Who must have a whistleblower policy?

From 1 January 2020, your organisation must have a whistleblower policy if it is:

• a trading or financial corporation (including trading or financial incorporated associations registered with ASIC as Registered Australian Bodies); or
• a company limited by guarantee with an annual consolidated revenue over $1 million.

If you are not sure whether your organisation is a trading or financial corporation, refer to ASIC’s guide on this.

While not-for-profit companies limited by guarantee (that aren’t trading or financial corporations) with an annual consolidated revenue of less than $1 million are not required to have a whistleblower policy, they must still comply with the whistleblower protection provisions in the Corporations Act. And the best way to demonstrate compliance may still be to have a whistleblower policy.

How do I prepare a whistleblower policy?

A whistleblower policy must include information about:

• protections available to whistleblowers
• how and to who the whistleblower may make the disclosure
• how the company will support whistleblowers and protect them from detriment
• how the company will investigate disclosures
• how the company will make sure employees mentioned in disclosures, or related to disclosures, will be fairly treated, and
• how the policy will be made available to officers and employees

Fill out the form below to download a whistleblower policy template and prepare a whistleblower policy for your organisation. ASIC has also published a guide (Regulatory Guide 270) to help organisations prepare a whistleblower policy that complies with the Corporations Act.