Do you need a Whistleblower Policy? What you need to know

Relevant Entities are required to implement a Whistleblower Policy that complies with new legal obligations in the Corporations Act and ASIC Regulatory Guide 270 (“RG 270”) as of 1 January 2020.




What are you Required to Do?

If you are a Relevant Entity you are required to:

  1. have a Whistleblower Policy in place which meets the requirements set out in the Corporations Act; and
  2. have adequate training in place in order to maintain efficient procedures for the handling of whistleblower disclosure, that adheres to the Corporations Act.

Who are the Relevant Entities?

The following entities are required to implement a Whistleblower Policy:

  • public companies including those limited by guarantee;
  • large proprietary companies; and
  • corporate trustees of superannuation funds.


A propriety company is defined as ‘large’ if it satisfies at least two of the following criteria (for financial years commencing on or after 1 July 2019):

  • the consolidated revenue for the financial year of the company and any entities it controls is $50 million or more;
  • the value of the consolidated gross assets at the end of the financial year of the company and any entities it controls is $25 million or more; and
  • the company, and any entities it controls, have 100 or more employees at the end of the financial year.


Relief from implementing a Whistleblower Policy has been granted to small not-for-profits or charities that have revenue of less than $1 million in a financial year. Furthermore, small proprietary companies are exempt from the requirement to implement a Whistleblower Policy.

Objectives to Follow when Writing and Implementing your Whistleblower Policy

In order to ensure your Whistleblower Policy is compliant, you should rely on the objectives set out in RG 270. These include:

  • implementing and maintaining a Whistleblower Policy that reflects the relevant entity’s size, nature, scale and complexity;
  • ensuring there are adequate systems in place that allow for disclosures made under the Whistleblower Policy to be dealt with appropriately and effectively;
  • adopting a tone which encourages disclosures within the Whistleblower Policy;
  • making sure the Whistleblower Policy is adopted across all areas of the Relevant Entity; and
  • having scheduled reviews, in order to allow for updates.


These obligations fall predominately on the Relevant Entity’s Board of Directors to implement the updated whistleblower protection mechanisms.

Failure to handle reported whistleblower disclosures properly will result in a potential breach of the Corporations Act. Additionally, failure to have a whistleblower Policy implemented is a strict liability offence and will result in a penalty of 60 penalty units for individuals and companies (currently $12,600.00). Relevant Entities should note that disclosures made in regard to conduct prior to the amendments taking effect will still be caught by the amendments to the Corporations Act.

What is Required in a Whistleblower Policy?

The Corporations Act requires the Whistleblower Policy to contain the following information about:

  • the protections available to whistleblowers, including protections under the law;
  • to whom disclosures that qualify for protection under the law may be made, and how they may be made;
  • how the Relevant Entity will support whistleblowers and protect them from detriment;
  • how the Relevant Entity will investigate disclosures that qualify for protection under the law;
  • how the Relevant Entity will ensure the fair treatment of employees of the company who are mentioned in disclosures that qualify for protection under the law, or to whom such disclosures relate;
  • the policy is to be made available to officers and employees of the company; and
  • any matters prescribed by the regulations.


Additionally, references should be included about the Tax Whistleblower Regime under Part IVD of the Taxation Administration Act 1953 (Cth) if applicable.

Background Information

Whistleblowers play an important role in identifying and calling out misconduct and harm to consumers and the community. On 1 July 2019, the Corporations Act expanded the protections for whistleblowers to encourage these people to come forward with their concerns and protect them when they do. Details about the requirements that must be contained within a Whistleblower Policy and how a Relevant Entity should go about preparing a compliant Whistleblower Policy are contained in RG 270.

How can we Assist?

Sophie Grace is able to assist in preparing a Whistleblower Policy that is tailored to your entity and that reflects the Corporations Act and RG 270 or alternatively you can purchase the Whistleblower Policy Template from the Sophie Grace Shop. To have a confidential conversation surrounding your Whistleblower Policy and for assistance in relation to the new requirements please contact us.

Further Reading

For more information surrounding ASIC’s response to the legislative changes please read the information sheets provided by ASIC and Regulatory Guide 270. Moreover, to understand the criteria that constitutes a whistleblower, see Table 1 of Info Sheet 238.

Check our our Compliance Portal

Subscribe to our Newsletter

Contact Us