Automic Group | News

Corporate Whistleblower Update & Its Impact on Companies | Automic Group

Written by Automic IT | 26 March 2019

On 12 March 2019, the Commonwealth Government’s new whistleblower regime contained in the Treasury Laws Amendment (Enhancing Whistleblower Protections) Bill 2018 (Whistleblower Bill) received Royal Assent. The new whistleblower regime will commence on 1 July 2019, with significant implications for companies captured by the broadened scope of the legislation across the corporate, financial and credit sectors. The aim of the new consolidated regime is to introduce a greater amount of consistency and cohesiveness, and to fill in the gaps that currently exist. Serious consequences (both civil and criminal) may be imposed on companies found to be in breach.

What you need to do

There are steps that certain organisations must take to ensure compliance with the new provisions and avoid penalties.

First, public and large proprietary companies must have a compliant whistleblower policy available to all officers and employees that sets out information including, but not limited to, the protections available to whistleblowers, how the company will support and protect whistleblowers, how the company will investigate disclosures and how the company will ensure fair treatment of employees who make disclosures.

Second, these organisations must develop a stringent framework that governs the investigative process, provide adequate training to officers as well as all employees and maintain an appropriate oversight mechanism to ensure that the investigative process framework and the whistleblower policy are being followed.

Implementing appropriate measures will minimise the likelihood of any inadvertent contraventions.

Key features of the Whistleblower Bill

The new regime will be extended to protect a broader class of people and apply to an expanded range of entities, referred to as ‘regulated entities’. Key terms of the Bill are defined below:

  • Regulated entities’: a regulated entity includes all companies, however the regulated entities that will require a whistleblower policy include public companies, large proprietary companies (that are defined as such in the Corporations Act, 2001 (Cth)) and proprietary companies that are trustees of registrable superannuation entities.
  • Eligible recipient’: a disclosure may be made within a regulated entity to an officer, senior manager, auditor, member of the audit team conducting an audit, or actuary of the body corporate or a related body corporate. A person authorised by the body corporate to receive disclosures that may qualify for protection under the legislation or any person or body that are prescribed by the regulations are also ‘eligible recipients’.
  • Eligible whistleblower’: a person who is, or has been, an officer, employee, someone who supplies services or goods (whether paid or unpaid) or an employee of such a person, or an associate of the regulated entity. Relatives and dependents (such as a spouse) of any of the above are also considered eligible whistleblowers.
  • Disclosable matter’: is a matter where the discloser has reasonable grounds to suspect that the information concerns misconduct, or an improper state of affairs or circumstances in relation to the regulated entity or a related body corporate. A disclosable matter is also one where the discloser has reasonable grounds to suspect that the regulated entity, an officer or employee thereof, or (if a body corporate) a related body of the regulated entity has engaged in conduct that:
    • is an offence or contravention of the Whistleblower Bill, the ASIC Act, the Banking Act 1959, the Financial Sector (Collection of Data) Act 2001, the Insurance Act 1973, the Life Insurance Act 1973, the National Credit Consumer Credit Protection Act 2009, the Superannuation Industry (Supervision) Act 1993, or an instrument made under any of these Acts;
    • is an offence against any Commonwealth law that is punishable for 12 months or more by imprisonment;
    • represents a danger to the public or financial system; or
    • is otherwise prescribed by the regulations.

In certain circumstances, a ‘public interest disclosure’ or ‘emergency disclosure’ may be made to a Commonwealth, State or Territory member of Parliament or to a journalist.

Consequences of contravention

There will be new civil penalty provisions and criminal offences for contraventions which impose significantly harsher maximum penalties.

Civil penalty contraventions

Type of contravention

Maximum penalty

Breach of confidentiality of whistleblower's identity 

Victimisation of whistleblower

Individuals: $1,050,000;
or three times the benefit derived or detriment avoided.

Corporations: $10,500,000; or

three times the benefit derived or detriment avoided; or 10% of the body corporate's annual turnover (up to $210,000,000)

Criminal offences

Type of contravention

Maximum penalty

Breach of confidentiality of whistleblower's identity 

$12,600 or imprisonment for six months or both

Victimisation of whistleblower 

$50,400 or imprisonment for two years or both

Lack of compliant whistleblower policy 

$12,600

Key differences between the current regime and the new regime under the Whistleblower Bill

  • Consistent protections will be afforded to whistleblowers across the corporate and financial sectors.
  • The introduction of single concepts for ‘regulated entity’, ‘eligible whistleblower’, ‘eligible recipient’ and ‘disclosable matter’.
  • Public interest and emergency disclosures to a Member of Parliament or journalist will be included in the regime.
  • Disclosures to lawyers will be expressly allowed for the purposes of obtaining legal advice.
  • Increased penalties.

Contact Us

If you are unsure how the new whistleblowing regime applies to your company, or you need help in developing a whistleblowing policy, please contact Automic Group.