The Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 made significant changes to both the Corporations Act 2001 (the Corporations Act) and the Taxation Administration Act 1953 (Taxation Administration Act) including greater protections for whistleblowers and increased legislative requirements for companies.

One particular change is the mandatory requirement for the following entities to have a whistleblower policy in place from 1 January 2020:

  • Public Companies – although relief exists for NFP companies limited by guarantee with consolidated revenue less than $1m.
  • Large Proprietary Companies – large being as defined by the Corporations Act, i.e. meeting at least 2 of the following requirements:
    • Consolidated annual revenue for the financial year >$50m
    • Consolidated gross assets at the end of the financial year >$25m
    • More than 100 employees at the end of the financial year
  • Trustees of registrable Superannuation entities.

Section 1317AI(5) of the Corporations Act requires entities to have a whistleblower policy that covers information about:

(a) the protections available to whistleblowers, including protections under the Corporations Act;
(b) to whom disclosures that qualify for protection under the Corporations Act may be made, and how they may be made;
(c) how the entity will support whistleblowers and protect them from detriment;
(d) how the entity will investigate disclosures that qualify for protection under the Corporations Act;
(e) how the entity will ensure fair treatment of its employees who are mentioned in disclosures that qualify for protection, or its employees who are the subject of disclosures;
(f) how the policy will be made available to officers and employees of the entity; and
(g) any matters prescribed by regulations.

An entity’s whistleblower policy should also include information about the protections provided in the tax whistleblower regime under Part IVD of the Taxation Administration Act.

Failure to comply with the requirement to have and make available a whistleblower policy is an offence of strict liability with a penalty of 60 penalty units for individuals and companies (currently $12,600), enforceable by ASIC.

Further details of the requirements can be found in ASIC Regulatory Guide 270: Whistleblower Policies (RG 270).

Given that this legislation is already in force, if you are an entity impacted by the requirements and have not yet implemented a whistleblower policy, it is strongly encouraged that you act immediately to address the non-compliance.

If you require further information on this topic, or assistance with drafting and implementing whistleblower policies, please get in touch.