On this page
- Who do the whistleblower protection laws apply to?
- What organisations must have a whistleblower policy?
Whistleblower protection laws under the Corporations Act 2001 (Cth) (Corporations Act):
- encourage whistleblowers to come forward with their concerns about misconduct or breaches of the law and protect them when they make a disclosure
- promote good risk management and corporate governance, and
- promote ethical behaviour by organisations and encourage them to deal with disclosures of misconduct seriously
If whistleblower protection laws apply to your organisation, your organisation will need to comply with the protection requirements including:
- keeping a whistleblower’s identity and information confidential, unless the organisation has the person’s consent to disclose the whistleblower’s information or the disclosure is permitted by law, and
- preventing the organisation or an officer or employee of the organisation, causing detriment to or victimising a whistleblower
Download our fact sheet
Our fact sheet provides more information on whistleblower protection laws and not-for-profit organisations. It covers:
- what is whistleblowing?
- why do we have whistleblower protection laws?
- who is protected as a whistleblower?
- do the whistleblower protection laws apply to your organisation?
- complying with the whistleblower protection laws
- when is a whistleblower policy required?
- the consequences of failing to comply with whistleblower protection laws
Who do the whistleblower protection laws apply to?
Entities that the whistleblower protection laws under the Corporations Act apply to include:
- companies registered under the Corporations Act (including unincorporated registrable bodies), and
- corporations which meet the definition of a ‘trading or financial corporation’ under the Australian Constitution (these may include incorporated associations and other structures not otherwise incorporated under the Corporations Act if they are a ‘trading or financial corporation’)
Depending on how your organisation is registered and the organisation's size, it may also need to put a whistleblower policy in place.
What organisations must have a whistleblower policy?
Your organisation must have a whistleblower policy if it is a public company (including a public company limited by guarantee), a large proprietary company or a proprietary company that is the trustee of a registrable superannuation entity.
However, there is an exemption for not-for-profit public companies limited by guarantee with annual consolidated revenue of less than $1 million.
While not-for-profit companies limited by guarantee with an annual consolidated revenue of less than $1 million are not required to have a whistleblower policy, they must still comply with the whistleblower protection provisions in the Corporations Act. The best way to demonstrate compliance may still be to have a whistleblower policy.
Find out more by downloading our fact sheet.
The content on this webpage was last updated in October 2023 and is not legal advice. See full disclaimer and copyright notice.