Australian regulators weekly wrap — Monday, 8 August 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. CSLR (ASIC): such an interesting time for updates from the corporate regulator, who has advised that Former clients of Dixon Advisory and Superannuation Services Pty Limited (in administration, ‘Dixon Advisory’) may be eligible for compensation under a potential future Compensation Scheme of Last Resort but they will need to take action as soon as possible.’ ASIC suspended the AFSL of Dixon Advisory & Superannuation Services Pty Limited after the appointment of administrators to Dixon Advisory on 19 January 2022. The CSLR is a proposed scheme that will provide compensation to eligible victims of financial misconduct who have not been paid, typically because the financial institution involved in the misconduct has become insolvent .What is interesting is the extent to which ASIC is encouraging consumers to access the CSLR , which is yet to be legislated! That bill lapsed when the Albanese Government came into power in May 2022. A calculated gamble by ASIC then…
  2. Liquidators (ASIC): ASIC has prosecuted 73 people in the period from 1 January 2022 to 30 June 2022 for failing to assist registered liquidators in their investigations. With $340K in fines obtained, that is a staggering amount of litigation for the corporate regulator. And some own goals for those on the other side, as before ASIC commences prosecution action, individuals are given an opportunity to provide registered liquidators access to company books and a records to avoid prosecution action. historically, ASIC didn’t much focus on this area — clearly, that it is in the past and I don’t think that will change moving forward into a recession.
  3. Foreign financial services providers (AFSL): ASIC is extending for a further 12 months the transitional relief for foreign financial services providers from the requirement to hold an AFSL when providing financial services to Australian wholesale clients. The new relief instrument also delays the commencement of the ASIC Corporations (Foreign Financial Services Providers — Funds Management Financial Services) Instrument 2020/199 until 1 April 2024Under that instrument ASIC gives licensing relief to some FFSPs that provide funds management financial services to certain categories of Australian professional investors. For all the fanfare in 2020 with FFSPs losing their “sufficient equivalence” and “limited connection” relief, which allowed them operate in Australia if they were appropriately regulated in certain jurisdictions or if they engaged in limited activities, that change appears to have taken a long time to materialise. No clues on why either, just speculation…
  4. Climate change (APRA): APRA has published the findings of its latest climate risk self-assessment survey conducted across the banking, insurance and superannuation industries. The responses to the survey from 64 medium to large institutions, and identified that: four out of five boards oversee climate risk on a regular basis, while just under two-thirds of institutions (63 per cent) have incorporated climate risk into their strategic planning process; almost 40 per cent of institutions said climate-related events could have a material or moderate impact on their direct operations; nearly three-quarters of institutions (73 per cent) said they had one or more climate-related targets in place, however 23 per cent of institutions do not have any metrics to measure and monitor climate risks; and, over two-thirds of institutions (68 per cent) said they have publicly disclosed their approach to measuring and managing climate risks.
  5. Capital adequacy (APRA): APRA has released the finalised prudential practice guides that accompany the final capital adequacy and credit risk capital requirements for authorised deposit-taking institutions. APRA is also publishing an updated version of Prudential Standard APS 113 Capital Adequacy: Internal Ratings-based Approach to Credit Risk (APS 113), and a response paper on the technical issues raised in the submissions received during the November 2021 consultation on the bank capital reforms.

Thought for the future: Prudential Standard APS 110 Capital Adequacy (APS 110), Prudential Standard APS 112 Capital Adequacy: Standardised Approach to Credit Risk (APS 112) and Prudential Standard APS 113 Capital Adequacy: Internal Ratings-based Approach to Credit Risk (APS 113) will commence on 1 January 2023. If you haven’t started your preparations now, as a bank, then it is time to start soon!

Australian regulators weekly wrap — Monday, 1 August 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. DDO (ASIC): MASSIVE news this week on the AISC enforcement front. It has placed interim stop orders on three financial firms in response to deficiencies in the target market determination for their products. These actions are ASIC’s first use of the stop order powers under the design and distribution obligations, which took effect on 5 October 2021, and it is fair to say that this one came as a bit of a shock. A TMD is a mandatory public document that sets out the class of consumers a financial product is likely appropriate for (the target market). It also sets out matters relevant to the product’s distribution and review. In ASIC’s view, the three financial firms did not appropriately identify the consumers they intended to target i.e. for a fund, customers who intended to use an investment in the fund as a core component of their investment portfolio and investors with an objective of high capital growth or a mixture of capital growth and income (so ASIC compared the PDSs with the TMDs) or did not have a TMD at all i.e. a firm which had issues a prospectus, but not a TMD. In ASIC’s view, this meant that the products may have otherwise been marketed and sold to retail investors for whom they were not appropriate or too risky.
  2. CDR Sandbox (ACCC): the ACCC has launched the Consumer Data Right sandbox, a free tool that enables existing and potential CDR participants to better test and improve their CDR solutions. It is a hosted environment that behaves and functions like the actual CDR ecosystem. The Sandbox will allow participants to set up their own software solutions and communicate with the existing mock solutions and other participants within a secure testing environment. I think this is an absolutely wonderful offering from the ACCC, and will particularly helpful to insurance firms who are early on in their CDR journey (for more information see here).
  3. Complaints statistics (AFCA): Australians lodged 72,358 complaints with the AFCA in the past 12 months, a rise of 3 per cent on the previous financial year. Among the largest financial firms, the top 4 banks together accounted for nearly 20,000 complaints, a rise of nearly 10 per cent, while the top 4 insurers together accounted for about 9,400 complaints, up 19 per cent. Overall, the number of licensed financial firms with a complaint lodged against them was 5% lower than in the previous 12 months. One of the biggest increases was generated by natural disasters like floods, with 1,586 complaints being made, more than double the 653 complaints from such disasters the previous year. Altogether, 67 per cent of complaints were resolved by agreement between the parties. Finally, in statements that continue to gall me for the fact they come from an independent decision maker, AFCA ended with: “AFCA has now helped to secure more than $820 million in compensation and refunds since starting operation on 1 November 2018. It has registered more than 270,000 complaints in that time.”
  4. FIRB (Government): from Friday 29 July, foreign investment application fees will double. This will generate $455 million in revenue over the forward estimates, though query if it will also dampen foreign investment at a time when we need it most / is inconsistent with the development of structures designed to attract foreign investors e.g. CCIVs….
  5. Enforcement outcomes (ASIC): ASIC has released its enforcement statistics, providing an overview on ASIC’s enforcement actions in a particular six-monthly period. Highlights for me are the: 148 ongoing investigations, 57 individuals banned / restricted and 40 civil penalty cases before the court. Quite a lot then, and In addition, ASIC successfully took action in the Federal Court against an entity for failing to adequately manage cyber risk i.e. the RI Advice case. The current actions against Lanterne and Macquarie bank for failures in risk & compliance controls are equally major developments for ASIC, showing the new and more granular ways in which it is exercising its powers.

Thought for the future: ASIC is hawkish on the enforcement front. So much as been clear for years, and is increasing. ASIC has, however, recently become more creative. The DDO stop orders, RI advice case (Cyber failures) and actions against Lanterne / Macquarie (controls failure) show a regulator which is trying new things. More to come, in my estimation, when ASIC gets its hands on FAR (which is very likely to be passed soon — see here).

Australian regulators weekly wrap — Monday, 25 July 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. FATCA / CRS (ATO): the ATO has issued a self-review guide and toolkit on the internal processes and systems that reporting financial institutions should maintain to comply with the Foreign Account Tax Compliance Act and the Common Reporting Standard, which has been something of a focus for it in preceding years. The ATO has stated that organisations’ frameworks should be based around three fundamental areas of compliance: 1) governance; 2) due diligence obligations; and 3) reporting systems. The ATO has stated that a well-designed framework: has a clear ‘line of sight’ for maintenance, reporting and compliance; sets out the operating model and controls (including the due diligence compliance program); identifies gaps and deficiencies, so that reporting errors can be corrected in advance; assists senior management with clarifying accountabilities for managing FATCA / CRS obligations, and key risks; and, provides accurate reporting of customer information. Guidance aside — which is great in my view — the FATCA / CRS rules are complex. (Do reach out if you want a flow chart we have developed if it will help!)
  2. Open banking infringement (ACCC): Bank of Queensland has paid a penalty of $133,200 after the ACCC issued it with an infringement notice for allegedly breaching the Consumer Data Right i.e. Open Banking Rules by failing to provide a service enabling consumers’ data to be shared. BOQ was required to be in a position to share data for financial products, including savings accounts, term deposits and credit cards, by 1 July 2021 – it did not meet this requirement until 13 December 2021. Two things are interesting to me here, with what is the first such infringement notice issued. First, I know a good number of banks were delayed with CDR compliance, due largely to core banking system provider issues. The ACCC appears to have recognised this, though also took into account a number of factors, including the period of alleged non-compliance, the number of customers potentially impacted, the resourcing constraints Bank of Queensland faced in developing its CDR infrastructure and the steps it took to limit the duration of its non-compliance. It must have judged Bank of Queensland to be comparatively worse than other banks. Second, this is worth noting for the general insurers and others who are or will be implementing CDR shortly. The ACCC is taking a hardline approach!
  3. Cyber risk (ASIC): ASIC is understandably pressing the fact that directors duties include cyber risks in the wake of its notable win in RI Advice. It has stated that it expects directors to ensure their organisation’s risk management framework adequately addresses cyber security risk, and that controls are implemented to protect key assets and enhance cyber resilience and that “Failing to do so could cause you to fall foul of your regulatory obligations”. These include obligations under the recent SOCI Act (see here) and Privacy Act. ASIC has asked directors to: consider their risk management framework and risk appetite to ensure it adequately deals with cybersecurity risk; enquire about incident response and business continuity plans to determine the organisation’s preparedness to respond to cybersecurity incidents; and, ensure access to appropriate resources to effectively manage cybersecurity risk, whether it be in-house or through commercial arrangements. It has also stressed the need for broad and effective disclosure in the wake of a cyber attacks e.g. ASX, annual reports, relevant regulators, etc.
  4. Investment governance (APRA):APRA has released a response to consultation and final Prudential Standard SPS 530 Investment Governance (SPS 530). The letter addresses key concerns raised by industry (e.g. clarification that the valuation governance framework requirements do not require the establishment of a stand-alone Board valuation sub-committee), and additionally outlines the updates implemented to SPS 530 to ensure better member outcomes by enhancing stress testing, valuation and liquidity management practices. SPS 530 will commence on 1 January 2023, and you can read the letter here.
  5. UK regulation (FCA): I have a lot of respect for the UK FCA as a regulator, from the guidance it issues, to its willingness to speak to market participants, to regulatory evolution it develops to carefully calibrated enforcement action. That is also evident in a speech its CEO gave recently, in which I picked up that it: 1) has invested heavily in data and technology and scan 100,000 websites for fraud every day; and 2) the US and UK will deepen ties on crypto-asset regulation and market developments — including in relation to stablecoins and the exploration of central bank digital currencies. Both areas which will no doubt be an increasing focus for our domestic regulators. I know ASIC scans websites already for misleading & deceptive conduct. That will only increase I think, as will its focus on cryptocurrency regulation (once Treasury finalises the CASSPr regime).

Thought for the future: ASIC has made an interim stop order preventing advertisements containing certain misleading or deceptive statements about PPM Units, a class of interests in RES Investment Fund (Fund). The order stops RES from advertising or publishing any statement regarding PPM Units that suggests an investor will acquire equity in Pleasure Point Mine Pty Ltd (PPMPL), a related entity of RES. ASIC considers that statements that investors will acquire equity are misleading or deceptive because they may lead investors in PPM Units to believe that they will receive shares and/or a direct ownership interest in PPMPL. The sole underlying asset of the PPM Unit class in the Fund is a loan to PPMPL. It is an interesting, and targeted use of ASIC’s powers — one to watch out for as to whether it will increase.

Australian regulators weekly wrap — Monday, 18 July 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Conflicted remuneration (ASIC): In Australian Securities and Investments Commission v Select AFSL Pty Ltd (No 2) [2022] FCA 786 the Federal Court of Australia held that conflicted remunerations contraventions took place for the Respondent, Select AFSL. Select AFSL was part of a corporate group structure which retailed life insurance products where the remuneration of sales agents was linked to the number of sales they made; although they were paid a base salary, they earned commission on products sold and could obtain benefits as a result of sales plus other incentives such as a cruise to the Gold Coast, trips to Las Vegas and Hawaii, and a Vespa scooter. Abraham J concluded that AFSL Select had contravened its AFSL general obligations under s. 912A(1)© of the Corporations Act. Importantly, by encouraging the boiler room culture, His Honour also found that the director Mr Howden had breached his directors’ duties owed to AFSL Select under s 180(1). My top read for the week, this decision is an important one in the evolving conception of the “efficiently, honestly and fairly” duty and directors duties.
  2. SMSF auditors (ASIC): ASIC has acted against eight self-managed superannuation fund auditors over the period 1 March 2022 to 30 June 2022. It deregistered five SMSF auditors and imposed additional conditions on the registration of three others. These actions resulted from breaches of obligations including auditing and assurance standards, independence requirements, and registration conditions, or because ASIC was satisfied the individual was not a fit and proper person to remain registered. Here is the thing — this appears to be ASIC’s MO at the moment. Lots of litigation and enforcement action, but not ones with a systemic or policy element e.g. Shipton’s responsible lending cases.
  3. Short term credit (ASIC): ASIC has made product intervention orders for short term credit and continuing credit contracts. ASIC’s orders prohibit the provision of short term credit and continuing credit contracts which involve unreasonably high fees charged to retail clients, in excess of the cost caps in the relevant exemptions in subsections 6(1) and 6(5) of the National Credit Code. The EM for the decision is here. An interesting thought — why ban something already subject to civil penalties under the NCC? Seems like ASIC is compensating for regulatory design here…
  4. Credit reporting (ASIC): banks need to need to supply financial information to credit reporting bodies under the mandatory comprehensive credit reporting regime. From 1 July 2022, comprehensive credit information also includes information about financial hardship arrangements. ASIC has adopted a temporary no-action position to enable large banks to withhold the reporting of certain credit information on consumer credit reports where reporting the information could lead to consumer harm, including where a consumer may be the victim of family violence. For example, a joint loan where the DV victim has agreed a hardship plan with the bank (unbeknownst to the abuser). Here is hoping it becomes a permanent relief position shortly!
  5. ‘Crypto winter’ (Bank of England): an interesting speech by Sir Jon Cunliffe from the BOE, where he succinctly pulled together some recent lessons from the drop in the crypto market. “1) Technology does not change the underlying risks in economics and finance; 2) Regulators should continue and accelerate their work to put in place effective regulation of the use of crypto technologies in finance; 3) This regulation should be constructed on the iron principle of ‘same risk, same regulatory outcome’ [the same regulation to the risks inherent in the provision of a financial service no matter how it is provided]; and, 4) Crypto — technologies offer the prospect of substantive innovation and improvement in finance. But to be successful and sustainable innovation has to happen within a framework in which risks are managed: people don’t fly for long in unsafe aeroplanes.” Sensible comments to be sure, though in my view the greater burden of work sits with policymakers and regulators. We need effective regulation to be put into play to support the industry and protect consumers, so lets get on with consultation on CASSPrs (warts and all) in Australia under the Albanese Government.

Thought for the future: next sitting dates are 26 July to 4 August 2022. Expect to see many prorogued non contentious legislation revived and passed….

Australian regulators weekly wrap — Monday, 11 July 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Lanterne (ASIC): ASIC has commenced civil penalty proceedings against Lanterne Fund Services, alleging multiple failures to meet the obligations of its AFSL, including a failure to meet organisational competence requirements. It alleges Lanterne, under a ‘licensee for hire’ business model e.g. under ‘Corporate Authorised Representative’ models, failed to: have adequate resources (including financial, technological, and human resources) to provide the financial services and carry out supervisory arrangements; maintain competence to provide its financial services; ensure that its representatives were adequately trained; take steps to ensure that its representatives complied with the financial services laws, and do all things necessary ensure that the financial services were provided efficiently, honestly, and fairly. You can read the pleading here, which is my top read for the week. I kept reading it expecting to see something connected to a Corporate Authorised Representative’s failure which caused consumer loss but… nothing.
  2. CPS 511 (ASIC): public information on breach reporting (look out for that later in the year, courtesy of ASIC) and now the prudential regulator is following suit on remuneration. APRA has released a consultation which will focus on proposed new remuneration disclosure and reporting requirements for all banks, insurers and superannuation funds. APRA-regulated institutions will be required to publicly disclose information on how their remuneration arrangements are designed, and how risk is factored into remuneration outcomes for key executives, and large and complex financial institutions will be required to disclose how they have placed a material weight on non-financial metrics (such as risk management and conduct). These proposed changes will take place after the proposed remuneration disclosure and reporting requirements will take effect after the implementation of CPS 511 in 2023 for large entities and 2024 for smaller entities. Side note: if you haven’t started your CPS 511 preparations, it is one to get onto now — it takes longer than expected!
  3. Crypto (Parliament): Crypto currencies will continue to be excluded from foreign currency tax arrangements . It follows a decision by the Government of El Salvador to allow Bitcoin as legal tender has the potential to create uncertainty about the status of crypto assets such as Bitcoin for tax purposes in Australia. Crypto assets will not be regarded as a foreign currency for tax purposes, though CGT will continue to apply to crypto assets that are held as investments. Interesting, to be sure, but the bigger question is whether crypto is property or data for the purpose of the taxation framework. The fact that the ATO says it is the former, meaning it can tax crypto, is neither here nor there. There are not authoritative cases on point, or legislation in Australia, and we need one or the other asap!
  4. Scams (ACCC): Australians lost more than $2 billion to scams in 2021, , the ACCC’s latest Targeting Scams report reveals. Investment scams were the highest loss category ($701 million) in 2021, followed by payment redirection scams ($227 million), and romance scams ($142 million). Scamwatch data shows that between 2020 and 2021 there was a 60 per cent reduction in losses from inheritance and unexpected money scams, and only a one per cent increase in losses from travel, prizes and lottery scams. Conversely, losses from investment scams increased by 169 per cent over the 12 months. Males lost more (60%) than females (40%), and over 65s lost the most unfortunately.
  5. Derivatives (Treasury): in November 2021, Frydenberg wrote to the Council of Financial Regulators asking whether the current use of derivatives by super funds raised any concerns, in terms of operational capability of funds to properly manage large volumes of derivatives transactions, prudential implications for the operation of individual funds and the outcomes for members of those funds, and any broader implications in terms of financial system stability. “No” is the answer — they’re just hedging their FX and interest rate risk according to the response. For all the noise around derivatives and Wall St types, they are, fundamentally, a tool to manage risk. Our super funds are doing just that.

Thought for the future: the Lanterne action by ASIC is somewhat unsettling for the lack of detail apropos the defects in its CAR arrangements. In any case, time for any AFSL with a CAR arrangement to examine its systems & controls.

Australian regulators weekly wrap — Monday, 4 July 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Threshold transaction reports (AUSTRAC): AUSTRAC has released updated guidance on reporting threshold transaction reports when a customer conducts multiple cash transactions, following industry consultation on the draft guidance released in November 2021. A reporting entity providing multiple services to a customer that add up to A$10,000 or more previously had to decide whether to treat these multiple services as a single reportable transaction or multiple transactions for the purposes of TTR reporting. Under AUSTRAC’s updated guidance position, reporting entities must submit a TTR to AUSTRAC for each individual cash transaction of A$10,000 or more. When a customer makes multiple cash transactions, each individual transaction is considered to be a separate and distinct designated service. The guidance, and practical examples, can be found here.
  2. Derivatives (ASIC): ASIC has released a consultation paper proposing to remake its class order on the financial requirements for issuers of OTC derivatives to retail clients. The financial requirements in [CO 12/752] Financial requirements for retail OTC derivative issuers aim to ensure AFS licensees have adequate financial resources to operate their business in compliance with the Corporations Act, and to manage the operational risks inherent in the OTC derivatives market. For example, under the class order derivative issuers must meet a net tangible asset requirement to hold the greater of $1,0000,000 or 5% of average revenue.
  3. Ongoing fee arranges (ASIC): the obligation to give clients a fee disclosure statement (FDS) annually where there is an ongoing fee arrangement has applied since 1 July 2012. From 1 July 2021, two broad additional obligations have applied between both advisors and clients where there is an ongoing fee arrangement (OFA) in place. Importantly, these two additional obligations are for fee recipients: (a) to renew an ongoing fee arrangement on an annual basis e.g. 1 July 2022 and (b) to obtain a client’s written consent to deduct ongoing fees from a client’s account. It is a technical requirement that is catching a number of advisers flat footed at the moment — see our article this week for more detail!
  4. Market outages (ASIC): ASIC previously released Report 708 ASIC’s which sets out its expectations for industry in responding to a market outages. Market operators and participants are required to implement the expectations to maintain compliance with their obligations under the law and to ensure they can continue to service their clients during a market outage, like the one that occurred with the ASX equity market outage in November 2020. ASIC has publicly restated that it is continuing to call on market operators and participants to continue to implement its expectations to improve the resilience of the Australian equity market during outages, including by facilitating trading on alternative markets.
  5. Privilege protocol (ATO): the ATO has long had an issue with claims of privilege being used to shield documents from it. It successfully obtained documents subject to a claim of legal privilege from PWC earlier in the year (see here). It has now released a privilege protocol designed to assist taxpayers when making privilege claims in response to a formal information gathering notice. The protocol outlines: a recommended approach for assessing whether privilege applies; what the ATO recommends taxpayers to provide to to the ATO; and, what to expect from the ATO when taxpayers invoke a claim for privilege. The ATO has stated that: “It is voluntary to follow the protocol, but following it should help us to decide quickly how to treat your claim. If you choose not to follow the protocol, we recommend you explain to us where you have not done so and why. If you do not provide this information and we do not have sufficient information to make a decision on a claim, we are likely to make further enquiries.”

Thought for the future: my personal view is that Australia is a relatively soft-ball jurisdiction in terms of privilege. Regulators have historically rarely seriously tested it, and my observation of Aussie practitioners is that they are relatively blasé about it. The winds of change are blowing though, as the ATO ramps up and ASIC / APRA will follow suit (especially under FAR, which mandates “co-operation”). We aren’t quite at the stage the UK is, where the UK Serious Fraud Office specifically calls out waiver of privilege as a factor in determining whether the organisation gets co-operation credit in their guidelines. Privilege is definitely going to get tested in coming years though!

Australian regulators weekly wrap — Monday, 27 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Litigation funders (Treasury): well, that did not take long! Assistant Treasurer Stephen Jones has put himself on record, stating that the process of funder backed class action will be removed from ASIC and remitted to the Federal Court and state supreme courts. It follows Attorney-General Mark Dreyfus’ statement earlier this year said Labor would look to roll back Coalition changes made to continuous disclosure laws that made it difficult for shareholders to sue companies and directors except where there was “knowledge, recklessness or negligence”.
  2. AML / CTF (NSW Parliament): onto a slightly less controversial topic, and the NSW government will introduce laws to confiscate unexplained wealth from criminal gangs and ban the use of encrypted devices as part of reforms to combat money laundering and organised crime. The new powers allow for the confiscation of unlawfully acquired assets of major convicted drug traffickers and expand powers to stop and search for unexplained wealth. Let’s see how effective it is when combined with cryptocurrency, which is the bête noire for regulators seeking to evolve the financial services regulatory framework for the most important shift since the internet itself. You can read more in our recent update here.
  3. AML / CTF data (ACAMS): speaking at ACAMS 2nd Annual AML & Anti-Financial Crime Conference Australasia, AUSTRAC CEO Nicole Rose gave a speech which caught my eye for the following statistic: “We see it in the quantity of reporting. Over the five years to 30 June 2021, AUSTRAC has seen a 318% increase in the reporting of suspicious financial activity, and a 63% increase in International Funds Transfer Instruction (IFTI) reports received…Compliance reporting across the entire population has continued to increase in both quality and quantity, particularly in some sectors that were coming off a very low base indeed.” Ms Rose stated that current focus continues to be on casinos and gambling institutions, though emphasised the importance of governance and the role of the Board and senior management in setting and maintaining a culture of compliance in terms of oversight and management of AML/CTF obligations. She also stated that cyber capabilities and scams are increasingly being deployed to steal customer’s details and commercially sensitive information, as well as target and exploit payment systems across the financial sector, and that AUSTRAC is observing cryptocurrencies being exploited across many traditional and emerging crime types, including; terrorism financing, national security, money laundering, child exploitation and ransomware. That is one of the reasons why it is critical for crypto firms to have a very bespoke Part A in their AML / CTF programs — the risks with Web3 assets are very different (though not necessarily greater) to those in other reporting entities.
  4. Super trustees (ASIC): ASIC has released the findings from its review of superannuation trustees’ communications with their members following their first performance test under MySuper. (The performance test was introduced by the Treasury Laws Amendment (Your Future, Your Super) Act 2021 with the purpose of holding trustees to account for underperformance through greater transparency and increased consequences. The test involves an assessment of: 1) investment performance by applying an objective benchmark for each product that reflects the strategic asset allocation the trustee has set for the product. This provides a measure of whether the investment decisions of the trustee have produced performance outcomes that are higher or lower than would have been achieved by investing passively in each asset class; and 2) administration fees, by assessing the fee charged in the last financial year relative to the median fee charged for the category of product.) ASIC’s REP 729 identifies communication strategies of concern including, for example: publishing the MySuper product’s failure of the test on a webpage less likely to be visited by persons interested in the product; highlighting other performance measures that were more favourable, such as recent positive past performance figures; or criticising aspects of the MySuper test to suggest it was not relevant to the particular product. EDIT: someone whose opinion I deeply respect has since pointed out that one of the interesting – and frightening – aspects of this new regime is short termism it creates. Increased trading will be the result of annual benchmarks, and that is really not to the purpose of the super funds which is to create long term stable wealth…
  5. CCIVS (ASIC): ASIC has released a range of documents to support the licensing and other requirements for corporate collective investment vehicles (CCIVs). Legislation introduced earlier in the year establishes the CCIV, a new type of company limited by shares and specifically designed for use in funds management. The CCIV promises to act as a direct competitor to the classic managed investment scheme structure — it is a big leap forward for Australia in which will come into effect in July 2022, when the CCIVs regime commences, and you can read more about it in our updated here. ASIC has also published Information Sheet 272 How to register a corporate collective investment vehicle and sub-fund (INFO 272). INFO 272 provides guidance on: CCIV and initial sub-fund registration requirements; the application process, including how ASIC will assess applications for CCIVs and initial sub-funds; CCIV Constitution and compliance plan requirements; and, the application process for registering further sub-funds. The licensing amendments are sensible in my view, and consistent with the broader licensing framework — we are starting to work on CCIVs now, and I am EXCITED to see them in the Asia-Pac market soon.

Thought for the future: the consumer data right means that at a consumer’s direction, a data holder (for example a bank) must electronically share the consumer’s data with: an accredited data recipient to which the consumer has given their consent (for example another bank, or a comparison service); or, the consumer. It was tricky enough to implement for the banks, but now it is being expanded more broader the challenges multiple. Like for general and life insurers, whos products are apples and oranges in terms of coverage, exclusions and the like. Read more here!

Australian regulators weekly wrap — Monday, 20 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Cyber safety (ASIC): ASIC has urged listed firms to pay attention to cyber risks, noting World Economic Forum released its annual Global Risks Report 2022 and failure of cyber security measures was the number one risk for Australian executives. ASIC’s December 2021 resilience report showed firms operating in Australia’s markets had a small but steady improvement in cyber resilience. However, the increase of 1.4% fell far short of the 14.9% improvement targeted for the period. ASIC Executive Director of Markets, Greg Yanco stated: “ASIC is not seeking to prescribe technical standards or to provide expert guidance on cyber security. Where we consider a firm has not met its cyber risk management obligations, we may consider enforcement action to drive changes in behaviour. This is illustrated by ASIC’s proceedings against RI Advice Group.”
  2. Macro-prudential framework (APRA): the prudential regulator has finalised amendments to its prudential framework to give effect to macroprudential policy measures. Under the new requirements, ADIs must be operationally prepared to implement certain macroprudential policy measures, if needed. In particular, banks will need to have systems in place to limit growth in higher risk residential mortgage lending, such as loans at high debt-to-income multiples or high loan-to-valuation ratios. The new requirements take effect from September this year, and foreshadow the recession fears ahead.
  3. Insolvencies (AFCA): as at 1 June 2022, the AFCA had 2,447 open complaints involving 44 financial firms impacted by insolvency. It is estimated that consumer claims in these complaints total more than $376 million. The complaints have had to be paused because of the firms’ insolvency. In addition, there were 306 unpaid determinations associated with 28 insolvent firms, involving awards totaling an estimated $14.7 million. Interesting, no doubt, but it is hard not to read into this media release as dog whistling to the newly installed red team to get the Compensation Scheme of Last Resort (which by facilitates the payment of compensation to eligible consumers who have received a determination for compensation from the AFCA which remains unpaid) back on track. The legislation has stalled in Parliament, given it crossed over the election. One would prefer AFCA stick to its knitting, rather than continue its policy advocacy…
  4. Reprimands & warnings (ASIC): The requirement for ASIC to give warnings and reprimands to financial advisers in specified circumstances was introduced by the Financial Sector Reform (Hayne Royal Commission Response — Better Advice) Act 2021.ASIC has released Information Sheet 270 Warnings and Reprimands (INFO 270) which explains: what warnings and reprimands are; when ASIC will give a warning or reprimand; how ASIC will communicate the giving of a warning or reprimand; when and to whom ASIC will provide procedural fairness before giving a warning or reprimand; and, the adviser’s right of review of ASIC’s decision to give a warning or reprimand. In the examples give, ASIC will consider a warning or reprimand where a financial adviser has, at least twice, been linked to a refusal or failure to give effect to a determination made by AFCA.
  5. Breach reporting (ASIC): a broad ranging speech given by Joe Longo after his first year in office, which contains some great insights into the direction and focus of ASIC under his stewardship. In particular, wanting ASIC ‘…to be ambitious and confident in discharging its regulatory and enforcement responsibilities, to serve and advance the public interest’. One matter caught my eye in the speech — my top read for the week — on breach reporting. (There was some interesting discussion on the regulation of crypto assets at the end, though more academic than anything else.) ASIC has apparently received over 10,000 submissions through its regulatory portal since October 2021, and expects the number of licensees reporting to increase over time. Mr. Longo also notes some industry groups have raised concerns with Treasury about the legislative policy settings for the breach reporting regime (Gadens included!). Mr Longo has stated that it is ultimately an issue for Government, which is somewhat disappointing. That is technically correct, sure, though ASIC would have a lot of sway in taking the position that the policy setting is not calibrated correctly (which is the case as per our independent research).

Thoughts for the week: the trilemma of regulation, according to Chris Brummer & Yesha Yadav, ‘Fintech and the Innovation Trilemma’, Georgetown Law Journal, vol. 107, 235: ‘when seeking to provide clear rules, maintain market integrity, and encourage financial innovation, regulators have long been able to achieve, at best, only two out of these three goals’. That is, ‘if regulators prioritise market safety and clear rulemaking, they do so through broad prohibitions, invariably inhibiting financial innovation. Alternatively, if regulators wish to encourage innovation and provide rules clarity, they must do so in ways that ultimately result in simple, low-intensity regulatory frameworks, increasing risks to market integrity and consumers. Finally, if regulators look to enable innovation and promote market integrity, they must do so through a complex matrix of rules and exemptions, raising compliance costs and disproportionately impacting smaller firms and upstarts’. Which way will crypto regulation go? For my part, hopefully not one which stifles innovation…

Australian regulators weekly wrap — Monday, 13 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Crypto legislation (US): I am not sure what is happening in the US with leaked documents recently, but the WSJ has leaked the draft crypto legislation which you can read here. A dense document — it is US legislation after all — some of the key points are: the bill is centered around the terms ‘digital asset’ and ‘digital asset exchange’; digital assets have been treated as a form of property (instead of data); a policy goal of the bill has been to lower taxes to encourage innovation in the area — that is evident throughout the bill, e.g. section 205 ‘Tax Treatment of Digital Asset Lending Agreements and Related Matters’ establishes that digital asset lending agreements are not generally taxable events; ‘mining’ and ‘staking’ of digital assets (along with raising funds for charitable purposes) will be excluded from tax requirements (via s501(c)(7) of the Internal Revenue Code of 1986); there are to be some rules around tax compliance — from 1 January 2025 brokers will have to produce annual returns reporting any transfer (which is not part of a sale or exchange) of a digital asset with an unrelated party; the CFTC components also strictly spells out the holding of customer assets. For e.g., it is establishing a requirement for merchants (licensed) to segregate digital assets to minimise the risk of customer loss under their custody; section 404 includes several requirements digital exchanges will have to meet, as well as additional rules for margin or leveraged trading e.g. only permit trading in assets not open to manipulation (which sounds tricky for organisations to regulate!); digital assets are viewed as ‘consumption’ goods rather than ‘investment’ goods, although it is case-by-case, and the bill has some practical protections for consumers e.g. Title V Responsible Consumer Innovation places stringent disclosure obligations on foreign issuers of ancillary assets. Finally, and interestingly, stablecoin issuers will have to meet its entire customer obligations in their capital adequacy requirements — this is a response to the Terra stablecoin collapse. A fascinating insight into US policymakers’ considerations, which will no doubt pop up in our own as Australia grapples with how to regulate crypto-currency under a new Government! (Reach out if you want a more detailed briefing, which we have prepared.)
  2. EPIC Investments (ASIC): ASIC has cancelled the AFSL of Epic Property Investments Ltd (Epic), which operates 2 registered managed investment schemes. ASIC took this action because Epic has not held professional indemnity insurance since 21 April 2021. Epic was unsuccessful in its attempts to obtain the required insurance cover. As a result, ASIC considered that Epic has failed to comply with its obligations on an ongoing basis and was not providing retail clients with consumer protections required under the regulatory regime for AFS licensees. Given that the insurance market is exceptionally hard at the moment, and following the RI Advice case, this strikes me as very harsh. Consumer protection is important, undoubtedly, but can be met through other means than a cottage industry of decreasing PI insurers. Appropriately structured terms where the underlying asset is cash at bank, bank guarantees, or say real property assets offer the same if not more protection. This licensing requirement could do with a rethink in my view…
  3. ePayments (ASIC): a long time coming, the new ePayments Code has been released. The ePayments Code provides consumer protections in relation to electronic payments, including ATM, EFTPOS, credit and debit card transactions, online payments, and internet and mobile banking. It sets out a process for customers to get help from their financial institution in retrieving funds they have mistakenly paid to the wrong person. ASIC has updated the following areas of the Code: compliance monitoring and data collection; mistaken internet payments; unauthorised transactions; complaints handling; and, facility expiry dates.
  4. Risk survey (APRA): it is worth subscribing to Government tender portals, as occasionally you get some gems — APRA is seeking information on the services to support an industry-wide risk culture benchmarking survey. Specifically, APRA is seeking a supplier to provide a tool which will enable a survey of up to 70 regulated entities across approximately 200,000 employees. The purpose of this RFI is to allow APRA to build a better understanding of the capabilities, capacity and indicative pricing for future procurement activities. No more Survey Monkey surveys, prudential entities can no doubt look out for this one in the near future!
  5. Scams (ACCC): Australians lost over $205 million to scams between 1 January and 1 May, a 166 per cent increase compared to the same period last year. The majority of losses over this period have been to investment scams with $158 million lost, an increase of 314 per cent compared to the same period last year. The majority of losses to investment scams involved crypto investments, with $113 million reported lost this year. People aged 55 to 64 reported the highest total losses, $32 million between 1 January and 1 May and over 80 per cent of losses reported by this age group was lost to investment scams ($26m). Generally speaking, Australians’ have poor financial literacy comparative to other development countries, and education is part of the answer. Another part of the answer is to support access to financial advisers instead of loading them up with regulation…

Thought for the future: there are the big ticket items which individuals focus on in terms of the challenges in the financial services industry e.g. new breach reporting rules, DDO and FAR. Then there is the surrounding practice e.g. court actions, license actions, etc. The former is largely stable now, whereas the latter strikes me as a quite hard — the regulators appear to have lost none of their hawkishness in the wake of the Hayne Royal Commission…

Australian regulators weekly wrap — Monday, 6 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. AFSL auditing (ASIC): ASIC has announced new financial reporting requirements for AFSL holders, following changes to the accounting standards. AFSL holders’ financial reports must now contain disclosures consistent with the financial reports of other for-profit entities, prepared under standards set by the AASB. For-profit companies, registered schemes and disclosing entities that prepare financial reports under Chapter 2M of the Corporations Act 2001 , and which are not reporting entities, can no longer prepare special purpose financial reports that do not contain all disclosures required in the full accounting standards i.e. the full recognition and measurement requirements for assets, liabilities, income and expenses e.g. all licensees will be required to prepare a cash flow statement. In addition to single entity financial statements, consolidated financial statements must be presented where the licensee has controlled entities. The new disclosure requirements apply from financial years commencing on or after 1 July 2021, but many licensees can choose to defer any new disclosure requirements by one year. This can be expected to add significant cost to the audit fees for most of the smaller AFSL entities, and I have not seen a detailed rationale from ASIC as to why this needs to happen. To me, it very much seems like overkill for a profession already struggling under the weight of recent over-regulation…
  2. ACCC priorities (ACCC): the new Chair of the ACCC, Gina Cass-Gotlieb, has stated that one of the ACCC’s key compliance and enforcement priorities for 2022/23 is promoting competition and investigating allegations of anti-competitive conduct in the financial services sector. She singled out payments in particular, noting the new services and competitors in the payments ecosystem, such as payment gateways, payment aggregators, mobile wallet providers and payments using crypto-currencies. Other priorities for the competition regulator are digital payment platforms, disrupting scams and CDR. No surprises on the last one — CDR will be more complicated as it moves beyond banking e.g. to insurance where the comparison is apples and oranges between policies.
  3. Prudential levies (APRA): the total funding required under the levies in 2022–23 for APRA is $259.6 million. This is a $2.4 million (0.9 per cent) decrease from the 2021–22 requirement. Nothing too interesting in the report in terms of enforcement or other key priorities, but always useful to double check these submissions to see if there are any gems!
  4. Good practice guide (FRC): the UK Financial Reporting Council has published anonymised key findings and good practices reported by its Audit Quality Review team in relation to their 2020/21 audit quality inspections at the seven largest audit firms. The purpose of these documents is to share with auditors, audit committees, investors and other users of audited financial statements the nature of the key findings and good practices reported on the individual audits inspected. My top reads for the week — they are relatively easygoing as far as audit reporting goes — some of the more interesting findings are: the audit team did not adequately consider the perceived threats to independence arising from the provision of non-audit services (relevant in the context of the EY chatter about breaking up the firm); the audit team did not obtain sufficient understanding of the operation of relevant controls across all jurisdictions to address and respond fully to the identified significant risk that non-compliance with law or regulation might have material adverse consequences for the group; and, there was insufficient evidence that the audit team had adequately considered the significance of the requirement to refinance the revolving credit facility in relation to management’s going concern assessment. Interestingly, in relation to the last point, the key finding also took issue with the auditors not considering whether the key lender could or would provide further funding. It provided ‘There was insufficient evidence that the audit team assessed the ability of the lender to provide funding as and when required”, which is interesting / not one I have seen pop up before. Of course, it is hard to assess this on in the absence of knowledge as to who the lender was e.g. high street bank, or non-bank lender operating out of the Grenadines since 2019.
  5. ESG (SEC): lots of news on greenwashing at the moment. In response, the US SEC has proposed amendments to rules and reporting forms to promote consistent, comparable, and reliable information for investors concerning funds’ and advisers’ incorporation of environmental, social, and governance factors. The proposed amendments seek to categorize certain types of ESG strategies broadly and require funds and advisers to provide more specific disclosures in fund prospectuses, annual reports, and adviser brochures based on the ESG strategies they pursue. For example, funds focused on the consideration of environmental factors generally would be required to disclose the greenhouse gas emissions associated with their portfolio investments. One I think will be picked up in Australia, in the near future given the state of play here.

Thought for the future: ‘regulatory impact statements’ seek to assist government officials to move towards ‘best practice’ regulatory design and implementation by requiring the completion of a detailed cost-benefit analysis. ASIC does do them (see here for example), but they do seem to be patchy. It would be really useful to see a consistent framework for RISs; the new auditing amendments cry out for one which can be tested…