Keeping on top of the latest financial services regulatory & compliance trends?
Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.
This week, to mark a big month in financial services regulatory regimes, we are confirming the key reforms which start this month.
- Breach reporting (ASIC): the new breach reporting obligations implement recommendations from the Financial Services Royal Commission, and are included in the Financial Sector Reform (Hayne Royal Commission Response) Act 2020. These obligations require AFSL and ACL holders to self-report specific matters to ASIC, and allow ASIC to detect non-compliance behaviours early and take action where appropriate. The primary shift under this new regime is to a more expansive scope of ‘reportable situations’ (i.e. matters that must immediately be reported to ASIC), and the introduction of ‘deemed significant breaches’. Largely gone will be the days of subjective assessments of ‘significance’ of a particular issue, with the decision of whether a matter is reportable to ASIC or not hinging on that assessment. There is far more prescriptive rigour around what is reportable to ASIC now. ‘Deemed significant’ breaches, which must be reported to ASIC irrespective of the number of customers affected, the quantum of loss, or broader impact to compliance frameworks, include: 1) breaches that constitute the commission of an offence and the commission of the offence is punishable on conviction by a penalty that may include imprisonment for three months or more if the offence involves dishonesty, or 12 months or more in any other case; 2) breaches of a civil penalty provision (if the provision is not exempted under the regulations; 3) for AC licensees, breaches that constitute a contravention of a key requirement under s111 of the National Credit Code; 4) breaches that amount to misleading or deceptive conduct; or 5) breaches that result, or are likely to result, in material loss or damage to clients. An obligation to report the breach to ASIC within 30 calendar days is automatically triggered if any ‘deemed significant breach’ occurs, such as conduct that amounts to contravention of a relevant civil penalty provision or commission of a relevant offence. More information is here and you can see a demo of our revamped breach reporting tool here.
- Anti-hawking (ASIC): there is a new general prohibition of offers to sell or issue financial products which are made in the course of, or because of, ‘unsolicited contact’. The general prohibition will apply to all kinds of financial products, including insurance. It does not apply to credit products e.g. home loans, although especial care needs to be taken as they are often bundled with financial products e.g. mortgage protection insurance. Unsolicited contact is any contact which is not in response to a member’s request and which is made by telephone, in face-to-face meetings or by any other form which creates an expectation of an immediate response. Contact is not unsolicited contact if it is response to a positive, clear and informed member request and it relates to a financial product which the member has specifically requested or which a reasonable person would consider to be reasonably within the scope of the request. The hawking laws also give customers the power to specify how they can be contacted and withdraw or vary a request at any time, meaning that member has full control over the form of the contact and can stop the contact from continuing if they are no longer interested in the relevant financial product or no longer wish to be contacted for any other reason. For more detail, please see the regulatory guide here. (Firms should also not forget about the deferred add-on insurance regime, which also commence in October 2021. The deferred sales model introduces a mandatory four-day pause between the sale of a principal product or service and the sale of add-on insurance. You can read more here.)
- Design & distribution (ASIC): the DDO regime will affect almost every part of the financial services industry, from banks, credit provides, superannuation providers and insurers. The regime imposes obligations on issuers and distributors in relation to the design and distribution of retail financial products. Issuers of financial products must: • make publicly available target market determinations in relation to retail financial products; • review the target market determination as required to ensure it remains appropriate; • keep records of the person’s decision in relation to the new regime; and • notify ASIC of any significant dealings in a product that are not consistent with the product’s target market determination. Distributors of financial products are obliged to: • not engage in retail product distribution of a product without a target market determination; • not engage in retail product distribution of a product where a target market determination may no longer be appropriate; • take reasonable steps so that retail product distribution conduct is consistent with the target market determination; • collect information specified by the issuer and complaints related to a product and provide both to the issuer; and • notify the issuer of a product of any significant dealings in the product that are not consistent with the products target market determination. ASIC will have powers to enforce the DDO regime, including the powers to request necessary information and issue stop orders to prohibit specified conduct in relation to financial products. ASIC will also be able to utilise its product intervention powers when a financial product is likely to result in significant consumer detriment. There are also civil and criminal penalties that apply to the contravention of the regime. For more detail, please see here.
- Complaints (ASIC): under the new RG 271, the very broad definition of ‘complaint’ set out in AS/NZS 10002:2014 is adopted: “[An expression] of dissatisfaction made to or about an organization, related to its products, services, staff or the handling of a complaint, where a response or resolution is explicitly or implicitly expected or legally required.” Under this definition, the following expressions of dissatisfaction are complaints· posts on a social media channel or account owned or controlled by the financial firm that is the subject of the post, where the author is both identifiable and contactable, and complaints about a matter that is the subject of an existing remediation program or about the remediation program itself. ASIC’s new internal complaints handling mechanism, which needs to be cross-stitched to the new breach reporting regime: 1) introduces reduced timeframes for responding to complaints, including superannuation complaints e.g. 24 hours to acknowledge a complaint; 2) sets out what information firms must include in written IDR responses to allow consumers to decide whether to escalate their complaint; 3) sets new timeframe requirements for customer advocate reviews of appeals against IDR decisions; and 4) gives guidance about how firms can deal with representatives who are not acting in consumers’ best interests. For more detail, you can go to the new regulatory guide here.
- Reference checking (ASIC): the Financial Sector Reform (Hayne Royal Commission Response) Act 2020 introduces obligations on AFS licensees and Credit licensees to comply with an ASIC Protocol in relation to reference checking. The ASIC Protocol sets out obligations for licensees to undertake a reference check and share information on an individual seeking to be employed or authorised as a financial adviser or mortgage broker. The requirement requires sharing about the performance history of financial advisers and mortgage brokers — focusing on compliance, conduct and risk management. You can access the ASIC Protocol here.
Thought for the future: October will be a ‘pitiless’ month for licensees (I am sticking with my AFR language). For clients and potential clients reading this and thinking ‘I am not ready’; my firm’s practice group has a wealth of precedential material e.g. policies, procedures and controls built up over the last 6 + months. I appreciate that there is a great deal on, so please do reach out if we can help you expedite your compliance!