More than 3 years after the overhaul of Australia’s corporate whistleblower laws, ASIC has, for the first time, brought proceedings against a company and individuals alleging civil contraventions of the anti-victimisation provisions. If the case proceeds to trial, it will likely be a test of the scope of these protections. At the same time, ASIC has released timely guidance about better practices for handling whistleblower disclosures, following its review of selected whistleblower programs.
ASIC is now clearly scrutinising compliance with the enhanced corporate whistleblower protections.
Whistleblower policies, procedures and programs should be reviewed in light of ASIC’s recent ‘better practice’ guidance.
The TerraCom whistleblower proceeding also demonstrates that particular attention should be paid to risks of alleged harm to whistleblowers. ASIC’s ‘better practice’ guidance encourages active steps to protect and support whistleblowers, and the development of frameworks to reduce the risk of harm for whistleblowers reporting misconduct.
The corporate whistleblower protections
In July 2019, Australia’s corporate whistleblower laws were strengthened. These reforms followed sustained criticism of the existing laws for being confusing, narrow in their scope and out of step with international standards.
The changes involved a comprehensive overhaul of the existing protections in Part 9.4AAA of the Corporations Act, and included the introduction of enhanced anti-victimisation provisions. These provisions prohibit a person from causing, or threatening to cause, detriment to a person because they believe or suspect that person has made, may have made, proposes to make or could make a protected whistleblower disclosure.
The concept of ‘detriment’ is defined broadly. It includes dismissal or demotion of an employee, harassment or intimidation of a person, any harm or injury to a person (including psychological harm), reputational damage and ‘any other damage to a person’.
Where a company contravenes the anti-victimisation provisions, officers or employees of the company who were involved in the company’s contravention are liable for the company’s contravention.
Contravening the anti-victimisation provisions is a criminal offence punishable by fines and imprisonment. ASIC can also seek civil penalties, and there are a suite of monetary and other remedies available to the victim.
The TerraCom whistleblower proceeding
The whistleblower allegations
TerraCom Limited is an ASX-listed resource company. It operates the Blair Athol coal mine in Queensland.
In mid-2019, a TerraCom employee alleged that TerraCom and certain of its officers and employees had falsified certificates of analysis of coal exported by TerraCom. Following the allegations, TerraCom terminated the whistleblower’s employment. It also engaged lawyers to provide legal advice about the allegations. On behalf of TerraCom, the lawyers instructed a forensic accounting firm to investigate the allegations and prepare a report. That report was provided in late-2019.
In February 2020, in response to media about the allegations, TerraCom made an announcement to the ASX that named the whistleblower and described his allegations as false. The announcement also said that TerraCom had taken the allegations ‘extremely seriously’ and that they had been ‘independently investigated’.
The following month, TerraCom published an open letter to shareholders in national newspapers, which similarly named the whistleblower and denied the allegations. The letter said that ‘an independent forensic investigation was conducted and found no evidence of wrongdoing’. The substance of the open letter was repeated in a further ASX announcement in April 2020.
In March 2021, ASIC executed a search warrant on TerraCom’s offices and seized a copy of the forensic accounting firm’s report. TerraCom also produced a copy of the report to ASIC in response to a notice to produce.
The report has been the subject of previous litigation between TerraCom and ASIC, with ASIC arguing that TerraCom waived legal professional privilege in the report by referring to it in the ASX announcements. In June 2022, the Federal Court held that TerraCom had partly waived privilege. In September 2022, following an appeal by TerraCom, the Full Court of the Federal Court ordered TerraCom to provide ASIC with a redacted version of the report.
The whistleblower proceeding
On 1 March 2023, ASIC announced that it had commenced Federal Court proceedings against TerraCom, and certain of its officers and former directors. Among other things, ASIC is seeking declarations that the defendants contravened the anti-victimisation provisions in Part 9.4AAA of the Corporations Act.
In the proceeding, ASIC alleges that TerraCom’s ASX announcements in March and April 2020 were false or misleading. It further alleges that, by allowing those announcements to be made, TerraCom and its current Managing Director and Chief Commercial Officer, as well as its former Chair and a former director, caused detriment to the whistleblower. According to ASIC’s media release, the alleged detriment includes damage to the whistleblower’s reputation, earning capacity and psychological and emotional state.
ASIC is seeking declarations of contraventions of the anti-victimisation provisions, as well as pecuniary penalties and disqualification orders against the individuals.
The significance of the whistleblower proceeding
The TerraCom whistleblower proceeding is the first time that ASIC has sought to enforce the anti-victimisation provisions. If the case proceeds to trial, it will likely be a test of the scope and application of these provisions.
The case will test the breadth of the concept of ‘detriment’. It does not appear that ASIC will argue that the relevant detriment was the dismissal of the whistleblower (which has already been the subject of separate proceedings brought by the whistleblower). Rather, it will argue that the detriment was reputational, financial and psychological harm suffered by the whistleblower after he was named in the ASX announcements. As noted above, the concept of ‘detriment’ is defined broadly; however, proving more general harm may be more difficult than proving direct harm such as termination of employment or demotion. Any decision will likely provide useful guidance about what does, and does not, constitute ‘detriment’ in the context of the anti-victimisation provisions.
The truth (or otherwise) of the whistleblower’s allegations will likely be a significant issue at the trial. TerraCom has previously said publicly that the whistleblower’s allegations were ‘ludicrous’ and untrue. While the anti-victimisation provisions can apply to a whistleblower who makes allegations that turn out to be false, the whistleblower is required to have reasonable grounds for suspecting that the allegations were true. Reasonable grounds for a suspicion usually requires some objective foundation; mere speculation will be insufficient. A whistleblower who makes allegations without reasonable grounds is not entitled to the protections under Part 9.4AAA.
The defendants may, therefore, seek to prove the falsity of the whistleblower’s allegations and, in turn, that the whistleblower did not have reasonable grounds for suspecting misconduct. This would involve a consideration of the substance of the allegations and what the whistleblower knew and believed.
Assuming the defendants prove that the allegations were untrue, they may also argue that, in the face of media speculation, TerraCom had a duty to publicly repudiate them. Responding to publicity about whistleblower allegations is a vexed issue, particularly for listed companies with continuous disclosure obligations. This case may provide useful consideration and guidance on what a company should do in these circumstances.
Finally, the court may also need to consider the requirement for a causal connection between the detriment suffered and the contravenor’s knowledge or belief that the victim was, or could be, a whistleblower. A company is not prevented from taking legitimate disciplinary or other action detrimental to a whistleblower. The anti-victimisation provisions prohibit a person from causing detriment to a person because the person is, or may be, a whistleblower. For obvious reasons, performance management of whistleblowers can be a minefield to navigate. Unless appropriately handled, the mere fact that a person is a whistleblower may lead to inferences being drawn about the reasons for the company’s actions.
ASIC’s guidance on handling whistleblower disclosures
The day after the announcement of the TerraCom whistleblower proceeding, ASIC also published its report entitled ‘Good practices for handling whistleblower disclosures’. The report summaries the findings of ASIC’s targeted review of the whistleblower programs of seven entities. The targeted review was part of ASIC’s ongoing review into the implementation of the enhanced whistleblower laws (including the requirement that certain entities have and make available a compliant whistleblower policy).
In the report, ASIC identifies the following seven good practices for handling whistleblower disclosures:
- establishing a strong foundation for the whistleblower program (for example, through procedures and systems to embed the program’s requirements)
- fostering a culture and practices to support whistleblowers
- informing and training those involved in receiving or handling disclosures about protecting whistleblowers and treating material confidentially
- monitoring, reviewing and improving the program (including seeking feedback from whistleblowers)
- using information from disclosures to address underlying harms and improve company performance
- embedding senior executive accountability for the program, and
- creating frameworks to entrench effective director oversight.
The report builds on ASIC’s existing guidance, including Regulatory Guide 270 regarding the whistleblower policy requirement. Consistent with that guidance, the report confirms ASIC’s expectation that whistleblower policies should be detailed and specific, and backed by clear procedures for handling and investigating disclosures and protecting whistleblowers. ASIC also expects that entities’ whistleblower programs will be living frameworks that improve over time in response to experience and feedback.
After a period of relative quiet, ASIC is now clearly shining the spotlight on the enhanced corporate whistleblower protections.
Entities subject to the whistleblower policy requirement in Part 9.4AAA of the Corporations Act should review their existing program, policies and procedures in light of ASIC’s recent guidance. ASIC has said that it will continue to review entities’ whistleblower arrangements.
The TerraCom whistleblower proceeding also demonstrates that ASIC will take enforcement action against companies and individuals where it considers that there have been contraventions of the whistleblower laws. We will continue to monitor this interesting case as it proceeds through the court.