ASIC must rethink ‘overly prescriptive’ good practice guidelines
The federal regulator must ensure that good practice guidance for corporate entities is less prescriptive, particularly with regard to whistleblower protections, argues a member association.
In its submission to ASIC on Consultation Paper 321 and Draft Guidance, on which the federal regulator is currently seeking feedback on proposals for entities that must have whistleblower policies, the Association of Corporate Counsel said that the draft guidance “is overly prescriptive and does not take into account that many companies subject to the Corporations Act already have whistleblower programs that function well and meet the regulatory requirements of multiple jurisdictions”.
“Good practice guidance based on principles – the results ASIC would like to see as a result of a company’s policies – would be better in this section than the prescriptive recommendations about how roles and responsibilities should be assigned among various corporate functions,” the association wrote.
ACC is “especially concerned”, it continued, about the practice recommendations made with respect to whistleblower protection and investigation officers, as the description of multiple roles in this area may be at odds with current company practices.
“For example, many companies operate their whistleblower programs out of their compliance departments, with their chief compliance officer having ultimate responsibility for the resolution of whistleblower reports,” it said.
“Investigations of these reports may be run out of the compliance department, the legal department, or some other corporate function, depending on the nature of the report. ASIC’s good practice for an entity to assign the roles of whistleblower protection officer and whistleblower investigation officer to different individuals who act independently of each other would disrupt a number of well-established corporate compliance and whistleblower programs.
“Likewise, we disagree that the whistleblower protection officer should report directly to the entity’s board as a good practice – this is something that will greatly depend upon how an entity’s overall compliance program is structured and the individual who is filling the function of the whistleblower protection officer. Companies should be able to determine the best arrangement of roles and responsibilities for their whistleblower programs for their needs without having to consider this overly prescriptive good practice guidance from ASIC.”
What ASIC could instead offer, ACC posited, are the principles it would like a whistleblower program to be based upon when it comes to how the program is structured.
“For example, instead of recommending that there be a protection officer and an investigation officer and protection officer has a line of reporting to the board, ASIC could recommend that whistleblower programs be structured in a way to ensure the individuals responsible for protecting whistleblowers and investigating their claims are able to exercise independent judgment and have a method through which they can escalate problems to the board of directors,” the association suggested.
“We recognise that ASIC’s good practice guidelines are not binding upon companies but given that this is new legislation and ASIC is the regulator of the companies, ASIC’s interpretation of good practice will certainly be given much weight in case of a violation of the whistleblower laws.”
In the same submission, ACC posited that ASIC must provide further guidance on protections that might be afforded to in-house legal counsel when those lawyers are put in a position where they feel it is necessary to become whistleblowers, according to a member association.