Skip to content
writing a policy

How to Develop a Whistleblower Policy

5 minutes read time

Now that the Whistleblower protections have increased, are you meeting your requirements?

About the Act

The Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth) was recently passed by Parliament and will increase protection for those who report corruption, fraud, tax evasion and misconduct in the corporate sector. If these laws apply to your business, you must have a strong whistleblower policy in place. The reforms will commence on 1 July 2019, with penalties applying from 1 January 2020.

In preparation, Finlaysons have developed a template whistleblower policy for clients to ensure they meet their obligations under the new reforms.

What are the Implications for my Business?

While the Act outlines a number of protections for whistleblowers, it also creates an obligation for industry to take a proactive, rather than reactive, approach to the issue. Certain businesses will be required to create and distribute policies addressing how they will protect and support whistleblowers.

*  This section has been edited to include the new definition of a large proprietary company, which commenced 1 July 2019

It will be mandatory for public companies, large proprietary companies and corporate trustees of registrable superannuation entities to have a whistleblower policy in place.

Under the Corporations Act 2001 (Cth), a business is considered to be a ‘large proprietary limited company’ if it satisfies at least two of the following requirements;[1]

“New” definition of a ‘large proprietary company’ for financial years commencing on or after 1 July 2019

  • The annual consolidated revenue of the company and its related entities exceeds $50 million; or
  • The value of consolidated gross assets that the company and its related entities control exceeds $25 million; or
  • The company and its related entities have more than 100 employees.


Among other things, a whistleblower policy must outline:

  • What protection will be provided to whistleblowers;
  • Who disclosure should be made to and how;
  • How the company will investigate disclosures; and
  • How the company will ensure fair treatment of employees after disclosure

If disclosure is made, the company must also ensure that the whistleblower remains anonymous. Companies that fail to protect the identity of the whistleblower will be subject to fines, as well as criminal charges. Exemptions remain for disclosure made to government bodies such as ASIC, APRA and the AFP, or a legal practitioner.

The whistleblower policy must be made available to officers and employees. Failure to comply may result in fines of up to $12,600 for individuals, or a maximum of five times more for body corporates.

Public companies will have six months from 1 July 2019 to establish a whistleblower policy, while ‘large proprietary limited’ companies will have six months from the end of their financial year.

What is a Whistleblower?

Whistleblowers are often lauded by the public, however the current legislative regime does little to protect them from the repercussions of exposing the unethical or illegal behaviour of their employer.

The Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth) (‘the Act’) was introduced to the Senate back in 2017, following a Parliamentary Inquiry regarding whistleblowers. It was found that whistleblowers foster transparency, integrity and accountability in the corporate, public and not-for-profit sectors and a number of recommendations were made to consolidate and strengthen protection of whistleblowers.

Separate regimes currently in place in the banking, insurance and superannuation industries will be repealed under the Act, while protections under the Corporations Act 2001 (Cth) and Taxation Administration Act 1953 (Cth) will be expanded and strengthened.

What is a Whistleblower Policy?

A whistleblower policy is a legal document which is publicly available and accessible for all employees.

What do the Whistleblower reforms mean?

The reforms introduced by the Act will also:

  • Expand the definition of “eligible whistleblower” to both current and former officers, employees, contractors and relatives;
  • Allow and protect anonymous disclosure by whistleblowers;
  • Remove the ‘good faith’ disclosure requirement which rendered whistleblowers ineligible for protection if other concerns or motivations against the company could be shown;
  • Provide whistleblowers with immunity from civil, criminal or administrative liability for protected disclosures;
  • Provide protection for disclosure to journalists or parliamentarians in certain circumstances; and
  • Introduce civil penalties for causing detriment to, victimising, or breaching the confidentiality of a whistleblower

What’s next for the Whistleblower Act?

Further reforms to whistleblower protection are likely following the non-compliance uncovered by the Financial Services Royal Commission. Establishment of a single ‘Whistleblowing Act’, a dedicated ‘Whistleblower Protection Authority’ and a “reward” or “bounty system” for whistleblowers have all been suggested as future amendments to the legislation.

If you are concerned whether your business has met its requirements under the new reforms or require a template policy, please contact us.

This Alert is intended as general information only. It does not purport to be comprehensive advice or legal advice. Readers must seek professional advice before acting in relation to these matters.

[1] The Corporations Amendment (Proprietary Company Thresholds) Regulations 2019 has updated the definition of a ‘large proprietary company’ for the purposes of section 45A of the Corporations Act.