Not-for-profit Law
Legal help for community organisations

Whistleblower protection laws

Please change your location to view this page.

This page contains content that does not match your current location

Whistleblower protection laws under the Corporations Act 2001 (Cth) (Corporations Act):

  • encourage whistleblowers to come forward with their concerns about misconduct or breaches of the law and protect them when they make a disclosure, and
  • promote ethical behaviour by organisations and encourage them to deal with disclosures of misconduct seriously

If whistleblower protection laws apply to your organisation, your organisation will need to comply with the protection requirements including:

  •  keeping a whistleblower’s identity and information confidential, unless the organisation has the person’s consent to disclose the whistleblower’s information, and
  •  preventing the organisation or an officer or employee of the organisation, causing detriment to or victimising a whistleblower

Who do the whistleblower protection laws apply to?

Entities that the whistleblower protection laws under the Corporations Act apply to include:

  • companies registered under the Corporations Act (including unincorporated registrable bodies), and
  • corporations which meet the definition of a ‘trading or financial corporation’ under the Australian Constitution (these may include incorporated associations and other structures not incorporated under the Corporations Act if they are a ‘trading or financial corporation’)

If you are not sure whether your organisation is a trading or financial corporation, refer to ASIC’s guide on this.

Depending on how your organisation is registered and the organisation's size, it may also need to put a whistleblower policy in place.

Who must have a whistleblower policy?

Your organisation must have a whistleblower policy if it is a public company limited by guarantee with an annual consolidated revenue of $1 million or more.

While not-for-profit companies limited by guarantee with an annual consolidated revenue of less than $1 million are not required to have a whistleblower policy, they must still comply with the whistleblower protection provisions in the Corporations Act. The best way to demonstrate compliance may still be to have a whistleblower policy.

How do I prepare a whistleblower policy?

A whistleblower policy must include information about:

  • protections available to whistleblowers
  • how and to who the whistleblower may make the disclosure
  • how the company will support whistleblowers and protect them from detriment
  • how the company will investigate disclosures
  • how the company will make sure employees mentioned in disclosures, or related to disclosures, will be fairly treated, and
  • how the policy will be made available to officers and employees

Fill out the form below to download a whistleblower policy template and prepare a whistleblower policy for your organisation. ASIC has also published a guide (Regulatory Guide 270) to help organisations prepare a whistleblower policy that complies with the Corporations Act.

Note: The template policy doesn’t consider your organisation’s particular legal structure, needs or operations. The information in the template policy is not legal advice. You might need legal advice on your particular situation.

For more detailed guidance on Whistleblower protection laws, see our fact sheet ' Whistleblower protection laws and not-for-profit organisations’ below.

This fact sheet covers:

  •         what is whistleblowing?
  •         why do we have whistleblower protection laws?
  •         who is protected as a whistleblower?
  •         an overview of the whistleblower protection law?
  •         do the whistleblower protection laws apply to your organisation?
  •         key responsibilities of not-for-profit organisations and their officers under whistleblower protection laws
  •         when is a whistleblower policy required?
  •         offences and penalties for failing to comply with whistleblower protection laws

Whistleblower policy template

This whistleblower policy is based on ASIC Regulatory Guide 270.


Not-for-profit Law, a service of Justice Connect, will not disclose the contents of this form, but may use de-identified information when reporting on the types of organisations accessing this template.

Justice Connect’s Privacy Policy is available at The policy contains important information about how you can access and request correction of information we hold about you, how you may complain about a breach of the Australian Privacy Principles and how we will deal with any privacy complaint.

Last Updated: 27 November 2020