Whistleblower Laws: ASIC's First TerraCom Prosecution

DATE PUBLISHED: April 27, 2023

key takeaways

I. Corporate whistleblower laws in Australia protect whistle blowers for many entities, and require some entities that are "eligible firms" to have a policy in place.
II. ASIC is the regulator and can seek extremely harsh penalties for breaches.
The TerraCom case, ASIC's first prosecution attempt, focuses on detrimental conduct to a whistleblower and directors' duties breaches, highlighting the importance of board accountability.
Actionable ideas include having a documented policy, reviewing corporate governance, preparing for ASIC reviews, providing training, and seeking advice before responding to whistleblower complaints.

What is the law?

The corporate whistleblower laws are set out in Part 9.4AAA of the Corporations Act 2001 (Cth). The Taxation Administration Act 1953 (Cth) also contains protections for whistleblowers reporting misconduct related to tax.

When Did The Whistleblower Laws Commence?

From 1 July 2019.

who do whistleblower laws apply to?

There are two elements:

1
Under Pt 9.4AAA of the Corporations Act, entities described in section 1317AAB (referred to as ‘firms’ by ASIC commonly) must provide people who make disclosures with certain protections. Importantly, this extends to various not for profit entities even if they are not registered under the Corporations Act.
2
Some firms also need a whistleblower policy to meet requirements outlined in section 1317AI. This includes requiring public companies, large proprietary companies, and corporate trustees of APRA-regulated superannuation entities to have a whistleblower policy from 1 January 2020. Charities or not-for-profits structured as public companies limited by guarantee will need a whistleblower policy if their annual (consolidated) revenue is $1 million or more.

Who is the regulator?

Australian Securities & Investments Commission (ASIC).

What The Penalties?

Penalties vary depending on a contravention, but as a guide, the penalties for breaching the confidentiality of the identity of a whistleblower or victimising a whistleblower are:

for an individual - 5,000 penalty units ($1,375,000), or if a court can determine the benefit derived or detriment avoided, three times that amount; and
or a body corporate – the greater of 50,000 penalty units ($13,750,000), three times the benefit derived or detriment avoided, or 10% of the body corporate’s annual turnover (up to 2.5 million penalty units ($687,500,000)).

Can Directors And Officers Be Subject To Consequences?

Company directors, officers, and other senior people , and the firm’s auditor, may be subject to criminal offences and civil penalties such as for threatening to cause detriment to a whistleblower or breaching a whistleblower's confidentiality, including during an investigation into the whistleblower's concerns. There are also additional possible Corporations Act consequences (eg for breaches of section 180 for failing to exercise their powers and discharge their duties with care and diligence), and other laws that may be infringed depending on the precise circumstances.

Terracom Case: The First Case To Be Litigated By ASIC

On 28 February 2023 ASIC has commenced civil penalty proceedings in the Federal Court against TerraCom Limited, its managing director Daniel McCarthy, chief commercial officer Nathan Boom, former Chair Wallace King and former director and Deputy Chair Craig Ransley.

Amongst other things, ASIC is alleging that:

(whistleblower) TerraCom and several of these individual respondents engaged in detrimental conduct to a whistleblower by allowing false and misleading ASX announcements to be published regarding the whistleblower's allegations; and
(section 180) all individual respondents breached their duty to exercise reasonable care and skill in the discharge of their duties as directors and officers of TerraCom, by failing to take reasonable steps upon receipt of the independent investigator’s report into the issues raised by the whistleblower.

Actionable ideas

Whistleblower Policy: Compliance, Protection, and Governance

While not all firms are legally required to have a whistleblower policy, documenting a firm’s policy and arrangements can assist firms to manage whistleblowing in accordance with the Corporations Act. On the basis that all companies, and certain state and territory entities, are subject to the regime a policy can help your company comply with the obligation to preserve whistleblowers’ confidentiality and protect whistleblowers from detrimental conduct. These arrangements may form part of the governance arrangements for your company (including more recent tax governance requirements that the ATO is expecting for some of the smaller taxpayers).

ASIC Standards Compliance Check

See if your organisation is meeting the published standards of ASIC, such as in their letter to CEOs of public companies, large proprietary companies, and corporate trustees of registrable superannuation entities dated 13 October 2021. There is also Report 758 issued in March 2023 which sets out its findings after having reviewed 7 particular firms (Australia and New Zealand Banking Group Ltd, AustralianSuper Pty Ltd, BHP Group Ltd, Commonwealth Bank of Australia, Netwealth Group Ltd, Treasury Wine Estates Ltd and Woolworths Group Ltd).

Prepare for asic whistleblower reviews

Take steps to prepare for an ASIC review. The regulator has indicated that it will continue to review entities’ whistleblower policies and arrangements for handling whistleblower disclosures, and that it will consider enforcement where it identifies serious harm.

strengthen board accountability & oversight

ASIC’s proceedings against Terracom in March 2023 illustrates ASIC’s focus on board accountability and oversight (in this case in respect of the corporate whistleblower regime), so other provisions like section 180 of the Corporations Act come into play as well. Clients, and their boards, should review corporate governance processes and test them regularly for compliance under regimes like corporate whistleblower rules and more generally under provisions like section 180.

enhance training for key personnel

Consider if boards, officers, executives, inhouse legal, risk and compliance personnel have the requisite knowledge and skills and are receiving the correct training in this area. ASIC identifies training as a crucial control against breaches of whistleblower protections.

seek advice before responding

Firms, and their directors and officers should seek advice before making any comment or issuing any response about the whistleblower complaint or allegation. This includes advice on the availability of legal professional privilege on any matters relating to an investigation.

conclusion

Australia's corporate whistleblower laws serve as a crucial safeguard for individuals reporting misconduct in the corporate sector. ASIC's first prosecution attempt in the TerraCom case highlights the regulator's commitment to enforcing these laws and holding organizations and their leaders accountable.

To navigate this regulatory landscape, it is essential for firms to establish comprehensive policies, foster a culture of transparency and compliance, and continually evaluate their governance processes to protect whistleblowers effectively and ensure adherence to the law.

GET IN TOUCH WITH US!

If you require any assistance or have any questions, please fill out the enquiry form below and mention this article for an obligation-free appointment.

ENQUIRE NOW