Guidance for whistleblowers
This information sheet (INFO 52) explains:
- who is a whistleblower
- what you should do if you believe you are a whistleblower
- the protections available to whistleblowers under the law
- ASIC’s role and the limitations of our role in relation to whistleblowers
- how ASIC deals with information from whistleblowers, including when we will act on your information
- our communication with whistleblowers
- the role of ASIC’s Office of the Whistleblower.
We acknowledge that someone who approaches ASIC, often in difficult and stressful circumstances, to provide us with inside information about potential misconduct within a company may do so at some risk to themselves. We give serious and dedicated consideration to the matters they raise.
Am I a whistleblower?
In general, a whistleblower is an insider within an organisation, who reports misconduct or dishonest or illegal activity that has occurred within that same organisation.
However, for the Corporations Act 2001 (the Corporations Act) to recognise and protect you as a ‘whistleblower’, you must meet the five criteria in Table 1 and do certain things when making your disclosure.
Table 1: Criteria for protection as a whistleblower
|1. Your role||You must be:
|2. Who the disclosure is made to||You must make your disclosure to:
|3. Providing your name||You must give your name to the person or authority you are making the disclosure to.|
|4. Reasonable grounds to suspect breach||You must have reasonable grounds to suspect that the information you are disclosing indicates that the company or company officer may have breached the Corporations Act or the Australian Securities and Investments Commission Act 2001 (ASIC Act).|
|5. Made in good faith||You must make the disclosure in ‘good faith’. That means your disclosure must be honest and genuine, and motivated by wanting to disclose misconduct. Your disclosure will not be ‘in good faith’ if you have any other secret or unrelated reason for making the disclosure.|
There is no formal registration process for whistleblowers; the protections apply to anyone who meets the above criteria.
What should I do if I believe I am a whistleblower?
If you believe you may be a whistleblower or are unsure what protections may apply to you, it is important to seek legal advice. ASIC is not able to give personal legal advice and can only provide general information on these issues. We will provide general guidance (this information sheet is aimed at providing that guidance). However, the information and examples in this information sheet might not apply to your situation, so we strongly encourage you to seek legal advice about your personal circumstances.
If you contact ASIC, we will try to provide information to assist you; however, only a properly accredited legal practitioner who understands your circumstances can give you legal advice. This is especially important if you are thinking of acting on the rights the whistleblower protections give to you.
If you believe you are a whistleblower with information that relates to potential breaches of the laws ASIC administers, you should send it to us through our online form.
How does the Corporations Act protect whistleblowers and their information?
The Corporations Act contains certain protections for whistleblowers who meet the five criteria in Table 1 above, including:
- protection of information provided by whistleblowers
- protections for whistleblowers against litigation
- protections for whistleblowers from victimisation.
These protections encourage people within companies, or with special connections to companies, to alert the company (through its officers), or ASIC, to illegal behaviour.
Protection of information provided by whistleblowers
The law calls the information provided by whistleblowers a ‘protected disclosure’. We must keep information provided by a whistleblower confidential. Further, we may not disclose either the information or the identity of the whistleblower unless that disclosure is specifically authorised by law.
You can find out more about how we protect information we receive by reading Regulatory Guide 103 Confidentiality and release of information (RG 103).
Protections for whistleblowers against litigation
The Corporations Act protects a whistleblower against civil or criminal litigation (including a case for breach of contract) for protected disclosures. If the whistleblower is the subject of an action for disclosing protected information, they may rely on this protection in their defence.
Further, if an employer terminates a whistleblower’s employment as a result of a protected disclosure, the whistleblower may ask the court for an order to reinstate them either in their original position or in another position at a comparable level.
Protections for whistleblowers from victimisation
The Corporations Act makes it a criminal offence to victimise a whistleblower because of a protected disclosure made by the whistleblower. The Act also provides that if a whistleblower suffers damage because of such victimisation, the whistleblower can claim compensation for that damage from the offender.
The legislation requires that the victimisation be the result of a protected disclosure. In many cases, particularly in the context of private employment, there may be arguments as to whether the conduct involved was victimisation as a result of the disclosure of information by the whistleblower or was done due to some other cause.
It is important to note that it is the responsibility of whistleblowers to bring any action for compensation because the legislation does not authorise ASIC to do this on behalf of the whistleblower. We strongly encourage people who believe they are whistleblowers to seek independent legal advice.
ASIC’s primary role in relation to whistleblowers is to receive, assess and (where appropriate) investigate disclosures. We also look into misconduct relating to allegations that whistleblowers have been victimised for making a protected disclosure. ASIC can and does carry out investigations of allegations of victimisation. However, given our limited resources and the fact that other protections such as reinstatement of employment are available, we will generally focus our resources on an investigation of the information reported by the whistleblower.
The protections under the Corporations Act consist mostly of private rights that the affected individual needs to take up.
However, it is important to understand the following limitations of our role:
- The whistleblower provisions in the Corporations Act do not give ASIC any special standing or specific power to:
act for a whistleblower who is the subject of litigation
bring an application on behalf of a whistleblower whose employer has terminated their employment as a result of disclosure
bring an action seeking compensation for a whistleblower for damage caused by victimisation.
- ASIC does not decide who is and who is not a whistleblower. The definition of a whistleblower is set out in the law (see ‘Am I a whistleblower?’) and ultimately, if there is a dispute, whether you satisfy this definition can only be determined by a court. However, we will assess whether we consider you to be a possible whistleblower under the Corporations Act and let you know.
- ASIC cannot provide you with legal advice. If you believe you may be a whistleblower or are unsure what protections apply to you, we urge you to seek independent legal advice.
- Obtaining the protections under the Corporations Act does not depend on any action by ASIC or an individual ‘registering’ as a whistleblower. ASIC is not empowered to enforce whistleblower protections. Unlike some foreign regulators, whistleblowers in Australia are not eligible to receive a financial reward for making a protected disclosure; the Corporations Act does not provide for it.
How ASIC deals with the information provided
We value and assess all reports and information that we receive, but not every matter brought to our attention requires us to take regulatory action such as court action. Any inquiries we make will initially focus on the breaches you have disclosed. What is important is that we get the information you believe relates to potential misconduct so we can assess it because it is likely to be valuable to us.
We will contact you by phone (if you have given us those details) and follow up with you to obtain the information you have. We will keep that information and your identity confidential. However, in very limited circumstances – for example, if a court subpoenas us to do so – we may be compelled to provide it. If this happens we will speak with you about that ahead of time and always seek to protect your identity and disclosure.
You can give us information anonymously, but the value of that information may be limited and we will not be able to follow up with you for further information if necessary or to tell you what steps we may take based on your information. Anonymous disclosures also don’t qualify for the whistleblower protections (see ‘Am I a whistleblower?’).
When we will act on your information
All information, complaints or reports of alleged misconduct and breaches of the Corporations Act (including those from whistleblowers) are given an initial assessment by ASIC’s Misconduct and Breach Reporting team. Staff in this team will provide you with information about whistleblowers and the Corporations Act if we think you might be a whistleblower under the Act or if you believe you are a whistleblower. For more information, see Information Sheet 153 How ASIC deals with reports of misconduct (INFO 153).
In the process of our assessment, we will need to take an objective view of the information provided and consider if the core misconduct is something we need to make further inquiries about or take action on. Often these matters occur in the context of an employment dispute or issue. We are likely not to focus on those issues, but on the substantive Corporations Act issues.
We cannot investigate every allegation that is made to us; we must prioritise. Generally, we do not act for individuals and we will seek to take action only where our action will result in a greater impact in the market and benefit the general public more broadly.
For information on our enforcement role and why we respond to particular types of breaches of the law in different ways, see Information Sheet 151 ASIC’s approach to enforcement (INFO 151).
Our communication with whistleblowers
People who have inside knowledge of companies are often in a good position to provide accurate and informative material and intelligence to regulators, such as ASIC, about potential misconduct.
If you are a whistleblower, we recognise that you may have an ongoing interest in the matter and we undertake to contact you regularly to update you as best we can. As a matter is actioned, a dedicated Whistleblower Liaison Officer within ASIC will contact you regularly. However, for confidentiality reasons, we cannot provide much detail during the course of our review or any subsequent investigation: see Information Sheet 152 Public comment (INFO 152).
If we decide not to take any further steps, we will communicate this to you, endeavouring to explain the reasons why and give some guidance as to what you should do next. For example, it may be that you should more appropriately provide the information to state or federal police or another regulatory body.
The role of ASIC’s Office of the Whistleblower
ASIC has formed an Office of the Whistleblower to ensure that we:
- give appropriate weight to the information we receive from whistleblowers
- handle properly the information we receive from whistleblowers.
The Office of the Whistleblower ensures that we maintain regular communication with a whistleblower and that if our handling or action in a matter concludes, that we explain the outcome and reason for that outcome to the whistleblower within the limitations of what ASIC can and cannot say. The Office of the Whistleblower oversights the handling of whistleblower matters across all of ASIC’s teams, rather than handling or dealing directly with whistleblower matters.
The Office of the Whistleblower also reviews ASIC’s handling of whistleblower matters so we can improve our handling and actioning of those matters.
As noted above, if you believe you are a whistleblower with information that relates to potential breaches of the laws ASIC administers, you should send it to us through our online form.
Where to find more information
- RG 103 Confidentiality and release of information
- INFO 151 ASIC’s approach to enforcement
- INFO 152 Public comment
- INFO 153 How ASIC deals with reports of misconduct
Read the whistleblower provisions of the Corporations Act (especially Part 9.4AAA) by visiting the Australian Government’s legislation website, ComLaw.
Go to Whistleblowers: Company auditors’ obligations and Information for company officeholders and company auditors on our website to find out how you can set up proper internal processes for handling information from whistleblowers.
Please note that this information sheet is a summary giving you basic information about a particular topic. It does not cover the whole of the relevant law regarding that topic, and it is not a substitute for professional advice. You should also note that because this information sheet avoids legal language wherever possible, it might include some generalisations about the application of the law. Some provisions of the law referred to have exceptions or important qualifications. In most cases you must take into account your particular circumstances when determining how the law applies to you.
This is Information Sheet 52 (INFO 52), reissued in August 2015. Information sheets provide concise guidance on a specific process or compliance issue or an overview of detailed guidance.