Australian companies must have in place a legislative compliant “eligible whistleblowers” policy and procedures following changes to the law. The new whistleblower legislation commenced on 1 July 2019 and involves severe civil and criminal penalties for employers who breach the protections provided to eligible whistleblowers. From 1 January 2020, certain companies will be required to have a whistleblower policy available to their Directors, officers and employees, which complies with the new Treasury Laws Amendment (Enhancing Whistleblower Protections) Act.

The stronger protections for whistleblowers under the new legislation include:

• anonymity (if required),
• increased immunities against prosecution,
• protection against detriment through victimisation; and
• penalties for non-compliance.

Whistleblowers will be protected when disclosing information/disclosable matters beyond that of criminal breaches, including breaches of tax laws, and laws administered by ASIC and APRA.

The new legislation will require Companies to undertake a thorough review and re-write of their existing whistleblower policy and procedures. To make your job easier, QAS International can provide you with a fully legislative compliant Whistleblower Policy and Procedures.

To ensure compliance Companies will need to implement a legislative compliant Whistleblower Policy and Procedures which address the following requirements:

Australian Legislative References and Requirements

1. Treasury Laws Amendment (Enhancing Whistleblower Protections) Act, effective from 1 July 2019; and
2. Australian Securities & Investments Commission (ASIC) Regulatory Guide 270 ‘Whistleblower Policies’ issued 13 November 2019.

To ensure legislative compliance the Whistleblower Policy and Procedures needs to address the following information:

1. to whom disclosures that qualify for protection under the Corporations Act may be made, how they can be made, and to whom they can be made;
2. the protections available to Whistleblowers of a disclosable matter, including protections under the Corporations Act;
3. criteria for a discloser to qualify for protection as a Whistleblower under the Corporations Act;
4. when a Whistleblower’s disclosure is deemed to be not a disclosable matter, and accordingly does not qualify for protection;
5. measures and mechanisms for protecting a Whistleblower’s identity/anonymity where they qualify for protection as a Whistleblower;
6. Whistleblower confidentiality and privacy;
7. how the Company will support Whistleblowers and protect them from detrimental acts or omissions;
8. compensation and remedies available for Whistleblowers;
9. civil, criminal and administrative liability protection available for Whistleblowers;
10. support and practical protection measures taken by the Company for Whistleblowers including protection measures taken for a Whistleblower’s protection from detrimental acts or omissions;
11. how the Company will a receive handle/deal with and investigate protected Whistleblowers/ a Whistleblower Report;
12. processes for risk identification, risk analysis and evaluation, risk control, risk monitoring and record retention (managing risk and compliance);
13. establishing if the disclosure is a “Disclosable Matter ” (by definition) and by Law is entitled to protection;
14. how the Company will ensure fair treatment of employees of the Company who are mentioned in protected disclosures that qualify for protection, or the Company’s employees who are the subject of disclosures (ie, to whom such disclosures relate);
15. how the Company will ensure fair treatment of its employees who are mentioned in disclosures that qualify for protection,;
16. how the Company will investigate disclosures that qualify for protection under the Corporations Act;
17. factors that the Company will consider when investigating a Whistleblower disclosure;
18. ensuring investigations follow best practice;
19. ensuring fair treatment of individuals mentioned in a disclosure;
20. Whistleblowing Process map documented;
21. monitoring and reporting on the effectiveness of the Whistleblower Policy and Procedures;
22. reviewing and updating the Whistleblower Policy and Procedures;
23. how the Whistleblower Policy and Procedures is to be made available to Directors, Senior Managers, employees of the Company and other external interested persons/parties;
24. how the Company Whistleblower Policy and Procedures will be meaningfully and effectively implemented and consistently applied throughout the Company in practice; and
25. any other matters prescribed by the regulations from time to time.

QAS International also provides confidential services to Companies acting as their authorised external Whistleblower Contact Officer (or Whistleblower Protection Officer) for taking Whistleblower disclosures, review to determine whether concerns are ‘disclosable matters’ and thus qualify for protection under the Act, and undertaking investigations and reporting to Boards on findings, conclusions and recommendations.

QAS International is an independent whistleblowing service provider, providing services such as:

• a whistleblower contact officer,
• a whistleblower protection officer, and
• independent whistleblower disclosure investigation firm.

Benefits are that:

• Whistleblowers can:
• make their disclosure anonymously, confidentially, and outside of business hours;
• receive updates on the status of their disclosure while retaining anonymity; and
• QAS International can provide additional information to the entity/organisation to which the disclosure is relevant while retaining anonymity, privacy and confidentiality.

We approached Brad almost 10 years ago to assist us in obtaining accreditation for safety and quality. He managed to understand our business, our business requirements, the systems we had in place and our proposed path for the future, in a very short space of time.  He wrote our manuals, trained us in the systems, prepared us for the audit process and in no time, we were accredited.  Brad has returned to look after us year after year. He has assisted in developing new policies and updated our systems and our documentation throughout the year each year; all done professionally and timely (regardless of where he is in the world, sometimes!). We have always managed to maintain very robust systems within our business over many, many years.  Brad adopted what we had and recommended improvements which certainly benefited our business. I would have absolutely no hesitation in recommending Brad and the QAS Team.

Jane Raspotnik
Joint Managing Director
Spaceframe Buildings Pty Ltd

Premise:            Change is a constant, or ‘the only thing that is constant is change’ [Heraclitus].

References:       ISO 9001:2015 Clause 6.1.2 Actions Taken to Address Risks and Opportunities

                           ISO 9001:2015 Clause 6.3 Planning of Changes

DIRECTION	PROCESS STEPS	KEY CONSIDERATIONS	AUDITABLE OUTPUTS
Shared Vision and Strategic Goals (Improvement Journey)	Improvement Opportunity identified: What’s needed and where to next?	Board and Senior Management agreement and buy-in	Strategic Plan Board Meeting Minutes
Risk Assessment	Create the “Why change?” benefits (incl. cost benefits) Risk assess the threats/barriers/ negatives/disadvantages	Ensure the benefits are justifiable and the risks can be managed within budget and resource allocationBoard and Senior Management review of cost benefits and risk control measures > endorsement of the change	Cost Benefit AnalysisRisk AssessmentSenior Management Meeting MinutesBoard Meeting Minutes
Communication and Consultation	Communication > Engaged and Empowered to tackle the change	Expect resistanceGet them on-side/establish buy-inIdentify people to lead the change process/change agents who are committed and motivated (involve both senior and middle management) – to get traction and provide and maintain momentumSenior Management and all key staff involvement in the process – sphere of influence (incl. all key interested parties)	Senior Management Meeting MinutesProject Change Management Team Meeting MinutesPresentations to key interested parties
Planning: Operational level goals and actions to achieve the strategic goals	Develop Action Plan and targets (what are the parameters) to achieve the Goals Departmental goalsPersonal goals   Define Outcomes and Outputs sought: What will be the measure of success for each Outcome and each Output?How will we achieve the Outcomes and Outputs (what activities have to be undertaken to achieve the Outcomes and Outputs)?	Tell the story of what success looks like. Words such as growth/improved/ reduced/increased will provide direction (but include performance targets that are measurable)What are the things we can look at to see if we are heading the right way and on target (an action list which is measurable)?How will we monitor how each activity is going?Need to have evidence	Project Change Management Action Plan, including measurable Outcomes, Outputs and associated performance targets – defined and documented
Implementation	Implement the Project Change Management Action Plan activities	Roles and responsibilities for tasks allocated/defined and documented	Project Change Management Team Meeting Minutes
Evaluation	Action Plan progress and performance monitored. How well are we doing?How do we know how well we are doing?Review of progress – data/statistics to inform/tell us how we are travelling (eg, “number of” or “percentage of”) – related to each activity	Meetings – progress and issue reporting high is high on the AgendaAnchoring points – to keep us on trackProgress monitored by senior and middle management and reported to Board (as applicable)Survey of represented key interested parties to establish performance data	Project Change Management Team Meeting MinutesSurvey results
Reflection	What have we achieved in terms of where are we heading?What works?What didn’t work?What have we learnt – what we discovered?What can we improve?What are we doing about it?	Review by both senior and middle management and reported to Board (as applicable)	Project Change Management Team Meeting MinutesSenior Management Meeting MinutesBoard Meeting Minutes (as applicable)
Goal Achievement	We made it and we have data/objective evidence to demonstrate that we made it!	Celebrate and Communicate/Share successReport/presentation to Board and DSNConsolidationCulture of continual improvement	Congratulatory email to all staffPublic noticesWebsite updateBoard Meeting Minutes