We have previously reported on the new whistleblower protection laws which came into operation on 1 July 2019 through the Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth).
In the Second Reading Speech for the Treasury Laws Amendment (Enhancing Whistleblower Protections) Bill 2017 (Cth) it was stated that:
“… these reforms will help protect whistleblowers who often expose themselves to significant personal and financial risk in order to help play a critical role in the early detection and prosecution of corporate or tax misconduct.”
It was also stated that an aim of the reforms was to “improve practices within Australian businesses” given that there is a “significantly higher likelihood that misconduct will be reported”.
From 1 July 2019 the new laws require that certain organisations implement whistleblowing policies. The organisations that must implement whistleblowing policies are:
- public companies; and
- a proprietary company:
- where that company has been a large proprietary company for any given financial year must have a whistleblower policy in the following financial year; and
- that is the trustee of a registerable superannuation entity.
A company is considered a large proprietary company if it satisfies at least two of the following criteria, set out in Section 45A(3) of the Corporations Act 2001 (Cth):
- the consolidated revenue for the financial year of the company and the entities it controls (if any) is $25 million or more;
- the value of the consolidated gross assets at the end of the financial year of the company and the entities it controls (if any) is $12.5 million or more; and/or
- the company and the entities it controls (if any) have 50 or more employees at the end of the financial year.
The matters that a whistleblower policy must address are:
- information about the protections available to whistleblowers;
- information about to whom disclosures that qualify for protection may be made, and how they may be made;
- information about how the organisation will support whistleblowers and protect them from detriment;
- information about how the organisation will investigate disclosures that qualify for protection;
- information about how the organisation will ensure fair treatment of employees of the organisation who are mentioned in disclosures that qualify for protection, or to whom such disclosures relate; and
- information about how the policy is to be made available to officers and employees of the organisation.
Since the Act has come into effect a number of organisations have implemented and published their whistleblower policies. Some examples are Commbank, nib health funds and ANMF.
Businesses that are required to have a whistleblower policy ought to consider ensuring appropriate resources and policies are also in place to encourage internal reporting and allow the business to remedy the issue before it becomes a regulatory problem.
It is also important to understand that the Work Health and Safety Act 2012 (SA) (“WHS Act”) lists a variety of matters that need to be addressed with respect to work health and safety, and so it is important that any whistleblower policy aligns with the due diligence obligations in Section 27 of the WHS Act. Section 27 of the WHS Act requires officers of entities conducting a business or undertaking to exercise due diligence to ensure that the person conducting the business or undertaking complies with any duties and obligations under the WHS Act, and this includes them taking reasonable steps:
- to acquire and keep up-to-date knowledge of work health and safety matters; and
- to gain and understanding of the nature of the operations of the business or undertaking of the person conducting the business or undertaking and generally of the hazards and risks associated with those operations; and
- to ensure that the person conducting the business or undertaking has available for use, and uses, appropriate resources and processes to eliminate or minimise risks to health and safety from work carried out as part of the conduct of the business or undertaking; and
- to ensure that the person conducting the business or undertaking has appropriate processes for receiving and considering information regarding incidents, hazards and risks and responding in a timely way to that information; and
- to ensure that the person conducting the business or undertaking has, and implements, processes for complying with any duty or obligation of the person conducting the business or undertaking under this Act; and
- to verify the provision and use of the resource and processes referred to in paragraphs (3) to (5).
Affected businesses should strive to create a culture that embraces the whistleblower protections and encourages employees to report any concerns internally as a first point of call. Not only is this likely to result in a better organisational culture in general, it may in turn lead to fewer matters that need to be reported in the first place as employees self-regulate any dishonest, illegal, and/or unethical behaviour in an environment which encourages reporting.
Regardless of the size of your organisation, we recommend that you contact us to discuss whether your organisation needs a whistleblower policy and if you need any assistance in developing your own policies. If you don’t have a whistleblower policy then now is the time to put one in place.
