Share with your friends

ASIC issues guidance on whistleblower policies

ASIC issues guidance on whistleblower policies

The regulator is encouraging a robust and proactive approach to whistleblowing.

Lauren Witherdin

Director, Risk Consulting

KPMG Australia


Also on

Man using phone

The Australian Securities and Investments Commission (ASIC) has released Regulatory Guide 270 on whistleblower policies, which provides detailed information on ASIC’s views as to what constitutes an effective and compliant whistleblower policy. The detailed nature of the guidance, compared to the relatively brief requirements for policy content under the law, indicates that ASIC is encouraging a robust and proactive approach to whistleblowing, rather than a ‘tick the box’ exercise, and expects entities to ensure their policy is implemented appropriately and consistently carried out in practice.

Under the Corporations Act 2001 (Cth), the following entities are required to have a whistleblower policy and make it available to their employees and officers by January 1, 2020:

  • public companies;
  • large proprietary companies; and
  • proprietary companies that are trustees of registrable superannuation entities.

A failure to comply with this requirement is an offence of strict liability, and may subject a non-compliant organisation to a penalty of $12,600. The guidance confirms that ASIC will conduct periodic surveillance activities to ensure compliance with this obligation. It also notes that an entity’s board is ultimately responsible for the entity’s whistleblower policy, as part of the entity’s broader risk management and corporate governance framework.

Which companies are affected?

The guidance confirms that all corporations, regardless of size, are required to manage whistleblowing in accordance with the Corporations Act, and therefore even companies that are not legally required to have a whistleblower policy will need to consider implementing mechanisms to handle whistleblowing reports.

The importance of conducting upfront and ongoing training for the entity’s managers and employees is also highlighted. Directors, officers and senior managers are ‘eligible recipients’ for whistleblowing disclosures under the law, and the guidance recommends that these individuals receive specialist training relating to their obligations under the law, for which they will have personal liability.

A template policy has not been provided as part of the guidance. The guidance acknowledges that the whistleblower policy should be aligned to the “nature, size, scale and complexity” of the entity’s business, and therefore there is no “one size fits all” approach to whistleblowing.

For more articles such as this, please log on to KPMG Tax Now.

Register for KPMG Tax Now if you're yet to do so.

©2021 KPMG, an Australian partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved. The KPMG name and logo are trademarks used under license by the independent member firms of the KPMG global organisation.

Liability limited by a scheme approved under Professional Standards Legislation.

For more detail about the structure of the KPMG global organisation please visit

Connect with us


Want to do business with KPMG?


loading image Request for proposal

Save, Curate and Share

Save what resonates, curate a library of information, and share content with your network of contacts.

Sign up today