New whistleblowing protections passed by Senate, with some tweaks

By Emma Vautin, Dan Trindade & Andrew Walker
20 Dec 2018
Many companies will soon need to adopt a whistleblower policy (or to expand their existing policy) as Federal whistleblowing laws are closer to being enacted.

Corporate whistleblowers will have even greater protections in a strengthened whistleblower protection regime for the corporate, financial and credit sectors, following Senate amendments to the Treasury Laws Amendment (Enhancing Whistleblower Protections) Bill 2017 which sought to address the recommendations of the Senate Economics Legislation Committee.  The amended whistleblower reforms will now go to the House of Representatives and, if passed, will establish a new landscape for whistleblower protections in Australia in 2019. 

Key amendments

The key amendments passed by the Senate were to:

  • narrow the categories of "eligible recipients" so that it is only senior managers rather than all supervisors and managers to whom a protected disclosure can be made. This should relieve some of the burden on companies to have all managers trained in the provisions;
  • replace the category of protected disclosure to include both emergency disclosure and public interest disclosure. This will allow whistleblowers to make protected disclosures to a Member of Parliament or a journalist where the broad public interest test is met and a previous disclosure has already been made;
  • exclude protection for disclosure of personal work-related grievances in most cases to prevent vexatious complaints;
  • remove due diligence as a complete defence to certain compensation orders (it will now be a factor that courts can consider in making a compensation order);
  • allow whistleblowers to seek compensation when a body corporate breaches a duty it owes to the whistleblower to prevent, or take reasonable steps to prevent, a third party engaging in detrimental conduct towards them;
  • increase the penalties for a breach of the provisions;
  • introduce a requirement for a review of the amended laws five years after commencement;
  • defer the commencement date of the legislation once passed; and
  • introduce a six-month period following commencement for companies to comply with the requirement to have a whistleblower policy.

Key concepts

The new law will consolidate existing private sector whistleblower schemes[1] for corporations and superannuation entities, and broaden the coverage of the existing whistleblower protections.  The new legislation extends three key areas:

  • persons who can make a protected disclosure (an "eligible whistleblower");
  • the matters about which a protected disclosure can be made; and
  • the persons who can receive a protected disclosure (an "eligible recipient").

These definitions determine who will receive the protections set out in Part 9.4AAA of the Corporations Act, which include exceptions from civil and criminal liability for making the disclosure, and compensation if the discloser is harmed by detrimental conduct.

Eligible whistleblower

The definition of whistleblower has been considerably widened to cover any person who is, or has been:

  • an officer or employee of the regulated entity;
  • an individual who supplies services or goods to the regulated entity, and their employees;
  • an individual who is an associate of the regulated entity; and
  • a relative or dependent of any of the above categories of persons.

A whistleblower will no longer be required to disclose his or her identity to receive protection.

Disclosable matters

Currently, a protected disclosure can only be made in respect of an offence or contravention of the Corporations Act or other applicable industry regulatory legislation. Under the new legislation, a protected disclosure can be made of any information concerning misconduct, or an improper state of affairs or circumstances, in relation to a regulated entity (or a related body corporate).  Disclosable matters include information which indicates that the regulated entity (or an officer or employee) has engaged in conduct contravening other relevant legislation.[1]

Eligible recipient of a disclosure

An eligible recipient of disclosure in relation to a body corporate includes:

  • an officer, or senior manager of the body corporate (or related body corporate);
  • an auditor, or member of an audit team conducting an audit of the body corporate (or related body corporate);
  • an actuary of the body corporate (or related body corporate); and
  • a person authorised by the body corporate to receive disclosures that may qualify for protection.

Protections for whistleblowers

Where the above criteria are met, a whistleblower will receive protections in relation to the confidentiality of their identity and victimisation. Whistleblowers will not be subject to any civil, criminal or administrative liability for making a disclosure.

  • Confidentiality: the legislation makes it an offence to disclose the identity of a discloser, including information that is likely to lead to the identification of the discloser, without the consent of the discloser. There are limited exceptions to this prohibition (eg. disclosing to ASIC, APRA, a legal practitioner or the AFP).
  • Victimisation: it will be an offence to engage in conduct causing detriment to a person due to a belief or suspicion that any person made, or proposes to make, a qualifying disclosure. The definition of detriment will be broadened to include dismissal, injury or prejudice to an employee in their employment, as well as discrimination and a range of other actions.

A discloser can claim compensation for contraventions of these provisions and ASIC can seek civil penalties for contraventions. Penalties for contraventions of the new whistleblower laws by corporations will be the greater of 50,000 penalty units, 3 times the benefit or detriment avoided or 10% of the body corporate's annual turnover up to 1 million penalty units (a penalty unit is currently $210).

The Federal Government considered the use of financial rewards to incentivise whistleblowing, but decided not to implement this. This stands in contrast with the regime in the United States, where the Securities and Exchange Commission offers monetary awards or "bounties" to whistleblowers who provide information which leads to a successful enforcement action.

Requirement to have a whistleblower policy

The proposed laws will require public companies, large proprietary companies and proprietary companies that are the trustee of a registrable superannuation entity to develop a policy summarising:

  • protections available to whistleblowers;
  • to whom disclosures can be made, and how they may be made;
  • how the company will support whistleblowers and protect them from detriment;
  • how the company will investigate disclosures that qualify for protection;
  • how the company will ensure fair treatment of employees who are mentioned in a disclosure or to whom the disclosure relates; and
  • how the policy will be made available to employees and officers of the company.

It will be an offence for a company not to have a policy of this kind.

Getting ready for the new whistleblowers laws

If passed by the House of Representatives, Australia's whistleblowing protection regime will be expanded to a broader class of people and a greater variety of disclosures. By expanding the definitions of eligible whistleblowers, disclosable matters and eligible recipients of disclosures, the reforms will provide a wider scope of protection to whistleblowers than ever before.

For many companies, the very broad definition of "disclosable conduct" will mean that reports of misconduct in the workplace could also be captured by the whistleblower regime, where such a report is made to a senior manager or other "eligible recipient" of a disclosure.  While an internal company policy will be required by the legislation, education and training for management and employees will also be key to ensuring that disclosures are made and handled appropriately.

* The authors gratefully acknowledge the assistance of Katie Cameron and Tom Matthews in preparing this article.

[1] The Corporations Act 2001 (Cth), the Australian Securities and Investments Commission Act 2001 (Cth), the Banking Act 1959 (Cth), the Financial Sector (Collection of Data) Act 2001 (Cth), the Insurance Act 1973 (Cth), the Life Insurance Act 1995 (Cth), the National Consumer Credit Protection Act 2009 (Cth) and the Superannuation Industry (Supervision) Act 1993 (Cth). Back to article

Get in touch

Clayton Utz communications are intended to provide commentary and general information. They should not be relied upon as legal advice. Formal legal advice should be sought in particular transactions or on matters of interest arising from this communication. Persons listed may not be admitted in all States and Territories.