Whistleblowing is a key part of a transparent, accountable, and safe work culture. Whistleblowers need to know that they can raise an issue when they have reasonable grounds to suspect misconduct or an improper state of affairs involving a firm.
All companies in Australia must comply with the whistleblower protection provisions in the Corporations Act 2001 (Cth), which provides protections for corporate sector whistleblowers to encourage them to come forward with their concerns.
The Australian Securities and Investments Commission (ASIC) recently announced that they have published a report to help entities improve their whistleblower policies and procedures, and encourage people to speak up.
Good practices for handling whistleblower disclosures
The Good practices for handling whistleblower disclosures report (“the report”) sets out the good practices ASIC observed from its review of seven entities’ whistleblower programs from a cross-section of industries.
ASIC identified that firms with stronger programs:
- Established a strong foundation for the program.
- Fostered a culture and practices to support whistleblowers.
- Informed and trained those involved in receiving or handling disclosures about protecting whistleblowers and treating material confidentially.
- Monitored, reviewed, and improved the program.
- Used information from disclosures to address underlying harms and improve company performance.
- Embedded senior executive accountability for the program.
- Created frameworks to entrench effective director oversight.
The report provides detailed information about each best practice identified to establish a strong whistleblower program.
Establishing a strong foundation for the program
ASIC encourages firms to:
- Document their whistleblower policy.
- Define and allocate roles and responsibilities for their program.
- Design and establish supporting procedures or guidelines to manage whistleblowing in line with the Corporations Act.
- Ensure their program has adequate information technology resources and organisational measures to keep whistleblowers’ personal information secure.
Fostering a whistleblowing culture and supporting whistleblowers
ASIC encourages firms to:
- Consider how to actively promote whistleblowing.
- Consider authorising any pre-existing platforms to also receive disclosures from whistleblowers.
- Clearly differentiate between their different channels to receive reports, complaints or feedback, and promote the whistleblowing channel as being relevant for disclosures.
- Consider if they have adequate measures and processes to actively protect and support whistleblowers who make disclosures, including whether they have processes for assessing and controlling the risk of detriment to whistleblowers.
- Ensure that when they enter into settlements with whistleblowers, the terms of any confidentiality provisions do not attempt to limit the whistleblower’s ability to voluntarily raise any potential disclosable matters with a relevant regulator or agency.
Resources and training for relevant officers and employees
To mitigate risks associated with officers and employees breaching the whistleblower protections, ASIC encourages firms to provide training for:
- The firm’s internal eligible recipients on how to handle disclosures and respond to whistleblowers in line with the legal requirements.
- The employees involved in all aspects of the firm’s program on how to manage disclosures and support whistleblowers in line with the legal requirements.
Monitoring, reviewing, and improving the program
ASIC encourages firms to:
- Schedule periodic reviews of their policies and associated procedures and practices.
- Consider the objectives of their policy and program and identify corresponding indicators and metrics to monitor their program’s effectiveness.
Using information from disclosures
ASIC encourages firms to:
- Take steps to address the issues raised by whistleblowers.
- Analyse and use the information received from their programs.
- Consider whether and how they can strengthen the visibility of emerging areas of risk, and improve operations by sharing insights from their program.
Embedding executive accountability for the program
ASIC encourages firms to consider:
- Whether and how they embed executive accountability for the program, including through the designation of an accountable senior manager.
- Whether a mechanism for broader executive oversight of the program may be beneficial to the firm.
Further, ASIC encourages accountable executives to reflect on whether they receive sufficient information about the program to discharge their accountability.
Effective director oversight
ASIC encourages firms to consider:
- Formalising arrangements for board or board committee oversight of the policy and program, including considering which board committee is most appropriate.
- The frequency, type and level of information that management should provide to board committees so that they can discharge their oversight responsibilities.
Further, ASIC encourages boards and board committees to reflect on whether they receive sufficient information to perform their oversight function.
Key takeaways
ASIC has published a report which outlines good practices for handling whistleblower disclosures. ASIC encourages firms to: establish a strong foundation for the whistleblower program; foster a whistleblowing culture and support whistleblowers; provide resources and training for relevant officers and employees; monitor, review, and improve the program; use information from disclosures; embed executive accountability for the program; and provide effective director oversight. Following these best practices can help firms improve their whistleblower policies and procedures and contribute to a transparent, accountable, and safe work culture.