Keeping the whistleblowers of workplace misconduct protected

Benjamin Kluwgant · 12 Aug

Serious misconduct and unlawful activity in the workplace is one of the unfortunate realities of the business world. Part of HR management is being aware of how to deal with these types of behaviours fairly and according to the law.

While it is a manager’s responsibility to pick up on and deal with cases of serious misconduct and unlawful activity, it isn’t uncommon for this type of behaviour to sneak its way past management – making it easy for offenders to potentially get away with their actions.

That’s where whistleblowers come in.

Company managers rely heavily on their subordinates to come forward and report cases of serious misconduct. Having a company culture that encourages and protects whistleblowing is vital, as mustering up the courage to call out misconduct in the workplace is a very difficult thing to do.

On the one hand, the person witnessing the misconduct can feel a sense of responsibility to the organisation and be inclined to report it. But, weighing that feeling against the fear of being viewed as a ‘snitch’ or ‘tattle tale’ can often deter the person from reporting it.

Australian whistleblower protection laws

Back in 2001, the Australian Securities and Investment Commission (ASIC) put together a series of legislations (otherwise known as an ‘act’) that were designed to govern and regulate companies in Australia. As part of this act, ASIC offered protection to whistleblowers of serious misconduct in the workplace.

While these legislations did offer a protection of sorts to those who disclosed cases of misconduct in the workplace, as the years went by, the government realised that the legislation was difficult to understand and even harder to implement.

So, in 2018, in an attempt to improve and reform the existing laws and further protect the heroes of the workplace, the government introduced a new bill called ‘The Treasury Laws Amendment (Enhancing Whistleblower Protections) Bill 2018’. This Bill proposed to expand the protection rights of whistleblowers and encourage organisations to foster ethical work cultures that promote whistleblowing.

The Bill received Royal Assent (which is just a fancy way of saying passed both houses of parliament) in March 2019, and then became official legislation on 1 July 2019.

Living with the new whistleblowing laws

Ever since these changes were implemented, it has become more important than ever for HR personnel within a business organisation to be aware of the nuances that relate to protecting whistleblowers.

For instance, the new laws expand the types of activities that are considered whistleblowing material. Now, protection laws cover people who disclose information about an ‘improper state of affairs’ that is taking place in the workplace – including tax whistleblowing.

Another area that was expanded as part of this reform was the types of people who are considered eligible whistleblowers. Eligible whistleblowers now include current and former employees, officers, contractors, and employees of contractors, as well as their spouses, dependants, and other relatives. Anonymous disclosures are allowed as well.

So, if your business outsources a piece of work to a contractor and the contractor picks up on a case of tax fraud taking place within the business, if they come forward to you as the HR manager, their report would be considered a legal case of whistleblowing, and they would receive the full and unwavering protection of the law.

HR managers need to know whether the person making the disclosure is an eligible whistleblower and then how to deal with the information accordingly.  

How should a manager handle the information?  

From the moment that the whistleblower discloses the information to the manager, it is the responsibility of that manager to protect the whistleblower’s identity. This includes ensuring that any of the information that has been disclosed remains completely confidential and isn’t shared with anyone else without the whistleblower’s consent.

In the event that further internal investigation is required after the whistle has been blown, the manager needs to refer to the company’s internal investigation policies and follow them carefully. Generally, these investigation policies will still require for the manager to receive the consent of the whistleblower before they share the information with anyone else.

The instances in which the manager can disclose the information without the whistleblower’s consent, are when the manager is reporting it to ASIC, the Australian Prudential Regulation Authority (APRA), the federal police or to a lawyer for the purpose of obtaining advice on how to deal with the predicament.

Take your company’s whistleblower protection policy back to the whiteboard

Just like with bullying and sexual harassment, it is important that an organisation’s HR officers develop dependable and robust policies that cover the rules and procedures around whistleblowing.

In fact, ASIC’s new whistleblower protection laws actually require public companies, large proprietary companies, and proprietary companies that are the trustees of registrable superannuation entities, to have a whistleblower protection policy and to make that policy available to all officers and employees of the company.

According to ASIC, in light of the new laws about whistleblowing – existing policies should be reviewed and amended to ensure that they include:

  1. What the whistleblower’s protections actually are
  2. Which types of whistleblowers legally qualify for the protections, and how the disclosures need to be made in order to eligible for protection
  3. How the company will support and protect whistleblowers
  4. The way a company will investigate the disclosures and how the whistleblower’s information will be handled during an investigation
  5. How the company will ensure that all people related to the disclosure will be treated fairly.

ASIC also recommends including information about how the new (or amended) policy will be made available to everyone in the organisation.

Even if your business doesn’t fall under the category of an entity that must have such a policy in place, ASIC strongly recommends having one anyway – as implementing such a policy plays an enormous role in preventing and responding to cases of serious misconduct.