Insight,

Whistleblowing as a governance issue: Does your board measure up?

AU | EN
Current site :    AU   |   EN
Australia
China
China Hong Kong SAR
Japan
Singapore
United States
Global

Nearly four years into the revamped private sector whistleblowing regime, the standards expected of organisations and the people that lead them are becoming clearer.

Meaningful compliance with whistleblower legislation requires more than a well-drafted policy; focus has shifted to how organisations are managing disclosures on the ground. ASIC has declared its intent to consider the full range of regulatory tools – including civil and criminal enforcement action – where it identifies whistleblower-related harm, and on 1 March 2023 commenced its first whistleblowing prosecution against a company and four of its current and former leaders. We take a look at the emerging focus on governance of whistleblower frameworks, and what this means for directors.

On 2 March 2023, the Australian Securities and Investments Commission (ASIC) published a report on its review of whistleblower frameworks implemented by seven large Australian organisations [1]Report 758: Good practices for handling whistleblower disclosures (Report 758) contains practical insights many organisations have been seeking - other than the statutory protections of confidentiality and anti-victimisation, the Corporations Act does not prescribe what steps organisations must take when they receive a whistleblower disclosure under Part 9.4AAA. While the Report acknowledges there’s no one-size-fits-all approach to managing disclosures, there are emerging standards – and warnings – that businesses, and their boards, should be paying attention to.

Report 758 is the latest in a series of information and guidance initiatives from ASIC, including Information Sheets, speeches, the detailed guidance for whistleblower policies in its November 2019 Regulatory Guide 270 (RG270) and the open letter issued to CEOs in October 2021 noting widespread non-compliance with those policy obligations. The important role of directors has been a consistent thread throughout.

Directors as eligible recipients

The prescribed role for directors under Part 9.4AAA is as “eligible recipients” of disclosures that qualify for protection. The role of eligible recipient is a critically important one; while the prohibitions against disclosing the whistleblower’s identity and causing detriment to a whistleblower apply at large, it is the eligible recipient who is at the front line. From the whistleblower’s perspective, this person is the embodiment of the organisation, who the whistleblower is entrusting with the responsibility to listen when they speak about their concerns, and to protect them as those concerns are addressed.

Many policies (reasonably) highlight third-party service providers – colloquially, whistleblower hotlines – as the preferred speak-up channel for disclosures. In our experience, however, many whistleblowers still make their reports directly to senior leaders they know or trust, particularly senior executives and non-executive directors. This means all directors and other eligible recipients (and not just those highlighted as contact points in the policy) should be familiarising themselves with the organisation’s whistleblower program, and seeking advice about, and obtaining training in, what is required to discharge that role lawfully and effectively.

Directors as overseers of whistleblower frameworks

ASIC has confirmed that while Part 9.4AAA does not prescribe accountability for the organisation’s whistleblower policy and program, ASIC considers the Board is ultimately responsible as part of the organisation’s broader risk management and corporate governance framework. [2]

For listed entities, Recommendation 3.3(b) of the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations (4th edition) highlights the Board’s role concerning material incidents arising under the whistleblower policy, noting these may be indicative of issues with the organisation’s culture.

RG270 similarly highlighted the Board’s role in monitoring the effectiveness of the whistleblower policy and as a key point of escalation in the management of particular cases, noting: [3]

It is important for an entity’s board (either directly or through its audit or risk committee) to ensure that the broader trends, themes and/or emerging risks highlighted by the disclosures … are addressed and mitigated ….

Report 758 enshrines the establishment of frameworks for effective director oversight as one of the seven key pillars of better practice whistleblower programs. Other pillars also reference the role of directors, such as the importance of defining roles and responsibilities of company officers to help create of a culture of transparency, accountability and good governance.

Directors as duty-holders

The interaction between the roles of a director in the whistleblower program and a director’s general duty to discharge their responsibilities with reasonable care and diligence [4] is set to be explored in ASIC’s first ever action against a company and some of its board members for alleged breaches of the anti-victimisation provisions in Part 9.4AAA.

ASIC’s action against TerraCom Limited and its managing director, chief commercial officer, former Chair and another former director alleges, among other things, that: [5]

  • they harmed a whistleblower when the members of the disclosure committee failed to take reasonable steps to ensure statements TerraCom made to the ASX about the whistleblower’s allegations were not false or misleading; and
  • the reasonable care and diligence duty was breached when the individuals failed to take reasonable steps on receipt of an independent investigation report into the allegations.

In addition to civil penalties and declaratory relief under Part 9.4AAA, ASIC is also seeking disqualification orders in respect of the individuals.

Given the potential for civil penalties and reputational damage when things go badly wrong, we can also imagine ASIC considering whether a director’s deliberate or reckless conduct concerning whistleblower disclosures leads to a claim the director has not discharged their duties in good faith in the best interests of the corporation as required by s181 of the Corporations Act.

An evolving space for directors

Effective management of whistleblower matters goes to the heart of good governance. While the legislation is not prescriptive about how to do it, there can be no doubt that ASIC expects organisations, led by their Boards, to actively explore what is reasonably possible in its specific circumstances, considering its size, complexity and the nature of its business. Having a policy and an external hotline is not enough.

Report 758 offers unique insights into not only the regulator’s view of what good looks like, but also what might practically be possible, and presents an opportunity for Boards to ensure their organisations’ maturity is being analysed against those ideals.

It’s also clear that directors must do more than attend eligible recipient training and passively receive quarterly whistleblower stats reports. Whatever happens with the TerraCom case, viewing directors’ obligations to protect whistleblowers through the lens of the statutory duty of reasonable care and diligence and the good faith duty is a useful way to elevate the pointy end of disclosure management to the Boardroom; giving directors the opportunity to truly listen to what disclosers are trying to say, to intervene where necessary, and to set the tone from the top that people are safe to speak up.

Australia and New Zealand Banking Group Ltd, AustralianSuper Pty Ltd, BHP Group Ltd, Commonwealth Bank of Australia, Netwealth Group Ltd, Treasury Wine Estates Ltd and Woolworths Group Ltd.

ASIC, Report 758: Good practices for handling whistleblower disclosures, March 2023, p18.

RG 270.14

Section 180, Corporations Act 2001 (Cth)

Reference

LATEST THINKING
Insight
The MYEFO just released by the Treasurer shows that an end to the surpluses the Government has enjoyed over the last two year is fast approaching, with slowing revenues and the promise of new policies such as the Build to Rent tax incentives announced in the last Budget beginning to bite.

19 December 2024

Insight
The Australian Food and Agricultural Taskforce (AFAT) has released a position paper, “Land of Plenty – Transforming Australia into a food superpower” (the Position Paper), which highlights that ‘there is a clear opportunity for Australia to become a food superpower and build a second engine of economic growth that mirrors the resources sector’.

19 December 2024

Insight
Employment disputes commonly have confidential or sensitive information front and centre of the matters in issue. Information such as personal details, medical conditions, disciplinary records, family circumstances, commercially sensitive information and workplace dynamics including harassment, bullying or discrimination, or scandalous material seemingly deployed for the purpose of damaging individual reputations – to highlight a few.

19 December 2024