Australia’s New Whistleblower Laws: What Employers Need To Do

By Will Elton, Last updated: 2023-01-18 (originally published on 2019-09-09)

Here’s what employers need to know

As of 1 July 2019, Australia’s new whistleblower laws apply. Following more than 12 months in Parliament, the new Federal whistleblower protection regime was enacted covering the corporate, financial and tax sectors. The new laws aim to expose corporate (and in some cases, personal) misbehaviour.

The Whistleblower Laws introduced:

  • expanded whistleblower protections for all Australian companies;
  • a requirement for larger Australian companies to introduce a Whistleblower Policy; and
  • new significant penalties for breaches of whistleblower protections, ranging up to $10.5million.

Who can make whistleblower disclosures?

The category has now expanded to include employees, officers and suppliers of companies as well as their family members.

Disclosures made anonymously are still protected by the laws.

What classifies as a protected disclosure?

Protected disclosures include where a person has reasonable grounds to suspect that:

  • there has been misconduct or an “improper state of affairs or circumstances” regarding any of the entities covered by the laws or their related bodies corporate;
  • conduct that breaches the Corporations Act 2001 or conduct that breaches the ASIC Act or a range of specified insurance, life insurance and superannuation statutes;
  • conduct that relates to an offence against any law of the Commonwealth which is punishable by imprisonment for 12 months or more; or
  • presents a danger to the public or the financial system.

It’s important to note that disclosures about personal work-related matters are not generally protected by the laws. This includes: 

  • employment matters that impact upon the employee personally;
  • interpersonal conflict with another employee;
  • decisions regarding promotions, demotions, terms and conditions of employment; and
  • in regards to disciplinary action against the discloser.

Who can protected disclosures be made to?

Protected disclosures can be made to:

  • officers of a company;
  • senior managers;
  • auditors of a company;
  • actuaries of a company; and
  • trustee’s of a superannuation entity.

In certain circumstances, if a discloser has taken the prescribed steps yet has reasonable grounds to believe action is not being taken corresponding to the issue, there is also protection towards disclosing to a journalist or member of Parliament.


If the confidentiality of a whistleblower’s identity is breached, fines of up to $1.05m apply to individuals and up to $10.5m apply to companies involved in the breach.

If a whistleblower is threatened or victimised, fines of up to $1.05m apply to individuals and up to $10.5m apply to companies involved in the.

New Requirements

The laws require all public companies to introduce a Whistleblower Policy.

This also applies to companies with:

  • consolidated ‘Group’ revenue in excess of $50m;
  • consolidated gross assets of more than $25m or more; or
  • 100 or more employees at the end of the financial year.
The Whistleblower Policy must be in place by 1 January 2020. A company that fails to comply may face fines of up to $12,600.

Employers Need To:

  • Implement a whistleblower policy. The policy must set out information regarding:
      1. the protection available to whistleblowers;
      2. the person/organisations to whom protected disclosures may be made, and how they can be made;
      3. how the company will support whistleblowers and protect them;
      4. how the company will investigate protected disclosures;
      5. how the company will ensure fair treatment of employees mentioned in protected disclosures, or to whom such disclosures relate;
      6. how the policy is to be made available to officers and employees of the company
  • Train staff. Employers must train senior managers and those to whom protected disclosures may be made know how to identify a whistleblower report, and the steps they must take if they receive one. It is important to adequately cover the importance of protecting the whistleblower’s right to anonymity from the outset. Employers must also train all staff to know how the whistleblower regime works under the Act. They must also provide training detailing the protections provided to eligible whistleblowers.
  • Assess procedures. The new regime requires analysis of any existing whistleblower procedures. Companies should also ensure procedures to protect whistleblowers’ information will be secure and comply with privacy laws. 


READ MORE: The Hong Kong Australia Free Trade Pact Outcomes


Tags: Australia whistleblower laws 2019 | legal | privacy laws | SME | z-syndicate

Like what you just read?

Subscribe to our newsletter and be the first to hear of the latest Zegal happenings, tips and insights!