Whistleblowing – Corporations Act Policy

What is our policy?

Estia Health is committed to a culture of corporate compliance and high ethical behaviour based on our values which include acting with respect and integrity.

The Aged Care Act 2024 (Cth) (Aged Care Act) and the Corporations Act 2001 (Cth) (Corporations Act) both set out obligations for entities regarding whistleblower protections. This Policy specifically addresses our obligations under the Corporations Act. For the policy on whistleblower protections under the Aged Care Act, please refer to Feedback, Complaints and Aged Care Act Whistleblower Policy.

The purpose of this Policy is to:
(a) ensure that the appropriate systems and processes relating to the whistleblower protections under the Corporations Act are in place and are communicated to Eligible Disclosers and Eligible Recipients;
(b) encourage reporting of Reportable Misconduct;
(c) help deter wrongdoing;
(d) provide transparency around Estia Health’s framework for receiving, handling and investigating Protected Disclosures;
(e) support Estia Health’s long-term sustainability and reputation; and
(f) meet Estia Health’s legal and regulatory obligations.

Why is this important?

The objectives of this Policy are to ensure that Eligible Disclosers understand:
(a) what is Reportable Misconduct;
(b) how to report Reportable Misconduct;
(c) the protections available to them in reporting Reportable Misconduct in accordance with this Policy; and
(d) how reports of Reportable Misconduct are investigated and how Estia Health affords fair treatment to individuals reporting such misconduct.

1. Who does this policy apply to?

This Policy applies to anyone who is or was:
(a) an employee of Estia Health;
(b) an officer of Estia Health;
(c) an associate of Estia Health;
(d) a supplier or contractor of Estia Health;
(e) a volunteer at Estia Health; or
(f) a relative or dependant of any of the above.
Anyone who falls into any of the categories above is called an ‘Eligible Discloser’.

This Policy also applies to all Estia Health personnel responsible for the management of the processes and systems set out in this Policy.

Residents and relatives of residents of Estia Health homes are not classified as Eligible Disclosers under the Corporations Act whistleblowing regime. Residents and relatives have a number of alternative channels available to provide feedback to or raise issues with Estia Health, including:

(a) in person at the home level to the Residential Aged Care Manager;
(b) Feedback Forms available at each home and online https://feedback.estiahealth.com.au;
(c) regular resident/relative meetings at home level; and
(d) email to Estia Health Head Office via feedback@estiahealth.com.au.

Externally, matters can be raised to the Aged Care Quality and Safety Commission online at agedcarequality.gov.au or by calling 1800 951 822.

Residents or relatives should also refer to the Feedback, Complaints and Aged Care Act Whistleblower Policy as that policy may be applicable.

2. When does this policy apply?

A disclosure is a ‘Protected Disclosure’ and qualifies for protection under this Policy if the following requirements are met:

(a) the disclosure is made by an Eligible Discloser;
(b) the disclosure is made to an Eligible Recipient;
(c) the disclosure is about Reportable Misconduct (defined in section 3 below) and is not a personal work-related grievance; and
(d) the Eligible Discloser has reasonable grounds to suspect the information concerns misconduct or an improper state of affairs or circumstances.

3. What is reportable misconduct?

For the purpose of this Policy, Reportable Misconduct includes but is not limited to, the following types of misconduct:

(a) a breach of the law, such as theft, dealing in, or use of illicit drugs, violence or threatened violence, and criminal damage against property;
(b) representative of serious clinical wrongdoing;
(c) unethical practices (representing a breach of Estia Health’s code of conduct, policies or generally other misconduct);
(d) dishonesty;
(e) corruption;
(f) an unsafe work practice;
(g) fraud, money laundering or misappropriation of funds;
(h) financial irregularities;
(i) any other conduct which may cause financial or non-financial loss to Estia Health or be otherwise adverse to Estia Health’s interests;
(j) an improper state of affairs (including tax affairs) or circumstances; or
(k) engaging or threatening to engage in Victimisation of a person who has made a disclosure or is believed or suspected to have made, or be planning to make, a disclosure.

4. How do I make a report?

For the whistleblower protections under the Corporations Act to apply, a disclosure must be made directly to an 'Eligible Recipient'. The list of Eligible Recipients is set out below. If you are an Eligible Discloser your disclosure about Reportable Misconduct qualifies for protection from the time it is made to an Eligible Recipient, regardless of whether you or the Eligible Recipient recognises that the disclosure qualifies for protection at that time.

Eligible Recipients are:
(a) the Say Something Hotline;
(b) a member of the Executive Team;
(c) a Regional Manager;
(d) an internal or external auditor;
(e) an actuary (mainly relevant for banking, insurance, and superannuation entities); or
(f) a legal practitioner for the purposes of obtaining legal advice about whistleblowing.

We encourage any disclosures to be made internally to Estia Health to an Eligible Recipient or to the Say Something Hotline in the first instance so we are made aware of any misconduct and can commence an investigation as soon as possible

IMPORTANT INFORMATION
If an Eligible Discloser is aware of actual or Reportable Misconduct and have reasonable grounds to believe it is true, they are encouraged to raise the matter with Estia Health’s Say Something Hotline.

The Estia Health Say Something Hotline is an independent service run by Stopline, which is an avenue for Estia Health employees and other Eligible Disclosers to raise concerns about Reportable Misconduct. Reports to the Say Something Hotline can be made anonymously. For further information on the Say Something Hotline please click on the link https://saysomething.stoplinereport.com/

Alternatively, a report can be made using one of the following options:

Phone: 1300 304 550
Email: estiahealth@stopline.com.au
Website: https://saysomething.stoplinereport.com/
Postal Address: Attn: Estia Health, c/o Stopline, PO Box 403, Diamond Creek, VIC 3089

5. What is not covered under this policy?

It is important to note that the following disclosures do not qualify for the whistleblower protections under the Corporations Act. Disclosures that are:

(a) not about Reportable Misconduct;
(b) not made by an Eligible Discloser; and
(c) not made to an Eligible Recipient (or other relevant person/entity referred to above).

Additionally, personal work-related grievances are not covered under this Policy and should be reported to your line manager or a People and Culture representative. Examples of personal work-related grievances are, inter-personal conflicts between employees, decisions relating to the engagement, transfer or promotion of an employee, decisions to discipline an employee or a decision to suspend or terminate the engagement of an employee. For more information on how to report a work-related grievance or concern see the section below.

Raising a personal work-related grievance or concern

At Estia Health, we are committed to creating a cohesive workplace where our employees, residents and visitors feel safe and supported. Employees are encouraged to raise a concern or grievance without fear of retribution and with confidence that Estia Health will address any workplace issue in a fair, consistent, and timely manner.

Employees are encouraged to engage in self-resolution to resolve issues where they feel comfortable to do so in an open and respectful manner. If you do not feel comfortable addressing your grievance directly, we encourage you to follow the appropriate escalation process detailed in Estia Health’s internal employee grievance policy, by speaking to your manager.
If you are not satisfied with your manager’s actions or if your matter is sensitive or relating to your manager, then you can raise your grievance to any of the following people:

(a) People and Culture Business Partner;
(b) WHS Business Partner (for Health, Safety or Wellbeing matters);
(c) Regional Support Manager; or
(d) Regional Manager.

The above persons, will attempt, where appropriate, to resolve grievances through discussion and negotiation between the relevant parties in a sensitive and confidential manner.

However, there may be some circumstances in which a personal work-related grievance still qualifies for protection and can be reported under this Policy. This would include any conduct that could be considered Victimisation or Threat of Victimisation of an individual because they have made, may have made or intend to make a report under this Policy or a matter that would have significant implications for any company in the Estia Health Group.

In instances where disclosures do not meet the criteria of being made by an Eligible Discloser or concerning Reportable Misconduct under this Policy, such disclosures will be appropriately triaged. This process involves referring these matters to other relevant departments within Estia Health, such as the Quality Team, People and Culture, or other appropriate avenues. These departments will then undertake investigations or address the issues as deemed appropriate. This ensures that all concerns, even those falling outside the scope of this Policy, are addressed in a manner consistent with Estia Health's commitment to integrity and ethical conduct.

6. False reports

All individuals are expected to act honestly and with a reasonable belief in the accuracy of any report concerning Reportable Misconduct. Where a person knowingly provides false or misleading information or otherwise fails to act with a reasonable belief in the truth of their claims, disciplinary action may be taken. This includes instances involving false, malicious, vexatious or frivolous allegations.

Where appropriate, such matters may also be referred to external agencies or law enforcement authorities.

7. Public interest disclosures and emergency disclosures

Estia Health encourages Eligible Disclosers to make disclosures to Estia Health in the first instance, where possible.

In certain public interest or emergency circumstances, a disclosure may be made to a journalist or parliamentarian and still qualify for protection under the Corporations Act.

A ‘public interest disclosure’ is the disclosure of information to a journalist or a parliamentarian, where:

(a) at least 90 days have passed since the Eligible Discloser made the disclosure to ASIC, APRA or another Commonwealth body prescribed by regulation;
(b) the Eligible Discloser does not have reasonable grounds to believe that action is being, or has been taken, in relation to their disclosure;
(c) the Eligible Discloser has reasonable grounds to believe that making a further disclosure of the information is in the public interest; and
(d) before making the public interest disclosure, the Eligible Discloser has given written notice to the body to which the previous disclosure was made, that:
(i) includes sufficient information to identify the previous disclosure; and
(ii) states that the Eligible Discloser intends to make a public interest disclosure.

An ‘emergency disclosure’ may only be made where:
(a) the Eligible Discloser has previously made a disclosure of the information to ASIC, APRA or another Commonwealth body prescribed by regulation;
(b) the Eligible Discloser has reasonable grounds to believe that the information concerns a substantial and imminent danger to the health or safety of one or more persons or to the natural environment;
(c) before making the emergency disclosure, the Eligible Discloser has given written notice to the body to which the previous disclosure was made, that:
(i) includes sufficient information to identify the previous disclosure; and
(ii) states that the Eligible Discloser intends to make an emergency disclosure; and
(d) the extent of the information disclosed in the emergency disclosure is no greater than is necessary to inform the journalist or parliamentarian of the substantial and imminent danger.

It is recommended that Eligible Disclosers contact an independent legal adviser for advice before making a public interest disclosure or an emergency disclosure.

8. Whistleblower protection under the Corporations Act

8.1 Victimisation

(a) Under the Corporations Act, Victimisation of any Eligible Discloser, or Threats of Victimisation directed towards Eligible Disclosers, are prohibited.
(b) We will not engage in, or tolerate, any Victimisation, or Threats of Victimisation, where such behaviour is due to the belief or suspicion that an individual has, may have or intends to make, a disclosure.
(c) Where an individual is victimised because of a disclosure (or the belief or suspicion of a disclosure), this must be reported to the Whistleblowing Wellbeing Officer by the Whistleblower or any other individual who becomes aware of the Victimisation.
(d) Individuals who engage in Victimisation or make Threats of Victimisation may be subject to disciplinary action. Victimisation may also be deemed a contravention of the Corporations Act resulting in penalties.

Note that the following actions are not considered Victimisation or Threats of Victimisation:
(a) administrative action that is reasonable for the purpose of protecting an Eligible Discloser from detriment; and
(b) managing an Eligible Discloser's unsatisfactory work performance, provided the action is consistent with Estia Health’s performance management framework.

8.2 Confidentiality

(a) Estia Health will make all reasonable efforts to ensure the identity of any Eligible Discloser remains confidential. However, when a disclosure is investigated it may be necessary to reveal its substance to people such as other Estia Health personnel, external persons involved in the investigation process and, in appropriate circumstances, regulatory bodies and law enforcement agencies.
(b) Estia Health will not disclose the Eligible Discloser’s identity unless:
(i) the Eligible Discloser consents to the disclosure;
(ii) the disclosure is required or authorised by law;
(iii) the disclosure is necessary for the reporting of the disclosure to a government agency or authority, such as ASIC, APRA or the Australian Federal Police;
(iv) the disclosure is reasonably necessary to further and appropriately investigate the matter; and/or
(v) the disclosure is necessary to prevent or lessen a serious threat to a person’s health or safety.
(c) Under the Corporations Act, there are specific exceptions where an Eligible Discloser's identity may be disclosed, including when notifying:
(i) ASIC;
(ii) APRA;
(iii) a member of the federal police;
(iv) a legal practitioner for the purpose of obtaining legal advice or legal representation; or
(v) any other individual, with the consent of the discloser.
(d) We may otherwise use any information disclosed by an Eligible Discloser (but not the identity of the discloser) which is reasonably necessary to deal with the allegations or claims made under the disclosure, provided that we take all reasonable steps to reduce the risk that the Eligible Discloser will be identified.

8.3 Protection from Liability

If an Eligible Discloser makes a Protected Disclosure:

(a) they cannot be subject to civil, criminal or administrative liability due to reporting misconduct;
(b) no contractual or other remedy may be enforced against the person based on the disclosure; and
(c) information provided as part of a reported misconduct cannot be used as evidence against the Eligible Discloser in a prosecution.

9. Ensuring fair treatment of individuals mentioned in a disclosure

The following steps will be taken to ensure fair treatment of individuals mentioned in a Protected Disclosure:
(a) Protected Disclosures will be handled confidentially when it is practical and appropriate in the circumstances;
(b) each Protected Disclosure will be assessed and may be the subject of an investigation;
(c) the objective of an investigation is to determine whether there is enough evidence to substantiate or refute the matters reported;
(d) when an investigation needs to be undertaken, the process will be objective, fair and independent;
(e) an employee who is the subject of a Protected Disclosure will be advised about the subject matter of the disclosure as and when required by principles of natural justice and procedural fairness and prior to any actions being taken – for example, if the disclosure will be the subject of an investigation; and
(f) an employee who is the subject of a Protected Disclosure may contact Estia Health’s support services (e.g. counselling or the EAP service).

10. Support for whistleblowers

We are committed to ensuring that Eligible Disclosers are protected and supported. All reasonable steps will be taken to ensure that an Eligible Disclosers is supported in making a disclosure. We will support all Eligible Disclosers while a disclosure is being investigated, including by:
(a) assessing the immediate welfare and protection needs of Eligible Disclosers;
(b) safeguarding the interests of Eligible Disclosers in accordance with this policy and our obligations under the Corporations Act; and
(c) addressing any issues or concerns of Victimisation or Threats of Victimisation.

Victimisation and Threats of Victimisation will not be tolerated and any Eligible Disclosers who have a reasonable belief that they are being Victimised as a result of any disclosure (or the belief or suspicion of a disclosure) must report this behaviour to the Whistleblower Wellbeing Officer.

Eligible Disclosers who are Estia Health employees may request support from Estia Health’s employee assistance provider – Assure Programs on 1800 808 374 or at https://assureprograms.com.au/book-an-appointment (EAP). Please be aware that, although any disclosure of information to the EAP is confidential, EAP is not an ‘Eligible Recipient’ for the purposes of this Policy or the Act.

11. Role of the Whistleblower Wellbeing Officer

A Whistleblower Wellbeing Officer (or their delegate) may also be assigned to monitor the welfare of an Eligible Discloser, receive reports of Victimisation or Threats of Victimisation and provide feedback on the progress and results of the investigation.

Eligible Disclosers should immediately inform the Whistleblower Wellbeing Officer if they are concerned that:
(a) they may be, are being, or have been subjected to Victimisation or Threats of Victimisation; or
(b) their disclosure has not been dealt with in accordance with this Policy, including any assessment made by the Say Something Hotline.

The Whistleblower Wellbeing Officer (or their delegate) will consider the concerns raised by the Eligible Discloser and, if appropriate, may take such action as the Whistleblower Wellbeing Officer considers appropriate. However, the Whistleblower Wellbeing Officer (or their delegate) may not be able to take action if the Eligible Discloser wishes to remain anonymous.

12. What happens when a disclosure is made?

Once a report of Reportable Misconduct has been received, the Disclosure Co-ordinator will send it to the Whistleblower Committee.

In instances of a serious or significant whistleblower disclosure, the CEO has the discretion to escalate the matter to the Audit and Risk Committee Chair or, where suitable, to the Board. However, if a Protected Disclosure alleges misconduct by a member of the Executive Team or the CEO, the Protected Disclosure will instead be sent directly to the Chair of the Audit and Risk Committee. These Disclosures will then be investigated by an independent external investigator.

13. Investigation process

Once a Protected Disclosure has been received, the Whistleblower Committee will review the report and assign an appropriate individual to be the ‘Disclosure Owner’ who is primarily responsible for investigating the Protected Disclosure. Whilst a Disclosure Owner may delegate some of the investigative procedures relating to the disclosure, they remain responsible for the completion of the investigation into the Protected Disclosure through its entire lifecycle.

Estia Health will consider the following matters when investigating a disclosure:
(a) the nature and scope of the investigation;
(b) the person(s) within and/or outside Estia Health should lead the investigation;
(c) the nature of any technical, financial or legal advice that may be required to support the investigation; and
(d) the timeframe for the investigation.

Investigation processes will vary depending upon the precise nature of the conduct being investigated but will be conducted promptly, objectively and fairly with due regard to the nature of the allegation, relevant Estia Health policies and the rights of the persons involved in the investigation. Investigations will be independent of the Protected Discloser, the individuals who are the subject of the Protected Disclosure and the department or business unit involved.

If necessary, the assistance of an internal or an external party such as an accounting, legal or clinical specialist may be sought. During the investigation, the Disclosure Owner (or delegated investigators) will have access to all relevant materials, documents, and records. The directors, officers, employees and agents of Estia Health must cooperate fully with the investigation. Estia Health will use all reasonable means to protect the confidentiality of the Eligible Discloser.

At the conclusion of the investigation, the Disclosure Owner will prepare a detailed report on the scope of the investigation and any actions taken along with details of any relevant dates and findings for the Whistleblower Committee. If the final report finds that the misconduct occurred, the Whistleblower Committee will consider:
(a) any steps to be taken to prevent the misconduct from occurring in the future;
(b) any action that should be taken to remedy any harm or loss;
(c) disciplinary proceedings against the person responsible for the conduct; and
(d) referral of the matter to the appropriate authorities.

The Whistleblower Disclosure Owner will provide a summary report to the Whistleblowing Committee of all whistleblowing allegations made and any investigations conducted under this Policy. The Disclosure Owner is responsible for retaining all records relating to disclosures and for communicating updates to Eligible Disclosers where appropriate.

14. Accessibility and implementation of this policy

This Policy is available to officers and employees of Estia Health on the intranet (One Family) and on the external Estia Health website. This Policy and associated whistleblowing training forms part of the induction pack for new starters. All Estia Health employees are required to complete annual mandatory refresher training on this Policy and the whistleblowing regime.

This Policy does not form part of any terms of employment and Estia Health may change, apply or withdraw this Policy in its discretion.

15. Questions

Any questions about this Policy should be directed to Estia Health’s Chief Legal and Risk Officer.

16. Definitions

ACQSC means the Aged Care Quality and Safety Commission.

Aged Care Act means the Aged Care Act 2024 (Cth).

APRA means the Australian Prudential Regulation Authority.

ASIC means the Australian Securities and Investments Commission.

ATO means the Australian Taxation Office.

CEO means the Chief Executive Officer.

Corporations Act means the Corporations Act 2001 (Cth).

Detriment includes (without limitation):
(a) dismissal of an employee;
(b) injury of an employee in his or her employment;
(c) alteration of an employee’s position or duties to his or her disadvantage;
(d) discrimination;
(e) harassment or intimidation of an individual;
(f) harm or injury to an individual, including psychological harm;
(g) damage to an individual’s property;
(h) damage to an individual’s reputation;
(i) damage to an individual’s business or financial position;
(j) threats of reprisal.

Disclosure Owner means the individual assigned as responsible for reviewing a disclosure after a disclosure has been received and, where appropriate, conducting an investigation.

Eligible Discloser has the meaning in section 1.

Eligible Disclosure means a disclosure about Reportable Misconduct made by an Eligible Discloser to an Eligible Recipient.

Eligible Recipient has the meaning in section 4.

Protected Disclosure has the meaning in section 2.

Reportable Misconduct has the meaning in section 3.

Threat of Victimisation means a threat of Victimisation which intends the individual to fear that the threat will be carried out or is reckless as to causing the individual to fear that the threat will be carried out. A threat may be express or implied and/or conditional or unconditional.

Victimisation means conduct which causes any Detriment to an individual or to another entity which employs or is otherwise associated with the individual and the conduct is undertaken solely or partly because the entity believes or suspects that the individual or another individual has, may have, or intends to make, a disclosure that qualifies for protection.

Whistleblower Committee has the following members:
(a) CEO
(b) Chief People & Culture Officer
(c) Chief Legal & Risk Officer.

Whistleblower Wellbeing Officer means:
Alison De Araugo
Head of Health Safety and Wellbeing
Email: Alison.DeAraugo@estiahealth.com.au

17. Relationshipt to other policies

This Policy should be read in conjunction with the following Estia Health policies:

(a) Feedback, Complaints and Aged Care Act Whistleblower Policy
(b) Code of Conduct

18. Resources

This Policy has been developed with reference to the following legislation and guidance material:

(a) the Corporations Act, particularly Volume 6, Chapter 9, Part 9.4AAA;
(b) Information Sheet 238 Whistleblower rights and protections | ASIC
(c) REP 758 Good practices for handling whistleblower disclosures | ASIC
(d) ASIC Regulatory Guide 270 - Whistleblower Policies

Version 14. Last updated 1 November 2025