Australia - ASIC Enforcement Review Taskforce Consults On Breach Reporting.

26 April, 2017

On 11 April 2017, Treasury released a consultation paper in relation to proposed reforms to the self-reporting regime for Australian financial services licensees (AFS licensees) under the Corporations Act 2001 (Cth) (Act).

The consultation paper is based on a review of the regime by the ASIC Enforcement Review Taskforce, established by the Federal Government in October 2016 (Taskforce), and sets out a number of preliminary positions to reform that regime.

The current self-reporting regime

Under the current self-reporting regime set out in s912D of the Act, AFS licensees must lodge a written report to ASIC, where:

the AFS licensee breaches or is likely to breach its relevant obligations; and
the breach, or likely breach, is "significant".

The threshold for what type of breach is "significant" is determined with regard to the factors set out in section 912D(1)

(b) of the Act. This includes for example the number or frequency of similar previous breaches, the impact of the breach on the licensees ability to provide financial services covered by their licence, the extent to which the breach indicates the licensee's compliance arrangements are inadequate, and the actual or potential financial loss to the licensee's client or the licensee itself.

This test has come under criticism from the industry as it has given rise to ambiguity as to whether the threshold for the obligation to report is triggered in any given circumstance.

The key proposed reforms to this regime and the Taskforce's findings and recommendations are outlined below.

The "significance" test

The Taskforce proposes that the significance test is retained. However, considers that "significance" should be determined by reference to an objective standard. This would be achieved by requiring AFS licensees to notify ASIC of breaches or likely breaches that a reasonable person would regard as significant, having regard to the existing factors set out in section 912D(1)(b) of the Act.

Extension of the obligation to report

ASIC has also called for the introduction of the obligation for AFS licensees to report significant breaches or other significant misconduct by an employee or representative.

Extending the obligation to report in this way would allow ASIC to take the necessary steps to remove individuals in a timely fashion in order to protect consumers, and would ensure Australia maintains consistency with other international jurisdictions which require companies to report the misconduct of employees and representatives.

Time periods for reporting a breach

At present an AFS licensee must report a breach as soon as practicable and in any case within 10 business days after becoming aware of the breach or likely breach. This has led to uncertainty regarding from what point in time reporting should commence. ASIC has noted concern that such uncertainty could delay reporting altogether.

The Taskforce considers that the trigger for reporting could be changed to be the time that the AFS licensee “becomes aware or has reason to suspect that a breach has occurred, may have occurred or may occur.”

New penalties for failure to report breach

The current penalties in place for failure to report a breach have been criticised as inflexible. At present, there is only a single criminal pecuniary penalty, with a relatively modest maximum fine.

The Taskforce has adopted a preliminary position that there be an increase to the maximum criminal penalty for this offence, potentially making it an indictable rather than summary offence to reflect the serious position ASIC take in relation to breach.

The consultation paper proposes that a civil penalty be added to give ASIC greater flexibility.

An issue infringement notice regime has also been suggested to allow ASIC to respond to more minor failures to breach report, where there is no deliberate failure to report. The Taskforce have advised that a co-operative approach should be taken in relation to the sanction modifications in order to encourage reporting of events and information at the earliest opportunity.

Next steps?

Submissions regarding this consultation will close on 12 May 2017.

Interested stakeholders have been welcomed to comment on the positions put forward by the Taskforce.

For further information, please contact:

Astrid Raetze, Partner, Baker & McKenzie

astrid.raetze@bakermckenzie.com

Australia – ASIC Enforcement Review Taskforce Consults On Breach Reporting.

Where LegalAI Will Be In 10 years.

Understanding The Ethical Dimensions Of Generative AI In Legal Practice.

7 Legal Tech Trends To Watch In 2025.

US – Commercial-Item Contractors Take Note: Federal Circuit To Rehear Percipient.ai En-Banc.

US – Clean Energy Tax Credits And After the Election – What to Expect?

The EU Methane Regulation How Traders And Operators Can Prepare.

Malaysia – Transfer Of Domicile For A Vessel Registration.

Indonesia – Shifting Tides: The Third Amendment To The Shipping Law And Its Impact On Indonesian Shipping Joint Ventures.

- Stephen Igor Warokka - SSEK,

Gross Split Production Sharing Contracts: Commercial Insights From Indonesia’s MEMR Regulation No. 13 Of 2024.

- Fitriana Mahiddin - SSEK, SSEK

UK – Non-Party Access To Court Documents: Court Of Appeal Interprets Leading Supreme Court Authority.

CONVENTUS LAW

OTHERS

Australia – ASIC Enforcement Review Taskforce Consults On Breach Reporting.

Register for your monthly Asia legal updates from Conventus Law

- Sacha Kirk - Lawcadia,

Footer

CONVENTUS LAW

OTHERS