By Key Business Advisors
Human Resources

The Australian Government has made changes to a variety of statutes in the Corporations Act 2001 that outlines new protections for whistle-blowers. All companies are covered by this new legislation however, as of January 2019 only public companies and large private companies will be required by law to have a whistle-blower policy.

What protections are there for whistle-blowers?

Whistle-blowers will be protected when disclosing information about a company’s misconduct or unethical behaviour. They are protected from any civil, criminal or administrative liability for disclosing information to certain people or bodies.

Whistle-blowers will now be protected against any contractual or other remedies.

Any information that is part of a disclosure is not admissible in evidence against a whistle-blower in criminal proceedings or proceedings that involve a penalty unless the information that has been disclosed has been falsified.

Whistle-blowers who wish to remain anonymous when disclosing information will still be protected under the new legislation.

Companies who are required to have a whistle-blower policy will have at least two of the criteria below:

  • Consolidated revenue of at least $25 million
  • Consolidated gross assets of at least $12.5 million
  • At least 50 employees within the company and the entities it controls

This new legislation aims to protect those who disclose:

  • ‘misconduct or improper state of affairs or circumstances relating to the company’
  • whether an offence has been committed under any legislation that requires ASIC or APRA’s oversight, such as the Corporations Act 2001 (Cth) and ASIC Act 2001 (Cth)
  • information about whether someone has committed a Commonwealth offence (Civil or criminal) punishable by at least one year’s imprisonment or more.

The terms ‘misconduct’ or ‘improper state of affairs’ are deliberately broad to highlight that such conduct reported by whistle-blowers does not necessarily break any laws but are perhaps seen as unethical. An example of this is the recent CommInsure Scandal in which Commonwealth Bank had not broken any laws but engaged in unethical practices.

Who is Protected by the New Legislation?

  • Officers (Directors and Senior Management)
  • Employees
  • Individuals who supply service or goods (whether paid or unpaid)
  • Employees of individuals who supple services or good (whether paid or unpaid)
  • Associates of a company
  • Relatives or dependants of all the above categories (I.e. spouse, parent, child, grandchild, sibling etc.)

Disclosure must be made to one of the following people or bodies:

  • ASIC;
  • APRA;
  • an officer of the company;
  • an auditor, or member of an audit team conducting an audit into the company;
  • an actuary of the company;
  • a person authorised by the company to receive protected disclosures;
  • a supervisor or manager of the whistle-blower who is an employee of the company;
  • a lawyer, for the purpose of legal representation or legal representation regarding the whistle-blower protections; and
  • in an emergency only, to a parliamentarian or a journalist


Only public companies and large private companies need to have a whistle-blower policy however, it is recommended best practice that ALL companies implement a whistle-blower policy in their business.

For more information on having a whistle-blower policy in your company or to see how compliant your organisation is, contact one of our HR experts today.

Newsletter Signup

Sign up to our newsletter

With useful information and tips to minimise risk and help you grow your business.

  • This field is for validation purposes and should be left unchanged.