Australia's new whistleblower laws commenced on 1 July 2019, together with significant civil and criminal penalties.
This article provides a brief summary of the background to the new laws before identifying the key changes, practical implications, and what your organisation needs to consider implementing to ensure compliance.
Over the past several years Australia's whistleblower laws have received considerable criticism that the protection and remedies they provide were deficient, when compared to international whistleblower regimes. This was attributed to the existing laws having been developed in a piecemeal way and scattered through the Corporations Act 2001 (Cth) and various financial sector legislation.
A key concern was that the existing laws were doing little to achieve their intendedpurpose – promoting and encouraging disclosure by whistleblowers of corrupt or unlawful behaviour and / or conduct.
As a result, in 2016, the Federal Government established its first Open Government National Action Plan which, among other things, detailed the Government's commitment to strengthen whistleblower protections in the corporate sector in line with those applicable in the public sector.
The two key pieces of legislation implementing the changes, the Treasury Laws Amendment (Enhancing Whistle–blower Protections) Bill 2017 (Cth) and the Treasury Laws Amendment (Strengthening Corporate and Financial Sector Penalties) Bill 2018 (Cth), passed through Federal Parliament earlier this year and were assented to shortly thereafter.
The core objective of the new laws is to address the gaps and uncertainties in the protections and remedies available to financial and corporate sector whistleblowers.
This will be achieved by consolidating protections previously scattered throughout various financial sector legislation (Banking Act 1959 (Cth), Insurance Act 1973 (Cth), Life Insurance Act 1995 (Cth) and the Superannuation Industry (Supervision) Act 1993 (Cth)) into one regime contained in the Corporations Act 2001 (Cth).
Generally, to qualify for protection under the previous laws, a whistleblower had to:
- Be a current officer, employee or contractor of the company in relation to which the disclosure was occurring;
- Make the disclosure in good faith;
- Have reasonable grounds to suspect that the company, or its officers or staff, had breached or might have breached a provision of the Corporations Act (the protections were not available for disclosures relating to breaches of any other legislation); and
- Provide their name before making the disclosure.
Under the new laws, the currency of the relationship and the motivation of the disclosure are no longer relevant.
Entities, about which disclosure can be made (regulated entities), now include all corporations covered by paragraph 51(xx) of the Constitution (i.e.: trading, financial and Foreign corporations).
The conduct that may be the subject of disclosure has been extended beyond criminal and corrupt behaviour and conduct. It now includes actual or suspected conduct in contravention of any law administered by the Australian Securities and Investments Commission (ASIC), the Australian Prudential Regulatory Authority (APRA) or any other law of the Commonwealth that:
- Is punishable by imprisonment for a period of 12 months or more; or
- Relates to a danger to the public or financial system.
The protections and remedies afforded to whistleblowers have been expanded to:
- Strengthen confidentiality requirements for whistleblowers and allow the imposition of civil penalties on anyone who reveals a whistleblower/s identity.
- Increase immunities provided to whistleblowers and ensure the information they disclose cannot be used against them.
- Extend and clarify the prohibition against victimisation of whistleblowers and penalties for victimisation.
- Provide that a cost order cannot generally be made by courts against a whistleblower.
Protection will now also be available for a whistleblower who is or has been in a relationship, such as employee, with the regulated entity in relation to which the disclosure is made. However, only limited protection is afforded to disclosures that concern personal work related grievances of a whistleblower which do not have significant consequences for a regulated entity.
This means that the normal protections will still apply if the disclosure concerns systematic issues. However, disclosures which concern grievances specifically related to the whistleblower's own employment normally resulting in implications for the whistleblower personally, will receive limited protection under the new legislation.
In the event whistleblowers or other individuals suffer detriment or a threat of detriment in relation to a protected disclosure, remedies have been expanded to include:
- Making it easier for individuals who suffer detriment to claim compensation.
- Extending the range of orders a court may make.
- Making order of reinstatement available for a person whose employment is terminated, or alleged to have been terminated, as a result of making the disclosure.
- Expressly allowing courts to make orders for exemplary damages (a rarity in Australian law).
Additionally, the new amendments now make it mandatory for public companies, large proprietary companies and registrable superannuation entities to have a whistleblower policy in place within 6 months from the commencement of the new laws.
What you need to do
As mentioned, strict and extensive penalties will apply for non-compliance with the new laws and as will be apparent it will be easy for Managers to potentially infringe on the new protections which a protected disclosure is made.
To ensure compliance, companies need to take a proactive approach to ensure necessary steps are taken to educate their staff and managers and avoid exposure to penalties, as well as reputational damage likely associated with breaches of the new laws, particularly given the current corporate landscape.
Some of the steps which will be critical to promoting a transparent, aware and positive corporate culture supportive of compliance include:
A whistleblower policy will be essential (even for companies that it is not mandatory for) and should include clear identification of:
- The protections available to whistleblowers.
- How and to whom disclosures can be made.
- How your organisation will support and protect whistleblowers.
Training and Awareness
Companies should ensure appropriate and sufficient employee training is conducted so that all employees (particularly managers) are aware of the new laws. Training should include:
- Employee's rights and obligations under the new laws.
- The steps employees need to take to support the new laws.
- Clear encouragement of early intervention where unlawful conduct is identified or suspected.
- Promote a 'speak up' culture.
Clear Investigative Processes and Chain of Responsibility
To ensure proper implementation and support of the new laws, companies also need to consider what processes they will put in place to manage allegations of unlawful conduct and breaches of the protections including:
- Clear investigative processes and chain of responsibility policies.
- Compliance with the strict confidentiality requirements of the new laws.
- Ensuring proper steps are taken to mitigate the potential for the whistleblower to suffer detriment as a result of any enquiry or investigation processes.
If your company has existing policies and procedures in place which cover some of these matters, we encourage you to conduct a review of the same to ensure robust and consistent processes are in place to adequately address requirements under the new laws.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.