Originally published on Expolink's website and republished with permission.
The Treasury Laws Amendment (Enhancing Whistleblower Protections) Bill 2018 introduced huge reform for whistleblowing laws in Australia that came into effect on 1st July 2019. The new amendments bring significant changes to the eligibility and protection of corporate whistleblowers, and will introduce higher penalties for organisations that fail to meet the new requirements.
All public companies and large proprietary companies in Australia must implement a compliant whistleblowing policy in line with the changes by 1st January 2020.
What You Need to Know
Who does it affect?
The new regime applies to public companies and large proprietary companies in Australia across all sectors including banks, general insurers, life insurers, superannuation entities and other prescribed regulated entities, and came into effect on 1st July 2019.
Once the bill commences, companies will have until 1st January 2020 to implement a compliant whistleblowing policy in line with the new changes.
Any small proprietary company that becomes a large proprietary company after 1st January 2020 will have an additional six months to establish a compliant whistleblower policy.
What does it change?
The new laws give corporate whistleblowers enhanced protection in a number of ways, including:
- Who can submit a report
The new bill expands the categories of who can make a disclosure to include former officers, employees, contractors and suppliers, as well as family members.
- Where reports can be submitted to
There will be an expanded range of persons or entities to which a whistleblower may make a disclosure and still be protected under the new laws.
- Identity protection
The new laws introduce enhanced requirements designed to protect a whistleblower’s identity during and following a disclosure.
- Anonymous reporting
For the first time in Australia, whistleblowers can submit reports without the need to declare their identity, or prove the disclosure is being made in ‘good faith’.
- Increased legal protection
Overall, there is a significant increase in legal protections for whistleblowers, including improved access to compensation for those who suffer reprisal or retaliation following a disclosure.
The laws also introduce significant penalties ranging up to $10.5 million for breaches of the new whistleblower protections.
From 1st January 2020 it will be an offence to not have a compliant whistleblowing policy in place, which will also result in a fine.
What You Need to Do
1. Review and revise your whistleblowing policy
A fundamental requirement of the new whistleblowing laws is for organisations to have a compliant whistleblowing policy in place by 1st January 2020. Due to the extensive changes it is unlikely that any existing whistleblower policy will comply with the new laws.
We recommend working with an established legal firm to draft a new policy, but first consider what you need in order to have a secure, compliant whistleblowing procedure that produces results.
2. Enable anonymous reporting in your organisation
For the first time Australian laws will no longer require whistleblowers to identify themselves or make their disclosure in ‘good faith’.
Global data from Expolink's annual benchmarking report shows that last year 72% of whistleblowers chose to remain anonymous from their employer.
Providing an anonymous reporting option therefore not only drastically increases the effectiveness of your reporting channels, but will also prevent breaches of the new laws where protection of the whistleblower’s identity is concerned.
We recommend offering an anonymous or confidential reporting channel as part of your whistleblowing policy to ensure that employees can come forward with vital information without fear of reprisals or retaliation.
3. Ensure reporting channels are robust and effective
Having secure reporting channels in place will be a vital part of operating a compliant whistleblowing policy.
The acceptance of anonymous disclosures, coupled with the enhanced legal protections, will lead to a dramatic increase in reports. It is therefore essential to make sure you have an effective, secure reporting procedure in place.
We recommend implementing a secure whistleblowing service as part of this to ensure best practices are being met.
4. Enhance the protection of whistleblower identities
Once your employees make a disclosure, it’s vital to keep their identity and the content of their report confidential. The way organisations manage this information will be an important aspect of a compliant whistleblowing policy.
With disclosure rates on the increase, the way you store and manage incident reports will be just as important as how you capture them.
We recommend reviewing your current case management arrangements to ensure you are not at risk of breaching the new whistleblower protection rules.
5. Empower your people to do the right thing
Even with all the above in place, the new changes will be significant and could have a culture-changing impact on the way companies in Australia operate. It is important to make sure your people are made aware of the upcoming changes, and know how to report or handle incidents the correct way.
Implementing independent reporting channels and a proven case management solution will help relieve the pressure put on internal reporting channels, providing an easier route to compliance and reducing the risk of future breaches.