Reforms to the corporate whistleblower protection regime
From 1 July 2019, the whistleblower protections in Part 9.4AAA the Corporations Act 2001 (Corporations Act) will be expanded to provide greater protections for whistleblowers who report misconduct about companies and company officers. The reforms are contained in the Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019, which received Royal Assent on 12 March 2019.
- broaden the whistleblower definition to include both current and former employees, officers, and contractors, as well as their spouses, dependants, and other relatives, and anonymous disclosures
- extend the protections to whistleblower reports that allege misconduct or an improper state of affairs or circumstances about any matter covered by financial sector laws and all Commonwealth offences punishable by imprisonment of 12 months or more
- create civil penalty provisions, and in addition to the existing criminal offences, for causing detriment to (or victimising) a whistleblower and for breaching a whistleblower's confidentiality
- give protections for whistleblowers in certain circumstances if they go public with concerns about dangers to the public or matters in the public interest
- provide whistleblowers with easier access to compensation and remedies if they suffer detriment
- remove the requirement for a whistleblower report to satisfy a 'good faith' test to access the protections, though a report solely about a personal workplace grievance is not covered by the protections, and
- from 1 January 2020, require all public companies, large proprietary companies, and corporate trustees of registrable superannuation entities to have a whistleblower policy.
ASIC greatly values whistleblowing and has long supported these reforms. Whistleblowers who report misconduct to ASIC do us a service and help us to do our job.
ASIC will be responsible for enforcing the new corporate whistleblower protection regime, including where a whistleblower may suffer detriment for alleging breaches of laws outside of ASIC’s regulatory responsibilities.
The new regime complements the measures ASIC has put in place since 2014 to improve our processes for assessing whistleblower reports and communicating with whistleblowers during our inquiries.
The reforms will also apply to whistleblower reports made before 1 July 2019, if a whistleblower's confidentiality is breached or they suffer detriment on or after 1 July 2019.
All public companies, large proprietary companies, and proprietary companies that are the trustees of registrable superannuation entities will be required to have a whistleblower policy and to make that policy available to officers and employees of the company.
This requirement commences on 1 January 2020. A small proprietary company that becomes a large proprietary company after 1 January 2020 will have an additional six months to establish a whistleblower policy.
There are penalties for failing to comply with the requirement to have a whistleblower policy.
ASIC considers that a strong and effective whistleblower policy is a key component of corporate governance. Respect and fair treatment for whistleblowers, commitment to address whistleblower concerns, and reporting of whistleblower concerns to senior executives and board members will assist a company to manage itself, comply with its obligations, and improve its performance.
The reforms set out at a high level what a whistleblower policy should contain. These are:
- information about the protections available to whistleblowers, including protections under the law
- information about to whom disclosures that qualify for protection under the law may be made, and how they may be made. This will be important for whistleblowers to be sure of the company’s arrangements, given that a company can authorise particular staff or third parties to receive disclosures from whistleblowers
- information about how the company will support whistleblowers and protect them from detriment
- information about how the company will investigate disclosures that qualify for protection under the law. This will be important for whistleblowers to understand how their reports and their personal information will be handled during any investigation
- information about how the company will ensure fair treatment of employees of the company who are mentioned in disclosures that qualify for protection under the law, or to whom such disclosures relate
- information about how the policy is to be made available to officers and employees of the company, and
- any matters prescribed by the regulations (no regulations have yet been prescribed).
ASIC plans to issue regulatory guidance on the requirement for a whistleblower policy, and we will consult publicly in the second half of 2019.
The reforms also give ASIC the power to grant relief from the whistleblower policy requirements, so that companies may be exempted from compliance with the requirements or certain aspects of the requirements. Further information about ASIC’s relief powers, including how to request relief from ASIC, is contained in Regulatory Guide 51 Applications for relief (RG 51).