The Drive to Improve Protection for Whistleblowers

The recently enacted Treasury Laws Amendment (Enhancing Whistleblower Protections) Act 2019 (Cth) (Whistleblower Act) is the result of a growing public recognition of the need to better protect those who speak up about illegal and unethical conduct in their organisations from being victimised.

The strengthening of the whistleblower protections (that were inserted into Part 9.4AAA of the Corporations Act 2001 (Cth) (Corporations Act) in 2004) follows much public attention on whistleblowing in recent years, including an inquiry by the Joint Parliamentary Committee on Corporations and Financial Services into Whistleblower Protections in the Corporate, Public and Not-for-Profit Sectors in 2016/17.

Consider some of the media reports about those who have spoken up:

  • Sally McDow, who was the first person to take legal action in the Federal Court against her former employer under the whistleblower provisions in Part 9.4AAA, claimed that she was bullied and then made redundant from her senior compliance role in 2015 after she ‘blew the whistle’ at Origin Energy about significant and dangerous compliance breaches at its gas and oilfields and a subsequent covering up of the breaches. Ms McDow’s legal action followed unsuccessful attempts to obtain suitable employment following her dismissal. Origin Energy denied Ms McDow’s allegations and denied that there was an association between her whistleblowing and the loss of her job. The parties settled the case before trial. Ms McDow subsequently founded CPR [Culture, Performance, Reputation) Partners.
  • Brian Hood, former Company Secretary at one of the Reserve Bank of Australia’s subsidiary companies, Note Printing Australia, told a media investigation that in 2007 he raised concerns with various directors that foreign bribery had occurred at the company and its related company, Securency (50 per cent owned by the RBA at that time and sold by the RBA in 2013). The matter was reported to the Australian Federal Police in 2009 when the Securency Board of Directors became aware that The Age proposed to publish an article about the allegations. By that time, Mr Hood had been made redundant. In 2011, Note Printing Australia and Securency entered pleas of guilty to charges of conspiracy to bribe foreign officials. The offences were committed between December 1999 and September 2004. According to the RBA, Note Printing Australia paid fines of $450,000 and a pecuniary penalty of $1,856,710. Securency paid fines of $480,000 and a pecuniary penalty of $19,809,772.
  • Jeff Morris worked in financial planning at the Commonwealth Bank of Australia and ‘blew the whistle’ about misconduct in 2008. In the words of the then Minister for Revenue and Financial Services in June 2017, “Exposing the bank’s misconduct has taken a serious toll on Mr Morris. His anonymity was not protected, he was subject to death threats, he lost his job and, in the end, he lost his whole family.” In April 2018, ASIC announced that it had accepted an enforceable undertaking from Commonwealth Financial Planning Limited (CFPL) and BW Financial Advice Limited (BWFA), both wholly owned subsidiaries of the Commonwealth Bank of Australia (CBA). The enforceable undertaking required, among other things, that:
    • CFPL and BWFA make a community benefit payment of $3 million in total
    • CFPL provide an attestation from senior management setting out the material changes that have been made to CFPL’s compliance systems and processes in response to the misconduct.

It was reported in the media in February 2019 that ASIC had banned Commonwealth Bank’s financial planning arm from charging ongoing service fees until further notice. after a report found the business had inadequate systems in place to protect its customers.

The New Whistleblower Protections

The Whistleblower Act, which was assented to on 12 March 2019 and commences on 1 July 2019, strengthens and extends the whistleblower protections in Part 9.4AAA of the Corporations Act, including expanded remedies for reprisals. The whistleblower provisions in the Banking Act 1959 (Cth) (Banking Act), Insurance Act 1973 (Cth) (Insurance Act), Life Insurance Act 1995 (Cth) (Life Insurance Act) and the Superannuation Industry (Supervision) Act 1993 (SISA Act) have been repealed and consolidated into the Corporations Act, and a new whistleblower protection regime relating to disclosures about entity’s tax affairs introduced into the Taxation Administration Act 1953 (Cth). There is a strong emphasis in the amended Part 9.4AAA on the role of employers in preventing their employees from engaging in conduct that is detrimental to those who ‘blow the whistle’.

Amended Part 9.4AAA will protect disclosures of “disclosable matters” about “regulated entities” and related bodies corporate by an expanded range of whistleblowers, which now includes former, as well as current, employees, suppliers and associates, and their relatives and dependants. To qualify for protection, disclosures may be made to an external regulator or to an internal “eligible recipient”.

“Disclosable matters” include information that the discloser has reasonable grounds to suspect:

  • concerns misconduct, or an improper state of affairs, in relation to the regulated entity or a related body corporate;
  • indicates that the regulated entity or a related body corporate has engaged in conduct that:
  • constitutes an offence against or a contravention of a provision of the Corporations Act, Australian Securities and Investments Commission Act 2001 (Cth), Banking Act, Financial Sector (Collection of Data) Act 2001 (Cth), Insurance Act, Life Insurance Act, National Consumer Credit Protection Act 2009 (Cth), SISA Act or an instrument made under any of these Acts;
    • constitutes an offence against any other law of the Commonwealth that is punishable by imprisonment for a period of 12 months or more;
    • represents a danger to the public or the financial system; or
    • is prescribed by the regulations.

Part 9.4AAA, as amended, also provides for “public interest disclosures” and “emergency disclosures” to a Member of Parliament or a journalist where a disclosure was previously made to ASIC, APRA or a prescribed Commonwealth authority, and other criteria are met.

Public companies will be required from 1 January 2020 and large proprietary companies will be required within six months from the end of their financial year to have in place a whistleblower policy, made available to its officers and employees, that sets out information about:

  • the protections available to whistleblowers, including the protections under the legislation
  • to whom and how disclosures that qualify for protection under the legislation may be made
  • how the company will support whistleblowers and protect them from detriment
  • how the company will investigate disclosures that qualify for protection under the legislation
  • how the company will ensure the fair treatment of employees who are mentioned in disclosures that qualify for protection under the legislation
  • how the policy will be made available to officers and employees of the company
  • any additional matters that are prescribed by the regulations.

Significant Increases to Corporate Penalties

In “Restoring trust in Australia’s financial system, the Federal Government’s Response to the Final Report of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (February 2019), the Government indicated that legislation was before the Parliament to significantly increase penalties, both civil and criminal, so that they are an effective deterrent to, and remedy for, corporate and financial misconduct.

The Treasury Laws Amendment (Strengthening Corporate and Financial Sector Penalties) Act 2019 (Cth) (Penalties Act) received Royal Assent on 12 March 2019. Most of its provisions commenced on 13 March 2019, apart from some of the contingent amendments in Schedule 5.

The increased penalties will apply to the whistleblower protections in Part 9.4AAA.

Under the amended Part 9.4AAA, it will be a criminal offence to contravene:

  • the requirement to keep a whistleblower’s identity confidential
  • the prohibition on victimisation following a protected disclosure by a whistleblower.

Civil penalties also apply to contravention of these provisions. Failure by a public company or large proprietary company to comply with the requirement to have in place a whistleblower policy is also an offence, but the whistleblower law does not provide for a civil penalty in this case.

The civil penalties that apply for breach of confidentiality of a whistleblower’s identity or victimisation of a whistleblower are as follows:

  • for an individual, the greater of 5000 penalty units and three times the benefit derived or detriment avoided because of the contravention (if that can be determined by the court)
  • for a company, the greatest of 50,000 penalty units, three times the benefit derived or detriment avoided because of the contravention (if that can be determined by the court), and either 10 per cent of annual turnover up to 2.5 million penalty units.

Criminal penalties are as follows:

  • breach of confidentiality of identity of whistleblower
    • for an individual: six months imprisonment and/or 60 penalty units
    • for a company: 600 penalty units
  • victimisation
    • for an individual: two years imprisonment and/or 240 penalty units
    • for a company: 2400 penalty units
  • failure to have in place a whistleblower policy
    • for an individual: 60 penalty units
    • for a company: 600 penalty units.

A penalty unit is currently $210, as determined by s 4AA of the Crimes Act 1914 (Cth).

CompliSpace Webinar

If you’d like to know more about the new whistleblower laws and ‘what you need to do’ Katharine Wilkinson, Head of Corporate & Financial Services at CompliSpace, will be recording a webinar this week to discuss the new laws. Contact us if you would like to receive a copy of the webinar recordings.