ComfortDelGro Corporation Australia Pty Ltd and its related bodies corporate (together, CDC) is committed to maintaining the highest standards of conduct and ethical behaviour in all of its business activities and to promoting and supporting a culture of honest and ethical behaviour, corporate compliance and good corporate governance and risk management.
CDC encourages the reporting of suspected misconduct involving CDC’s businesses and provides protections for individuals who disclose wrongdoing. CDC provides protections for individuals who disclose wrongdoing (Disclosers) so that Disclosers may make such disclosures confidentially and are protected from retribution, disadvantage or punishment.
This policy will be made available to officers and employees of CDC by providing hard copies of the policy to each depot and making it available electronically.
The purpose of this policy is to:
- encourage more disclosures of wrongdoing;
- help deter wrongdoing, in line with CDC’s risk management and governance framework;
- ensure individuals who disclose wrongdoing can do so safely, securely and with confidence that they will be protected and supported;
- ensure disclosures are dealt with appropriately and on a timely basis;
- provide transparency around CDC’s framework for receiving, handling and investigating disclosures;
- support CDC’s values and code of conduct;
- support CDC’s long term sustainability and reputation; and
- meet CDC’s legal and regulatory obligations.
This policy is an important tool for helping CDC to identify wrongdoing that may not be uncovered unless there is a safe and secure means for disclosing wrongdoing.
- Policy Application
This policy applies to any “eligible whistleblower”.
An “eligible whistleblower” is an individual who is or has been any of the following in relation to CDC:
- an officer or employee (eg: current and former employees who are permanent, part time, fixed-term or temporary, interns, secondees, managers and directors);
- a supplier of services or goods to CDC (whether paid or unpaid) including their employees (eg: current and former contractors, consultants, service providers and business partners);
- an associate of CDC;
- a relative, dependant or spouse of an individual who fits any of the above descriptions (eg: relatives, dependants or spouse of current and former employees, contractors, consultants, service providers, supplier and business partners).
What is Reportable Conduct?
An eligible whistleblower can make a disclosure under this policy if he or she has reasonable grounds to suspect the existence of illegal, unethical or improper conduct (including misconduct) or an improper state of affairs or circumstances within CDC or by a director, officer, employee, contractor, supplier, tenderer or other person who has business dealings with CDC (Reportable Conduct).
Under this policy, Reportable Conduct includes conduct that:
- is illegal, unethical or improper such as:
- dealing in, or use of, illicit drugs, violence or threatened violence and criminal damage against property;
- offering or accepting bribes in return for business favours or commercial advantage;
- unauthorised distribution or sale of personal information;
- price fixing and financial misreporting;
- failure to comply with, or breach of, any other legal or regulatory requirements;
- fraud, money laundering or misappropriation of funds;
- is a serious breach of any internal CDC policy, including the Code of Conduct;
- represents a danger to the public or the stability of, or confidence in, the financial system (even if the conduct does not involve a contravention of a particular law);
- indicates a systemic issue that a regulator should know about to properly perform its functions; or
- engaging in or threatening to engage in detrimental conduct against a person who has made a disclosure or is believed or suspect to have made, or is planning to make, a disclosure of Reportable Conduct.
A Discloser does not have to prove the allegations and will still qualify for protection even if the disclosure turns out to be incorrect.
Reportable Conduct does not include personal work-related grievances, unless the complaint is about your victimisation as a whistleblower. Examples of personal work-related grievances include disclosures regarding interpersonal conflicts with other employees, transfer and promotion decisions, decisions regarding the terms and conditions of employment, decisions regarding suspension and termination of employment and disciplinary decisions (provided such decisions do not involve a breach of workplace laws). These issues can be raised via the HR team.
A personal work-related grievance will still qualify for protection if:
- it includes information about misconduct, or information about misconduct includes or is accompanied by a personal work-related grievance (mixed report);
- CDC has breached employment or other laws punishable by imprisonment for a period of 12 months or more, engaged in conduct that represents a danger to the public or the disclosure relates to information that suggests misconduct beyond the Discloser’s personal circumstances;
- the Discloser suffers from or is threatened with detriment for making a disclosure; or
- the Discloser seeks legal advice or legal representation about the operation of the whistleblower protections under the Corporations Act.
CDC discourages deliberate false reporting (that is, reports that the Discloser knows to be untrue).
Who can disclosures be made to?
In order to be protected under this policy, disclosures must be made to an Eligible Recipient of CDC. The following people are Eligible Recipients:
- a director, officer or senior manager of any of the CDC companies;
- the internal or external auditor (including a member of an audit team conducting an audit) of CDC;
- a person authorised by CDC to receive disclosures in accordance with this policy.
CDC encourages any Discloser to make a disclosure to one of CDC’s internal or external Eligible Recipients in the first instance, as CDC would like to identify and address any wrongdoing as early as possible. This approach is intended to help build confidence and trust in this policy and the related processes and procedures.
Even though CDC encourages disclosure of Reportable Conduct to its internal or external Eligible Recipients, Disclosers can report any Reportable Conduct directly to regulatory bodies (see further below) or other external parties and such a disclosure will still qualify for protection under the Corporations Act even where there has been no prior disclosure to CDC.
You may make disclosures of what you consider to be Reportable Conduct to a legal practitioner for the purposes of obtaining legal advice or legal representation in relation to the operation of the whistleblower provisions in the Corporations Act even if the legal practitioner concludes that a disclosure is not in fact Reportable Conduct.
You can also make a disclosure of information relating to Reportable Conduct to regulatory bodies such as the Australian Securities and Investment Commission (ASIC), the Australian Taxation Office (ATO) or any other regulatory body prescribed by the regulations.
Public Interest and Emergency Disclosures
Disclosure can also be made to a journalist or a parliamentarian where the disclosure qualifies as a Public Interest Disclosure. A Public Interest Disclosure is a disclosure of information to a journalist or a parliamentarian where:
- at least 90 days have passed since the Discloser made the disclosure to ASIC, the ATO or any other regulatory body prescribed by the regulations;
- the Discloser does not have reasonable grounds to believe that action is being, or has been, taken in relation to the disclosure;
- the Discloser has reasonable grounds to believe that making a further disclosure of the information is in the public interest; and
- before making the Public Interest Disclosure, the Discloser has given written notice to the body to which the previous disclosure was made that:
- includes sufficient information to identify the previous disclosure; and
- states that the Discloser intends to make a Public Interest Disclosure.
An Emergency Disclosure is the disclosure of information to a journalist or parliamentarian where:
- the Discloser previously made a disclosure of information to ASIC, the ATO or another Commonwealth body prescribed by regulation;
- the Discloser has reasonable grounds to believe the information concerns a substantial or imminent danger to the health or safety of one or more persons or to the natural environment;
- before making the emergency disclosure, the Discloser gives written notice to the body to which the previous disclosure was made that:
- includes sufficient information to identify the previously disclosure; and
- states that the Discloser intends to make an emergency disclosure; and
- the extent of the information disclosed in the Emergency Disclosure is no greater than is necessary to inform the journalist or parliamentarian of the substantial and imminent danger.
It is important that you understand the criteria for making a Public Interest or Emergency Disclosure before doing so and it is recommended that you contact an independent legal adviser before making a Public Interest Disclosure or an Emergency Disclosure.
How to make a disclosure
Disclosures can be made to any Eligible Recipient either in person, by post or by email.
When making a disclosure to an Eligible Recipient, CDC encourages you to refer to this policy or request protections under this policy.
Disclosures under this policy can be made anonymously, confidentially, securely and can be made outside of normal business hours. It is important to note that anonymous disclosures are still protected under the Corporations Act and this policy.
A Discloser can choose to remain anonymous while making a disclosure, over the course of the investigation and after the investigation is finalised and can refuse to answer questions that the Discloser feels could reveal their identity.
Where a disclosure comes from an email address from which CDC cannot determine the identity of the Discloser, the disclosure will be treated as anonymous.
CDC will use the following measures to protect a Discloser’s anonymity:
- all personal information or reference to the Discloser witnessing an event will be redacted;
- the Discloser will be referred to in a gender-neutral context;
- where possible, the Discloser will be contacted to help identify certain aspects of their disclosure that could inadvertently identify them;
- disclosures will be handled and investigated by qualified staff;
- all paper and electronic documents and other materials relating to disclosures will be stored securely;
- access to all information relating to a disclosure will be limited to those directly involved in managing and investigating the disclosures;
- only a restricted number of people who are directly involved in handling and investigating a disclosure will be made aware of a Discloser’s identity (subject to the Discloser’s consent) or information that is likely to lead to the identification of the Discloser;
- communications and documents relating to the investigation of a disclosure will not be sent to an email address or a printer that can be accessed by other staff; and
- each person who is involved in handling and investigating a disclosure will be reminded about the confidentiality requirements including that an unauthorised disclosure of a discloser’s identity may be a criminal offence.
In practice, Disclosers should be mindful that people may be able to guess a Discloser’s identify if:
- the Discloser has previously mentioned to other people that they are considering making a disclosure;
- the Discloser is one of a very small number of people with access to the information; or
- the disclosure relates to information that a Discloser has previously been told privately and in confidence.
Protections for Disclosers
Regardless of the Eligible Recipient to whom a disclosure is made, a Discloser has the following protections:
- identity protection (see section regarding anonymity above);
- protection from detrimental acts or omissions (for example, dismissal, discrimination, harassment, altering an employee’s position to their disadvantage etc);
- a right to compensation or other remedies, where the eligible whistleblower suffers loss, damage or injury because of a disclosure, in circumstances where CDC has failed to take reasonable precautions and exercise due diligence to prevent detrimental conduct; and
- protection from civil, criminal and administrative liability in respect of their disclosure.
The following are examples of actions that are not detrimental conduct:
- administrative action that is reasonable for the purpose of protecting a Discloser from detriment (eg: moving desks or changing line management of a Discloser); and
- managing a Discloser’s unsatisfactory work performance, if the action is in line with ComfortDelGro’s performance management framework.
Disclosers should seek independent legal advice in the event of concern.
The protections above will continue to apply to a Discloser, even if the disclosure turns out to be incorrect.
Handling and investigating a disclosure
Any disclosure raised with CDC shall be investigated appropriately, depending on the nature of the concern raised (including, where the circumstances warrant it, through a formal in-depth investigation). Typically, such an investigation will include:
- gathering information from the Discloser (if this is possible, having regard to Discloser’s right to anonymity);
- gathering information from other individuals whom CDC understands may have been involved in or have information about the relevant matter; and
- reviewing any other information relevant to the matter.
All investigations shall be handled confidentially, sensitively and in a timely manner having regard to the relevant circumstances, and eligible whistleblowers shall be kept updated regarding the progress of the investigation, subject to having a means of contacting them.
Subject to having a means of contact and it being appropriate to do so, the Discloser will usually be provided with feedback regarding the outcome of the investigation.
Fair treatment of individuals mentioned in a disclosure
CDC will utilise the following measures to ensure the fair treatment of individuals mentioned in a disclosure:
- disclosures will be handled confidentially, when it is practical and appropriate in the circumstances;
- each disclosure will be assessed and may be the subject of an investigation;
- the objective of an investigation is to determine whether there is enough evidence to substantiate or refute the matters reported;
- when an investigation needs to be undertaken, the process will be objective, fair and independent;
- an employee who is the subject of a disclosure will be advised about the subject matter of the disclosure as and when required by principles of natural justice and procedural fairness and prior to any actions being taken (eg if the disclosure will be the subject of an investigation); and
- an employee who is the subject of a disclosure may contact CDC’s support services (eg the Employee Assistance Program).
- Access to this Policy
This policy will be made available via CDC’s internet site(s).
- information regarding this policy will be included in CDC’s onboarding process; and
- regular training shall be provided to employees about this policy and its related procedures.
This policy is current as at 24 December 2019 and will be periodically reviewed to ensure it is operating effectively and to make any changes required.