29 Nov 2019 29 November 2019
Whistleblower protection: What has to be done now?
With effect from 1 July 2019, Australia has had a new comprehensive whistleblower protection regime which covers the corporate, financial and tax sectors. The regime has some very clear themes most notably to:
- Encourage ethical whistleblowing;
- Discourage white collar crime; and
- Hold employers accountable for protecting eligible whistleblowers.
It does this in the context of tax by way of amendments to the Taxation Administration Act 1953 by effectively making various amendments to, in particular, s 14ZZT ff of that Act.
Thus, an eligible whistleblower can pass information about the affairs of an entity to an eligible third party recipient with protections as outlined below. In a tax context this could include, for example, sensitive information about the tax operations or affairs of a company or a public body. Without this protection, various prosecutions could flow against the information provider. Section 14ZZT(3), in particular, also ensures that a disclosure, made to a legal practitioner for the purpose of obtaining legal advice or legal representation in relation to the operation of these whistleblower protection laws, is also protected.
The rules are relatively strict so as to ensure that mischievous persons are discouraged from making inappropriate disclosures that might unfairly prejudice a party who has done nothing wrong. How effective that will be remains to be seen but importantly there are no specific penalties in the legislation to deal with such mischievous apparent whistleblowers. Of course, such a person would not be protected so penalties outside the whistleblower legislation would apply but in practice will that be enough to deter such behaviour.
Under these new laws, corporate whistleblowers will be able to make anonymous protected disclosures. Individuals can also make such disclosures and this includes former employees, suppliers, contractors and their family members. To be eligible, the whistleblower must have reasonable grounds to suspect misconduct. Even conduct that is not illegal but has systemic issues involved are disclosable. However, the protections will not extend to disclosures about personal grievances such as interpersonal conflicts, transfer, promotion or disciplinary decisions.
Eligible recipients of disclosures can include senior managers, directors and auditors and in certain limited circumstances even journalists and politicians.
Protections for whistleblowers include anonymity, increased immunity against prosecution and protection against detriment through victimisation.
Severe penalties apply to employers who breach protections with courts being empowered to make certain orders if a company fails to protect a whistleblowing employee from detriment. Penalties include $1.05m for individuals and $10.5 or 10% of turnover (whichever is greater) for companies.
Importantly right now, public companies, large proprietary companies* and registrable superannuation entities must have a whistleblower policy in place from 1 January 2020 failing which a penalty of $12,600 can apply.
To comply, the policy must contain:
- The protections available to whistleblowers;
- How and to whom a disclosure can be made;
- Explanations as to how the company will support and protect the whistleblower;
- How investigations into a disclosure will be made;
- How the company will ensure fair treatment of employees mentioned in whistleblower disclosures;
- How the policy will be made available.
What must be done now and beyond?
Entities subject to the requirement to have a whistleblower policy in place now have a mere four weeks to action this obligation if they have not already done so – there is no time to waste either for the entity involved or its advisors. Advisors who act for such entities should check to ensure that the policy has been established and that it meets all the content requirements as set out above. After 1 January 2020, the relevant entities and their advisers need to be satisfied that the policy can be objectively shown to have been operationally implemented. Paying mere lip service to the requirement by having a policy in place which is then largely ignored would not meet the expected standard.
*A large proprietary company is currently defined in s 45A(3) of the Corporations Act 2001 as a proprietary company that satisfies at least two of the following in the relevant financial year:
(a) consolidated revenue of $50million or more;
(b) gross assets of $25 million or more;
(c) the company and any entities it controls have 100 or more employees.
As always, I welcome your thoughts and comments via the TaxVine feedback inbox.
Bob Deutsch, CTA