Last Minute Guidance for Whistleblower Policies 2020

ASIC’s New Regulatory Guide for Whistleblower Policies

ASIC recently released the long awaited regulatory guidance for company whistleblower policies. The policies, which are now a legislative requirement for public and large proprietary limited companies, must outline how a company will investigate disclosures of misconduct by potential whistleblowers.

Regulatory Guide 270 further expands on section 1317AI(5) of the Corporations Act 2001 (Cth), which outlines a number of factors that must be addressed in order for a whistleblower policy to be considered compliant. ASIC have also included extensive good practice guidance and tips to assist companies establishing policies for the first time.

Feedback to the draft regulatory guide, released in August, criticised the overly prescriptive nature of ASIC’s approach. While ASIC have since attempted to delineate the legal requirements from their own recommendations, the final product is still very detailed and legally complex.

Some of the “non-mandatory” tips include:

• encouraging smaller entities to contract with an external whistleblowing service provider to receive disclosures;
• incorporating advice on how disclosure can be made to protected Government bodies outside the company (for example, APRA or the ATO); and
• the appointment of an audit and risk committee to review investigations of disclosure.

The above recommendations go beyond what is required by the whistleblower protections and highlight the corporate regulator’s ongoing push for increased good governance and internal risk management in the private sector.

Last Minute Reprieve for Small Not-for-Profits and Charities

ASIC confirmed that small not-for profits and charities are now no longer required to have a whistleblower policy, as foreshadowed in Consultation Paper 321. ASIC agreed with public submissions that it would impose a disproportionate regulatory burden on small charities, and that the Australian Charities and Not-for-profits Commission (ACNC), as the dedicated regulator, could revisit the matter if required.

For a company to be eligible for the exemption they must have annual consolidated revenue of less than $1 million and operate on a not-for-profit basis. This figure is in line with similar threshold tests for reporting and auditing requirements of companies limited by guarantee and the classification of small/medium charities by the ACNC.

However, the practical benefit of this exemption is limited. Broader whistleblower protections will still apply to eligible individuals who make disclosure, regardless of the status or size of the company. For those companies that are now exempt from establishing a whistleblower policy, it would be prudent to consider what measures are in place to maintain the confidentiality of a whistleblower’s identity and protect them from detriment once disclosure is made.

Whistleblower Policy 1 January 2020 Deadline

Notwithstanding these new developments, ASIC have restated that there will be no extension of time for companies to ensure compliance with the new requirements. Penalties for failure to implement a whistleblower policy will apply from 1 January 2020.

In light of ASIC’s increasingly strict stance on matters of corporate governance, companies should take the time to consider whether their current policies and procedures in relation to whistleblowers are compliant.

Further information such as, What do the Whistleblower reforms mean? and Which companies require a Whistleblower Policy? can be found in our previous legal alerts.

How To Develop A Whistleblower Policy

Have You Adopted Your Whistleblower Policy? 

This Alert is intended as general information only. It does not purport to be comprehensive advice or legal advice. Readers must seek professional advice before acting in relation to these matters.