October 30, 2017

Enhanced whistleblower protections on the way in Australia

On 23 October 2017, the Australian Government released an exposure draft of the proposed changes to Australia's whistleblower regime. It is proposed that the new laws will be introduced in the Treasury Laws Amendment (Whistleblowers) Bill 2017 (the Bill) and the consultation period will be open until 3 November 2017.

The Bill creates a single whistleblower protection regime within the Corporations Act 2001 (Cth) (Corporations Act) which will cover the corporate, financial and credit sectors. In addition, mirror whistleblower protection will be introduced to taxation law for the first time. If passed in its current form, the amendments will apply to whistleblower disclosures made on or after 1 July 2018.


The Bill is the culmination of a lengthy period of public consultation and parliamentary scrutiny. At the end of 2016, following a period of public consultation, the Government announced a commitment to harmonise corporate sector whistleblower provisions with those in the public sector, and to introduce legislation for tax whistleblower provisions.

In September 2017, the Parliamentary Joint Committee on Corporations and Financial Services released an extensive report which made a number of recommendations for reform in this area, to bring Australia into line with developments in other jurisdictions. Some of the recommendations have been picked up in the proposed legislation.

Application of new legislation

The new legislation will apply to a wide range of regulated entities including, companies, Authorised-Deposit taking Institutions (ADIs), general insurers, life insurers and superannuation entities or trustees.

The existing whistleblower provisions across a range of different legislation will be consolidated, and offences under a number of different laws will be deemed to be conduct which could be subject to disclosure under the whistleblower regime.

Key Features

The key features of the proposed protections in the Bill are set out below.

1. Categories of eligible whistleblowers
The definition of eligible whistleblowers has been significantly extended. Disclosers who will be protected will now include both current and former officers, employees and suppliers, associates of such persons, and specified family members of such persons.  

2. Extension of persons who can receive information
Disclosure will now be able to be made to:

  • certain designated whistleblower entities (including certain persons within a body corporate, various regulators and law enforcement bodies);
  • a legal practitioner, for the purposes of seeking legal advice; and
  • in defined circumstances, to members of Parliament of the Commonwealth or a State or Territory and/or to journalists.

3. Greater protection for whistleblowers
Under the current corporate whistleblower regime, there is a requirement that a whistleblower acts in "good faith".  In the new legislation, no such requirement exists and therefore the motives of a whistleblower cannot be taken into account in determining whether a disclosure qualifies for protection.

Whistleblowers who make disclosures will be entitled to anonymity to ensure that their identity will not be disclosed in a court or tribunal.

There will be improved access for whistleblowers to compensation where they have been victimised or had their identity revealed.  Such compensation will be payable by both individuals involved in the victimisation or identity disclosure and, potentially bodies corporate. Pecuniary penalties may also apply.

Immunities will be provided to whistleblowers in respect of information disclosed, under which the whistleblower will not be subject to any civil or criminal proceedings for making the disclosure.

4. Requirement for whistleblower policy

Public companies and large proprietary companies (as defined in the Corporations Act) will have to put in place a whistleblower policy by 1 January 2019.

Although there is a transition period available to Australian public and large proprietary companies, Australian companies will need to start considering whether their existing whistleblower policies and frameworks will still be suitable under the more robust regime.

Given that ASIC has also previously flagged that robust whistleblower policies within companies are a key component to foster strong corporate culture, companies can expect closer regulatory scrutiny as to how seriously they are taking these new requirements.

Bounties for whistleblowers not off the table

The Bill has been badged as the first wave of reform.  An expert advisory panel has been created to consider further reforms and one of its mandates is to consider the Parliamentary Joint Committee's recommendation to introduce a reward system for whistleblowers.

The introduction of a reward system in the United States has had a dramatic effect on Securities and Exchange Commission (SEC) investigations. Since 2011, whistleblowers who provide valuable information to the SEC may receive "bounties" of between 10% and 30% of the penalties for misconduct that the SEC secures as a result of the whistleblower's information.

In the last 6 years, it is estimated that approximately USD162 million has been paid by the SEC to whistleblowers under this bounty system, with 53 Australian whistleblowers providing tips to the SEC in the last year alone.

Preparing for the new whistleblower order

One of the main drivers of the reform of Australia's whistleblower protection regime, has been the perception that Australia fails to protect whistleblowers as effectively as they are protected in other jurisdictions. As a result, there have been very few investigations triggered by whistleblowers in Australia.

The United Kingdom whistleblower regime was put on display in the recent Barclays Bank case which involved anonymous letters sent to Barclays board members in June 2016. These letters were treated as a whistleblower matter by the Barclays compliance team and investigated on that basis.

However, following receipt of the letters, the CEO of Barclays instructed the Barclays information security team to unmask the identity of the whistleblower, despite the fact that the rules in the United Kingdom governing whistleblowers stipulate that if an informer asks for anonymity, a firm must respect that request. The request by the CEO was reported by a separate whistleblower.

As a result of that series of events, the CEO of Barclays has been formally questioned by the banking regulators in the United Kingdom (the Financial Conduct Authority and Prudential Regulation Authority) and further action may yet be taken.

As the laws in Australia are brought into line with other jurisdictions, company directors and officers will have to ensure that their company practices are up to date with the new requirements.