Australian Whistleblower Legislation

The Private Sector

Concerning the private sector, legislative protection has been considerably weaker. The primary provisions were contained in the federal Corporations Act 2004.

In a landmark development the Australian Government has passed the Treasury Laws Amendment (Enhancing Whistleblower Protections) Bill 2018.

The Bill amended  the:

  • Corporations Act 2001
  • Taxation Administration Act 1953
  • Banking Act 1959
  • Insurance Act 1973
  • Life Insurance Act 1995
  • Superannuation Industry (Supervision) Act 1993

We focus on the Corporations Act 2001.

What does the new Whistleblower Legislation do?

Whilst the new law is not without its shortcomings and challenges there are notable amendments.

The new law:

  • Enlarges the class of whistleblowers. (A relative, dependant or their spouse are also eligible.)
  • Includes former employees and associates as whistleblowers
  • Expands the scope of disclosable conduct but specifically excludes personal work-related grievances
  • Allows whistleblowers protection whilst remaining anonymous
  • Restricts the class of persons in a company who may receive disclosures to an officer, senior manager, auditor, actuary or person authorised by the company
  • Creates an offence and imposes heavy penalties for disclosing the identity of a whistleblower without their consent other than in the exceptions provided
  • Makes it easier for a whistleblower to seek redress and compensation for victimisation
  • Replaces the current ‘good faith’ test with a reasonableness test which requires that the whistleblower have reasonable grounds to suspect misconduct
  • Strengthens immunities for whistleblowers
  • Provide a means for disclosures to be made to parliamentarians and journalists in matters of public interest or emergency
  • Increases penalties up to $200,000 for an individual and $1 million for a body corporate
  • Expands the orders that may be made by a court in favour of a person who has suffered loss, damage, or injury as a result of detrimental conduct
  • Requires public and large proprietary companies to have a compliant whistleblower policy by the set date and to make it available to their officers and employees (the set date was previously 1 January 2019 but extended to August 2019 (at the earliest) following the third reading of the Bill.)

Amongst other things the policy must contain information about:

  • How and to whom disclosures may be made
  • What disclosures are protected
  • The protections and support available to a whistleblower
  • How disclosures will be investigated
  • How the company will ensure fair treatment of employees mentioned in the disclosure
  • How the policy is to be made available to officers and employees of the company

The new provisions apply varyingly to all companies.

However only public and large proprietary companies are required to have a whistleblower policy. (A large proprietary company is one that has at least two of the following criteria: consolidated revenue of at least $25 million, consolidated gross assets of at least $12.5 million or at least 50 employees within the company and the entities it controls.)

What to do next

  • Establish whether and how the new whistleblower legislation provisions apply to you.

Whilst only public and large proprietary companies will be required to have a whistleblower policy, all companies should adopt a whistleblower policy as a matter of good governance.

This will include:

  • Reviewing/drawing a compliant whistleblower policy (Companies must check whether the whistleblower policy is at odds with existing internal policies and human resources practices.)


  • Determining how best to make the policy available to officers and employees of the company


  • Determining how the company will support whistleblowers and protect them from victimisation


  • Establishing how and to whom protected disclosures may be made


  • Determining and providing practical training to the officers, senior managers and others who will receive disclosures


  • Providing those who are to receive disclosures with training so they know how to respond if a protected disclosure is made. (A failure to comply with the legislation can lead to heavy penalties.)


  • Determining how the company will support whistleblowers and protect them from detriment


  • Establishing how the company will investigate disclosures


  • Determining how to ensure fair treatment of employees who are mentioned in disclosures or to whom such disclosures relate


  • Ensuring employees are aware of the whistleblower system in place

What does all this mean?

There is now reasonably comprehensive whistleblower legislation covering the public and private sectors which imposes a legal requirement on organisations to have internal policies and procedures not only for facilitating disclosures, but also for protecting and supporting whistleblowers.

Check out Your Call’s Whistleblower Policy Review Checklist for best practice and good governance regarding whistleblowing programs.

In line with the whistleblower legislation an independent external reporting process allows whistleblowers to report misconduct where they may not feel safe or find it impossible reporting misconduct via internal channels. To the extent that a person cannot report misconduct through external means an organisation is exposed to risk and heavy penalties.

Best practice requires that the external and internal reporting options work in collaboration under a Whistleblower Policy.

The Public Sector

Historically, Whistleblower legislation in Australia has focused on the public sector.

The legislation was described by Dr A.J. Brown (Griffith University) as “a tapestry, because it’s got some rich threads, the problem is that there’s no single law which even approaches what would be reasonable best practice. Everybody’s experimented, nobody’s really got a good handle on what best practice would look like.”

Whistleblower protection laws have remained fairly comprehensive for the public sector, with federal and state legislation covering all jurisdictions aimed at ensuring integrity and accountability in the public sector.

Federal and State public interest disclosure Acts :

Whistleblowers Protection Act 1993, South Australia

Whistleblowers Protection Act 1994, Queensland

Public Interest Disclosures Act 1994, New South Wales

Public Interest Disclosure Act 2012, Australian Capital Territory

Public Interest Disclosure Act 2013, Commonwealth

Protected Disclosure Act 2012, Victoria

Public Interest Disclosures Act 2002, Tasmania

Public Interest Disclosure Act 2003, Western Australia

Public Interest Disclosure Act 2008, Northern Territory

The main objectives of these laws are to provide:

  • a safe means to report wrongdoing
  • appropriate protection whistleblowers
  • a framework to properly deal with and fix reported matters

The protection offered to whistleblowers includes protection against victimisation and suffering any detriment.

Whilst the federal and state laws relating to the public sector share these main objectives they are not without shortcomings.

Critics have observed that:

  • the reportable wrongdoing is ill-defined and differs between jurisdictions
  • anonymous complaints are not always protected
  • it is not clear who will be protected and how
  • the obligations on agencies themselves differs and is unclear
  • the absence of an oversight agency responsible for whistleblower protection

Launch a modern whistleblowing hotline at your organisation today & create a speak up culture

Speak to an expert Download checklist

I’m looking for a best practice guide!

Download the Whistleblowing Program Checklist

How to comply with Australia’s Whistleblower Legislation

Download Your Call’s Leader Guide to understand its impacts.