The Senate Economics References Committee final report of the Inquiry into the Performance of the Australian Securities and Investments Commission (ASIC) took as its starting point the apparent failures by ASIC to deal with and respond appropriately to information provided by the whistleblowers in the CFPL case to consider whether there is a case for corporate whistleblower reform. The end point was a resounding “yes”.

The report looks at the shortcomings in protections currently afforded to whistleblowers and recognises a strong case for a comprehensive review of the corporate whistle blowing framework. Some of the main shortcomings identified in the report include:

  • the limited scope of whistleblower protection, in terms of the types of disclosure, the narrow definition of whistleblower, and the absence of any protection for anonymous disclosures. To be a protected disclosure it must be made to ASIC, auditors or certain persons within the company by an officer or employee of the company or a contractor or employee of a contractor to the company who makes the disclosure in good faith and has reasonable grounds to suspect contravention of a provision of the corporations legislation by a company its officer(s) or employee(s);
  • the lack of guidance as to how ASIC is to handle the information disclosed by whistleblowers including difficulties in resisting Court production orders for documents which would disclose whistleblower identity;
  • the absence of any regulatory requirement for internal whistle blowing processes within companies; and
  • the lack of mandate for ASIC’s role in protecting whistleblowers from reprisals and advocating for whistleblowers.

The final report also looks at the lack of adequate compensation provisions for whistleblowers and traverses the possibility of incentivising whistleblowers.

The main recommendations of the Committee are:

  • expanding the definition of whistleblower, for example to include former employees, financial services providers and accountants and auditors;
  • expanding the scope of information protected to cover any misconduct ASIC is empowered to investigate;
  • allowing ASIC to refuse to produce a document revealing a whistleblower’s identity to a third party unless ordered by a court or tribunal;
  • a government review of the current corporate whistleblower framework which includes the exploration of reward based incentives or US style bounties followed by a consultation process;
  • subject to this review, whistleblower protections be updated to:
  • protect anonymous disclosures;
  • replacing the requirement that whistleblowers make a disclosure in good faith with the requirement that a disclosure is based on reasonable grounds or on an objective test it tends to show wrongdoing regardless of the whistleblowers belief;
  • extend protection to disclosures to third parties such as the media in some circumstances;
  • strengthen protections afforded to whistleblowers by criminalising threats of reprisal and setting out clear statutory remedies to whistleblowers where they are disadvantaged by reason of a disclosure; and
  • establish an “Office of the Whistleblower” within ASIC

While acknowledging the tension between encouraging whistleblower disclosure on the one hand and minimising regulatory burden and maintaining confidentiality in the corporate sector on the other, the Committee favours expanded whistleblower protection and internal company processes which encourage disclosure.

This has implications for how companies manage risk and report non-compliance internally.   

It is clear from the report that ASIC has already improved its response to whistleblower disclosure and that it will be far more proactive in dealing with whistleblowers. 

Companies need to be prepared for this by having robust internal compliance processes in place, a clear understanding of the protections which are afforded to whistleblowers under the current legislation and a process for dealing with whistleblowers which meets the current legislative requirements. If the report’s recommendations are implemented, dealing with whistleblowers will become a compliance fact of life which needs to be carefully managed through appropriate best practice processes and early non-compliance detection.