1 Introduction
1.1 Hair & Beauty Group Pty Ltd and its Related Entities are committed to the highest standards of conduct and ethical behaviour, integrity and good corporate governance.
1.2 This Policy is available on SharePoint and Shared Externally ↗.
2 Scope and purpose
2.1 This Policy summarises the protections offered by the Group to Whistleblowers, including key provisions under Part 9.4AAA of the Corporations Act 2001 (Cth) (Corporations Act). It also sets out the Group’s internal processes for making and handling reports of Reportable Conduct.
2.2 The aims of the Policy are to:
- ensure the Group maintains the highest standards of ethical behaviour and integrity;
- define who can make a protected disclosure (Whistleblowers);
- define matters about which a protected disclosure can be made (Reportable Conduct);
- identify who can receive a protected disclosure;
- encourage the reporting of matters that may cause harm to individuals, or financial or non-financial loss to the Group, or damage to the Group’s reputation;
- establish a process for the Group to deal with reports from Whistleblowers;
- ensure the Group protects the identity (including the disclosure of information that could lead to the identity) of a Whistleblower;
- provide for the secure storage of the information provided by Whistleblowers under the Group’s processes; and
- protect Whistleblowers against detrimental conduct.
2.3 This Policy applies to all officers and employees of the Group, as well as to all suppliers, employees of suppliers, or associates of the Group to the extent that it summarises rights and obligations that also apply to them under the Corporations Act. Any breach of this Policy may result in disciplinary action, up to and including termination of employment / appointment / engagement.
2.4 This Policy does not form part of any employee's contract of employment. The Group may vary, replace or terminate this policy from time to time.
2.5 Note that separate whistleblowing protections may apply under the Taxation Administration Act 1953 (Cth) (TAA) in relation to disclosures concerning Reportable Conduct in relation to the tax affairs of the Group. These are not covered in this Policy. Please refer to the relevant legislation for more detail.
3 Definitions
3.1 Detriment includes dismissal, demotion, harassment, discrimination, disciplinary action, bias, threats or other unfavourable treatment. It does not include administrative action that is reasonable for the purpose of protecting a Whistleblower from Detriment, or managing a Whistleblower’s unsatisfactory work performance in line with the Group’s performance management framework.
3.2 The Group means Hair & Beauty Group Pty Ltd and those of its Related Entities which are bodies corporate. A reference to the Group is a reference to all and any members of the Group.
3.3 A Whistleblower is a person who:
- makes, may have made, proposes to make or could make a report of Reportable Conduct; and
- is or has been an officer, employee, supplier, employee of a supplier, or associate of the Group member that the report is about, or another member of the Group, is, or has been, a relative, dependant or spouse of such a person; or
- such other person as prescribed by the Corporations Regulations 2001 (Cth) (Corporations Regulations) from time to time.
3.4 Reportable Conduct is misconduct or an improper state of affairs or circumstances in relation to the Group. Reportable Conduct may include conduct that may not involve a contravention of a particular law.
3.5 Without limitation, Reportable Conduct includes:
- conduct that is in breach of any law, including the Corporations Act or the Corporations Regulations;
- conduct that constitutes an offence against a law of the Commonwealth that is punishable by imprisonment for a period of 12 months or more;
- conduct that represents a danger to the public or the financial system, or a significant risk to public safety or the stability of or confidence in the financial system;
- conduct which is dishonest, fraudulent or corrupt, including financial fraud or bribery;
- illegal activity including but not limited to theft, drug sale or use, violence, harassment or intimidation, criminal damage to property or other breaches of state or federal law;
- official misconduct or maladministration;
- unethical conduct or conduct in breach of the Group’s policies, including but not limited to dishonestly altering company records or data, adopting questionable accounting practices or wilfully breaching any applicable Code of Conduct or other policies or procedures;
- conduct that could be damaging to the Group, a Group employee or a third party, including but not limited to unsafe work practices, environmental damage, health risks or abuse of Group property or resources;
- conduct which amounts to an abuse of authority;
- conduct which may cause financial loss to the Group, damage its reputation or be otherwise detrimental to the Group’s interests;
- conduct which involves harassment, discrimination, bullying or victimisation;
- conduct which involves any other kind of serious impropriety, including but not limited to serious and substantial waste of public resources, practices endangering the health or safety of employees, stakeholders or the general public, or practices endangering the environment; or
- any other conduct that is prescribed under the Corporations Regulations.
3.6 Reportable Conduct does not include Personal Work-related Grievances, unless the grievance concerns conduct that is or is alleged to be victimisation (see paragraphs 6.7 and 6.8 of this Policy). Generally, reports relating to Personal Work-related Grievances will not qualify for protection under the Corporations Act.
3.7 Personal Work-related Grievances are grievances that:
- are about any matter in relation to the discloser’s employment, or former employment, which have or tend to have personal implications for the discloser;
- do not have significant implications for the company to which they relate; and
- are not about conduct, or alleged conduct, that:
- constitute an offence against, or a contravention of, a provision of the Corporations Act, the Australian Securities and Investments Commission Act 2001 (Cth) and the regulations made under it, the Banking Act 1959 (Cth), the Financial Sector (Collection of Data) Act 2001 (Cth), the Insurance Act 1973 (Cth); the Life Insurance Act 1995 (Cth), the National Consumer Credit Protection Act 2009 (Cth), the Superannuation Industry (Supervision) Act 1993 (Cth), or an instrument made under any of those Acts;
- constitute an offence against any other law of the Commonwealth that is punishable by imprisonment for a period of 12 months or more;
- represent a danger to the public or the financial system; or
- are prescribed by the Corporations Regulations.
3.8 Personal Work-related Grievances may include but are not limited to interpersonal conflicts between the discloser and another employee, or a decision relating to the engagement, transfer or promotion of the discloser.
3.9 An Eligible Recipient is:
- an officer or senior manager of the Group;
- an auditor, or a member of an audit team conducting an audit, of the Group;
- an actuary of the Group;
- a Whistleblower Protection Officer;
- any other person prescribed by the Corporations Regulations.
3.10 (See also s 14ZZT(2) of the TAA.)
3.11 A Whistleblower Protection Officer (WPO) is an officer or employee of the Group who is authorised and trained, by the Group member to which the report of Reportable Conduct relates, to receive disclosures that may be protected.
3.12 Related Entity means a related entity from time to time as defined by the Corporations Act.
4 What obligation do I have to report Reportable Conduct?
4.1 A Group officer or employee who becomes aware of any information that gives them reasonable grounds to suspect indicates that the Group, or an officer or employee of the Group, has engaged in Reportable Conduct, must report that information.
4.2 Note that reports that are not about Reportable Conduct will not be protected under the Corporations Act, but may be protected under other laws.
- How do I report information about Reportable Conduct?
5.1 If a Whistleblower become aware of any information that they have reasonable grounds to suspect concerns Reportable Conduct in relation to the Group or any Group officer or employee, they must make the report to:
- an Eligible Recipient;
- the Australian Securities and Investments Commission (ASIC); or
- the Australian Prudential Regulation Authority (APRA).
5.2 A Whistleblower who makes such a report will qualify for protection under the Corporations Act.
5.3 A Whistleblower can still qualify for protection even if their disclosure turns out to be incorrect.
5.4 (See also s 14ZZT(1) of the TAA.)
5.5 Although not a requirement in order for the protections to apply, where possible, a report of Reportable Conduct should be in writing and should contain, as appropriate, details of:
- the nature of the alleged Reportable Conduct;
- the person or persons responsible for the Reportable Conduct;
- the facts on which the Whistleblower’s belief that Reportable Conduct has occurred are based; and
- the nature and whereabouts of any further evidence that would substantiate the Whistleblower’s allegations, if known.
5.6 Reports may be made by here.
5.7 A Whistleblower is not required to disclose their identity when making a report, although failure to do so may affect the extent to which the Group may effectively investigate the report. A Whistleblower can choose to remain anonymous while making a disclosure, over the course of the investigation and after the investigation is finalised, and will still be protected under the Corporations Act. Anonymous reports can be made via here.
5.8 A Whistleblower can refuse to answer questions that they feel could reveal their identity at any time, including during follow-up conversations. A Whistleblower who wants to remain anonymous should maintain ongoing two-way communication with the Group, so that the Group can ask follow-up questions or provide feedback. The Group will still deal with reports received from anonymised sources (e.g. anonymised email addresses, unidentified phone lines) in accordance with this policy.
5.9 Reports made to a legal practitioner for the purposes of obtaining legal advice or representation in relation to the operation of the whistleblower provisions in the Corporations Act are also protected under the Corporations Act (even in the event that the legal practitioner concludes that a report does not related to Reportable Conduct).
5.10 (See also s 14ZZT(3) of the TAA.)
6 What protections are afforded to Whistleblowers and other persons who are involved?
Protection of Whistleblower’s identity
6.1 Subject to certain legal requirements, the identity of a Whistleblower who has made a report in accordance with this Policy, including information that is likely to lead to identification of the Whistleblower, must not be disclosed without the consent of the Whistleblower.
6.2 It is illegal for a person to identify a Whistleblower or disclose information likely to lead to the Whistleblower’s identification, outside certain exceptions under law. A Whistleblower can lodge a complaint with the Group about a breach of this protection by contacting a WPO. A Whistleblower may also lodge a complaint with a regulator such as ASIC, APRA or the ATO.
6.3 Where anonymity has been requested, the Whistleblower is also required to maintain confidentiality regarding the issue on their own account and to refrain from discussing the matter with any unauthorised persons.
Protection against liability and Detriment
6.4 If a Whistleblower makes a report in accordance with this Policy:
- they will not be held liable (in a civil, criminal or administrative sense) for doing so;
- no contractual or other right or remedy may be exercised against them for doing so; and
- in some cases, the information may not be admissible as evidence against the Whistleblower in proceedings.
6.5 If a Whistleblower makes a report in accordance with this Policy, the Group will not subject the Whistleblower to any Detriment on account of those actions.
6.6 The protections do not grant immunity for any misconduct a Whistleblower has engaged in that is revealed in their report.
Protection against Victimisation
6.7 A person must not subject another person to Detriment because they believe or suspect that a report of Reportable Conduct was made, may have been made, is proposed to be made or could be made in accordance with this Policy.
6.8 A person must not threaten to cause Detriment to another person because a report of Reportable Conduct was made, or may have been made in accordance with this Policy.
6.9 Any Group officer or employee who engages in this conduct will be subject to disciplinary action, up to and including termination from office or termination of employment, as the case may be.
6.10 The Group may put in place measures to protect a Whistleblower from Detriment, e.g. relocating the Whistleblower to a difference workplace.
Scope of protections and remedies
6.11 The protections apply not only to internal reports, but also reports to legal practitioners, regulatory and other external bodies, Public Interest Disclosures and Emergency Disclosures that are made in accordance with the Corporations Act.
6.12 A person can seek compensation and other remedies through the courts if they suffer loss, damage or injury as a result of a breach of the above, and the relevant Group member failed to take reasonable precautions and exercise due diligence to prevent the detrimental conduct.
6.13 Whistleblowers are encouraged to seek independent legal advice. They may also contact regulatory bodies such as ASIC, APRA or the ATO if they believe they have suffered Detriment.
7 Will I be protected if I disclose Reportable Conduct to a Member of Parliament or a journalist?
7.1 A Whistleblower who informs a Member of Parliament (MP) or journalist of concerns about Reportable Conduct will only be protected under the Corporations Act if it is a Public Interest Disclosure or an Emergency Disclosure.
7.2 A Public Interest Disclosure occurs when:
- the Whistleblower previously reported information about Reportable Conduct to ASIC or APRA, in accordance with this Policy;
- at least 90 days have passed since the report was made;
- the Whistleblower does not have reasonable grounds to believe that action is being, or has been, taken to address the report;
- the Whistleblower has reasonable grounds to believe that making a further report to a Member of Parliament or a journalist would be in the public interest;
- after at least 90 days have passed since the previous report, the Whistleblower gives ASIC or APRA a written notice that identifies their earlier report and stating their intention to make a Public Interest Disclosure;
- the Whistleblower then reports the information about the Reportable Conduct to an MP or journalist; and
- the information the Whistleblower discloses to the MP or journalist is no greater than necessary to inform the MP or journalist of the Reportable Conduct.
7.3 An Emergency Disclosure occurs when:
- the Whistleblower previously reported information about Reportable Conduct to ASIC or APRA, in accordance with this Policy;
- the Whistleblower has reasonable grounds to believe that the information in their report concerns substantial and imminent danger to the health or safety of one or more people or to the natural environment;
- the Whistleblower then gives ASIC or APRA a written notice identifying their earlier report and stating their intention to make an Emergency Disclosure;
- the Whistleblower then reports the information about the Reportable Conduct to an MP or journalist; and
- the information the Whistleblower discloses to the MP or journalist is no greater than necessary to inform the MP or journalist of the Reportable Conduct.
7.4 It is important for a Whistleblower to understand the criteria for making a Public Interest Disclosure or an Emergency Disclosure. A Whistleblower should contact an independent legal adviser before making a Public Interest Disclosure or an Emergency Disclosure.
8 Will I be protected if I disclose Reportable Conduct on social media or to someone other than the people or organisations specified in this Policy?
8.1 No. To be protected, reports of Reportable Conduct must be made in accordance with this Policy, unless they are otherwise protected under another law (see, however, paragraphs 6.7 and 6.8).
9 How will my report be dealt with and investigated?
9.1 Any Whistleblower who makes a report of Reportable Conduct in accordance with this Policy must be informed that:
- the Group will take all reasonable steps to ensure that the Whistleblower will not be disadvantaged for the act of making such a report;
- the Whistleblower can remain anonymous and still receive protection; and
- the Whistleblower will not necessarily be absolved from the consequences of their involvement in any misconduct complained of.
9.2 The Group must investigate all matters reported in accordance with this Policy.
9.3 If a Whistleblower makes a report to an Eligible Recipient who is not authorised and trained as a WPO, the Eligible Recipient must forward the report on to a WPO who will handle the report and any associated investigation process. An Eligible Recipient must not forward a report on to a WPO to handle if that WPO is implicated in the report.
9.4 The WPO must assess whether a report qualifies for protection and whether a formal investigation is required. The WPO may only dismiss the Whistleblower’s complaint, if on reasonable grounds, the WPO has a high degree of confidence there is no substance to the complaint.
9.5 Please be aware that without the Whistleblower’s consent, information that is likely to lead to the identification of the Whistleblower cannot be disclosed as part of the investigation process unless:
- the information does not include the Whistleblower’s identity;
- information relating to the Whistleblower’s identity or that is likely to lead to the identification of the Whistleblower (e.g. name, position title and other identifying details) is removed; and
- it is reasonably necessary for investigating the issues raised in the disclosure.
9.6 An investigation may not be able to be undertaken if the Whistleblower cannot be contacted.
9.7 If a formal investigation is required, the WPO must:
- notify the CEO of the Group member to which the report relates;
- if the CEO is implicated in the disclosure, notify the COO;
- if the COO is implicated in the disclosure, then the WPO has the authority to move directly to the appointment of an investigator;
- appoint an investigator to investigate the reported breach (the Investigator) – depending on the nature of the Reportable Conduct and the circumstances, this may be an internal or external investigator;
- ensure the Terms of Reference provided to the Investigator include:
- all relevant questions;
- provision for sufficient resources to be allocated to allow the investigation to be effectively conducted, having regard to the seriousness of the alle gation(s);
- a requirement that confidentiality of all parties, including witnesses, is maintained;
- a requirement that procedural fairness be applied to all parties;
- a requirement that strict security is maintained during the investigative process;
- a requirement that information obtained is properly secured to prevent unauthorised access;
- a requirement that all relevant witnesses are interviewed and documents examined;
- a requirement that contemporaneous notes of all discussions, phone calls and interviews must be made; and
- a requirement that the investigation’s report of findings comply with this Policy; and
- where appropriate, provide feedback to the Whistleblower regarding the investigation’s progress and/or outcome (subject to considerations of the privacy of those against whom allegations are made).
9.8 The investigation must be conducted in an objective, timely and fair manner, and otherwise as is reasonable and appropriate having regard to the nature of the Reportable Conduct and the circumstances. As a general rule, most investigations ideally should be concluded within 3 months of commencement.
9.9 The WPO will provide the Whistleblower with regular updates on the investigation and outcomes if the Whistleblower can be contacted. The frequency and timeframe may vary depending on the nature of the report.
9.10 Where anonymity has been requested, the Whistleblower is required to maintain confidentiality regarding the issue on their own account and to refrain from discussing the matter with any unauthorised persons.
9.11 For the avoidance of doubt, information concerning Reportable Conduct that has been reported in accordance with this Policy must be kept confidential and secure, and must not be disclosed to anyone unconnected to the investigation unless the Whistleblower has provided consent or the disclosure is required or permitted by law.
10 Investigator’s findings
10.1 A report of findings must be prepared by the Investigator and provided to the WPO when an investigation is complete. This report must include:
- the allegations;
- a statement of all relevant findings of fact and the evidence relied upon to reach conclusions on each allegation;
- the basis for each conclusion reached (including the damage caused, if any, and the impact on the organisation and other affected parties) and their basis;
- recommendations based on those conclusions to address any wrongdoing identified and any other matters arising during the investigation.
10.2 The WPO must provide details of the outcome to the Whistleblower, except in circumstances where it may not be appropriate to provide such details.
10.3 The Investigator must give the report of investigation findings to any other person notified under paragraph 9.7.
10.4 The Investigator must provide a brief outline of the investigation findings (while preserving confidentiality) to the Head of Human Resources.
10.5 The method of documenting and reporting the findings will depend on the nature of the report made by the Whistleblower.
11 Further questions
11.1 Any questions, comments or concerns about the contents of this policy should be directed to the Head of Human Resources.