From 1 July 2019, the whistleblower protections in the Corporations Act will be expanded.
Public and large companies must ensure they have a compliant whistleblower policy in place as soon as possible (no later than 1 January 2020 to avoid penalties) and provide additional training to ensure potential eligible recipients of disclosures know how to identify a whistleblower report and what to do if or when they receive one.
What is a whistleblower?
A whistleblower is an insider within an organisation, who reports misconduct or dishonest or illegal activity that has occurred within that same organisation.
What does a whistleblower policy need to be compliant?
- the protections available to whistleblowers
- the person/organisations to whom protected disclosures may be made, and how they can be made
- how the company will support whistleblowers and protect them from detriment
- how the company will investigate protected disclosures
- how the company will ensure fair treatment of employees of the company who are mentioned in protected disclosures, or to whom such disclosures relate
- how the policy is to be made available to officers and employees of the company
- any other matters prescribed by the regulations from time to time.
When do you need to comply?
The amended laws will take effect from 1 July 2019 and will apply to disclosures made on or after commencement but may relate to conduct which occur or occurred before, at or after commencement.
Importantly, the compensation and remedies amendments will apply to disclosures made prior to the amendments taking effect, provided that the disclosure would have been protected had the Whistleblower Bill been in force at the time.
The Whistleblower Bill provides companies with a six month transitional period from the commencement of the amended laws (i.e. by 1 January 2020) to put a whistleblower policy in place.
A company may be liable for other breaches during this period, however, we recommend putting a compliant whistleblower policy in place as early as possible to allow adequate time for the integration of the policy into existing governance practices, as well as to minimise any risk of breaching the amended laws.
These protections are designed to encourage people within companies, or with special connections to companies, to alert ASIC and other authorities of illegal behaviour.
Sources and further reading: