SMEs advised to develop whistleblower policies to minimise risk of fines, jail time


Companies of all sizes are being urged to develop dedicated whistleblower policies or risk potential penalties in excess of $10.5 million and even jail time.

New laws expanding protections for whistleblowers in Australia comes into effect on 1 July, changing what whistleblowers can disclose, how they can make reports and the penalties for companies and directors who don’t comply.

While the reforms only require “large proprietary companies” to develop dedicated whistleblower policies by 1 January 2020, the expanded protections apply to all companies.

This means while corporate regulator ASIC won’t be issuing any please explain notices to smaller companies for not having dedicated policies, they will nonetheless be required to comply with the new regime.

Whistleblowers can make disclosures to ASIC, APRA, other Commonwealth authorities, senior managers of companies, auditors and other authorised channels including hotlines.

Whistleblowers can make complaints about other employees, contractors or directors within a company.

Most of the whistleblower reforms apply to incorporated companies, but changes have also been made to the Taxation Administration Act to legislate protections for whistleblowers and provisions within these laws apply to sole traders and partnerships.

What’s changing?

From 1 July:

  • The definition of a whistleblower will be broadened to include current and former employees, contractors and even anonymous disclosures;
  • A broader range of conduct will fall under whistleblower protections, including where there are “reasonable grounds” to believe broadly defined terms like “misconduct” and “improper state of affairs” are occurring;
  • Disclosures will no longer need to be made in “good faith”, although whistleblowers must still have a reasonable view that misconduct has occurred;
  • Public interest disclosure protections will be introduced for those speaking to journalists or parliamentarians where regulators aren’t acting fast enough;
  • New protections for tax-related misconduct will be introduced which will also apply to sole traders and partnerships; and
  • Much tougher penalties for breaching the new laws are being brought in under both criminal and civil law.

Companies caught breaching the anonymity of a whistleblower or found to be engaging in “detrimental conduct” such as threats face civil penalties as high as $10.5 million, or $1.05 million for individuals.

Penalties are likely to be much higher if a court determines a company or individual derived a benefit from threatening or revealing the personal details of a whistleblower.

The new laws also remove an old due diligence defence for employers, which will change the way courts consider cases involving whistleblowers where a company is alleged to have breached the law.

Courts will consider whether employers have taken “reasonable precautions” and have “exercised due diligence” to avoid detrimental conduct towards a whistleblower.

Whether an employer has a dedicated whistleblower policy will also be considered and is likely to serve as a key defence for companies in these cases.

If a court finds an employee engaged in detrimental conduct towards a whistleblower, both the worker and their employer will be “jointly and severally liable” for compensation.

Most disclosures of personal work-related grievances are excluded from the whistleblower protections.

Do SMEs need a whistleblower policy?

Most SMEs won’t be required by ASIC to develop a whistleblower policy, but all companies are required to comply with the new laws and having a policy in place is being encouraged.

Dean Newlan, a senior consultant at McGrathNicol, tells SmartCompany any small businesses which don’t develop a policy are putting themselves at risk.

“The protections have been totally broadened … misconduct, or an improper state of affairs, it’s basically anything,” he says.

“If you have a proper and robust whistleblower program in place you’re likely to get people coming forward who wouldn’t have, you’re likely to get people coming forward earlier, and you can send a really strong message to your workforce and the community,” Newlan explains.

Newlan says being able to point to a whistleblower policy in a potential court case could be invaluable for employers of any size, with the potential for spurious claims to arise from broadened definitions of misconduct.

If a smaller employer does find itself in legal trouble under the new laws, having a process in place and a history of complying with that policy will be invaluable, he explains.

“SMEs need to adopt a conservative approach.”

Small business ombudsman Kate Carnell says SMEs should take appropriate actions to minimise their risk of being on the wrong end of a complaint.

“You need to identify someone in the organisation that is going to be the person to which employees can go if they want to report inappropriate behaviour,” she tells SmartCompany.

“Its more of a set of procedures than a policy document that goes on a website, there’s got to be someone documented and procedures that the company and employees know about.”

Some medium-sized firms will actually be required to develop policies by ASIC if they’re considered a large proprietary company.

NOW READ: ATO to launch dob-in-a-business hotline in effort to crack down on $10 billion tax hole

NOW READ: “Ironic”: ATO manager joked about issuing business crushing garnishee notices, IGTO finds


Notify of
Inline Feedbacks
View all comments
SmartCompany Plus

Sign in

To connect a sign in method the email must match the one on your SmartCompany Plus account.
Or use your email
Forgot your password?

Want some assistance?

Contact us on: or call the hotline: +61 (03) 8623 9900.