At a glance
As told to Susan Muldowney
Question: “The organisation I work for has a proposed confidential merger coming up that only a few key people in the finance team know about. At a company-wide social event, I overheard a colleague telling someone else in the organisation about the merger. What should I do?”
Answer: Confidentiality is one of the fundamental principles set out in APES 110 Code of Ethics for Professional Accountants (“the Code”).
The Code is based on the International Code of Ethics for Professional Accountants, which is issued by the International Ethics Standards Board for Accountants. The Code applies to all CPA Australia members.
Confidentiality refers to respecting the privacy of information acquired through professional relationships. This includes non-disclosure of private information to third parties, unless there is a legal or professional duty to disclose.
It also includes not using private information for personal gain. The Code also states that accountants must be alert to the possibility of inadvertent disclosure, including in a social environment.
Under the Code, accountants have a responsibility to report a confidentiality breach, and the issue raised here is a serious matter. Your colleague is certainly in breach of confidentiality and, while you have not breached confidentiality, you have overheard the breach occurring. As a professional accountant, you cannot just ignore it. You are obligated to do something about it.
This kind of breach of confidentiality may have a wide-reaching impact.
Upskill with micro-credentials
In your case, if it gets out that the confidentiality of the potential deal has been breached, the merger could fall through. This might have implications not only for the organisation, but also for individual employees who may lose their jobs if the deal fails.
If the merger involves publicly listed companies, a breach of confidentiality could also impact sensitive share price information or lead to insider trading. This is illegal and subject to prosecution, so the biggest risk here is that someone uses the confidential information to trade in the stock and try to make an illegal profit.
The challenge is in how to report the breach of confidentiality. You may not want to get your colleague into trouble, or you may feel that your own position will be at risk if you report the breach.
However, you have a responsibility under the Code to report the matter, and there are several options you can take.
If you overhear a breach of confidentiality, you could report it within your organisation to someone senior, and they can decide what further action might need to be taken.
If you’re not confident that the matter will be handled appropriately within your organisation, you can report it to an external party, such as the corporate regulator, the Australian Securities and Investments Commission (ASIC).
Some large organisations also have a whistleblower hotline, which you could use to report the breach.
Whistleblower hotlines are independent, externally managed services that allow employees to confidentially report unethical and illegal behaviour. It is increasingly seen as good governance and best practice for larger organisations to have whistleblower hotlines.
