Australian regulators weekly wrap — Monday, 11 July 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Lanterne (ASIC): ASIC has commenced civil penalty proceedings against Lanterne Fund Services, alleging multiple failures to meet the obligations of its AFSL, including a failure to meet organisational competence requirements. It alleges Lanterne, under a ‘licensee for hire’ business model e.g. under ‘Corporate Authorised Representative’ models, failed to: have adequate resources (including financial, technological, and human resources) to provide the financial services and carry out supervisory arrangements; maintain competence to provide its financial services; ensure that its representatives were adequately trained; take steps to ensure that its representatives complied with the financial services laws, and do all things necessary ensure that the financial services were provided efficiently, honestly, and fairly. You can read the pleading here, which is my top read for the week. I kept reading it expecting to see something connected to a Corporate Authorised Representative’s failure which caused consumer loss but… nothing.
  2. CPS 511 (ASIC): public information on breach reporting (look out for that later in the year, courtesy of ASIC) and now the prudential regulator is following suit on remuneration. APRA has released a consultation which will focus on proposed new remuneration disclosure and reporting requirements for all banks, insurers and superannuation funds. APRA-regulated institutions will be required to publicly disclose information on how their remuneration arrangements are designed, and how risk is factored into remuneration outcomes for key executives, and large and complex financial institutions will be required to disclose how they have placed a material weight on non-financial metrics (such as risk management and conduct). These proposed changes will take place after the proposed remuneration disclosure and reporting requirements will take effect after the implementation of CPS 511 in 2023 for large entities and 2024 for smaller entities. Side note: if you haven’t started your CPS 511 preparations, it is one to get onto now — it takes longer than expected!
  3. Crypto (Parliament): Crypto currencies will continue to be excluded from foreign currency tax arrangements . It follows a decision by the Government of El Salvador to allow Bitcoin as legal tender has the potential to create uncertainty about the status of crypto assets such as Bitcoin for tax purposes in Australia. Crypto assets will not be regarded as a foreign currency for tax purposes, though CGT will continue to apply to crypto assets that are held as investments. Interesting, to be sure, but the bigger question is whether crypto is property or data for the purpose of the taxation framework. The fact that the ATO says it is the former, meaning it can tax crypto, is neither here nor there. There are not authoritative cases on point, or legislation in Australia, and we need one or the other asap!
  4. Scams (ACCC): Australians lost more than $2 billion to scams in 2021, , the ACCC’s latest Targeting Scams report reveals. Investment scams were the highest loss category ($701 million) in 2021, followed by payment redirection scams ($227 million), and romance scams ($142 million). Scamwatch data shows that between 2020 and 2021 there was a 60 per cent reduction in losses from inheritance and unexpected money scams, and only a one per cent increase in losses from travel, prizes and lottery scams. Conversely, losses from investment scams increased by 169 per cent over the 12 months. Males lost more (60%) than females (40%), and over 65s lost the most unfortunately.
  5. Derivatives (Treasury): in November 2021, Frydenberg wrote to the Council of Financial Regulators asking whether the current use of derivatives by super funds raised any concerns, in terms of operational capability of funds to properly manage large volumes of derivatives transactions, prudential implications for the operation of individual funds and the outcomes for members of those funds, and any broader implications in terms of financial system stability. “No” is the answer — they’re just hedging their FX and interest rate risk according to the response. For all the noise around derivatives and Wall St types, they are, fundamentally, a tool to manage risk. Our super funds are doing just that.

Thought for the future: the Lanterne action by ASIC is somewhat unsettling for the lack of detail apropos the defects in its CAR arrangements. In any case, time for any AFSL with a CAR arrangement to examine its systems & controls.

Australian regulators weekly wrap — Monday, 4 July 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Threshold transaction reports (AUSTRAC): AUSTRAC has released updated guidance on reporting threshold transaction reports when a customer conducts multiple cash transactions, following industry consultation on the draft guidance released in November 2021. A reporting entity providing multiple services to a customer that add up to A$10,000 or more previously had to decide whether to treat these multiple services as a single reportable transaction or multiple transactions for the purposes of TTR reporting. Under AUSTRAC’s updated guidance position, reporting entities must submit a TTR to AUSTRAC for each individual cash transaction of A$10,000 or more. When a customer makes multiple cash transactions, each individual transaction is considered to be a separate and distinct designated service. The guidance, and practical examples, can be found here.
  2. Derivatives (ASIC): ASIC has released a consultation paper proposing to remake its class order on the financial requirements for issuers of OTC derivatives to retail clients. The financial requirements in [CO 12/752] Financial requirements for retail OTC derivative issuers aim to ensure AFS licensees have adequate financial resources to operate their business in compliance with the Corporations Act, and to manage the operational risks inherent in the OTC derivatives market. For example, under the class order derivative issuers must meet a net tangible asset requirement to hold the greater of $1,0000,000 or 5% of average revenue.
  3. Ongoing fee arranges (ASIC): the obligation to give clients a fee disclosure statement (FDS) annually where there is an ongoing fee arrangement has applied since 1 July 2012. From 1 July 2021, two broad additional obligations have applied between both advisors and clients where there is an ongoing fee arrangement (OFA) in place. Importantly, these two additional obligations are for fee recipients: (a) to renew an ongoing fee arrangement on an annual basis e.g. 1 July 2022 and (b) to obtain a client’s written consent to deduct ongoing fees from a client’s account. It is a technical requirement that is catching a number of advisers flat footed at the moment — see our article this week for more detail!
  4. Market outages (ASIC): ASIC previously released Report 708 ASIC’s which sets out its expectations for industry in responding to a market outages. Market operators and participants are required to implement the expectations to maintain compliance with their obligations under the law and to ensure they can continue to service their clients during a market outage, like the one that occurred with the ASX equity market outage in November 2020. ASIC has publicly restated that it is continuing to call on market operators and participants to continue to implement its expectations to improve the resilience of the Australian equity market during outages, including by facilitating trading on alternative markets.
  5. Privilege protocol (ATO): the ATO has long had an issue with claims of privilege being used to shield documents from it. It successfully obtained documents subject to a claim of legal privilege from PWC earlier in the year (see here). It has now released a privilege protocol designed to assist taxpayers when making privilege claims in response to a formal information gathering notice. The protocol outlines: a recommended approach for assessing whether privilege applies; what the ATO recommends taxpayers to provide to to the ATO; and, what to expect from the ATO when taxpayers invoke a claim for privilege. The ATO has stated that: “It is voluntary to follow the protocol, but following it should help us to decide quickly how to treat your claim. If you choose not to follow the protocol, we recommend you explain to us where you have not done so and why. If you do not provide this information and we do not have sufficient information to make a decision on a claim, we are likely to make further enquiries.”

Thought for the future: my personal view is that Australia is a relatively soft-ball jurisdiction in terms of privilege. Regulators have historically rarely seriously tested it, and my observation of Aussie practitioners is that they are relatively blasé about it. The winds of change are blowing though, as the ATO ramps up and ASIC / APRA will follow suit (especially under FAR, which mandates “co-operation”). We aren’t quite at the stage the UK is, where the UK Serious Fraud Office specifically calls out waiver of privilege as a factor in determining whether the organisation gets co-operation credit in their guidelines. Privilege is definitely going to get tested in coming years though!

Australian regulators weekly wrap — Monday, 27 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Litigation funders (Treasury): well, that did not take long! Assistant Treasurer Stephen Jones has put himself on record, stating that the process of funder backed class action will be removed from ASIC and remitted to the Federal Court and state supreme courts. It follows Attorney-General Mark Dreyfus’ statement earlier this year said Labor would look to roll back Coalition changes made to continuous disclosure laws that made it difficult for shareholders to sue companies and directors except where there was “knowledge, recklessness or negligence”.
  2. AML / CTF (NSW Parliament): onto a slightly less controversial topic, and the NSW government will introduce laws to confiscate unexplained wealth from criminal gangs and ban the use of encrypted devices as part of reforms to combat money laundering and organised crime. The new powers allow for the confiscation of unlawfully acquired assets of major convicted drug traffickers and expand powers to stop and search for unexplained wealth. Let’s see how effective it is when combined with cryptocurrency, which is the bête noire for regulators seeking to evolve the financial services regulatory framework for the most important shift since the internet itself. You can read more in our recent update here.
  3. AML / CTF data (ACAMS): speaking at ACAMS 2nd Annual AML & Anti-Financial Crime Conference Australasia, AUSTRAC CEO Nicole Rose gave a speech which caught my eye for the following statistic: “We see it in the quantity of reporting. Over the five years to 30 June 2021, AUSTRAC has seen a 318% increase in the reporting of suspicious financial activity, and a 63% increase in International Funds Transfer Instruction (IFTI) reports received…Compliance reporting across the entire population has continued to increase in both quality and quantity, particularly in some sectors that were coming off a very low base indeed.” Ms Rose stated that current focus continues to be on casinos and gambling institutions, though emphasised the importance of governance and the role of the Board and senior management in setting and maintaining a culture of compliance in terms of oversight and management of AML/CTF obligations. She also stated that cyber capabilities and scams are increasingly being deployed to steal customer’s details and commercially sensitive information, as well as target and exploit payment systems across the financial sector, and that AUSTRAC is observing cryptocurrencies being exploited across many traditional and emerging crime types, including; terrorism financing, national security, money laundering, child exploitation and ransomware. That is one of the reasons why it is critical for crypto firms to have a very bespoke Part A in their AML / CTF programs — the risks with Web3 assets are very different (though not necessarily greater) to those in other reporting entities.
  4. Super trustees (ASIC): ASIC has released the findings from its review of superannuation trustees’ communications with their members following their first performance test under MySuper. (The performance test was introduced by the Treasury Laws Amendment (Your Future, Your Super) Act 2021 with the purpose of holding trustees to account for underperformance through greater transparency and increased consequences. The test involves an assessment of: 1) investment performance by applying an objective benchmark for each product that reflects the strategic asset allocation the trustee has set for the product. This provides a measure of whether the investment decisions of the trustee have produced performance outcomes that are higher or lower than would have been achieved by investing passively in each asset class; and 2) administration fees, by assessing the fee charged in the last financial year relative to the median fee charged for the category of product.) ASIC’s REP 729 identifies communication strategies of concern including, for example: publishing the MySuper product’s failure of the test on a webpage less likely to be visited by persons interested in the product; highlighting other performance measures that were more favourable, such as recent positive past performance figures; or criticising aspects of the MySuper test to suggest it was not relevant to the particular product. EDIT: someone whose opinion I deeply respect has since pointed out that one of the interesting – and frightening – aspects of this new regime is short termism it creates. Increased trading will be the result of annual benchmarks, and that is really not to the purpose of the super funds which is to create long term stable wealth…
  5. CCIVS (ASIC): ASIC has released a range of documents to support the licensing and other requirements for corporate collective investment vehicles (CCIVs). Legislation introduced earlier in the year establishes the CCIV, a new type of company limited by shares and specifically designed for use in funds management. The CCIV promises to act as a direct competitor to the classic managed investment scheme structure — it is a big leap forward for Australia in which will come into effect in July 2022, when the CCIVs regime commences, and you can read more about it in our updated here. ASIC has also published Information Sheet 272 How to register a corporate collective investment vehicle and sub-fund (INFO 272). INFO 272 provides guidance on: CCIV and initial sub-fund registration requirements; the application process, including how ASIC will assess applications for CCIVs and initial sub-funds; CCIV Constitution and compliance plan requirements; and, the application process for registering further sub-funds. The licensing amendments are sensible in my view, and consistent with the broader licensing framework — we are starting to work on CCIVs now, and I am EXCITED to see them in the Asia-Pac market soon.

Thought for the future: the consumer data right means that at a consumer’s direction, a data holder (for example a bank) must electronically share the consumer’s data with: an accredited data recipient to which the consumer has given their consent (for example another bank, or a comparison service); or, the consumer. It was tricky enough to implement for the banks, but now it is being expanded more broader the challenges multiple. Like for general and life insurers, whos products are apples and oranges in terms of coverage, exclusions and the like. Read more here!

Australian regulators weekly wrap — Monday, 20 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Cyber safety (ASIC): ASIC has urged listed firms to pay attention to cyber risks, noting World Economic Forum released its annual Global Risks Report 2022 and failure of cyber security measures was the number one risk for Australian executives. ASIC’s December 2021 resilience report showed firms operating in Australia’s markets had a small but steady improvement in cyber resilience. However, the increase of 1.4% fell far short of the 14.9% improvement targeted for the period. ASIC Executive Director of Markets, Greg Yanco stated: “ASIC is not seeking to prescribe technical standards or to provide expert guidance on cyber security. Where we consider a firm has not met its cyber risk management obligations, we may consider enforcement action to drive changes in behaviour. This is illustrated by ASIC’s proceedings against RI Advice Group.”
  2. Macro-prudential framework (APRA): the prudential regulator has finalised amendments to its prudential framework to give effect to macroprudential policy measures. Under the new requirements, ADIs must be operationally prepared to implement certain macroprudential policy measures, if needed. In particular, banks will need to have systems in place to limit growth in higher risk residential mortgage lending, such as loans at high debt-to-income multiples or high loan-to-valuation ratios. The new requirements take effect from September this year, and foreshadow the recession fears ahead.
  3. Insolvencies (AFCA): as at 1 June 2022, the AFCA had 2,447 open complaints involving 44 financial firms impacted by insolvency. It is estimated that consumer claims in these complaints total more than $376 million. The complaints have had to be paused because of the firms’ insolvency. In addition, there were 306 unpaid determinations associated with 28 insolvent firms, involving awards totaling an estimated $14.7 million. Interesting, no doubt, but it is hard not to read into this media release as dog whistling to the newly installed red team to get the Compensation Scheme of Last Resort (which by facilitates the payment of compensation to eligible consumers who have received a determination for compensation from the AFCA which remains unpaid) back on track. The legislation has stalled in Parliament, given it crossed over the election. One would prefer AFCA stick to its knitting, rather than continue its policy advocacy…
  4. Reprimands & warnings (ASIC): The requirement for ASIC to give warnings and reprimands to financial advisers in specified circumstances was introduced by the Financial Sector Reform (Hayne Royal Commission Response — Better Advice) Act 2021.ASIC has released Information Sheet 270 Warnings and Reprimands (INFO 270) which explains: what warnings and reprimands are; when ASIC will give a warning or reprimand; how ASIC will communicate the giving of a warning or reprimand; when and to whom ASIC will provide procedural fairness before giving a warning or reprimand; and, the adviser’s right of review of ASIC’s decision to give a warning or reprimand. In the examples give, ASIC will consider a warning or reprimand where a financial adviser has, at least twice, been linked to a refusal or failure to give effect to a determination made by AFCA.
  5. Breach reporting (ASIC): a broad ranging speech given by Joe Longo after his first year in office, which contains some great insights into the direction and focus of ASIC under his stewardship. In particular, wanting ASIC ‘…to be ambitious and confident in discharging its regulatory and enforcement responsibilities, to serve and advance the public interest’. One matter caught my eye in the speech — my top read for the week — on breach reporting. (There was some interesting discussion on the regulation of crypto assets at the end, though more academic than anything else.) ASIC has apparently received over 10,000 submissions through its regulatory portal since October 2021, and expects the number of licensees reporting to increase over time. Mr. Longo also notes some industry groups have raised concerns with Treasury about the legislative policy settings for the breach reporting regime (Gadens included!). Mr Longo has stated that it is ultimately an issue for Government, which is somewhat disappointing. That is technically correct, sure, though ASIC would have a lot of sway in taking the position that the policy setting is not calibrated correctly (which is the case as per our independent research).

Thoughts for the week: the trilemma of regulation, according to Chris Brummer & Yesha Yadav, ‘Fintech and the Innovation Trilemma’, Georgetown Law Journal, vol. 107, 235: ‘when seeking to provide clear rules, maintain market integrity, and encourage financial innovation, regulators have long been able to achieve, at best, only two out of these three goals’. That is, ‘if regulators prioritise market safety and clear rulemaking, they do so through broad prohibitions, invariably inhibiting financial innovation. Alternatively, if regulators wish to encourage innovation and provide rules clarity, they must do so in ways that ultimately result in simple, low-intensity regulatory frameworks, increasing risks to market integrity and consumers. Finally, if regulators look to enable innovation and promote market integrity, they must do so through a complex matrix of rules and exemptions, raising compliance costs and disproportionately impacting smaller firms and upstarts’. Which way will crypto regulation go? For my part, hopefully not one which stifles innovation…

Australian regulators weekly wrap — Monday, 13 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Crypto legislation (US): I am not sure what is happening in the US with leaked documents recently, but the WSJ has leaked the draft crypto legislation which you can read here. A dense document — it is US legislation after all — some of the key points are: the bill is centered around the terms ‘digital asset’ and ‘digital asset exchange’; digital assets have been treated as a form of property (instead of data); a policy goal of the bill has been to lower taxes to encourage innovation in the area — that is evident throughout the bill, e.g. section 205 ‘Tax Treatment of Digital Asset Lending Agreements and Related Matters’ establishes that digital asset lending agreements are not generally taxable events; ‘mining’ and ‘staking’ of digital assets (along with raising funds for charitable purposes) will be excluded from tax requirements (via s501(c)(7) of the Internal Revenue Code of 1986); there are to be some rules around tax compliance — from 1 January 2025 brokers will have to produce annual returns reporting any transfer (which is not part of a sale or exchange) of a digital asset with an unrelated party; the CFTC components also strictly spells out the holding of customer assets. For e.g., it is establishing a requirement for merchants (licensed) to segregate digital assets to minimise the risk of customer loss under their custody; section 404 includes several requirements digital exchanges will have to meet, as well as additional rules for margin or leveraged trading e.g. only permit trading in assets not open to manipulation (which sounds tricky for organisations to regulate!); digital assets are viewed as ‘consumption’ goods rather than ‘investment’ goods, although it is case-by-case, and the bill has some practical protections for consumers e.g. Title V Responsible Consumer Innovation places stringent disclosure obligations on foreign issuers of ancillary assets. Finally, and interestingly, stablecoin issuers will have to meet its entire customer obligations in their capital adequacy requirements — this is a response to the Terra stablecoin collapse. A fascinating insight into US policymakers’ considerations, which will no doubt pop up in our own as Australia grapples with how to regulate crypto-currency under a new Government! (Reach out if you want a more detailed briefing, which we have prepared.)
  2. EPIC Investments (ASIC): ASIC has cancelled the AFSL of Epic Property Investments Ltd (Epic), which operates 2 registered managed investment schemes. ASIC took this action because Epic has not held professional indemnity insurance since 21 April 2021. Epic was unsuccessful in its attempts to obtain the required insurance cover. As a result, ASIC considered that Epic has failed to comply with its obligations on an ongoing basis and was not providing retail clients with consumer protections required under the regulatory regime for AFS licensees. Given that the insurance market is exceptionally hard at the moment, and following the RI Advice case, this strikes me as very harsh. Consumer protection is important, undoubtedly, but can be met through other means than a cottage industry of decreasing PI insurers. Appropriately structured terms where the underlying asset is cash at bank, bank guarantees, or say real property assets offer the same if not more protection. This licensing requirement could do with a rethink in my view…
  3. ePayments (ASIC): a long time coming, the new ePayments Code has been released. The ePayments Code provides consumer protections in relation to electronic payments, including ATM, EFTPOS, credit and debit card transactions, online payments, and internet and mobile banking. It sets out a process for customers to get help from their financial institution in retrieving funds they have mistakenly paid to the wrong person. ASIC has updated the following areas of the Code: compliance monitoring and data collection; mistaken internet payments; unauthorised transactions; complaints handling; and, facility expiry dates.
  4. Risk survey (APRA): it is worth subscribing to Government tender portals, as occasionally you get some gems — APRA is seeking information on the services to support an industry-wide risk culture benchmarking survey. Specifically, APRA is seeking a supplier to provide a tool which will enable a survey of up to 70 regulated entities across approximately 200,000 employees. The purpose of this RFI is to allow APRA to build a better understanding of the capabilities, capacity and indicative pricing for future procurement activities. No more Survey Monkey surveys, prudential entities can no doubt look out for this one in the near future!
  5. Scams (ACCC): Australians lost over $205 million to scams between 1 January and 1 May, a 166 per cent increase compared to the same period last year. The majority of losses over this period have been to investment scams with $158 million lost, an increase of 314 per cent compared to the same period last year. The majority of losses to investment scams involved crypto investments, with $113 million reported lost this year. People aged 55 to 64 reported the highest total losses, $32 million between 1 January and 1 May and over 80 per cent of losses reported by this age group was lost to investment scams ($26m). Generally speaking, Australians’ have poor financial literacy comparative to other development countries, and education is part of the answer. Another part of the answer is to support access to financial advisers instead of loading them up with regulation…

Thought for the future: there are the big ticket items which individuals focus on in terms of the challenges in the financial services industry e.g. new breach reporting rules, DDO and FAR. Then there is the surrounding practice e.g. court actions, license actions, etc. The former is largely stable now, whereas the latter strikes me as a quite hard — the regulators appear to have lost none of their hawkishness in the wake of the Hayne Royal Commission…

Australian regulators weekly wrap — Monday, 6 June 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. AFSL auditing (ASIC): ASIC has announced new financial reporting requirements for AFSL holders, following changes to the accounting standards. AFSL holders’ financial reports must now contain disclosures consistent with the financial reports of other for-profit entities, prepared under standards set by the AASB. For-profit companies, registered schemes and disclosing entities that prepare financial reports under Chapter 2M of the Corporations Act 2001 , and which are not reporting entities, can no longer prepare special purpose financial reports that do not contain all disclosures required in the full accounting standards i.e. the full recognition and measurement requirements for assets, liabilities, income and expenses e.g. all licensees will be required to prepare a cash flow statement. In addition to single entity financial statements, consolidated financial statements must be presented where the licensee has controlled entities. The new disclosure requirements apply from financial years commencing on or after 1 July 2021, but many licensees can choose to defer any new disclosure requirements by one year. This can be expected to add significant cost to the audit fees for most of the smaller AFSL entities, and I have not seen a detailed rationale from ASIC as to why this needs to happen. To me, it very much seems like overkill for a profession already struggling under the weight of recent over-regulation…
  2. ACCC priorities (ACCC): the new Chair of the ACCC, Gina Cass-Gotlieb, has stated that one of the ACCC’s key compliance and enforcement priorities for 2022/23 is promoting competition and investigating allegations of anti-competitive conduct in the financial services sector. She singled out payments in particular, noting the new services and competitors in the payments ecosystem, such as payment gateways, payment aggregators, mobile wallet providers and payments using crypto-currencies. Other priorities for the competition regulator are digital payment platforms, disrupting scams and CDR. No surprises on the last one — CDR will be more complicated as it moves beyond banking e.g. to insurance where the comparison is apples and oranges between policies.
  3. Prudential levies (APRA): the total funding required under the levies in 2022–23 for APRA is $259.6 million. This is a $2.4 million (0.9 per cent) decrease from the 2021–22 requirement. Nothing too interesting in the report in terms of enforcement or other key priorities, but always useful to double check these submissions to see if there are any gems!
  4. Good practice guide (FRC): the UK Financial Reporting Council has published anonymised key findings and good practices reported by its Audit Quality Review team in relation to their 2020/21 audit quality inspections at the seven largest audit firms. The purpose of these documents is to share with auditors, audit committees, investors and other users of audited financial statements the nature of the key findings and good practices reported on the individual audits inspected. My top reads for the week — they are relatively easygoing as far as audit reporting goes — some of the more interesting findings are: the audit team did not adequately consider the perceived threats to independence arising from the provision of non-audit services (relevant in the context of the EY chatter about breaking up the firm); the audit team did not obtain sufficient understanding of the operation of relevant controls across all jurisdictions to address and respond fully to the identified significant risk that non-compliance with law or regulation might have material adverse consequences for the group; and, there was insufficient evidence that the audit team had adequately considered the significance of the requirement to refinance the revolving credit facility in relation to management’s going concern assessment. Interestingly, in relation to the last point, the key finding also took issue with the auditors not considering whether the key lender could or would provide further funding. It provided ‘There was insufficient evidence that the audit team assessed the ability of the lender to provide funding as and when required”, which is interesting / not one I have seen pop up before. Of course, it is hard to assess this on in the absence of knowledge as to who the lender was e.g. high street bank, or non-bank lender operating out of the Grenadines since 2019.
  5. ESG (SEC): lots of news on greenwashing at the moment. In response, the US SEC has proposed amendments to rules and reporting forms to promote consistent, comparable, and reliable information for investors concerning funds’ and advisers’ incorporation of environmental, social, and governance factors. The proposed amendments seek to categorize certain types of ESG strategies broadly and require funds and advisers to provide more specific disclosures in fund prospectuses, annual reports, and adviser brochures based on the ESG strategies they pursue. For example, funds focused on the consideration of environmental factors generally would be required to disclose the greenhouse gas emissions associated with their portfolio investments. One I think will be picked up in Australia, in the near future given the state of play here.

Thought for the future: ‘regulatory impact statements’ seek to assist government officials to move towards ‘best practice’ regulatory design and implementation by requiring the completion of a detailed cost-benefit analysis. ASIC does do them (see here for example), but they do seem to be patchy. It would be really useful to see a consistent framework for RISs; the new auditing amendments cry out for one which can be tested…

Australian regulators weekly wrap — Monday, 30 May 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Federal ICAC (Election): the election is over, and the red team has formed a majority Government. Importantly, the main election promise Labor has made on integrity is to establish what it says will be a “powerful, transparent and independent National Anti-Corruption Commission”. Labor has proposed a robust commission with serious powers — it will draw on a draft bill proposed by MP Helen Haine in 2020. The NACC will have broad jurisdiction to investigate serious and systemic corruption by Commonwealth ministers, public servants, ministerial advisers, statutory office holders, government agencies e.g. ASIC and APRA and MPs. It would have the power to conduct public hearings if it believes it is in the public interest, and the power to make findings of fact, including findings of corrupt conduct. It could refer matters involving criminality to law enforcement authorities, and also have retrospective powers to investigate alleged misconduct from 15 years ago. It will be able to act in response to referrals, including from whistleblowers and public complaints, consistent with other integrity bodies. There will be oversight by a parliamentary joint committee, and its decisions will also be subject to judicial review. Labor has promised to pass legislation establishing the NACC by the end of the year, which is a really significant change to the regulatory landscape.
  2. Binary options (ASIC): ASIC has released Consultation Paper 362 Extension of the binary options product intervention order (CP 362), seeking feedback on a proposal to extend its product intervention order banning the issue and distribution of binary options to retail clients until it sunsets in 2031. ASIC banned the product in 2021, finding that in the 13 months before the ban between 74% and 77% of active retail clients lost money trading binary options, and loss-making retail client accounts made net losses totaling $15.7 million compared with $1.7 million total net profits of profit-making retail client accounts. Personally, while I understand ASIC’s position, I am a little uncomfortable with a blanket ban — if retail consumers want a lot of risk, subject to that risk being explained well, and all the other financial services laws being complied with, they should have access to that risk. In addition, and while the ‘slippery slope’ is a logical fallacy in terms of arguments, I do wonder what products are next…
  3. Insurance stats (APRA): APRA has released its Quarterly General Insurance Performance Statistics and Quarterly General Insurance Institution-level Statistics publications for the March 2022 quarter. Industry reported a net profit after tax of $1.3 billion and a return on net assets of 4.3 per cent during the year ended 31 March 2022, an increase compared to the prior year. The increase in net profit was driven by a stronger underwriting result, in part reflecting the impact of premium increases across certain classes of business. You can see the result here, which are a little surprising to me given how hardened the current market is at the moment.
  4. Directors duties (Courts): an interesting — though not groundbreaking — case was handed down from a governance perspective; In the matter of Bryve Resources Pty Ltd [2022] NSWSC 647. In the case, a director was found in breach of duties under ss 180 and 181 of the Corporations Act 2001 (Cth) by making unsecured interest-free loan to foreign company associated with director with doubtful capacity to repay loan. The court found that: “Applying those principles to the present case, I find that it may be expected that a reasonable person in the Company’s circumstances would not have made the Stanton payments, notwithstanding that the Company was indebted to Mr Stanton. The payments benefitted the Company by reducing that indebtedness to some extent. Mr Stanton benefitted by receiving the payments (or receiving advantages derived from payments made to third parties for his benefit) in circumstances where the Company was making no repayments to its other significant creditor, had insufficient funds to pay all of its debts and is presumed to have been insolvent by reason of its failure to keep the books and records required by s 286 of the Corporations Act”.
  5. Breach reporting (ASIC)ASIC have responded to concerns and frustrations raised by the financial services sector which was pointedly highlighted in the recent research presented by Lawcadia and Gadens— State of Financial Services Breach Reporting in Australia. (We gave them the report, naturally.) ASIC chair Joe Longo said breach reporting was “quite an ambitious” piece of law reform. He acknowledged that there has been some “teething issues” in administrating the legislation, and indicated that they are consultation with industry and will release some additional guidance. It seems the regulator will be focusing on consistency of reporting and although acknowledging that perfection is not possible, organisations are warned that ASIC will take action on non-compliance.

Thought for the future: how will the new NACC impact on ASIC, APRA, OAIC and AUSTRAC regulatory investigations?

Australian regulators weekly wrap — Monday, 23 May 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

  1. Prudential perspectives (APRA): Chair Wayne Byres has identified digital disruption, and the emergence of higher inflation and rising interest rates as key impacts affecting the banking industry in a speech to FINSIA. He also identified that common theme that increasingly pervades all three sectors of the industry — general insurance, life insurance and health insurance — is the (un)affordability and (un)availability of insurance. Finally, and interestingly, he noted that there are around 150 prudential standards and practice guides, supported by a myriad of information papers, industry letters and FAQs. APRA is undertaking a project to make the framework more cohesive; easier to understand and navigate; and less costly to maintain and update. APRA also want to cater to new risks from digitization. A great initiative, and one that will benefit from a lot of stakeholder engagement.
  2. Financial advisers (ASIC): ASIC has released a curious article entitled ‘Why get your advice from a licensed financial adviser?’. ASIC noted that, while using a licensed adviser doesn’t guarantee against financial loss, dealing with licensed professionals provides important safeguards if things go wrong. What struck me about the briefing is less the content, and more the continued recent shift by ASIC to help an industry unfairly decimated after the Royal Commission. Media releases are great, but now to structural reform. Whether that is carving certain low risk products out form the weight of compliance that comes with personal advice i.e. so we’d have 1) general advice; 2) simple personal advice; and 3) not simple personal advice, or modifying breach reporting and other onerous regimes to advisers’ circumstances, we need financial advisers in Australia and therefore do more to assist them from a regulatory perspective.
  3. Financial Accountability Regime (Parliament): election day in Australia, and I have fielded a number of queries in the lead-up about FAR which is sitting with Parliament. Whether or not the red or blue team wins (or we have a hung Parliament, God help us), my sense is that legislation will go through largely unchanged. It has strong bi-partisan support, and Labor got their win with the ancillary liability provisions (read more here) — and Australia’s loss, but that is a topic for another time! Expect this legislation to go through in the budget i.e. mid-year sittings.
  4. Green bonds (ASIC): ASIC is alerting investors of the existence of fake green bonds. Green bonds are bonds that are used to finance new and existing projects that offer climate change and environmental benefits. They can be purchased by superannuation funds, fund managers, insurance companies and other wholesale entities. These ones are not available — at least directly — to the general public or retail investors. Great work by ASIC, as part of its broader public mandate.
  5. Fairness review (AFCA): AFCA has published a new report which summarises work undertaken to try to ensure AFCA’s Fairness jurisdiction is well understood by stakeholders, that it is applied consistently and independently, and in a way that is fair for members and complainants. It includes a: a) New Fairness Jurisdiction Tool which ensures AFCA can discuss important issues for resolution with the parties in plain english; b) New decision templates to clearly explain how AFCA has applied the fairness tests in its complaint handling and why decisions made are fair in all the circumstances; c) Apprehended bias policy to ensure AFCA’s people remain impartial when working with the parties to resolve complaints; d) The AFCA Engagement Charter which clearly sets expectations of how parties should engage with each other and AFCA to ensure a fair process; e) Revised AFCA Approach library providing members and complainants with easy-to-understand information about how we handle specific types of complaints; and, f) New processes to calculate and capture fair outcomes once achieved. Good improvements, though for an organisation which produces some head scratching decisions with more regularity than one might be expect, at considerable expense to licensees, I think that the focus should be on supporting and upskilling the decision makers, internal review tree and process architecture to summarily deal with bad claims.

Thought for the future: what will the red team undo or change if they get in today? May sense is that they will start with the changes for litigation funders e.g. AFSLs, and potentially legislation common fund orders, given their closeness to the plaintiff firms / resistance previously…

Australian regulators weekly wrap — Monday, 2 May 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Breach reporting (Research): independent research commissioned by Gadens / Lawcadia on the enhanced AFSL / ACL breach reporting regime has been released this week. In summary, this research reveals: a marked increased in breach reporting for AFSL and ACL holders; a suggestion that ACL holders may be lagging behind AFSL holders in reporting; particular increases in breach reporting around misleading & deceptive conduct, and advice-related failures e.g. failure to provide a “general advice warning”widespread acceptance that changes were needed to how financial services organisations identified, assessed, and remediated breaches; broad agreement that the mandated approach is excessive; low level of confidence in the new breach reporting regime meeting its stated objectives, and in ASIC’s ability to administer the new regime effectively and fairly; significant increase in compliance and resourcing costs, and greater adoption of technology solutions to assist meeting obligations; a toll on mental health from a high level of stress and anxiety experienced by legal, risk and compliance professionals who are tasked with planning, implementing and administering the regulatory requirements. You can access the full report, together with the quantitative and qualitative data, here.
  2. Crypto schemes (APRA): the prudential regulator has set out in a letter its initial risk management expectations for all regulated entities that engage in activities associated with crypto-assets, and a policy roadmap for the period ahead. My top read for the week, the letter provides that it expects prudentially regulated entities to: 1) conduct appropriate due diligence and a comprehensive risk assessment before engaging in activities associated with crypto-assets; 2) consider the principles and requirements of Prudential Standard CPS 231 Outsourcing or Prudential Standard SPS 231 Outsourcing when relying on a third party in conducting activities involving crypto-assets; and 3) apply robust risk management controls, with clear accountabilities and relevant reporting to the Board on the key risks associated with new ventures. Fascinating, APRA has said that it plans to in 2022 — 2023: 1) consult on requirements for the prudential treatment of crypto-asset exposures in Australia for ADIs, following the conclusion of the Basel Committee’s current consultation; 2) progress new and revised requirements for operational risk management, covering control effectiveness, business continuity and service provider management. While these requirements will apply to the entirety of an entity’s operations, many will be directly relevant to the management of operational risks associated with crypto-asset activities; and 3) consider possible approaches to the prudential regulation of payment stablecoins. A fantastic development, and very sensible approach adopted by APRA.
  3. Data security (Government): the Government has released a discussion paper focusing on data security policy settings for state and territory governments, industry and the broader economy. The goal is to inform the National Data Security Action Plan’s direction, which aims to improve data security measures and close the gaps that exist in our data settings. The goal is to ensure that governments, businesses and communities are informed and resourced to protect their data, and strengthen security and build resilience in infrastructure that underpins our digital economy. The questions are broad ones, and set out at 29–32 of the paper e.g. “Does Australia need an explicit approach to data localisation”? Early stages for this one, though given the increase in cyber attacks the idea to collectively take Government and private industry on the journey in increasing our data protection settings is a good one. Between this, the SOCI legislation, and the consultation papers focusing on the uplift of the privacy legislation, informational treatment is going to be a defining feature of the regulatory landscape for this decade.
  4. Crypto-criminals (AUSTRAC): the AML / CTF regulator has released two new financial crime guides to help businesses stop ransomware attack payments and the criminal abuse of digital currencies. The guides contain practical information and indicators to help businesses identify and report if a payment could be related to ransomware attacks, or someone could be using digital currencies to commit serious crimes such as money laundering, scams, or terrorism financing e.g. use of chain-hopping — moving from one blockchain to another — in an apparent attempt to obfuscate source or destination of funds or multiple customer accounts are opened with either the same email address, phone number, IP address, residential address, postal address or on-boarding documents. The guide, which an easy read and quite useful , can be accessed here.
  5. Director sentiment (AICD): The Australian Institute of Company Directors’ latest Director Sentiment Index have set out that Directors identified cyber-crime and data security as the number one issue keeping them awake at night — no surprises here. According to the last research I read on the subject (Cost of a Data Breach Report 2021 — Australia | IBM), data breaches cost businesses an average of $3.9 million in 2021, an increase of over 30 per cent from 2020, and the highest average cost in the last 17 years. That is only likely to increase with the proliferation of data, increase in stringency of data protection laws and increase in bad actors seeking to fund activities / achieve nationalistic aims.

Thought for the future: I am very heartened to see APRA and AUSTRAC pragmatically embracing the place that crypto has in the future of our financial services system. Of course, the big game is over at Treasury in its consideration of the CASSPr licence (essentially a mutated AFSL) for crypto players. Getting that right is critical for the industry to thrive — submissions on that licence are due at the end of May 2022, and I’d encourage everyone to take part in shaping what will be a momentous change.

Australian regulators weekly wrap — Monday, 25 April 2022

Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

  1. Litigation funding schemes (ASIC): ASIC has extended the relief from certain dollar disclosures in PDSs for litigation funding schemes in ASIC Corporations (Disclosure in Dollars) Instrument 2016/767 until 1 October 2026. Relief has been extended by ASIC Corporations (Amendment) Instrument 2022/264. The theory is that public disclosure of some categories of information could provide a tactical advantage to opposing parties in class actions and may not be in the interests of scheme members, which makes sense.
  2. Central bank crypto currencies (BIS): emerging market economy central banks have increasingly engaged in projects related to central bank digital currencies (CBDCs). The stage of their engagement — research, pilot or launch — varies according to differences in country circumstances, including the availability of digital infrastructure, their focus among different policy objectives, and the attendant motivations and concerns. The Bank of International Settlements has released papers from the central banks of these economies which explored issues such as: the main objectives of introducing CBDCs; the guiding principles of CBDC design and data governance; challenges of CBDCs for monetary policy, financial intermediation and financial stability; the implications of CBDCs on financial inclusion; and the cross-border aspects of CBDCs. A fascinating read, the papers discuss the key motivations for CBDC issuance as well as the primary concerns. Achieving greater payment system efficiency is at the heart of these central banks’ motivations. They also place great emphasis on financial inclusion and are concerned about cyber security risks, potential bank disintermediation and cross-border spillovers.
  3. Fintech collaboration (Treasury): the Australian Treasury and the Monetary Authority of Singapore have signed the Australia-Singapore FinTech Bridge Agreement to strengthen cooperation between the FinTech ecosystems of both countries. The agreement sets out a framework deepen bilateral and multilateral cooperation on FinTech; support the mutual establishment of FinTechs looking to expand in each other’s markets; build on current engagements to strengthen linkages between Australia and Singapore for policy officials, regulators, and industry groups; explore joint innovation projects on emerging issues in FinTech to help the industry navigate through a constantly evolving space, to share information on emerging market trends, and to learn from the experiences in each jurisdiction. Interestingly, in relation to the last point, this includes collaboration in areas such as blockchain and distributed ledger technology, digital identities, cross-border data connectivity, data portability, and the application of FinTech to promote sustainable finance. Since Singapore is a leader in crypto, this can only be to Australia’s benefit.
  4. Compliance failures (ASIC): The Federal Court has ordered Westpac to pay penalties in the amount of $113 million for widespread compliance failures across multiple businesses. The six categories of matter against Westpac concern: 1) Fees for no service — deceased customers: Over a 10-year period, Westpac charged over $10.9 million in advice fees to over 11,800 deceased customers for financial advice services that were not provided due to their death; 2) General insurance: Westpac distributed duplicate insurance policies to over 7,000 customers for the same property at the same time, including 3,899 customers since 30 November 2015, causing customers to pay for two (or more) insurance policies where they had no need for the additional policies; 3) Inadequate fee disclosure: Westpac and related advice businesses charged ongoing contribution fees for financial advice to retail customers without disclosing, or properly disclosing those fees. Over eight years, at least 25,000 customer accounts were charged at least $10.6 million in fees that were not disclosed, or properly disclosed; 4) Deregistered company accounts: Westpac allowed approximately 21,000 deregistered company accounts, holding approximately $120 million in funds, to remain open and continued to charge fees on those accounts. Westpac allowed funds to be withdrawn from these accounts that should have been remitted to ASIC or the Commonwealth i.e. if they were trust property; 5) Debt onsale: Westpac sold consumer credit card and flexi-loan debt to debt purchasers with incorrect interest rates. These interest rates were higher than Westpac was contractually allowed to charge; and, 6) Insurance in super: Westpac subsidiary, BT Funds Management charged members insurance premiums that included commission payments, despite commissions having been banned under the FOFA reforms. A steep penalty, and a reminder of the importance of governace, risk and control frameworks in the aftermath of the Hayne Royal Commission…
  5. Challenger banks (FCA): a review by the UK FCA has found that UK challenger banks need to improve how they assess financial crime risk, with some failing to adequately check their customers’ income and occupation. In some instances, challenger banks did not have financial crime risk assessments in place for their customers. Challenger banks aim to compete with traditional high street banks using smarter technology and more up-to-date IT systems. Many are recent entrants to the UK financial markets, with online only business models and offering financial services through smartphone apps. The review, conducted over 2021, identified a rise in the number of AML/CTF Suspicious Activity Reports reported by challenger banks, raising concerns about the adequacy of these banks’ checks when taking on new customers. Interestingly, it also found some bright spots — for example, innovative use of technology to identify and verify customers at speed.

Thought for the future: not long now until ASIC first publicly reports on the number of breaches individual firms have made i.e. June 2022! I have spent the weekend looking through the independent research CoreData has put together from over 160 organisations on the numbers of breach reports, types of breach reports and other challenges the regime has thrown up in its first 6 months. For a copy of the report, sign up to the release webinar here on 28 April: https://www.lawcadia.com/blog/breach-reporting-in-australia