Whistleblower laws in Australia

A whistleblower is a person who reports misconduct from within a company. Whistleblowing is generally defined as disclosure to an authority by a former or current employee of illegal, immoral or illegitimate practices by the employer.

Whistleblower protections in Australia were reformed by the Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth). That legislation amended the Corporations Act 2001 (Cth) (the Act), and other Acts including the Taxation Administration Act 1953 (Cth), the Banking Act 1959 (Cth) and the Insurance Act 1973 (Cth) to create a single strengthened whistleblower protection regime for the corporate and financial sectors.

Table of Contents

About The Author

Gibbs Wright Litigation Lawyers

Gibbs Wright Litigation Lawyers is a top-tier, exclusive litigation firm. Our mission is to help you win your legal battles and get back to business as soon as possible. We offer unparalleled service, dedication, and clear communication to ensure that you achieve the best possible outcome for your situation.

What sorts of actions can be reported?

“Disclosable matters” include conduct that could:

  • give rise to misconduct, or an improper state of affairs or circumstances;
  • constitute an offence under legislation including the Act, the Australian Securities and Investments Commission Act 2001 (Cth), the Banking Act 1959 (Cth), the Insurance Act 1973 (Cth), the National Consumer Credit Protection Act 2009 (Cth), and the Superannuation Industry (Supervision) Act 1993 (Cth);
  • constitute an offence against any other Commonwealth law that is punishable by imprisonment for 12 months or more; or
  • represent a danger to the public or the financial system.

 

This broad definition encompasses breaches of law, organisational policy and ethics, and includes:

  • corruption;
  • harassment;
  • environmental damage;
  • fraud;
  • theft;
  • money laundering; or
  • dealing in, or using, drugs.

 

Who can be a whistleblower?

The Act provides a broad definition of an “eligible whistleblower”. It includes a person who is or has been, in relation to a “regulated entity”:

  • an officer;
  • an employee;
  • a supplier of goods or services;
  • an employee of a supplier of goods or services;
  • an associate;
  • a superannuation fund trustee or officer; or
  • a relative, spouse or dependant of any of the above.

 

A regulated entity includes a company, corporation, financial institution, insurer or superannuation fund.

 

Who does a whistleblower report to?

To qualify for whistleblower protections, a person should report their concerns to:

  • a director, officer, senior manager, auditor or actuary of the company or superannuation fund involved;
  • a person authorised to receive whistleblower reports, such as a government hotline;
  • the Australian Securities and Investments Commission (ASIC) or Australian Prudential Regulation Authority (APRA); or
  • a lawyer, for the purpose of obtaining legal advice or representation about protections.

 

If, after 90 days of making the disclosure, the whistleblower reasonably believes that no action has been (or is being) taken to address the concerns, the Act allows them to make a further disclosure if it would be in the public interest. To qualify for this further protection, the whistleblower must:

  • notify the recipient of the original disclosure that they intend to make a public interest disclosure;
  • make the disclosure to a member of parliament or a journalist (not on social media); and
  • ensure that the extent of the information disclosed is no greater than necessary to inform the recipient of the misconduct.

 

The Act also allows the whistleblower to make an “emergency disclosure” if they reasonably believe that “the information concerns a substantial and imminent danger to the health or safety of one or more persons or to the natural environment”.

The protections do not apply to a disclosure about a personal work-related grievance, such as a decision to employ, transfer or promote the whistleblower.

The Act requires the recipient of information from a whistleblower to keep the whistleblower’s identity and their disclosure confidential. A whistleblower is also protected from any:

  • civil liability, such as legal action for breaching a duty of confidentiality;
  • criminal liability, such as prosecution for unlawfully releasing information; or
  • administrative liability, such as disciplinary action for making the disclosure.

 

However, the protections do not grant immunity for any misconduct a whistleblower has engaged in which they reveal in a disclosure.

 

Victimisation

A whistleblower is protected from conduct causing (or threatening to cause) “detriment” to them because someone believes or suspects that the whistleblower has made (or might make) a disclosure. Detrimental conduct includes:

  • dismissal;
  • harm or injury;
  • discrimination;
  • harassment or intimidation; or
  • damage to property, reputation, or business or financial position.

 

If these victimisation protection laws are breached, a court can make orders, including for:

  • compensation;
  • an injunction;
  • reinstatement to a position;
  • an apology; and/or
  • exemplary damages.

 

Whistleblower policies

The Act requires public companies, large proprietary companies and APRA-regulated superannuation fund trustees (this does not include self-managed superannuation funds) to have a whistleblower policy, and to make that policy available to all officers and employees.

A large proprietary company is one which has at least two of the following characteristics at the end of a financial year — consolidated revenue of $50 million or more, consolidated gross assets of $25 million or more, and 100 or more employees.

The policy must set out information about:

  • whistleblower protections;
  • how and to whom disclosures may be made;
  • how the company will support and protect whistleblowers from detriment;
  • how the company will investigate disclosures;
  • how the company will ensure fair treatment of employees named in, or related to, disclosures; and
  • how the policy is to be made available to officers and employees.

 

Transparent whistleblower policies are vital for risk management and corporate governance. They help detect misconduct which would otherwise stay hidden, by protecting whistleblowers, encouraging disclosure of wrongdoing, and promoting an ethical culture.

ASIC administers the whistleblower protection provisions of the Act. It conducts surveillance to ensure compliance and penalises breaches.

 

What should organisations be doing?

Whistleblower policies became mandatory for those specified companies and superannuation fund trustees on 1 January 2020. All affected entities should ensure:

  • they have a compliant policy in place and that it is reviewed regularly and updated if necessary;
  • all Human Resources practices do not inadvertently breach whistleblower provisions; and
  • all those eligible to receive a whistleblowing disclosure or complaint are properly trained to handle the responsibility.

 

How Gibbs Wright Litigation Lawyers can help

Call Gibbs Wright about your whistleblower matter for a no-obligation, confidential consultation to discuss your legal rights and options.

Related Publications

Explore your legal options with Gibbs Wright Litigation Lawyers - Brisbane’s Leading Litigation Firm.

Our expert litigators will let you know where you stand and give you legal guidance.