The Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 introduces amendments to the Corporations Act, the Taxation Administration Act and a range of other legislation. These amendments are effective from 1 July 2019 and support improved whistleblower protections and set new obligations for the management of whistleblowers.
All companies are covered by the new legislation, however public companies, large proprietary companies and proprietary companies that are trustees of registerable superannuation entities, are specifically required to have a whistleblower policy in place by 1 January 2020.
Whistleblowers may make disclosures on a confidential basis to eligible recipients including officers, senior managers or auditors of the company. In the event they do not have reasonable grounds to believe that timely action is being taken to address the matter, they may also make disclosures in the public interest to members of parliament and the media.
Eligible whistleblowers now extend to current and former officers, employees, suppliers of goods or services, associates, relatives, and dependents of these individuals. Disclosures may be made where the whistleblower has reasonable grounds to believe that the information to be disclosed:
- concerns misconduct, or an improper state of affairs of circumstances of the entity or one of its related body corporates;
- indicates conduct that constitutes an offence against or a contravention of the Corporations Act, the ASIC Act and a range of other banking, insurance and superannuation industry acts, or any other Commonwealth law;
- represents a danger to the public or the financial system; or
- is prescribed by regulations.
Whistleblowing policies must contact information about:
- the protections available to whistleblowers;
- how and to whom an individual can make a disclosure;
- how the company will support whistleblowers and protect them from detriment;
- how the company will ensure fair treatment of employees mentioned in whistleblower disclosures;
- how the company will investigate disclosures that qualify for protection under the legislation; and
- how the policy will be made available.
The recently released 4th edition of the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations also refers to whistleblowing. Recommendation 3.3 states that that a listed entity should have and disclose a whistleblower policy and that material incidents reported under the policy be reported to the board. The following policy content is recommended:
- Link the policy to the organisation’s statement of values;
- Identify the types of concerns that may be reported, how and to whom reports may be made;
- Explain how the whistleblower and their identify will be protected from retaliation;
- Outline the processes to follow up and investigate reports made under the policy;
- Provide employee training about the policy and their rights and obligations under it;
- Provide training for those who may receive reports about how to respond to them; and
- State that the policy will be periodically reviewed to check that it is operating effectively and whether any changes are required to the policy.
Consequences of non-compliance
Failure to comply with the requirement to have a whistleblower policy is a criminal offence and may result in fines of up to $12,600 for individuals, or a maximum of five times more for corporations. There are also hefty civil penalties for not protecting whistleblowers, including breaching their confidentiality. For companies, the maximum civil penalty is set at the greater of $10.5 million, three times the benefit derived or detriment avoided, or 10% of annual turnover up to $210 million.
What organisations need to do next:
We recommend that organisations:
- Review and update existing policies or draft a new policy which includes the required content and the ASX suggested content.
- Review and if necessary revise or implement processes and systems for disclosures, including, as suggested by the ASX Governance Council, escalation of material incidents to the board or a board committee.
- Implement education and training for management and staff to ensure that disclosures are made and handled appropriately.
Please contact Mertons if you would like advice or support with the updating or drafting of your Whistleblower Policy: email@example.com | (03) 8689 9997.