Are You Compliant?

The level of compliance with local and overseas legislation, Australian Standards, Codes of Conduct and Business Best Practice will be determined by the commitment of senior management and the organisational desire to position itself as a leading proponent of effective good governance and risk management.

Detailed in the section are some of the questions any organisation should ask itself. Together with the Whistleblowing Program Checklist, you will be well on the way to establishing an effective program.

Independence and Compliance

The independence of service providers and compliance with legislation, recognised standards or corporate recommendations are now “mandatory” in protecting whistleblowers and establishing processes for the reporting of corrupt conduct or improper behaviour.

The compliance of entities with good business ethics, sound risk management and legislative requirements has been subject to intense scrutiny following the collapse of Enron, Worldcom, Qwest and others in the USA in 2002. Australia’s own ethical and financial scandals have included One-Tel, AWB, Westpoint, Storm Financial Services etc. The Global Financial Crisis has highlighted poor management and improper practices, particularly in the financial services sector which have led the collapse of merchant banker Lehman Brothers, the Madoff Ponzi scheme and the consolidation of many financial institutions.

In recent times, the business practices of Note Printing Australia (a subsidiary of the Reserve Bank of Australia) have been subject to investigation and enhanced scrutiny.

Does your whistleblower program do justice to the intent of your Code of Conduct?
While many organisations may believe their whistleblowing program is “best practice”, evaluating the program should not only ensure that legislative requirements are satisfied, but more importantly does it satisfy the intent of your Code of Conduct. The term “Honesty and Integrity” is merely just “words” if compliance is not a core value.

Are you required to satisfy the relevant requirements of the Australian Securities Exchange’s “Principles of Good Governance and Best Practice Recommendations”?
The Australian Securities Exchange (ASX) has promulgated revised changes to the Principles of Good Governance effective from 1 January 2008. Under the amended Principle 3: “Promote ethical and responsible decision making”, the ASX has recommended that all codes of conduct should include: …measures the company adopts to encourage the reporting of unlawful or unethical behaviour and to actively promote ethical behaviour…how the company protects those, such as whistleblowers who report violations in good faith, and its processes for dealing with such reports”.

Principle 3 also references AS8004 “Whistleblower protection programs for entities” (see above).

Principle 7: “Recognise and manage risk” has been the subject of much debate as to what detail of risk companies must report; however STOPline has the capacity to effectively compliment existing risk management processes.

The ASX Good Governance Principles have based some of their expectations on the Australian Standards 8000 series. Irrespective of whether you are subject to the ASX guidelines, the guidelines are also becoming a template for many private, public and not-for-profit organisations who are seeking to enhance their corporate governance program.

Do you have the capacity to comply with the requirements of Standards Australia’s AS 8004 – 2003 “Whistleblower Protection Programs for Entities”?

Do you have the capacity to comply with the external reporting requirements of Standards Australia’s AS 8001 – 2008 “Fraud and Corruption Control”?
AS 8001 and AS 8004 recommend best practice include the use of an external reporting line such as STOPline. AS 8001 (para 4.3) prescribes the alternative means for staff reporting “of unethical or illegal behaviour”;

  • Through normal reporting channel;
  • Outside the normal reporting channels but within the entity; and
  • Through reporting channels external to the entity.
Do you fall within the scope of the whistleblower provisions of Corporations Act 2001?
STOPline provides the ability to satisfy and exceed the latest Commonwealth legislative requirements for whistleblower protection incorporated in the Corporations Act.

Under Part 9.4AAA, “any officer or employee of the company or contractor supplying goods or services, or contractor’s employee can qualify for protection when making a disclosure.” The legislation allows disclosures to be made to ASIC, the company’s auditor or member of the audit team, a company director or senior manager or a person authorised by the company to receive such disclosures (e.g. STOPline). The use of STOPline can allow anonymity under the Corporations Act.

Are you required to satisfy whistleblower protection legislation effecting the State and Federal Governments (Public Sector)?
All Australian states have enacted whistleblower protection legislation to aid in the reporting of corrupt conduct in public bodies. The legislation varies widely, particularly in respect to who can make a disclosure, to whom a disclosure can be made and whether anonymity is available. However, many jurisdictions now apply the whistleblower protection provisions to contractors and their employees as well as public servants.

Note: see Resources for other Australian legislation with whistleblower provisions

Can you satisfy the related requirements of the USA Sarbanes – Oxley Act?
The implications of the Sarbanes-Oxley Act have been significant in the USA and around the world. Its influence is not only felt by US companies and subsidiaries but also those non US issuers within the USA. Sarbanes-Oxley is also influencing the direction of corporate governance legislation in the European Union and Asia.

STOPline provides a simple, cost effective solution for the establishment of procedures for:
“(A) the receipt, retention, and treatment of complaints received by the issuer of concerns regarding questionable accounting controls, or auditing matters; and
(B) the confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting and auditing matters.”

Is compliance with the requirements of J-SOX necessary?
The Japanese “Financial Instruments and Exchange Law (FIEL)”, commonly known as J-SOX, is imposing governance requirements on companies listed on the Japanese Securities Exchanges similar to that imposed by the US Sarbanes-Oxley Act.

With the requirement to apply J-SOX for fiscal years beginning on or after April 1, 2008, Japanese companies are specifically required managerially assessing internal controls and providing for the independent audit of the effectiveness of such controls. STOPline aids in satisfying these demands.

Are you required to satisfy the Public Interest Disclosure Act (UK)?
UK legislation requires whistleblower protection in the private and public sectors. The STOPline process has the capacity to satisfy the intent of the UK legislation.