Issue: The new laws protect disclosures concerning misconduct or an improper state of affairs or circumstances in related bodies and received by officers and senior managers of related bodies. For Australian companies with overseas-based related entities, the regime may protect disclosures made to or about people or parts of the business based overseas.
What you need: Whistleblower policies and programs need to contend with whistleblower laws in different jurisdictions that may have different (and conflicting) requirements and train overseas-based officers or personnel on their obligations to the corporate group as a whole.
Issue: The new laws protect disclosures made to a wide range of eligible recipients, including officers and senior managers of a company and its related bodies.
What you need: Whistleblower programs need to build in training and communication strategies which reach all potential eligible recipients addressing whistleblower confidentiality and prohibitions on victimisation.
Issue: Disclosures about solely personal work-related grievances are generally excluded from protection under the new laws while disclosures concerning misconduct or an improper state of affairs or circumstances are protected. The line between what is protected and what is not is not always clear.
What you need: Whistleblower policies and programs need to set up sound but flexible investigation processes that can adapt to the variety of potential disclosures, even when it is not clear whether a disclosure is protected. For practical reasons, some clients prefer to take an expansive and consistent approach in their policies to streamline the investigation of issues which may be raised. However, companies need to do this without raising expectations of protection under the whistleblower regimes if those protections may not apply.
Issue: The new laws allow companies to authorise certain people to receive protected disclosures. This provides the company with an opportunity to structure its whistleblower program proactively but requires careful consideration as to who may be an appropriate whistleblower officer.
What you need: Whistleblower policies should identify appropriate whistleblower officers appointed to act as a liaison point and overall managers of the program. Several practical and legal considerations should inform who that person should be, including the potential for conflicts of interest. Companies that are proactive in establishing a good structure from the outset can help mitigate the risk of common pitfalls, such as breaches of whistleblower confidentiality, conflicts of interest and accusations of victimisation.
Issue: The confidentiality protections require a whistleblower’s consent to the disclosure of their identity or information which may identify them, subject to limited exceptions. For companies with email servers and document management systems that are accessible to people other than the intended recipient of a protected disclosure, navigating the confidentiality obligations can be tricky in practice.
What you need: Whistleblower policies and programs, and the systems that support them, must protect whistleblower identity, provide confidential channels for the making and storage of disclosures and/or facilitate the consent of whistleblowers to the disclosure of their identity, as appropriate.