Corporate attitudes towards speaking up and protecting those who do are important in indicating and driving a culture of “doing the right thing”. To instil this culture of acting lawfully, ethically and responsibly, the ASX recommends in its ASX Corporate Governance Principles to have and disclose a whistleblower policy and to inform the Board and relevant Board Committees of any material incidents reported under the policy. To aid the smooth functioning of the whistleblower mechanism, an open culture with adequate measures for whistleblower protection is fundamental. Maintaining appropriate evidence of the action taken following a whistleblowing disclosure will help build confidence in the program (for both regulators and employees). A strong whistleblowing culture supports psychological safety and encourages employees to speak up on any actual or potential systemic flaws or conduct concerns. Further, whistleblowers should be provided independence to raise disclosable matters with ASIC, APRA or any other regulatory or Government agency.

Whistleblower policies and training must support and encourage a prospective whistleblower, who is likely to have some level of concern about making the requisite disclosures. Importantly, a prospective whistleblower should not face any consequences or retribution for making a disclosure. Operational arrangements including documented procedures and guidelines to handle whistleblower disclosures serve as a foundation for whistleblowing programs.

Anonymity and confidentiality for the whistleblower is a key pillar of the framework with civil and criminal penalties for disclosing the identity or victimising a whistleblower. Another key challenge is that the investigating team must be independent of the whistleblower, to avoid potential or perceived conflicts of interest. A designated whistleblower with independent reporting to the Chief Executive and the Board/ Board Committee would go a  long way to create a culture of transparency, trust and accountability.

Data protection is also critical in setting up appropriate operations for whistleblowing systems, as most incidents will include sensitive personal data. Whistleblowing programs should be periodically reviewed to ascertain if the whistleblowing framework is fit for it purpose, having regard to the nature, size and complexity of the organisation. It would be prudent to implement whistleblower program effectiveness indicators (qualitative and quantitative) to assess the effectiveness of the program and evaluate if any adjustments are required to encourage whistleblowers.

Board and Board Committees (such as Audit and/or Risk Committee) need oversight of the whistleblowing framework and should consciously review the appropriateness, adequacy and effectiveness of the framework, as well an understanding of key disclosed incidents. Importantly, information on trends and root causes must also be considered at Board level. This is essential in enabling remediation of any flaws in the organisation’s working structures. An insightful and impactful reporting with due integration with other datapoints such as employee grievances, fraud, etc. will assist in remediation of the efficacy of the framework within the organisation without revealing the whisteblowers’ identities.

At Deloitte, we assist our clients with their whistleblowing obligations in a number of ways:

• Establishment and operationalisation of whistleblower frameworks
• Review and assessment of the operating effectiveness of whistleblower frameworks, policy and procedures to assess the compliance with the current regulatory and legislative requirements including the Corporation Act and the RG-270 on Whistleblower policies
• Offering support in managing whistleblowing incidents including forensic support, root cause analysis and resolution
• Provide analytics and trends on the incidents data and advise on the proposed actions for systemic remediation
• End-to-end  whistleblower service utilising the digital whistleblowing solution Deloitte Conduct Watch.
• Online training on whistleblowing