The Australian Securities and Investments Commission has recently published an open letter to the CEOs of public and large proprietary companies, urging them to review their whistleblower policies to ensure they comply with the law.
Through 2020, ASIC reviewed a sample of 102 whistleblower policies to examine how employers are responding to the strengthened whistleblower protection laws that took effect at the beginning of 2020. The regulator found that the majority of those policies did not fully address the requirements of the law.
In particular, ASIC notes that the policies it reviewed were generally unclear, incomplete or provided inaccurate information about how potential whistleblowers can make a qualifying disclosure and about the protections available. Specifically, many policies:
- do not list all the categories of people to whom a whistleblower can report misconduct and qualify for protection. ‘Instead, some policies limited the information to the entities’ preferred reporting channels’;
- inaccurately refer to obsolete requirements for whistleblowers to:
- identify themselves; or
- make disclosures in good faith or without malice, in order to qualify for protection; and
- omit or inaccurately describe one or more of the whistleblower protections.
In its open letter, ASIC states that these issues may result in potential whistleblowers not understanding how to make a disclosure that qualifies for the whistleblower protections, and may discourage them from speaking up.
ASIC recommends that companies should:
- clearly articulate how someone can make a disclosure that qualifies for whistleblower protections, including to whom;
- carefully update their policies to reflect the requirements of the whistleblower protection regime; and
- accurately describe whistleblowers’ legal rights when making a qualifying disclosure, including confidentiality, protection from detriment, compensation and other remedies, and civil, criminal and administrative liability protection.
ASIC has indicated that it plans to conduct a further review of whistleblower policies in the future. Where the regulator identifies non-compliance, it will consider the full range of regulatory tools available, including enforcement action.
Please contact a member of the Employment, Workplace Relations and Safety Team if you would like assistance with any of these issues.
Alessia Moujaes | Lawyer | +61 2 9020 5615 | firstname.lastname@example.org