ASIC Has Benchmarked Whistleblower Programs Across Corporate Australia

ASIC REP 827 shows how whistleblower programs are being run across corporate Australia, where the weak points are, and why recurring training changes disclosure behaviour and leadership judgment.

Key takeaways

If you work in HR, legal, or governance, ASIC REP 827 is worth your attention.

Not because it is dramatic. Because it is useful.

It gives us a current benchmark on how Australian organisations are running their whistleblower programs, where the weak points are, and what stronger practice looks like in the real world. ASIC released Report 827, Insights from the ASIC Whistleblower Questionnaire: July 2024 to June 2025, on 4 December 2025. ASIC says the report benchmarks whistleblower policies and practices across 134 entities in 18 industries and highlights opportunities for companies to better support and protect whistleblowers.

A few findings stand out straight away.

Twenty five percent of companies reported no regular whistleblower training. Twenty two percent received zero disclosures for the full year. Fifty eight percent had not sought employee feedback on their program. And the sharpest data point of the lot, companies with recurring training had disclosure rates almost nine times higher than those with no training.

That last figure matters.

A healthy program is not judged by how polished the policy looks on the intranet. It is judged by whether people know how to speak up, whether leaders know what to do when they receive a concern, and whether the organisation can respond without creating more risk on the way through.

That is where many programs wobble.

On paper, plenty of organisations have the basics. A policy. A hotline. A process map. But when a concern is raised with an executive, a People leader, or a board member, the cracks can show up fast. People want to help. They move quickly. They say the wrong thing, send the email to the wrong person, or ask questions they should not be asking yet.

That is not a character problem. It is a capability problem.

We see it often in training. Leaders who are not close to the whistleblower program every day usually walk away with a much sharper understanding of how protected disclosures actually work in practice. They see how careful they need to be with consent, confidentiality, escalation pathways, and support for the whistleblower. They also realise just how easy it is to breach the legislation without meaning to.

That shift matters.

It improves judgment at first contact. It reduces avoidable errors. And it helps create a program people are more likely to trust.

FAQ

What is the ASIC REP 827 benchmark?

ASIC REP 827 benchmarks whistleblower policies and practices across corporate Australia. ASIC says the report covers 134 entities across 18 industries and points to opportunities for companies to better support and protect whistleblowers.

Why do the training figures matter so much?

They matter because a healthy program is not judged by how polished the policy looks on the intranet. It is judged by whether people know how to speak up, whether leaders know what to do when they receive a concern, and whether the organisation can respond without creating more risk on the way through.

What does a low disclosure rate actually tell you?

On its own, it does not tell you that a program is working well. The benchmark figures matter because they sit alongside training gaps and weak feedback loops. A healthier program is one people know how to use and trust.

Where do whistleblower programs usually break down in practice?

They usually break down at first contact. A concern gets raised with an executive, a People leader, or a board member, and people move quickly, say the wrong thing, send the email to the wrong person, or ask questions they should not be asking yet.

What should organisations do next?

For organisations planning FY27 now, the right time to act is before 30 June. Reserve the training, schedule delivery in FY27, and start the new year with stronger capability where it counts.