Do you have your Whistleblower Policy in place?

| January 31, 2020

Are you aware public companies and “large proprietary companies” (this includes mid sized businesses) were required to have a Whistleblower Policy in place and made available to employees by 1 January 2020.

This requirement is part of the expanded whistleblower protections, which commenced on 1 July 2019, and which have increased the protections available to those who report corruption, fraud, tax evasion and other misconduct in the corporate sector. Importantly, the new laws carry substantial penalties for companies that don’t comply.

Source Legal have created a template Whistleblower Policy that complies with the requirements set out under the Corporations Act 2001 (Cth), and also with the recently released RG 270.

If you do not have or have not yet updated your Whistleblower Policy, please contact me at so we can assist you with putting in place a policy tailored to meet your circumstances.

Does this apply to your company?

As mentioned, public companies and “large proprietary companies” are required to have a Whistleblower Policy in place by 1 January 2020. A proprietary company is defined as “large” for a financial year if it (including any entities it controls) satisfies at least two of these criteria:

  1. The consolidated financial year revenue is $50m+;
  2. The value of the consolidated gross assets at the end of the financial year is $25m+;
  3. 100 or more employees at the end of the financial year.

What does a Whistleblower Policy need to include?

A company’s Whistleblower Policy is required to set out the following:

  1. the protections available to whistleblowers, including protections under the Corporations Act;
  2. to whom disclosures that qualify for protection under the Corporations Act may be made, and how they may be made;
  3. how the entity will support whistleblowers and protect them from detriment;
  4. how the entity will investigate disclosures that qualify for protection under the Corporations Act;
  5. how the entity will ensure fair treatment of its employees who are mentioned in disclosures that qualify for protection, or its employees who are the subject of disclosures;
  6. how the policy will be made available to officers and employees of the entity; and
  7. any matters prescribed by regulations.

RG270 provides detailed guidance to help companies establish a policy that complies with the above requirements.  It also contains ASIC’s good practice guidance on implementing and maintaining a Whistleblower Policy.

Failure to comply with the whistleblower provisions under the Corporations Act may result in fines for individuals up to $1.05 million (5,000 penalty units), and for companies fines of up to $10.5 million (50,000 penalty units) or 10% of annual turnover.

ASIC has said that it plans to survey the Whistleblower Policies of a sample of companies next year to review compliance with the legal requirements, so it is important that your Whistleblower Policy is up to date and complies with RG270.

More information

The details are in the revised corporate sector whistleblowing regime in Pt 9.4AAA of the Corporations Act 2001 (Cth), which commenced on 1 July 2019.

If you would like to read ASIC’s Regulatory Guide on Whistleblower Policies in detail, you can find it here: