1. Commitment to the Policy
The Board of Laguna Bay Group Pty Ltd (and all its subsidiaries including LBPC Services Pty Ltd ABN 56 268 904 916, AFS licence 461135, and its authorised representatives) (the Company), the Board of Laguna Bay Agricultural No 1 Pty Ltd (and all its subsidiaries) (altogether the Group, we, us or our) is committed to conducting business in accordance with the law and good business practice. To fulfil this commitment, the Group wants to create an environment which encourages those who are aware of possible wrongdoing to have the confidence to speak up. In doing this, we recognise whistleblowing is an important tool which helps identify wrongdoing that may not be uncovered unless there is a safe and secure means for disclosing it.
This Whistleblower Policy and Procedure (Policy) presents the framework upon which the Group will meet its whistleblower protection obligations.
Where there is any doubt as to the requirements contained in this Policy, the Board of the Company will always operate on the principle that the Company is committed to conducting its financial services business in an efficient, honest and fair manner in line with the regulatory objective of ensuring the confident and informed participation of consumers and investors in the Australian financial system.
2. Policy Application
This Policy applies to the following individuals who are ‘eligible whistleblowers’:
- a current or former officer or employee of the Group;
- a current or former supplier of services or goods to the Company (whether paid or unpaid), including their employees;
- an individual who is an associate of the Group; and
- a relative, dependent or spouse of an individual of any of the above persons.
3. Who Receives Protection?
An individual who discloses information (Discloser) qualifies for protection as a whistleblower under the Corporations Act 2001 (Cth) (Act) if they are:
- an eligible whistleblower of the Group (see clause 3); and
- any one of the following apply:
- they have made disclosure about a ‘disclosable matter’ (see clause 6) directly to an ‘eligible recipient’ (see clause 7) or to ASIC, APRA or another prescribed Commonwealth body;
- they have made the disclosure to a legal practitioner for the purposes of obtaining legal advice or representation about the whistleblower protections; or
- they have made an ‘emergency disclosure’ or ‘public interest disclosure’.
A Discloser can still qualify for protection even if their disclosure turns out to be incorrect.
4. Matters this Policy applies to
A ‘disclosable matter’ involves information that the Discloser has reasonable grounds to suspect concerns misconduct, or an improper state of affairs or circumstances, in relation to:
- an entity (including its employees and officers); or
- if the entity is a body corporate, a related body corporate of the entity.
This means the Discloser must objectively suspect misconduct. While they do not need to prove their suspicion, a mere allegation without supporting information would not likely be sufficient.
‘Misconduct’ includes fraud, negligence, default, breach of trust and breach of duty.
‘An improper state of affairs or circumstances’ is given a broad meaning and could include significant breaches which should have been notified to ASIC, poor business behaviour or practices which may cause consumer harm.
Examples of the types of wrongdoing covered by this Policy include:
- illegal conduct, such as theft, dealing in, or use of illicit drugs, violence or threatened violence, and criminal damage against property;
- fraud, money laundering or misappropriation of funds;
- offering or accepting a bribe;
- financial irregularities;
- failure to comply with, or breach of, legal or regulatory requirements;
- engaging in or threatening to engage in detrimental conduct against a Discloser or a person who is believed or suspected to have made, or be planning to make, a disclosure; and
- any matter that indicates a significant risk to public safety or the stability of, or confidence in, the financial system, even if it does not involve a breach of a particular law.
Disclosures that are not about a ‘disclosable matter’ do not qualify for protection under the Act (or the Taxation Administration Act 1953 (Cth), where relevant). Examples of the types of matters that are not covered under this Policy include the following:
- breaches of the Group’s code of conduct; and
- disclosures that relate solely to personal work-related grievances which have, or tend to have, implications for the Discloser personally and do not:
- have any other significant implications for the Group (or another entity); or
- relate to any conduct, or alleged conduct, about a disclosable matter.
Examples of personal work-related grievances include:
- an interpersonal conflict between the Discloser and another employee;
- a decision that does not involve a breach of workplace laws;
- a decision about the engagement, transfer or promotion of the Discloser;
- a decision about the terms and conditions of engagement of the Discloser; or
- a decision to suspend or terminate the engagement of the Discloser, or otherwise to discipline the Discloser.
However, some disclosures may be protected under other legislation, such as the Fair Work Act 2009 (Cth) and a personal work-related grievance may still qualify for protection if:
- it includes information about misconduct, or information about misconduct includes or is accompanied by a personal work-related grievance (i.e. a mixed report);
- an entity in the Group has breached employment or other laws punishable by imprisonment for a period of 12 months or more, engaged in conduct that represents a danger to the public, or the disclosure relates to information that suggests misconduct beyond the Discloser’s personal circumstances;
- the Discloser suffers from or is threatened with detriment for making a disclosure; or
- the Discloser seeks legal advice or legal representation about the operation of the whistleblower protections under the Act.
5. Who can Receive a Disclosure?
In order to qualify for protection as a whistleblower, Disclosers must make a disclosure to an ‘eligible recipient’. Eligible recipients include the following types of people:
- officers (i.e. director or company secretary) or the Managing Director – Funds Management of the Company or of a Group entity;
- the internal or external auditor (including a member of an audit team conducting an audit) of the Company or of a Group entity;
- a person authorised by the Company to receive disclosures that may qualify for protection, including:
- the Company’s Head of Legal & Compliance;
- the Company’s Managing Director – Funds Management; and
- the Chair of the Company’s Board & Audit and Compliance Committee;
- regulatory bodies, including:
- ASIC (www.asic.gov.au);
- APRA (www.apra.gov.au); and
- another Commonwealth body prescribed by regulation (currently none); and
- a member of Parliament or a journalist, but only where the disclosure is either:
- a ‘public interest disclosure’ (see below); or
- an ‘emergency disclosure’ (see below).
5.1 Public Interest Disclosure
A ‘public interest disclosure’ is the disclosure of information to a parliamentarian or journalist, where:
- at least 90 days have passed since the Discloser made the disclosure to ASIC, APRA or another Commonwealth body prescribed by regulation;
- the Discloser does not have reasonable grounds to believe that action is being, or has been taken, in relation to their disclosure;
- the Discloser has reasonable grounds to believe that making a further disclosure of the information is in the public interest; and
- before making the public interest disclosure, the Discloser has given written notice to the body to which the previous disclosure was made (e.g. ASIC or APRA) that:
- includes sufficient information to identify the previous disclosure; and
- states that the Discloser intends to make a public interest disclosure.
5.2 Emergency Disclosure
An ‘emergency disclosure’ is the disclosure of information to a parliamentarian or journalist, where:
- the Discloser has previously made a disclosure of the information to ASIC, APRA or another Commonwealth body prescribed by regulation;
- the Discloser has reasonable grounds to believe that the information concerns a substantial and imminent danger to the health or safety of one or more persons or to the natural environment;
- before making the emergency disclosure, the Discloser has given written notice to the body (e.g. ASIC or APRA) that:
- includes sufficient information to identify the previous disclosure; and
- states that the discloser intends to make an emergency disclosure; and
- the extent of the information disclosed in the emergency disclosure is no greater than is necessary to inform the parliamentarian or journalist of the substantial and imminent danger.
Note: It is important for a Discloser to understand and meet the above criteria for making a public interest or emergency disclosure. A Discloser should seek independent legal advice before making a public interest or emergency disclosure.
6. How to Make a Disclosure
Disclosures can be made during and outside business hours to eligible recipients listed in clause 5. In the first instance, Disclosers are encouraged to make a disclosure to one of the following people:
- The Group’s Head of Legal & Compliance, Leyya Taylor / Tracey Davern by email – [email protected] or [email protected] or by phone – 07 3062 2514; or
- the Chair of the Company’s Board & ACC, Merv Peacock by email – [email protected] or by phone – 07 3062 2514.
This allows the Group to identify and address the wrongdoing as early as possible and promotes confidence and trust in the operation of this Policy. However, Disclosers can make a disclosure directly to external eligible recipients (e.g. ASIC or ATO) without making a disclosure to a Group entity.
Disclosers can choose to remain anonymous while making a disclosure, over the course of the investigation and after the investigation is finalised.
7. Legal Protections for Disclosers
The following protections are available to Disclosers who qualify for protection as a whistleblower:
- identity protection (confidentiality);
- protection from detrimental acts or omissions;
- compensation and other remedies; and
- civil, criminal and administrative liability protection.
The protections apply not only to internal disclosures, but to disclosures to legal practitioners, regulatory and other external bodies, and public interest and emergency disclosures that are made in accordance with the Act.
7.1 Identity Protection
The Group is obliged to protect the confidentiality of a Discloser’s identity. It is illegal to disclose the Discloser’s identity, or information that is likely to lead to their identification, unless the disclosure is made:
- to ASIC, APRA, or a member of the Australian Federal Police;
- to a legal practitioner (for the purposes of obtaining legal advice or legal representation about the whistleblower provisions in the Act);
- to a person or body prescribed by regulations (currently there are none); or
- with the consent of the Discloser.
Information contained in a disclosure can be made with or without the Discloser’s consent if:
- the information does not include the Discloser’s identity;
- all reasonable steps have been taken to reduce the risk that the Discloser will be identified from the information; and
- it is reasonably necessary for investigating the issues raised in the disclosure.
Disclosers can lodge a complaint with the Company’s Head of Legal and Compliance or the regulator (e.g. ASIC or ATO) if a Discloser believes their identity has been unlawfully disclosed.
7.2 Protection from Detrimental Acts or Omissions
A person cannot engage in conduct that causes detriment to a Discloser (or another person), in relation to a disclosure, if:
- the person believes or suspects that the Discloser (or another person) made, may have made, proposes to make or could make a disclosure that qualifies for protection; and
- the belief or suspicion is the reason, or part of the reason, for the conduct.
In addition, a person cannot make a threat to cause detriment to a Discloser (or another person) in relation to a disclosure. A threat may be express or implied, or conditional or unconditional. A Discloser (or another person) who has been threatened in relation to a disclosure does not have to actually fear that the threat will be carried out.
Examples of detrimental conduct include:
- dismissal from employment;
- disadvantageous change of position or duties;
- discrimination between employees;
- harassment or intimidation;
- harm or injury to a person, including psychological harm;
- damage to property;
- reputational damage;
- damage to a person’s business or financial position; or
- any other damage to a person.
Examples of conduct which would not be detrimental include:
- reasonable administrative action to protect a Discloser from detriment (e.g. moving a Discloser who has made a disclosure about their immediate work area to another office to prevent them from detriment); and
- managing a Discloser’s unsatisfactory work performance, if the action is in line with the Group’s performance management framework.
7.3 Compensation and Other Remedies
A Discloser (or any other employee or person) can seek compensation and other remedies through the courts if:
- they suffer loss, damage or injury because of a disclosure; and
- the Company failed to take reasonable precautions and exercise due diligence to prevent the detrimental conduct.
Disclosers are encouraged to seek independent legal advice if they have, or believe they have, suffered detriment.
7.4 Civil, Criminal and Administrative Liability Protection
A Discloser is protected from any of the following in relation to their disclosure:
- civil liability (e.g. any legal action against the Discloser for breach of an employment contract, duty of confidentiality or another contractual obligation);
- criminal liability (e.g. attempted prosecution of the Discloser for unlawfully releasing information, or other use of the disclosure against the discloser in a prosecution, other than for making a false disclosure); and
- administrative liability (e.g. disciplinary action for making the disclosure).
However, the protections do not grant immunity for any misconduct a Discloser has engaged in that is revealed in their disclosure.
8. Support and Practical Protection for Disclosers
The Group is committed to supporting Disclosers and protecting them from detriment. To achieve this, it has implemented measures to:
- protect the confidentiality of a Discloser’s identity; and
- protect Disclosers from detrimental acts or omissions.
8.1 Measures for Protecting the Confidentiality of a Discloser’s Identity
In relation to a disclosure, the Company will endeavour to:
- reduce the risk that the Discloser will be identified from the information contained in a disclosure by:
- redacting all personal information or reference to the Discloser witnessing an event;
- referring to Disclosers in a gender-neutral context;
- where possible, contacting the Discloser to help identify certain aspects of their disclosure that could inadvertently identify them; and
- having only qualified staff handle and investigate disclosures; and
- secure records and information by:
- securely storing all paper and electronic documents and other materials relating to disclosures;
- limiting access to all information relating to a disclosure to those directly involved in managing and investigating the disclosure;
- subject to the Discloser’s consent, making their identity or information that is likely to lead to their identification known to only a restricted number of people who are directly involved in handling and investigating the disclosure;
- ensuring communications and documents relating to the investigation of a disclosure are not sent to an email address or printer that can be accessed by other staff; and
- reminding each person who is involved in handling and investigating a disclosure about the confidentiality requirements, including that an unauthorised disclosure of a Discloser’s identity may be a criminal offence.
In practice, people may be able to guess the Discloser’s identity if:
- the Discloser has previously mentioned to other people that they are considering making a disclosure;
- the Discloser is one of a very small number of people with access to the information; or
- the disclosure relates to information that a Discloser has previously been told privately and in confidence.
The Company’s Head of Legal & Compliance and/or the Chair of the Company’s Board & ACC are responsible for ensuring the identity of Disclosers is protected.
8.2 Measures for Ensuring Protection from Detrimental Acts or Omissions
In relation to measures for protecting disclosers from detrimental acts or omissions, the Group will endeavour to:
- assess the risk of detriment against a Discloser and other persons (e.g. other staff who might be suspected to have made a disclosure), as soon as possible after receiving a disclosure;
- advise the Discloser of any support services (including counselling or other professional or legal services) that are available to them;
- assist the Discloser with implementing strategies to help them minimise and manage stress, time or performance impacts, or other challenges resulting from the disclosure or its investigation;
- implement appropriate actions to protect a Discloser from risk of detriment, such as allowing the Discloser to perform their duties from another location, reassigning the Discloser to another role at the same level, making modifications to the Discloser’s workplace or the way they perform their work duties, or reassigning or relocating other staff involved in the disclosable matter;
- ensure management are aware of their responsibilities to maintain the confidentiality of a disclosure, address the risks of isolation or harassment, manage conflicts, and ensure fairness when managing the performance of, or taking other management action relating to, a Discloser;
- ensure the Discloser is aware of how to lodge a complaint if they have suffered detriment, and the actions the Group may take in response to such complaints (e.g. the complaint could be investigated as a separate matter by an officer who is not involved in dealing with disclosures and the investigation findings will be provided to the Board of the Company); and
- intervene if detriment has already occurred, by taking actions such as investigating and addressing the detrimental conduct through disciplinary action, providing the Discloser with extended leave, developing a career development plan for the Discloser that includes new training and career opportunities, or offer compensation or other remedies.
A Discloser may seek independent legal advice or contact regulatory bodies, such as ASIC, APRA or the ATO, if they believe they have suffered detriment.
The Company’s Head of Legal & Compliance and/or the Chair of the Company’s Board & ACC are responsible for maintaining details of the risk assessment which should be conducted in a manner consistent with the Company’s Risk Management Policy and include the following steps:
- risk identification – assessing whether anyone may have a motive to cause detriment, including gathering information from a Discloser about:
- the risk of their identity becoming known;
- who they fear might cause detriment to them;
- whether there are any existing conflicts or problems in the workplace; and
- whether there have already been threats to cause detriment;
- risk analysis and evaluation – analysing and evaluating the likelihood of each risk and evaluating the severity of the consequences;
- risk control – developing and implementing strategies to prevent or contain the risks, and for anonymous disclosures, assessing whether the Discloser’s identity can be readily identified or apparent during an investigation; and
- risk monitoring – monitoring and reassessing the risk of detriment where required, acknowledging that the risk of detriment may increase or change as an investigation progresses, and even after an investigation is finalised.
9. Handling and Investigating a Disclosure
The Group will take prompt action in relation to any disclosure it receives. While processes may vary depending on the nature of the disclosure, the Group will endeavour to assess and fully investigate disclosures that qualify for protection within 30 days of receipt.
If the disclosure does not qualify for protection, the Head of Legal & Compliance and/or the Chair of the Company’s Board & ACC will inform the Discloser and provide reasons.
If the disclosure qualifies for protection and it requires investigation, the Head of Legal & Compliance and/or the Chair of the Company’s Board & ACC will:
- acknowledge receipt of the disclosure with the Discloser;
- determine the nature and scope of the investigation;
- determine who should lead the investigation, from within or outside the Group;
- determine the nature of any technical, financial or legal advice that may be required to support the investigation;
- determine the timeframe for the investigation (noting a 30-day target will be set);
- ensure the investigation is objective, fair and independent;
- ensure the investigation is independent of the Discloser, the individuals who are the subject of the disclosure, and the business unit involved;
- when appropriate, inform the individual who is the subject of a disclosure about the investigation, and in any event prior to making any adverse finding against them;
- if required, undertake investigations jointly with an external investigation firm (e.g. when additional specialist skills or expertise are necessary);
- provide the Discloser with regular updates, assuming the Discloser can be contacted (and ensuring anonymity is not compromised), during key stages, such as:
- when the investigation process has begun;
- while the investigation is in progress; and
- after the investigation has been finalised;
- ensure appropriate records are maintained; and
- report the findings of the investigation to the Company’s Board and, if appropriate, to the Discloser.
The Group may not be able to undertake an investigation if it is not able to contact the Discloser (e.g. if a disclosure is made anonymously and the Discloser has refused to provide, or has not provided, a means of contacting them).
10. Review of findings
If a Discloser is not satisfied with the outcome of the investigation, they can notify the Company’s Managing Director – Funds Management and request a review. The Group is not obliged to reopen an investigation if it finds that the investigation was conducted properly, or new information is either not available or would not change the findings of the investigation. If a review is undertaken, it will be conducted by an officer who was not involved in handling and investigating the disclosure. The review findings will be provided to the Company’s Board.
Regardless, the Discloser may lodge a complaint with a regulator (e.g. ASIC or the ATO), if they are not satisfied with the outcome of the entity’s investigation or review process.
11. Access to this Policy
This abridged version of the Policy has been provided on the Group’s website to ensure disclosers outside the Group can access this Policy. To ensure all officers and employees are aware of the contents of this Policy, it will be made available electronically on the Group’s intranet or in a common directory accessible by all relevant staff.
12. Review of the Policy
The Policy will be reviewed at least every two years to ensure it remains current and continues to reflect the Group’s values, objectives and strategy.
13. Further Information
Disclosers can obtain further information about this Policy and how it is implemented from the Policy Owner, being the Head of Legal and Compliance.
Alternatively, Disclosers can seek independent legal advice. Disclosures to a legal practitioner for the purposes of obtaining legal advice or legal representation in relation to the operation of the whistleblower provisions in the Act are protected (even in the event that the legal practitioner concludes that a disclosure does not relate to a ‘disclosable matter’).