Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career

New whistleblowing laws, risks, policies and changes explained

It is more important than ever for businesses to review their compliance culture as one of the biggest changes to whistleblowing laws are set to begin on 1 July 2019, writes Messina Angelis.

user iconMessina Angelis 04 June 2019 Politics
Parliament house
expand image

New whistleblower laws will require all public and large proprietary companies to introduce a whistleblower policy.

The Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth) significantly alters and expands protection for ‘eligible whistleblowers’ who report wrongdoing in the workplace. In other words, there are increased protections for those who raise concerns or questions about unethical or illegal conduct within the workplace.

Emergency and public interest disclosures


The new laws will provide protection to eligible whistleblowers who have previously made disclosures to escalate their concerns to parliamentarians and journalists with immunity, after following a prescribed procedure.

The discloser must have ‘reasonable grounds’ to believe that the information concerns either “a substantial and imminent danger to the health and safety’ of people or the ‘natural environment’, or where it would be in the ‘public interest to do so’.

Other important changes

• The definition of ‘whistleblowers’ will expand to cover officers, managers, employees, individuals supplying goods and services and their employees, an individual who is an associate of the regulated entity, and the relatives and dependents of the above

• Will allow and protect anonymous disclosure by whistleblowers

• Will remove the ‘good faith’ disclosure requirement which previously rendered whistleblowers ineligible for protection if their disclosure was not motivated by ‘good faith’

• Will provide whistleblowers with immunity from civil, criminal, or administrative liability for protected disclosures

• Civil penalties for victimising or breaching the confidentiality of a whistleblower

• ‘Personal work-related grievances' will only be protected in limited circumstances

Certain companies will be required to have a whistleblower policy

The act provides that it will be mandatory for all public companies, large proprietary companies or corporate trustees of registrable superannuation entities to have a privacy policy, and to make that policy available to officers and employees of the company.

A business will be a ‘large proprietary company’ if it satisfies at least two of the following criteria:

• consolidated revenue in excess of $50 million;

• consolidated gross assets of more than $25 million; or

• at least 100 employees within the company and the entities it controls.

What must a whistleblower policy contain?

Your organisation’s whistleblower policy needs:

• clear application to employees, past employees, contractors, suppliers, family members of employees;

• a documented process for dealing with protected disclosures exists that ensures that all disclosures are dealt with within a reasonable time;

• information about the protections available to whistleblowers and an outline of processes required to make disclosure; and

• a clear outline of how the organisation will ensure fair treatment of employees who are mentioned in protected disclosures, or to whom protected disclosures are made.

There must also be a working system in place to ensure that the policy is distributed to anyone who may be an eligible whistleblower in relation to the organisation.

Where disclosures are made, companies are also required to ensure that the whistleblower’s identity remains anonymous. Companies that fail to do this face significant penalties as well as potential criminal charges.

What constitutes victimisation is both expanded and clarified to include:

• dismissal of an employee,

• injury of an employee in his/her employment,

• alteration of employee’s position to his/her disadvantage,

• discrimination between an employee and other employees of the same employer,

• harassment or intimidation of a person,

• damage to a person’s reputation,

• damage to a person’s business or financial position,

• other damage to a person and

• victimisation to the whistleblower or persons associated with them – e.g. family/supporter.

Deadlines and penalties

The amendments will come into effect from 1 July 2019 and will apply to disclosures made on, or after commencement, but may relate to conduct which occurs or “occurred before, at or after commencement”.

The amendments have also significantly increased civil and criminal penalties for breaches of the new laws. Companies that fail to implement a compliant whistleblower policy or fail to do so by the deadline may be subject to a civil penalty. Breaching the confidentiality of a whistleblower or victimising a whistleblower (or threatening to do so), may also incur a significant civil or criminal penalty.

Reduce risks from the start

Prevention is always better than a cure.

Fair, reasonable and safe practices and procedures within the workplace help to avoid these sorts of issues arising. Avoid whistleblowing from happening by remaining compliant from the start.

Failure to take steps to shore up your company’s whistleblower policies may expose your business to regulatory action, reputational damage and significant penalties.

If you’re unsure of your compliance or policies and procedures regarding whistleblowers, need assistance designing or updating internal whistleblower policies, or training staff to deal with whistleblower interactions in a compliant way, employers should seek workplace relations advice.

Messina Angelis is a senior employment relations adviser at Employsure.