Pol.9100 .0001 .0855 0001

POL.9100.0001 .0855_0001 POL.9100.0001 .0855_0002

Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (2018)

Comment The Royal Commission (the Commission) has validated its purpose. Contrary to my expectations, the Commission has successfully exposed and formally recorded the ingrained systemic corruption and/or misconduct by many, if not most of the primary institutions in the financial services sector. Moreover, this Commission has not whitewashed the ineptitude of the political system and ineffectiveness of public administration which was evident in previous Royal Commissions, Parliamentary and public sector inquiries in which I have been involved. Well Done. Congratulations and thank you.

Summary The existing financial services sector regulatory agencies are the Australian Securities and Investments Commission (ASIC), the Australian Prudential Regulation Authority (APRA) and the Australian Competition and Consumer Commission (ACCC). These agencies all have duties to protect the public in relation to the financial services sector. ASIC has broad responsibilities under the Corporations Act to oversight and monitor the conduct of companies and businesses and to protect whistleblowers. And both ASIC and APRA (as Regulators) have responsibilities for whistleblower protection under Insurance, Banking and Superannuation Acts.

Successive governments have failed in their duty to protect the public in relation to the financial services sector. They failed to establish a system of agencies, legislation and practices that would ensure such protection. Public administrators (regulatory agencies) had a duty to serve the public by protecting them against wrongdoing in the financial services sector. The regulatory agencies were at best, inept and ineffective at their duties. Consequently, they failed their duty to serve and protect the public.

The Commission has called for submissions based on the Interim Report. That report refers to a significant whistleblowing disclosure in 2010 and two anonymous whistleblowing disclosures in 2015. The report also refers to inadequate enforcement procedures when wrongdoing was disclosed. This submission addresses the role of both whistleblowing and enforcement as it applies to the Inquiry.

The Commission is notionally confined by its Terms of Reference (ToR) to financial services sector matters. The harm inflicted on the public that has been exposed by the Commission is proof positive of a national culture of greed or advantage that harms the general public and the public interest. Despite the notional confines of the ToR, it is imperative that the Commission advises Government against introducing corrective measures that would only apply to the financial services sector. Whatever measures could be applied to solve the problems in that sector must be applied to similar harms being caused to the public generally.

The Royal Commission into Institutional Responses to Child Sexual Abuse has set a precedent by making recommendations about abuse matters which were outside 'institutional' abuse and responses. Such matters were beyond that Commission's terms of reference. I urge the Commission to follow suit and make recommendations to protect the public in general by establishing a Commonwealth independent standing integrity, corruption commission (ICC) with an incorporated whistleblowing sub-agency.

An ICC must be established to protect the public or the public interest from harm arising from any malpractice, dishonesty, corruption, conspiracy, collusion and white-collar crime of the type that is not within the purview of usual police (property/personal violence) responsibilities. The ICC would assume the necessary investigatory and enforcement functions abrogated by all the existing regulatory agencies. The ICC would have responsibility for the investigation and enforcement of any 'intentional' wrongdoing. Conversely, thereafter the regulatory agencies would only monitor, audit, ensure compliance and offer advice to client organisations so they may better serve the public. These agencies would be responsible for any 'unintentional' or inadvertent conduct that requires rectification.

The establishment of the ICC could be cost neutral. The penalties due from the financial services sector wrongdoings that have been exposed by the Royal Commission, should be used for that purpose.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 2 POL.9100.0001 .0855_0003

That funding could be supplemented by reallocating to the ICC, all existing investigation and enforcement resources from the existing regulatory agencies/entities. Those regulatory agency resources are in a pristine unused condition.

The primary tool the ICC should use to protect the public must be the utilisation of whistleblowers. Whistleblowers could provide warnings to the ICC of organisational plans to gain benefit at the cost of harm to the public. However, all the current whistleblower protection legislation and processes are not effective. Whistleblowers are not protected. They are exposed to, or at risk of serious workplace harm and injury. It is vital that the Commission strongly recommends the formation of a new public protection regime which will ensure the protection of the broader public, the success of an ICC and the welfare of whistleblowers.

Recommendations This submission recommends the effective disclosure and curbing of wrongdoing and misconduct that causes harm to the public and the public interest. The primary recommendations of this submission urge the Commission to;

Denounce current Commonwealth whistleblowing provision as ineffective, inoperable and not fit for purpose; Purge ASIC of investigatory and enforcement functions; Acknowledge whistleblowing as the most universal, cost-effective, efficient and potent means to expose conduct that harms the public and the public interest; Restructure regulatory agencies by redefining their duties, responsibilities and powers; Establish an independent Commonwealth commission (ICC) to investigate and enforce public or private breaches of codified conduct which is not usually within the purview of police action; Create an ICC sub unit to which whistleblowers would be empowered to, make safe and protected disclosures and which would be tasked to manage, investigate, prosecute and act against any reprisals taken against whistleblowers and determine appropriate recompense for bona fide disclosures; Require all regulatory agencies (possibly including all Commonwealth statutory Boards or Authorities) to be subject to oversight by the ICC for the purposes of detecting any wrongdoing or malpractice;

Overview This submission has one purpose; to recommend an effective means to protect the public interest against dishonesty, corruption and/or criminal conduct. This can be achieved by ensuring that people (i.e. whistleblowers) who observe wrongdoing which harms the public interest are empowered to safely disclose their observations to a competent independent agency. That agency must have powers to investigate the perceived wrongdoing, enforce penalties and remediation where applicable, protect the whistleblowers against any harm, penalise any attempted reprisals and ensure the whistleblower receives due recompense for services to the public interest.

This submission focusses on the Commission's Terms of Reference (ToR) paras f, g, hand J - and respective sub sections. However, the ToR limits the Commission to the financial services sector. But the dishonesty, corruption and criminal misconduct exposed by the Commission is not confined j ust to that sector. Similar harm caused to the public by this sector exists to various degrees in many, if not most public and private entities.

Nearly 50 years' involvement observing, experiencing, identifying and combating such misconduct across large swathes of the public and private sector, entitles me to make this assertion with absolute confidence. (See Antecedence - Attachment 1). Such misconduct is not restricted to one prestigious and important private sector industry. Misconduct occurs across all levels within the entire public and private sectors. It is na·ive to assume otherwise.

I concur with the Commission, that in the private sector, the primary motivation for misconduct is greed. However, in the public sector, my experience is that the primary motivation is power, privilege and position. Nonetheless both motivations leak across their sector boundaries to various degrees in various circumstances.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 3 POL.9100.0001 .0855_0004

But the common feature of both forms of wrongdoing is that the public and the public interest is harmed - and innocent people suffer.

But, the Commission is notionally limited to the ToR when attributing failure of the Commonwealth's private sector regulatory agencies to detect, expose, accuse, blame or punish those who have inflicted harm on the public and on the public interest. Yet the same failures, ineptitude and inadequacy applies throughout the public sector regulatory agencies. Even so, the fault for such shortcomings may well be more properly attributed to political inefficacy, as will be discussed later.

In any event, the Commission now has witnessed instances of private sector wrongdoing and public regulatory agency incompetence. They are prime examples of what the Commission must resolve. The recommendations herein can best resolve both the wrongdoing and the incompetence.

Recommendation 1 ; Denounce current Commonwealth whistleblowing provision as ineffective, inoperable and not fit for purpose

Whistleblowing provisions don't work. All the financial service entities subject to the Royal Commission enquiries are subject to Commonwealth whistleblowing 'protection' provisions {See Whistleblowing Protections Acts & provisions - Attachment 2a). However, over many years of application, no more than 3 employees from that sector were found to have made disclosures about misconduct or illegal activities. Clearly none of the thousands of the sector employees had enough confidence in the whistleblowing protection provisions to identify themselves and make any disclosure about the rampant dishonesty, corruption or criminal activities in the sector. Or perhaps they did - but somehow information about their 'disclosure' has vanished - or the whistleblower was bought off- or they suffered reprisals and quit.

Put simply - the whistleblowing provisions don't work - and employees know it. But so do those who engage in wrongdoing. They have nothing to fear from whistleblowers making disclosures because with few exceptions, whistleblowers don't make disclosures. Retaining legislation that serves no purpose and has no effect diminishes the credibility of law. For that reason, the whistleblowing provisions in Attachment 2a should be struck down.

In those rare cases where a whistleblower makes a disclosure of suspected wrongdoing- they suffer reprisals. The threat of those reprisals is well known across the employment spectrum. And when Government actively and publicly advise of "search and destroy" actions against public sector whistleblowers - it is an endorsement that whistleblower hunting is a legitimate right of employers.

In practice, the whistleblowing provisions and the free ranging practice of threatening reprisals are used conjointly by employers. The provisions induce whistleblowers who have observed wrongdoing to make a disclosure. The threat of crippling reprisals then silences the whistleblower. The wrongdoers then know they have been detected and that affords them an opportunity to cover up the wrongdoing. The matter goes no further - and ASIC never hears about it. Having silenced the whistleblower, the wrongdoers have the option of keeping a whistleblower cowered into silence or sacking him/her.

Compounding the failings of all whistleblowing provisions is the view that they contravene the Commonwealth Work Health and Safety (WH&S) Act 2011. They do not conform to the objects of the WH&S Act (see WH&S Act -Objects - Attachment 2b). Contrary to the objects, the provisions induce, encourage if not impose a duty on both private and public prospective whistleblowers to put their safety, health and well-being at risk. The employment contract and the law requires that employees do not engage in conduct that is unlawful, dishonest or corrupt. However, the Commission has exposed evidence that employees have been directed to engage in practices which harm the public.

These employees are compelled to become complicit and accessories to the wrongdoing. But because the financial services sector whistleblowing provisions don't work, employees would put their career, livelihood, mental and physical and financial situation at risk if they attempt to disclose the wrongdoing they have been directed to carry out.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 4 POL.9100.0001 .0855_0005

Similarly, in the public sector, there are promotional inducements and other benefits, or threats of reprisals used to thwart the disclosure of maladministration and abuse of office. For all the reasons aforementioned, the current whistleblowing provisions should be struck down.

A confused gaggle of unpalatable options. At present whistleblowers are forced to make disclosures to a gaggle of selected agencies, individuals or authorities. In effect and practice, they all lack the capacity, will, competence, resources, authority or means to protect the whistleblower, prosecute against reprisals or properly investigate a disclosure.

The Corporations Act lists ASIC as the first entity to which a prospective whistleblower should make a disclosure. In ASIC's 'guidance for whistleblowers' fact sheet, ASIC is listed as the last entity to whom a disclosure should be made. ASIC has no powers to enforce a protection regime to prevent harm to a whistleblower. After a whistleblower is harmed, the whistleblower must initiate their own civil action against any reprisal. ASIC offers no help whatsoever in initiating civil action.

ASIC's information sheet advises "If you believe you may be a whistleblower or are unsure what protections may apply to you, it is important to seek legal advice. ASIC is not able to give personal legal advice and can only provide general information on these issues. We will provide general guidance (this information sheet is aimed at providing that guidance... )". From there on, ASIC becomes even less helpful. It seems to suggest that the use of whistleblower rights are optional - "if you are thinking of acting on the rights the whistleblower protections give you .... ". AND then advises prospective whistleblowers to "alert the company (through its Officers)". Is that really proper, wise or appropriate? ASIC may well be advising a whistleblower to make a disclosure about 'robbing the dead' to a 'company officer' without knowing whether that 'officer' was the person who had organised the theft. A whistleblower must also then prove to AISC that they are making a disclosure in "good faith". What does it matter why someone is making a disclosure if they have reasonable ground to believe the disclosure is about misconduct, or dishonest or illegal activities which harm the public? In effect and practice, a whistleblower must make a real effort to make a disclosure and then run the almost certain risk of reprisals.

As discussed hereunder, the same whistleblowing mess exists throughout both the entire private sector and the public sector. No regulatory agency (perhaps with the exception of the Fair Work (Registered Organisations) Commission) exists which has any capacity or desire to help whistleblowers make a safe disclosure about wrongdoing.

Whistleblowing provisions found unsatisfactory by Committee The 2017 Parliamentary Joint Committee on Corporations and Financial Services recommended that all the Commonwealth whistleblowing protection provisions be consolidated into a single act. That has been resisted by Government. In fact, none of the 32 recommendations of the Joint Committee have be acted upon. At present, before a whistleblower can decide whether to make a disclosure it is necessary to determine which piece of whistleblowing protection legislation may be applicable. Knowing where to look would challenge most non-legally trained people. The word whistleblower or whistleblowing does not appear in the title of any legislation. It is vital that all the ambiguity associated with making a disclosure is removed to assist the whistleblower. A prospective whistleblower has enough to consider in respect of making a disclosure without the complication of determining where to look for relevant legislation, finding the relevant section and then understanding all the legal aspects of the process.

Government narrows focus to avoid the broader scope. Given the resistance of the Government to establish the Royal Commission it must be assumed they believed that there was no significant wrongdoing at least in the financial services sector, to warrant the investigation. To assume otherwise would raise questions of Government probity and integrity. Consequently, the Government established a narrow set of references confining the Commission to the financial services sector. Yet the Commission has proved beyond doubt, that there is dishonesty, malpractice, corruption and criminal activities in our most venerated private institutions.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 5 POL.9100.0001 .0855_0006

It would be na·ive, if not stupid, to assume that the same form of misconduct and malpractice does not exist across the entire private sector. Likewise, it would be equally na·ive to assume that a similar form of misconduct and malpractice does not exist throughout the entire public sector.

RECOMMENDATION 2; Purge ASIC of investigatory and enforcementfunctions. ASIC must be purged of its investigatory and enforcement functions. ASIC will survive the findings of this Commission - it will continue to function. But it must not continue in its present form. It is necessary to purge its investigatory and enforcement functions to a new ICC agency. That agency would also take over all ASIC's whistleblowing responsibilities.

ASIC is supposed to control misconduct in the corporate sector which may harm the public. But there are 2 types of misconduct. Misconduct that is just 'not right', and misconduct that is 'wrong'. The distinction is that misconduct which is 'not right' is an administrative matter about rules, codes of conduct, public expectations and specified duties. Misconduct in relation to those matters is generally not specified in law. Conversely, misconduct that is 'wrong' has been specifically defined in law. Misconduct which is 'wrong' is a legal matter. Offences are specified. ASIC has been responsible for both. It failed both.

AS/C's role is to fix what is 'not right' As a regulatory agency, ASIC should require regular reports from client organisations on specific matters, be conducting oversight enquiries and random audits particularly relating to 'at risk' procedures. The objective is to ensure that mistakes or unintentional breaches of requirements caused by misunderstandings, misinterpretations, lack of diligence, neglect or indifference are detected and corrected. Where such administrative matters are detected, the regulatory agency must be empowered to oblige the organisation to correct the errors. But where the agency detects that there has been lax non-compliance, the agency must be able to impose appropriate penalties. Moreover, where an organisation has inadvertently caused harm to any client, the regulatory agency must be empowered to impose both penalties to the organisation and restitution to the client for the harm caused.

ASIC has an important monitoring, advisory and consultation role. By working proactively with organisations, ASIC can help resolve practices and other conduct which does not properly serve the public. ASIC can intercede at the earliest stages to help guide an organisation away from conduct which is improper and 'not right', but which does not meet the threshold of unlawful conduct. Conversely ICC's function is to intercede when things are 'wrong' and unlawful as defined in law. The distinction is clear. It is the compelling reason why there must be 2 separate and distinct agencies.

But at present it appears that ASIC has no powers or responsibility to access, monitor or audit instances where questions are raised within an organisation that relates to compliance with rules, codes or duty obligations. Nonetheless, ASIC's role in rectifying such matters should not be understated. To intercede and correct 'irregularities' before significant harm is inflicted on the public is a vital role. However, that still leaves the question as to how ASIC can determine that some administrative practices are 'not right' and need correction.

The matter of how financial sector organisations deal with internal criticism of their particular organisation's conduct, undoubtedly falls within the Commission's aforementioned ToR criteria.

A person who raises concerns or criticisms within an organisation about the propriety, integrity or correctness of particular conduct is not identified in law as a 'whistleblower.' Because all Commonwealth whistleblowing provisions apply only to legally defined whistleblowers - those who raise concerns about organisational propriety, integrity or correctness are excluded from any whistleblowing provisions.

However, organisations undoubtedly have mechanisms to deal with internal concerns or criticism about processes, practices and policy that are just 'not right' but also not unlawful. No such mechanisms are under the oversight, let alone the control of ASIC. That must surely be a failing. Any internal criticism of suspected conduct which may harm the public or the public interest must surely deserve the attention of ASIC - even if it is not unlawful.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 6 POL.9100.0001 .0855_0007

There are SOLUTIONS • To ensure there is compliance with standards, rules, codes or duty obligations it is necessary to codify all the ethical, moral and integrity standards expected of corporate (and public sector?) organisations. Apparently, these behavioural values have been set through voluntary standards arising from corporate associations. But in practice, these standards have been resolutely ignored by association members. Intentional breaches of the codified standards would need to attract applicable penalties - both to the organisation and to the person(s) responsible for the breaches. The penalties should not apply to those who were directed to carry out the breaches. • Redefine whistleblowing and whistleblowers, so they cover both unlawful 'wrong' conduct and conduct that is 'not right' and has an adverse impact on the public or the public interests. • Extend whistleblower protection provisions so that a person is empowered to raise concerns about suspected misapplications or unintentional application of the standards codes without fear of reprisals. To maintain the collaborative and advisory relationship between ASIC and organisations, only administrative corrections or minimal penalties should apply if the matter is resolved before harm is caused to the public. • Provide a means for concerned persons to notify ASIC of any concerns informally, and if desired, anonymously. • ASIC should publish reports (without names) of instances where 'mistakes' have been identified and how they were resolved to promote greater transparency and accountability.

Recommendation 3. Acknowledge whistleblowing as the most universal, cost-effective, efficient and potent means to expose conduct that harms the public and the public interest;

Universal Virtually every person in every situation is a potential whistleblower - i.e. a person willing to disclose information about perceived wrongdoing which may harm the public or the public interest. They are universal. Such people may be directly or incidentally associated with situations where the wrongdoing is occurring. Alternatively, they may have no direct connection to the situations where wrongdoing occurs. They may simply be observers or accidental witnesses or have been provided information by other relationships.

Cost- effective Whistleblowers are cost-effective. They cost Governments nothing. In fact, whistleblowers are not employed, retained, working for or otherwise in the service of anyone other than the public. If a person offers to sell information on any matter they are a paid informant and not a whistleblower. A whistleblower is not entitled to payment for making a disclosure about wrongdoing but maybe entitled to some appropriate recompense, consideration, compensation or award in recognition of the effort required to make a disclosure in the public interest. Such recognition should be determined by an independent agency (e.g. ICC) with an understanding of the effort a person needs when making a public interest disclosure.

Efficient When whistleblowers make disclosures, they are efficient because they are providing first-hand primary evidence based on a perceived genuine belief they are disclosing information about a wrongdoing. Even if a whistleblower has not personally observed acts of suspected wrongdoing but has obtained information about such acts from another source - that source becomes primary evidence of alleged wrongdoing.

Whistleblowing is the most efficient and effective means to prevent wrongdoing which will harm the public or public interest. A timely disclosure by a whistleblower to a competent relevant authority will stop any planned wrongdoing.

Having an offender's plan to engage in wrongdoing detected and disclosed to authorities is the best means of preventing harm to the public or the public interest. The disclosure itself is costless. Knowledge of the plan enables authorities to take measures to gain evidence of the intended wrongdoing before any harm is actually caused. This reduces the cost of having to collect evidence after the wrongdoing event. Recordings by the relevant agency as to how the wrongdoers are constructing their wrongdoing plans and activities actually builds the case for the authorities with little expense and within a contiguous timeframe.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 7 POL.9100.0001.0855_0008

Obstructed efficiency Any potential efficiency for whistleblowers to make a timely disclosure of perceived wrongdoing, is frustrated by having to get legal advice, qualifying for disclosure rights, finding out who they might disclose to, deciding on whether to keep the disclosure inhouse or take the disclosure to a regulatory agency. If the latter - then there must be a decision as to which regulatory agency to approach.

Unfortunately, at present the options for disclosure are to prescribed recipients such as a regulatory agency (i.e. ASIC, APRA or ACCC) or to people within the organisation which is suspected of engaging in wrongdoing. In either case, at that point, the whistleblower is handing over the control of their life, livelihood, well-being, family relationships and their entire future to people with a proven record of disinterest in what happens to the whistleblower from that point onwards.

In the case of a whistleblower making a disclosure to one of the nominated regulatory agencies, it may well be that the agency had failed in their duty to detect what the whistleblower has just disclosed. In such cases, the usual agency response is to lie to the whistleblower by claiming that information was already known to the agency and that the matter was already under investigation. Then to make sure that the matter remained out of the spotlight, the agency and the organisations resolve the matter on mutually agreed terms.

In other cases where the disclosure is made to people within the organisation, the whistleblower may well be advising a suspicion of wrongdoing to one of the people directly involved in that wrongdoing. This immediately affords the wrongdoer the opportunity to expunge any trace of the wrongdoing. It also provides the wrongdoer the opportunity to divert the attention of the organisation. This is done by making bogus claims that the whistleblower has spontaneously attained an unsatisfactory work standard and that their personal cleanliness is substandard. This is usually closely followed by claims that the whistleblower has a probable mental condition and has suddenly acquired a gambling, drinking and drug addiction.

If wrongdoing involves an upper level of management, the standard practice of organisations is to resolve the matter internally- e.g. they usually require offenders to quietly resign with a golden handshake to remain silent; they then silence the whistleblower who caused the matter to come to light by using whatever means will be successful e.g. deny the wrongdoing, ostracise the whistleblower, diminish working status/conditions of the whistleblower and implement various other forms of reprisals. The last people likely to become aware of any wrongdoings are the regulatory agency. From recent events, regulatory agencies only find out about the wrongdoing during Royal Commissions of inquiry.

Potent The most potent aspect of wh istleblowing is that wrongdoers know that anyone could potentially expose their plans or actions. Wrongdoers must take care to keep their activities as secret as possible. But even the act of trying to keep activities secret can appear out of place and alert a potential whistleblower to their activities. Therefore, the very threat of being exposed by a whistleblower is a potent preventive measure which reduced the risk of public harm.

However, because the existing whistleblower arrangements are in effect inoperable, that threat of disclosure is minimal if not, non-existent.

Whistleb/owing is supported In general terms the Commonwealth Government seems to have hypocritical support for the principal of whistleblowing. For years governments have played around with whistleblowing legislation - perhaps because they thought whistleblowing would serve a purpose? The last dalliance was the 2013 Public Interest Disclosure Act which has been astoundingly unsuccessful. Nonetheless it is clear that some in government believe there is a need for whistleblowing legislation. Unfortunately, it appears they don't think it is necessary to have effective whistleblowing legislation.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 8 POL.9100.0001 .0855_0009

ASIC also appears to support the principle of having people in situ within organisations to detect and disclose wrongdoing, but it does nothing to promote cost-free, permanent, in situ, willing whistleblowers. Instead, ASIC's solution to the financial services sector wrongdoing, is to have a small bunch of specialist supervisors (costing $70m) in a few large institutions trying to detect wrongdoing. Apparently, the thought of encouraging and relying on thousands of prospective whistleblowers has not occurred to them.

The Australian Government is signatory to the Open Government Declaration (Paris) which has, in the National Plan, the objective of effective whistleblower protection and greater transparency and accountability in matters of public interest.

All Australian States and Territories have some sort of integrity, corruption and crime commission, with legislation intended to protect whistleblowers against reprisals.

The 2017 Parliamentary Joint Committee on Corporations and Financial Services - produce a unanimous report consisting of 32 recommendations. A primary recommendation strongly supported the creation of a Whistleblower Protection Authority. It also recommended an effective method to properly protect and reward whistleblowers for disclosing wrongdoing.

Transparency International, being the only credible independent anti-corruption advocate in Australia, has long advocated an independent commission against corruption with an incorporated facility to protect whistleblowers and deal with whistleblowing disclosures.

Current whistleblowing is expensive and ineffective At present all public and private employers are obliged to establish whistleblowing facilities, staffing and procedures to accommodate people wanting to make disclosures of perceived wrongdoing. The form of obligatory whistleblowing facilities is not specified but a failure to have such facilities available should they be needed, would expose an employer to a claim of 'breaching a duty of care". So, in each organisation or even sections of organisations, there can be differing procedures or resources for dealing with whistleblowers.

This requirement is an enormous drain on the entire employment sector - private and public. But there is no proof that these arrangements have any benefit whatsoever. There is no auditing of the resources used, their efficacy or utility. In fact, there is proof that it has no benefit whatsoever. As far as can be determined, the instances of whistleblowing are virtually non-existent. Therefore, it is a total waste of time, money and resources for all concerned.

However. there are costly private whistleblowing management businesses. If disclosures of wrongdoing are made to those businesses, that information does not seem to be made public. Moreover, if such disclosures are made then it appears that ASIC and APRA are not informed. Furthermore, there appears to be no legislation compelling those businesses to disclose any detected wrongdoing to ASIC or APRA. It would be plain conjecture as to what are the legal ramifications of those circumstances.

Impediments stop whistleblowers from disclosing wrongdoing. Most people are offended by corruption, dishonesty and crime - and particularly so if it occurs within an organisation where they work. Such people are willing to observe, detect and disclose misconduct and many would do so freely. They would do so because it is the 'right thing to do'. There would be no expectation of financial reward or other benefit. For most, it would be reward enough to stop somebody who was trying to benefit at the expense of others. Of course, if their 'good work' was recognised by acclaim, praise or even reward then that would obviously be appreciated.

But few people are offended enough to put their employment situation, career, financial security and future well-being at risk by making a disclosure about perceived wrongdoing. But they would make those disclosures if it was well-known that disclosing wrongdoing would not bring any reprisals and that there may even be some commendation bestowed or better still, some actual recompense or benefit awarded.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 9 POL.9100.0001 .0855_0010

However, the extensive history of reprisals, victimisation and thuggery inflicted upon whistleblowers by those engaging in wrongdoing is enough to silence even the most conscientious whistleblower. In the absence of an agency to which whistleblowers can make a safe disclosure and the failure to establish effective whistleblower protection legislation, it is simply more prudent for whistleblowers to remain silent.

Recommendation 4 . Restructure regulatory agencies by redefining their duties, responsibilities and powers The Commission is required to deal with matters concerning ASIC as per the ToR. However, ASIC is reasonably representational of all Commonwealth regulatory agencies. Therefore, the shortcomings of ASIC's structure and functional arrangements is also likely to apply to all Commonwealth regulatory agencies. The Commission's recommendations for structural and functional changes in ASIC should be promoted by the Commission as the first step to restructure all Commonwealth regulatory agencies.

All functions of Commonwealth regulatory agencies should be redefined and restructured to improve effectiveness and to eliminate the complex dual functionality within the current arrangements. The existing regulatory agencies should confine their functions to auditing, compliance and advisory responsibilities. Regulatory agencies are 'proactive' in that they are on-hand to oversight the conduct of client organisations. When/if they identify any wrongdoing, those matters should be referred to a 'reactive' agency (i.e. ICC) which is competent and capable of conducting investigation and enforcement activities. The division between the two functions and their respective structures should be explicit and unambiguous.

Critique of ASIC ASIC has conceded the blindingly obvious - that they are habitually incapable of detecting or identifying harmful wrongdoing or corrupt conduct in the financial services sector. In addition, evidence before the Commission suggests that when ASIC does detect wrongdoing - even to a criminal standard, they are willing to negotiate a settlement - thus avoiding prosecution actions against the offender.

ASIC's ($70m) recommendation to embed specialist supervisors into financial service entities is a patently obvious admission that ASIC's legislation, their regulatory powers, administrative arrangements, staffing model and capacity to detect or identify wrongful conduct is grossly ineffective. In short ASIC is admitting that it has failed as a regulator..

ASIC is right to acknowledge that the most effective and efficient way to expose corruption and misconduct is to have people of integrity and good conscience permanently placed into organisational positions thus enabling them to detect and disclose such misconduct. Of course, ASIC was referring to the specialist supervisors they intend to embed into 4 banking organisations. They are also describing whistleblowers. So, ASIC has 2 options; • to spend significant funds on a very limited number of highly paid specialist supervisors who would be spread thinly across the 4 banking organisations in the financial services sector, and that sector only or • have thousands of honest employees (aka whistleblowers) of good integrity, permanently and concurrently placed in situ at no cost to Government, all capable and willing to observe, detect and disclose acts of misconduct provided they are properly protected, acknowledged and recompensed.

Embedding specialist supervisors would be costly and futile. Such supervisors would be compromised from the outset. Their placement would complicate taking legal action against an offending organisation. There would be constant commercial-in-confidence and privacy issues. Then there is the problem of familiarity breeding contempt with supervisors working hand in glove with those they must constantly assume may be involved in unlawful misconduct. They would be identifiable to all staff - who would be obviously forewarned about any enquiries the ASIC supervisors are making about any subject.

ASIC staff, particularly embedded supervisors, must work under impediments and strictures which do not apply to whistleblowers. Whistleblowers may lawfully disclose to an authorised entity, any conduct they saw or heard that they reasonably believe is 'wrong' or "not just right".

Conversely, ASIC staff work under the burden of restrictive legislation, commercial in confidence provisions, forensic analysis standards, agent provocateur considerations, employment contracts, privacy considerations, witness statements, Commonwealth prosecution policy, brief preparation, interview/interrogation procedures,

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 10 POL.9100.0001 .0855_0011

judge's rules, procedural fairness, natural justice, evidence collection procedures, elements of offence, warrants, mens rea/Actus Reus issues, primary/secondary/hearsay evidence and the prospect of media and/or political attention.

Now these agencies are rationalising their failure to detect, expose and punish the offences that the Commission has brought to light. They are claiming the excuse of inadequate enforcement powers. Enforcement powers have no bearing on their culpable inability to detect wrongdoing in the first place. Enforcement measures only apply if offences have been detected. These agencies persistently failed to detect and/or expose the gross misconduct being perpetrated against the public interest.

Inherent structural fault- dual functions of regulatory agencies The restructuring of all Commonwealth regulatory agencies is necessary because of an inherent structural fault. Governments have created these 'regulatory agencies' with the dual functions of 'proactive' oversight and auditing on one hand and 'reactive' investigating and enforcing on the other. This creates a conflict which is poorly appreciated by governments. The critical distinction between the proactive and reactive agency roles is the element of "intent".

The primary duty of the oversight and auditing function is to 'proactively' monitor the entity to ensure regulatory compliance and to detect any 'unintentional' non-compliance. The secondary duty is to assist the organisations with that compliance. This is achieved by offering guidance, negotiations as to the best method of compliance, assessment as to the applicability of laws and regulations and through general consultation. This process ensures that unintended mistakes are quickly corrected and that the organisations provides fair practice and service to the community. Mostly the interaction between the Regulatory agency and the client organisation is by less formal cooperation and consultation.

The investigatory and enforcement primary function is to 'react' to the detection of suspected intentional offences. Upon the detection of suspect offences, the investigatory role is to adopt an impartial and independent position. Cooperation and consultation is not a function of an investigatory agency - but if it does exist in any form, it ceases the moment there is an indication of wrongdoing. Matters are thereafter dealt with in a formal manner - records of conversations, documentation and events are collected as evidence. There are no procedural negotiations which may affect the investigation. As investigations reasonably confirm that offences have been intentionally committed, the interaction between the agency and the organisation gravitates to legal action that may result in enforcement procedures and charges being laid.

The detection of financial services sector misconduct was disclosed initially by one whistleblower. That whistleblower exposed the full extent of people being seriously harmed by unconscionable misconduct by banks. Yet ASIC did nothing for years and the Government kept saying that the regulating agencies were doing a good job. Most importantly, ASIC did nothing to assist the whistleblower to disclose the full extent of the wrongdoing NOR did it take measures to ensure that the whistleblower was protected and suffered no detriment.

Eventually after years, this disclosed misconduct gained ever-increasing media attention and eventually the support of non-government political parties. It became publicly evident that the regulatory agencies were not 'detecting' any wrongdoing despite mounting evidence that the whistleblower information was true and correct. Yet despite that wave of evidence, the regulatory agencies seemed content not to investigate any allegations of wrongdoing. At most they negotiated with the offenders on how best to quieten the complaints. Apparently, the prospect of enforcing the law and protecting the public were duties they had abandoned.

Subsequently the Royal Commission has proven that some organisations had intentionally engaged in serious non-compliant misconduct or worse and that the regulatory agencies failed their 'proactive duty' to detect that misconduct. To make matters worse, these agencies then abrogated all responsibilities to investigate or meaningly enforce such misconduct on their own initiative. Instead the regulatory agencies took the soft option. They simply avoided conducting complex and confrontational investigations and enforcement procedures which may involve ministerial scrutiny, political and media attention and the involvement of outside agencies such as the DPP or AFP.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 11 POL.9100.0001 .0855_0012

They downplayed the misconduct, breaches or crimes and dealt with the misconduct by negotiations, "corrective measures" and moderate administrative penalties. This is standard operation procedures for most regulatory agencies. Such procedures have established a perpetual downward spiral towards quiescence and the total redundancy of their investigatory and enforcement functions.

Those regulatory agencies should be stripped of any investigatory and enforcement functions which should then be transferred to the ICC. The stripped funds, resources and staff would fund/resource the new ICC. The existing regulatory agencies would confine their functions to auditing, compliance and advisory functions. Any detected wrongdoing would be compulsorily referred to the ICC.

Regulatory agency's critical blind spot Regulatory agencies have proven they are unable to 'proactively' protect the public or the public interest because they have a "blind spot'. They have no operational means to effectively 'detect or prevent' intentional wrongdoing. What they lack are 'in situ', permanent 'observers' who can witness wrongdoing at the most formative stage - such observers are 'whistleblowers in waiting'.

Regulatory agencies are well placed to identify unintentional non-compliance. They are 'on hand' and dealing regularly with client organisations. They can consult and advise - and if they so choose, can audit or monitor organisational processes and practices. Also, they can, if they so choose, invite organisations to provide them with information about how they are conducting business - simply as a check and balance mechanism.

In short, if regulatory agencies wanted to, and they were sufficiently competent, they could monitor the day-to day conduct of client organisations. Because legitimate business practices are not hidden, effective monitoring could disclose if there was any inadvertent non-compliance or just plain business mistakes. Remedial action could be taken in quick-time with a minimal risk of harm to the public. However, it appears from evidence before the Commission most mistakes, non-compliance or laxity were seldom detected and never publicly exposed. And when such matters were detected, it appears that they were dealt with by administrative penalties and enforceable undertakings.

Besides failing to detect most unintentional non-compliance, these agencies consistently fail to detect significant intentional wrongdoing. Whether the organisations used measures to conceal or disguise their intentional wrongdoing is not known. The fact is that intentional wrongdoing was not detected - ASIC was blind to that wrongdoing. So, although a competent regulatory agency could identify and resolve unintentional non compliance, regulatory agencies have little chance of detecting intentional wrongdoing - without the assistance of a whistleblower.

This 'blind spot' is the crux of the problem. Within the vacuum of undetected unlawful acts, the regulatory agency's investigation and enforcement role is redundant, and their functionality lapses to a comfort zone of inactive supervisory oversight.

However, it would be fair to say there is some considerable mitigation for the ineffectiveness and inefficiency of all Commonwealth regulatory agencies. Governments have persistently taken the simplistic and cheap option of unwisely structuring agencies on the assumption that the regulatory procedures and the enforcement role are simply aspects of the same function - they are not.

It is for that reason that all police forces (locally, nationally and internationally) are structured into a (generally) 'proactive' uniform division and an (essentially) 'reactive' detective/investigative division. Each division compliments the other's role to maximise effectiveness and efficiency, but their respective powers, procedures, recruitment and training are significantly different. • 'Proactive' uniform divisions are called to 'show the flag' and be on the spot to maintain order. They are also required to respond when there is a risk of harm or if harm is observed they are able to respond immediately. Generally, their involvement is contained to a spontaneous incident, that is localised and is not ongoing. They favour a non-confrontational, conciliatory and constructive approach. They tend to resolve the immediate issues with the minimum of formality and maximum 'client' cooperation.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 12 POL.9100.0001 .0855_0013

• The 'reactive' investigative divisions respond to information or intelligence about crime that has broader implications, is likely institutionalised, is tending towards systemic and that is significant and ongoing. The investigative divisions use confrontation, wider intrusive powers/warrants, clandestine methods, intelligence gathering techniques, surveillance, informant sources and interagency cooperation.

Police forces generally act against misconduct by people or organisations who usually behave in a laissez-faire environment, deliberately outside the legal boundaries/framework set by government. This policing structure is a tried and proven means to protect people or property against harm, loss or damage.

But the Government does not employ the same proven structure to protect against public harm when it is caused by organisations, entities or people who are within and part of the established legal framework. Apparently, Governments generally hold the views that the harm caused to the public or the public interests by dishonest, unethical, immoral, fraudulent, deceitful, corrupt and non-violent criminal wrongdoing is somewhat less harmful than that caused by property or personal criminal wrongdoing. Evidence provided to the Commission proves the harm intentionally caused by greedy people and organisations within the legal framework is just as hurtful as that caused by criminals who exist outside that framework. So in practice, the public are defended by cheaper regulatory agencies/functionaries, poorly structured, with built in contradictions and flaws that inadvertently or otherwise ensure ineffectiveness and inefficiencies.

Governments have created regulatory structures to oversight and monitor 'regulated' organisations on the misguided premise that private businesses and public administration are not likely to be involved in gross, unconscionable wrongdoing - but if they are - the wrongdoing can be easily detected and rectified by administrative processes.

The Commission's evidence verified that the regulatory agencies had not detected any significant evidence of deliberate dishonesty, corruption or criminal conduct. Their investigative and enforcement role was not invoked and consequently became moribund. In the absence of any serious wrongdoing being detected, the regulatory agencies were inevitably seduced into benign quiescence and collaboration by the organisations they were supposed to critically oversight. This is a primary weakness of having regulatory agencies with dual roles.

Regularise AFP involvement The Government has persistently claimed that no ICC was necessary because all existing regulatory agencies were functioning properly. Occasionally the government included the Australian Federal Police (AFP) in the list of agencies which could deal with corporate crime. But Governments fail to appreciate that the AFP has no capacity to detect corporate crime. The AFP must wait for wrongdoing to harm the public before they can react and commence investigations - but even then, their investigations are strictly limited to defined criminal offences. The AFP simply does not have the legal right to 'shop' for wrongdoing in the hope of finding some.

Importantly, the AFP has no powers to act on matters of integrity or corruption unless the offences extend to criminal conduct. Matters of misconduct such as lack of integrity, abuse of office, wasting public monies, misuse, misleading, misrepresentation, unfair advantages, breaches of codes, soliciting for advantage, branch stacking, improper associations and so on are mostly outside the jurisdiction of the AFP. The AFP is focussed on overt crime (property/personal violence) rather than misconduct, abuse of office and other administrative offences. Requiring them to extend their functions into the administration of organisations and employment arrangements in organisations would be a wasteful exercise.

However, if/when an ICC type agency is established, it is vital that the AFP and the ICC act conjointly and share intelligence, and perhaps operational matters concerning unlawful activities. There is an overlap in functional jurisdictions between these agencies. At times these functional jurisdictions also extend to the Australian Tax Office and Border Force. Issues such as money laundering, illegal cash transfers, overseas payments for drugs and weapons and unexplained wealth are integrated matters which on many occasions, touch on the functions of all these agencies.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 13 POL.9100.0001 .0855_0014

Expand over private and public sectors Therefore, it is logical that any recommendations for an ICC should have broad implementation responsibilities across the full scope of the private sector with an incorporated whistleblower protection and management scheme. But likewise, it would be illogical not to extend the ICC with the incorporated whistleblower scheme to deal with the same sort of wrongdoing that is evident in the public sector.

The somewhat incestuous relationship between regulatory agencies and client organisations are inevitable. Regulatory agencies must establish a good working relationship with entities under their jurisdiction. Matters are best resolved by consultation, co-operation and advice. But this process compromises the regulatory agency's objectivity and impartiality. Unfortunately, this familiarity breeds contempt - as is evidenced by the way the financial services sector has 11 played" the regulatory agencies.

Conversely an ICC is independent from any such associations. An ICC retains its objectivity and impartiality. An ICC has no compatible relationship with suspect organisations. An ICC does not need, and should not build rapport with organisations under their jurisdiction. Moreover, an ICC would not want to diminish the role of the whistleblower in detecting any wrongdoing. To the contrary, an ICC would encourage, promote, assist and most importantly protect whistleblowers to assist in the ICC's duty to detect and investigate wrongdoing and to enforce their powers.

New whistleblowing provisions - Consolidation into a single Whistleblowing Act. At present the principle Commonwealth whistleblowing legislation in the private sector is the Corporations Act and in the public sector it is the Public Interest Disclosure Act. The consequence is that all legislated whistleblowing activities are restricted to people defined by those acts. Anybody in Australia not defined by those Acts cannot be a whistleblower. That leaves a lot of people who are not defined by those acts from making a legally defined 'protected' whistleblowing disclosure. But any person who witnesses wrongdoing should be encouraged to disclose that wrongdoing in the public interest. But that person should also be entitled to protection in law for so doing. So, if a person makes a disclosure that serves the public and prevents harm, that person should be entitled in law to some honorarium for those services rendered. Moreover, if the person suffers any harm, damage or loss because they made a whistleblowing disclosure they should be entitled to compensation and restitution.

A person who is not legally defined under whistleblowing provisions cannot make a protected disclosure. For example: any person can blow the whistle on a 11 public official" seeking corrupt payment, a business owner avoiding GST by providing no receipts, or a politician asking a member of the public for money to get a resident's visa. And any person can blow the whistle on a public official, a business owner, or a union official spending, without authorisation, their respective agency, company or union money on unreceipted brothel services, house renovations or overseas trips. But those who blow these whistles are not whistleblowers and do so without the protection of any legislation and with no protections whatsoever - is that just - or right - or in the public interest?

Whistleblowing laws are dependent on who the whistleblower is and why they are making a disclosure. A new consolidated Whistleblowing Act must focus on disclosing wrongdoing - not focus on who is making the disclosure. A consolidated Whistleblowing Act would disregard who is making a disclosure, their employment status or the reason why the disclosure was being made - nor would it need to consider the status or position of the person or persons perceived of engaging in wrongdoing. A consolidated Whistleblowing Act would simply codify and list what misconduct or wrongdoing is unacceptable to the interests of the public or the public interest. The Act would simply designate a 'whistleblower' to be a person who disclosed or intended to disclose perceived wrongdoing.

It has been argued that a person who cannot suffer a reprisal does not need protection. That explains why whistleblowing provisions are contained within legislation where the concerned parties (i.e. the whistleblower and the wrongdoer) have a formal relationship to each other. For example, it is claimed that the public official who seeks a bribe from a casual client would not be able to retaliate against that person who disclosed the bribe offer because they do not have a formal relationship. Likewise, a bank could not harm a client who discloses illegal practices by the bank because the client can change banks.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 14 POL.9100.0001 .0855_0015

The proposition that reprisals could not happen is totally invalid. There is always the prospect of retaliation - and the scope of reprisals can range from petty to serious violence. The offending public official and the bank both know the identity of the casual client because of their dealing and interaction. The official could work to block future family visas and the bank could certainly retaliate by listing the whistleblowing client as a loans risk. Where the conduct of that public official or the bank is exposed, the respective whistleblower must be entitled to whatever protection the law can provide.

Incorporate a False Claims Act One form of wrongdoing is to falsely claim money from the Government. There are various means to make such claims - e.g. by falsifying grounds for an entitlement or grant or providing goods or services at a standard or rate less than is contracted to Government.

Some countries have a False Claims Act which entitles whistleblowers to make disclosures about wrongdoers who make such false claims against the government. In the USA such whistleblowers can get significant rewards for making such disclosures.

The establishment of an ICC and the introduction of a new consolidated Whistleblowing Act would provide a timely opportunity to include whistleblowing provisions specifically for the matter of false claims being made against the government. It would not require a new False Claims Act. It would simply be a specific provision under the Whistleblowing Act. The management of any disclosure about such false claims could be done by the ICC. Any issues of reprisals and reward rates would simply be another part of the Whistleblowing Act.

Recommendation 6 Create an ICC sub unit to which whistleblowers would be empowered to. a. make safe and protected disclosures and b. which would be tasked to manage, investigate, prosecute and act against any reprisals taken against whistleblowers and c. determine appropriate recompense for bona fide disclosures

Ideally people who detect wrongdoing should be willing to disclose that wrongdoing as a matter of civic duty. However, the risk of reprisals and harm are ever present when attempting to disclose wrongdoing. Therefore, reality dictates that it is necessary to create an incentive to encourage disclosures which outweighs the risk of harm arising from reprisals. The logical incentives are to; i) maximise protection, ii) provide compensation for any harm or suffering, iii) give recompense or grant an honorarium for the service to the public.

At present there is no standard for whistleblower protection. Protection if it exists, is provided at the discretion of the person to whom the disclosure is made. The whistleblower has no say in what protection will be provided, or when, how or by whom it will be provided. The adequacy of any protection is totally subjective. There is no way a whistleblower can insist on any level of protection.

The very fact that all whistleblowing legislation provides for the treatment of reprisals is an acknowledgement that the protection may well fail. The whistleblowing legislation provides no scale to judge the seriousness of any injury or harm in relation to reprisals. There is no scale to determine any form of whistleblower compensation or restitution which may be applicable.

As discussed above, the existing whistleblowing provisions are not fit for purpose on any count.

If/when a Commonwealth ICC is established it will only work if it incorporates a Whistleblowing Operations and Protection Unit (WOPU). The 'operations' function would have responsibility to investigate any whistleblowing disclosure. The 'protection' function would have responsibility for the whistleblower's protection and welfare until all related matters were completely resolved. In particular, this would require the Protection Unit to organise and provide all necessary legal assistance the whistleblower requires.

Any new whistleblowing provisions must require prospective whistleblowers to make disclosures ONLY to the ICC/WO PU. It is vital that all possible measures must be taken by the ICC to protect the whistleblower's identity. This would minimise, if not completely prevent any reprisal against the whistleblower.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 15 POL.9100.0001 .0855_0016

• To ensure a whistleblower's protection, the ICC must not (unless so ordered by the court) identify a whistleblower to anyone without their consent. • A whistleblower's disclosure statement of itself must not be used in evidence against an offender. • Charges against a wrongdoer must be based on the established facts of wrongdoing and not based whatsoever on a whistleblower's statement. • The legislation must ensure that after making a disclosure, (other than for the purpose of clarifying any matters) a whistleblower should have no further role in any investigation or enforcement of any wrongdoing. Furthermore, the whistleblowers must not be called to give evidence in proceedings.

When a potential whistleblower thinks they have detected a wrongdoing in an organisation they need immediate help on how best to protect themselves and collect the evidence needed to assist the relevant authorities. • They need access to an ICC advisor who would immediately ensure they were making contact with the ICC without risk of that contact being compromised. • The ICC advisor would be trained and competent to take the whistleblower through all the steps necessary to ensure the whistleblower is protected and that the evidence being collected was being done in a manner necessary for future investigation and enforcement. • The ICC advisor would confirm that the disclosure was not merely a grievance and that there was prima facie the evidence to validate a whistleblowing disclosure. • The ICC would 'benchmark' the status and circumstances of the potential whistleblowers working situation. • Other benchmarking factors would be recorded including workplace conflicts, health and well-being, current relationships and other personal issues.

Benchmarking is necessary, to prove the extent of any harm the whistleblower subsequently suffers because of reprisals. All this must occur before the substance of the disclosure is dealt with - and emphatically, BEFORE the organisation is aware that a disclosure is imminent.

Establishing the status of a whistleblower is vital as is the relationship between the whistleblower and those who may be implicated directly or otherwise with the alleged wrongdoing. Experience has shown that immediately after an organisation or suspects become aware of a potential disclosure, a series of events occur. The suspect takes intricate defensive measures which are far too extensive to describe in this submission, but usually starts with destroying or sabotaging the evidence of wrongdoing. Excuses are developed to explain the existence of evidence that was not able to be destroyed or covered up. The suspect then develops a scenario to diminish the credibility, integrity, competence and trustworthiness of the whistleblower. Then the suspect creates wedges to isolate the whistleblower from any possible support. This process is so predictable it is as if there is a manual on how to defeat whistleblowers. The amazing part is that the exact same process is used throughout the public and private sector, in Australia and everywhere that whistleblowers have the temerity to disclose wrongdoing.

Recommendation 7 . Require all regulatory agencies (possibly including all Commonwealth statutory Boards or Authorities) to be subject to oversight of the ICC for the purposes of detecting any wrongdoing or malpractice.

Regulatory agencies are themselves vulnerable to misconduct or worse. At present there is no agency empowered to oversight the integrity and competence of regulatory agencies. The close working relationship between regulatory agencies and their client organisations is a weakness that has already been exploited in the financial services sector. An ICC should be empowered to keep a watching brief over all regulatory agencies. The simplest and most economical method of keeping a watching brief on these agencies is to ensure that they are subject to the same Commonwealth whistleblowing provisions that are recommended in this submission.

Recommendations above argue that regulatory agencies (both private and public) should be restructured to clearly establish them as proactive agencies with responsibilities to make certain they are properly engaging with client organisations to ensure they are best serving the public and the public interest.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 16 POL.9100.0001.0855_0017

However, the Commission has shown that the close working relationship can lead to regulatory agencies being compromised by that relationship. This leaves them open to improper influence or other deviations from their duties - including corruption.

Therefore, it is vital that all regulatory agencies are subject to the oversight of the ICC and be covered by the ICC's whistleblowing procedures.

However, when a regulatory agency (howsoever) detects an instance where a client organisation has, primer facie, knowingly, deliberately or wilfully breached community standards, policy directives or the law, then that regulatory agency should recuse itself of further involvement in the matter. At that point, control of the matter should be transferred to an independent investigative/enforcement agency (ICC) with no direct links, arrangements or obligations to the organisation in question.

The recusal and transfer serves 4 purposes. • it removes the potential conflict of interest or lack of impartiality between the regulatory agency and the relevant organisation which have previously been working in a cooperative, conciliatory and consultative fashion. • It minimises harm to any good working relationship between the regulatory agency and those not involved in the suspected wrongdoing/offence. • it brings fresh eyes to the suspected offence and allows the investigative agency an opportunity to assess any relationship between the regulatory agency and the suspected offending organisation. • the investigative agency could utilise specialist skills, resources and powers not available to the regulatory agency and could work more compatibly with other supporting agencies such as the OPP and police.

Ul timately all regulatory entities to be under oversight of ICC There appears to be a plethora of Commonwealth entities that are not subject to any oversight by a competent investigatory or enforcement agency or subject to any whistleblowing provisions. Setting aside ASIC, APRA the ACCC, the Public Service Commission and the Commonwealth Ombudsman there are various Boards and Authorities and possibly Companies which do not appear to be subject to any oversight by a competent investigatory or enforcement agency or subject to any whistleblowing provisions. The extent of their accountability seems to be the Government Audit office and Parliamentary reports. Yet some of such entities have been involved in (alleged) wrongdoing. For example; • Australian Wheat Board- the Iraq wheat export scandal; • Murray Darling Basin Authority -governance water management/theft • Australian Broadcasting Corporation - possible abuse of office • Australian Atomic Energy Commission - safety concerns and harassment of whistleblower. • Aged Care Facilities - Royal Commission - abuse of clients, improper contracts, substandard service.

But the Audit Office and Parliament cannot investigate or enforce any suspected wrongdoing nor have they the capacity to effectively protect whistleblowers. Any disclosures made to those entities would invariably be referred to the AFP which as stated previously is not equipped to deal with non-criminal misconduct and whistleblowers.

At present, the public and the public interest is not effectively protected against a range of harm that should be under the oversight of an ICC and subject to whistleblowing provisions.

It may be a long bow to request, but it would be a significant public service if the Commission recommended an ICC, with an incorporated whistleblowing regime, authorised to oversight both the public and private sectors which is empowered to investigate and enforce suspected misconduct in any institution subject to Commonwealth law.

ENDS

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 17 POL.9100.0001 .0855_0018

ATTACHMENT 1- RELEVANT ANTECEDENCE

1970 Joined Customs & Excise - Special Services Section. 1973 Office holder in Customs Officers Association of Australia (COA) [33 years]. 1973 - 1978 Expressed concerns about malpractice and possible corruption Liaised with police/NGO's on Drug/Porn/weapons controls 1978 Charged for making media public comment re Royal Commission - Public pressure quashed charges. 1982 Caused sacking of MP's MacKellar and Moore - for corrupt conduct 1984 Parliamentary submission exonerating Mick Young - re Paddington Bear. 1992 Commendation re Child abduction case. 1997-8 Charged for making comment about public sector malpractice. 1999 High Court referral to Federal Court 1999 Charges unconditionally withdrawn. 2002 Human Rights (HREOC) - Federal Court action. 2003 Federal Court strikes down 87 year old Censoring Regulation - finds against Customs 2004 Full Bench - win re legal professional privilege access 2006 HREOC/Customs settlement 2006 Retirement.

In addition, between 2000 and 2010, I was the President of Whistleblowers Australia- leaving when some members acted unethically. Over that period and till 2017, I had a close association with Prof A.J.Brown of Griffith University in relation to whistleblowing matters. I attended, gave evidence and made submissions to a number of whistleblowing Parliamentary Inquiries as far back as 1993 up to the 2013 Public Interest Disclosure Act and the recent 2017 Joint Parliamentary Inquiry re Financial Services.

The following is a list of inquiries and the like in which I participated in various capacities. All involvement was for the purpose of exposing conduct which did not best serve the public or the public interest. My involvement status was various, but all involvement included assisting (whistleblowers) people who wished to disclose issues relevant to the matters under inquiry.

1973 Barge Report - Special Services 1976 Coombes into Public Service 1977-80 Woodward Royal Comm -Drugs 1980 Costigan Royal Comm - National Crime Authority 1981 Royal Comm - Meat Export 1981-86 Task Force Report - allegation of corruption 1982 Review Customs Admin & Procedures 1983 National Crime Commission 1983 Stewart -Royal Comm -Drugs 1985 Brian Watters - National Drug Strategy 1985 Corporate Plan - demands Annual Report. 1985 Senate Select - Video Material 1986 Task Force Report (1981) 1988 Crosstech- Organisational Restructuring 1991 Strathfield Massacre - Gun laws 1992 Midford - maladministration 1993 RACS Documentation - 1993 -whistleblowing Bill - failed 1994 Report on Whistleblowing 1996 -to All Ministers - CEO & GUNS 1997 McNair Survey 1997 National Community Drug Conf 1997 NSW Police WOOD Royal Comm 1998 Sturgess - Single Border Agency 1998 Task Force Allegations

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 18 POL.9100.0001.0855_0019

2000 Coastwatch- Robinson 2000 Hinds Survey 2000 Jun- National Drug Conference 2001 - Ruddock excludes islands 2002 AQIS J PCA Submission 2002 Single Border Agency 2003 Firearms Trafficking 2005-07 JCPA -Airport Security - Allan Kessing 2005-09 Aviation Security - Sir John Wheeler 2006 AWB Wheat -Besley 2009 JPC re ACLEI Inquiry 2013 ACLEI review of AC&BPS 201406 Inquiry into Gun control 20140901 Amendments Bill

ATTACHMENT 2a Commonwealth whistleblowing provisions

Corporations Act; 2001- Volume 5; Part 9.4AAA- S1317AA Disclosures qualifying for protection under this Part Insurance Act 1973; Division 4-Protections in relation to information; Subdivision A-Protection for whistleblowers; Life Insurance Act 1995; Division 5 - Protections in relation to information; Subdivision A-Protection for whistleblowers; Superannuation Industry (Supervision) Act 1993; Part 29A - Protections in relation to information; Division 1- Protection for whistleblowers; Banking Act 1959; Part VIA - Protections in relation to information; Division 1-Protection for whistleblowers; * Public Interest Disclosure Act 2013; Part 2-Protection of disclosers * Fair Work (Registered Organisations) Act 2009; Part 4A; protection for whistleblowers The Asterix indicates whistleblowing provisions not covered by the Royal Commission's ToR. Other disclosure provisions also apply to Security, Aboriginal and Torres Strait Islanders, Consumer Credit Protection and Financial Sector Collection of Data. However, these Acts have not been fully researched and are not at this point, included in the proposed action.

ATTACHMENT 2b

Work Health and Safety Act - s3 Objects.

(1) The main object of this Act is to provide for a balanced and nationally consistent framework to secure the health and safety of workers and workplaces by: (a) protecting workers and other persons against harm to their health, safety and welfare through the elimination or minimisation of risks arising from work; and (b) providing for fair and effective workplace representation, consultation, co-operation and issue resolution in relation to work health and safety; (e) securing compliance with this Act through effective and appropriate compliance and enforcement measures; and (h) maintaining and strengthening the national harmonisation of laws relating to work health and safety and to facilitate a consistent national approach to work health and safety in this jurisdiction. (2) In furthering subsection (l)(a), regard must be had to the principle that workers and other persons should be given the highest level of protection against harm to their health, safety and welfare from hazards and risks arising from work as is reasonably practicable.

ROYAL COMMISSION - FINANCIAL SERVICE SECTOR PETER BENNETI 25/10/2018 19