to assist companies to implement and maintain a whistleblower policy that complies with the obligations under the Corporations Act. It includes guidance (including non-mandatory examples and good practice tips) on establishing, implementing and maintaining a whistleblower policy and, as such, it is recommended that relevant entities read and familiarise themselves with the contents of RG 270 to the extent it applies to them.

In order to sufficiently meet the objectives set out in the RG 270, ASIC expects entities to:

(a) establish a whistleblower policy that:

(i) is aligned to the nature, size, scale and complexity of the entity’s business;

(ii) is supported by processes and procedures for effectively dealing with disclosures received under the policy; and

(iii) uses a positive tone and language that encourages the disclosure of wrongdoing;

(b) take steps to give effect to their whistleblower policy by ensuring that the policy is implemented appropriately and consistently carried out in practice; and

(c) have arrangements in place for periodically reviewing and updating their whistleblower policy to ensure issues are identified and rectified.

All employees should be made aware of the new policy and those employees who are likely to receive disclosures should be trained on how to assess, categorise and manage eligible disclosures in accordance with the new protections. Relevant entities should review and update any current HR policies, particularly grievance policies, to ensure they operate consistently alongside the whistleblowing policy.

Enhanced penalties apply

Companies affected by the amendments should be aware that recently increased penalties for breaches of the civil penalty provisions of the Corporations Act apply to certain breaches of the whistleblower regime.

That is, the penalties for companies for certain civil penalty provisions are the higher of 50,000 penalty units (approximately AUD10.5 million), three times the benefit derived or detriment avoided, or 10% of the company’s annual turnover (capped at AUD525m). For individuals, it is 5,000 penalty units (approximately AUD1.05m), or three times the benefit derived or detriment avoided.

The requirement for relevant entities to have and make available the whistleblower policy required by 1 January 2020 is a strict liability offence for which both individuals and companies are liable. The penalty is AUD12 600 for individuals and AUD126,000 for corporations.

1 ‘Large’ proprietary companies are proprietary companies which meet at least two of the following criteria:
     – the consolidated revenue for the financial year of the company and any entities it controls is AUD50m or more;
     – the value of consolidated gross assets at the end of the financial year of the company and any entities it controls is AUD25m or more; or
     – the company and entities it controls has 100 or more employees at the end of the financial year.
2 As effected by the Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth).