Gadens Regulatory Recap – 12 December 2023

This edition of the Gadens Regulatory Recap highlights recent developments from ASIC, APRA, ACCC, AFCA, the OAIC, and Treasury, including various enforcement actions taken by the regulators.

ASIC

1. ASIC releases guidance on the registration of financial advisers: On 28 November 2023, the Australian Securities Investments Commission (ASIC) released guidance through Information Sheets 276 and 277 for AFS licensees and financial advisers regarding the new requirement for financial advisers to be registered with ASIC.

The requirement is enshrined in the Treasury Laws Amendment (2023 Measures No. 1) Bill 2023, which received Royal Assent on 27 November 2023, and will take effect from 1 February 2023 for financial advisers who provide personal advice to retail clients (Relevant Providers).

The Information Sheets provide the following guidance:

• Information Sheet 276 FAQs: Registration of Relevant Providers – guidance regarding registration requirements, process, multiple registrations of AFS licensees and Relevant Providers; and
• Information Sheet 277 Registration of Relevant Providers: Guidance on Making Declarations – guidance regarding making declarations when AFS licensees apply to register Relevant Providers. With 1 February 2024 nearing, it is important for AFS licensees and Relevant Providers to be fully aware of their obligations regarding registration.

2. ASIC Chair makes address at Australasian Investor Relations Association Forum: On 28 November 2023, ASIC Chair Joe Longo delivered a speech to the Australasian Investor Relations Association Forum, highlighting the evolving regulatory landscape and the implications this has for listed entities in Australia. Mr Longo highlighted continuous disclosure, sustainable finance, and stakeholder responsibility and activism as key areas in which greater transparency and engagement are required.

Key takeaways include:

• continuous disclosure obligations ought to be ‘front-of-mind’ to ensure that organisations build and maintain confidence and integrity;
• organisations should be cautious of media reporting in advance of fundraising, merger, and takeover activity, given the risks of mishandling of information and breaches of disclosure obligations;
• in light of the Australian Government’s proposed sustainable finance strategy, market participants should commence engaging with proposed climate disclosure requirements to ensure systems, processes, and governance practices are in place to comply with a mandatory climate reporting regime; and
• that organisations should contemplate shareholder activism and that the exercise of shareholders rights ‘should sharpen the focus of every board,’ as it has the capacity to improve the governance and accountability of an organisation.

3. ASIC and AFCA sign MoU: On 1 December 2023 ASIC and AFCA signed a Memorandum of Understanding (MoU) that sets out how they intend to continue to engage. The MoU documents the way in which ASIC and AFCA currently engage with each other, and intend to do so going forward, such as information sharing and other means of coordination and cooperation. The MoU also acknowledges the importance of cooperation for the bodies to discharge their responsibilities.
4. ASIC releases report highlighting surveillance of online trading providers: On 6 December 2023, ASIC released a report following surveillance in 2022 and 2023 of online trading providers and provided guidance regarding its regulatory expectations.

The report highlighted several ASIC regulatory interventions including infringement notices, court actions and stop orders following retail trading providers:

• holding client money and assets;
• providing high-risk offers;
• using misleading or deceptive statements;
• not adequately supervising representatives; and
• using influencer marketing and other digital engagement practices.

In instances where ASIC identifies significant harm, ASIC will take a strong regulatory approach, including commencing court proceedings where appropriate. This serves as a timely reminder for online trading providers to assess their own regulatory arrangements and adopt the observations of ASIC’s report to their business.

5. Enforcement activities: ASIC has continued to be very active in the enforcement space in the last fortnight, with various enforcement activities published by the regulator.

ASIC has disqualified a former director from managing corporations for 18 months due to his involvement in the failure of four companies in the food services industry and failures to meet his obligations as a director.

ASIC’s Financial Services and Credit Panel has made a registration prohibition order against a financial adviser from 7 December 2023 to 17 May 2025 after findings that he was insolvent under administration. The adviser’s registration as a financial adviser has also been cancelled and he is prohibited from providing personal advice to retail clients during the period of prohibition.

The Markets Disciplinary Panel (MDP) issued an infringement notice and penalty of $670,500 to Instinet Australia Pty Ltd (Instinet) for contraventions of the market integrity rules. Relevantly, the market integrity rules required Instinet to provide meaningful price improvement for client transactions that were conducted off-market, disclose necessary information to clients about the crossing system that it operated, and accurately report regulatory data about the execution venue of trades. The MDP alleged that Instinet contravened rules 6.1.1, 5A.2.2, and 7.4.2 in activities relating to its crossing system.

Following an investigation by ASIC, Morningstar has paid $29,820 to comply with two infringement notices issued by ASIC in which it was alleged that investor funds were exposed to weapons investments, despite the fund’s Environmental, Social and Corporate Governance Policy stating that these investments would be avoided. The fund was exposed to securities in various weapons companies for short periods of time in 2022 and 2023, with Morningstar reporting the incidents to ASIC.

The AAT has also upheld the decisions of ASIC to disqualify both a SMSF auditor for breaches of independence requirements, and a financial adviser for failures to act in the best interests of clients. Both matters can be appealed to the Federal Court.

Following a referral to the Commonwealth Director of Public Prosecutions (CDPP) from ASIC, the founder, executive chair, and managing director, Mr Henry Heng, of Eneco Refresh Ltd (Eneco) has pled guilty to one count of market manipulation and one count of creating a false or misleading appearance of active trading. ASIC alleged that on 24 occasions between December 2020 and December 2021, the director used share trading accounts in the name of various family members to manipulate the share price of Eneco, and between 30 April and 30 November 2021 to conduct trades that created a false or misleading appearance of active trading. Mr Heng was also charged with nine counts of failing to notify the market operator of changes in his relevant interests, contrary to section 205G(10) of the Corporations Act 2001 (Cth).

A former director of Vested Capital Pty Ltd and associated companies (the Vested Group) has been charged with a number of criminal offences in connection with the Vested Group companies used as investment and development vehicles. The former director, who is an undischarged bankrupt, was charged with 15 counts of fraud, three counts of falsifying company books and records, and two counts of providing false or misleading information to members of a corporation.

The sole director of Equitable Financial Solutions Pty Ltd was charged with breaches of dishonest conduct, following a referral to the CDPP. The director, Mr Usman Siddiqui, has been charged with four counts of dishonestly using his position as a director to gain an advantage, allegedly causing $1.75 million of company funds to be diverted from the company for his own benefit.

Following a referral by ASIC to the CDPP, Fong Financial Planners Pty Ltd has been convicted and sentenced for three counts of dishonest conduct while carrying on a financial services business, with a fine of $100,000 ordered. The District Court found that Fong Financial Planners intentionally failed to disclose all relevant information relating to clients in insurance applications, meaning the duty of disclosure owed by the clients was not met. The Court considered various mitigating factors, including the low risk of reoffending due to ASIC banning orders that are now in place.

A former employee of BBY Limited (BBY) has been charged with aiding and abetting BBY to engage in dishonest conduct in relation to a financial service. Ms Yat Nam Yuen, a former manager at BBY, has been charged with two offences contrary to sections 1041G(1) and 1311 of the Corporations Act, and section 11.2 of the Criminal Code (Cth). ASIC alleges that Ms Yuen variously provided instructions for client funds to be transferred out of segregated client trust accounts, in breach of BBY’s obligation to hold client money in trust. While the matter is being prosecuted by the CDPP, ASIC’s investigation into BBY remains ongoing.

The Federal Court ordered RACQ Insurance Limited (RACQ) to pay a penalty of $10 million for potentially misleading customers about the pricing discounts available in various types of insurance cover. The Federal Court found that RACQ sent misleading PDS’ on at least five million occasions from March 2017 to March 2022, with approximately 458,746 customers missing out on approximately $86,476,339 in discounts that ought to have been applied. Specifically, the PDS’ for Motor, Home, Caravan & Trailer, and Unique Vehicle policies indicated that certain discounts would be applied to customers’ insurance premiums, with the Federal Court finding that this was potentially misleading as the discounts were only applied to base insurance premiums and not to any additional premiums that option extras attracted.

Finally, the Federal Court has ordered OnePath Custodians Pty Ltd (OnePath) to pay a $5 million penalty for false or misleading representations made to members about its right to continue charging fees, and failure to provide services to members efficiently, honestly and fairly, due to misleading conduct and deducting fees it was not entitled to. From December 2015 to November 2021, members were advised they were required to pay a fee for advice from a ‘Plan Adviser,’ even in circumstances where they were not entitled to receive advice services, resulting in deductions of $3.8 million in fees.

APRA

6. APRA consults on new cross-industry standard to centralise existing standards on definitions for ADIs and insurers: APRA has commenced a consultation on a new cross-industry prudential standard, CPS001 Defined terms (CPS001). CPS001 seeks to centralise five existing definition standards into a single consolidated standard streamlining terminology and eliminate redundancy associated with terms no longer used in prudential standards. CPS001 does not introduce any new defined terms and further supports APRA’s development of its digital framework to be released in the second half of 2024.

APRA is accepting written submissions until 13 March 2024.

7. APRA emphasises importance of quality data and data risks: APRA has released its findings from their 100 Critical Risk Data Elements Pilot (the CRDE Pilot), a multi-year pilot study commenced in 2019. The study highlights APRA’s consistent focus on data associated risks. The CRDE Pilot aimed to understand data management practices, requiring banks to identify 100 of their most critical data elements (such as customer names, account numbers and interest rates etc.) and enhancing the control over that data.

While APRA saw better practice examples in the use of enterprise-wide data programs, scalable technology strategies and the use of governance, risk and compliance systems to support data risk reporting, ultimately, the gap between current and better practice data risk management remains wide.

From the CRDE Pilot, APRA identified six considerations organisations should consider when seeking to manage data risk:

• establishing data governance with a unified data strategy;
• providing clarity on roles and responsibility for ownership of critical data elements and processes across the data life cycle;
• simplifying the technology and data architecture environment through improved platform solutions and by decommissioning legacy assets;
• identifying critical data elements and creating a consistent set of data controls;
• establishing mechanisms to monitor data quality and timely remediation of errors based on business requirements; and
• integrating data management risk into risk management frameworks.

APRA has indicated that recent cyber events and the growing importance of data driven decision making ensures that data risk management will continue to be a focus for the regulator (reflected in recent guidance published in CPS 234, CPG 235 and CPS 230). Given the value of effective data optimisation and APRA’s increasing regulatory focus, financial services entities should ensure data risk management is a key operational risk consideration.

8. APRA releases insights on superannuation performance: APRA’s recent insights paper reveals new data on superannuation product performance in respect of fees and investment returns.

The insights paper, based on this year’s annual superannuation performance test, shows:

• a significant variance in the administration fees paid by fund members within each of the product segments indicating considerable scope for industry fee reductions;
• trustee directed products offered through platforms generally have the highest fees;
• larger funds tend to charge lower administration fees reinforcing the efficiency and cost-savings benefits of scale in the superannuation industry; and
• more than half of all platform trustee directed products are failing to meet the benchmark standards, although most MySuper products and non-platform trustee directed products are outperforming the investment component of the performance test.

APRA’s release of its insight paper follows the publication of each product’s numerical results for this year’s superannuation performance test, providing ‘pass’ and ‘fail’ results across tailored benchmarks. From next year, APRA will publish a comprehensive transparency package covering investment returns, fees and performance test metrics after the annual performance test.

9. APRA imposes additional licence conditions on NGS Super: On 8 December 2023, APRA imposed additional licence conditions on NGS Super Pty Limited (NGS) following investigation and review by APRA. APRA identified significant deficiencies in NGS’ cyber controls following a cyber incident in March 2023 that resulted in a significant amount of data loss, and systems being compromised for a period of time. Prior to the March 2023 cyber incident, APRA requested an independent tripartite review be undertaken, ultimately identifying deficiencies in NGS’ compliance with Prudential Standard CPS 234 – Information Security.

The additional licence conditions require NGS to engage an independent third party to:

• provide assurance regarding remediation activities to address recommendations of its internal audit and the independent tripartite review; and
• conduct a review of the CPS234 controls and frameworks that are in place.

ACCC

10. ACCC comments on Scams Awareness Week: The ACCC and the National Anti-Scam Centre (NASC) released guidance to businesses and consumers in relation to increasingly sophisticated impersonation scams as part of Scams Awareness Week (27 November to 1 December 2023). Between 1 January and 30 September 2023, impersonation scams accounted for more than 70% of the 234,672 reports received by Scam Watch. These scams have the potential to cause significant financial harm to consumers, with impersonation scams deemed most high-risk being imposter bond scams (estimated $35 million lost), business email compromise scams (estimated $14 million lost), and bank impersonation scams (estimated $11 million lost). The ACCC provided further guidance and tips for consumers on the Scams Awareness Week website.
11. ACCC releases new report in Digital Platform Services Inquiry: On 27 November 2023, the ACCC released its seventh interim report forming part of the Digital Platform Services Inquiry. The report highlights the ‘expanding ecosystems’ of digital platform service providers, with more than 80% of Australians having at least one social media account and owning a smart device. The key recommendations made by the ACCC include:

• economy-wide consumer measures, such as an economy-wide prohibition against unfair trading practices, strengthening of unfair contract terms laws, and targeted digital platform specific obligations;
• digital platform specific consumer measures, such as mandatory processes to target scams, mandatory internal dispute resolution standards, and ensuring consumer access to independent external review;
• introduction of additional competition measures for digital platforms, such as a new power to make mandatory codes of conduct for ‘designated’ digital platforms; and
• targeted competition obligations, such as impediments to consumer switching, a lack of transparency, and exclusive pre-installation and default agreements hindering competition.

On 8 December 2023, the Australian Government released its response to the report, with all four key recommendations supported in principle.

The ACCC’s Digital Platform Services Inquiry is due to be completed and a final report provided by 31 March 2025.

12. National Anti-Scam Centre releases Quarterly Report: On 27 November 2023, the NASC released its first quarterly report, providing an update on its activities from commencement on 1 July to 30 September 2023. Key activities of the NASC include:

• the establishment of the Investment Scam Fusion Cell, jointly led by ASIC and the NASC, to disrupt and prevent investment scams. Notably, the work of the fusion cell resulted in a 6% decrease in investment scam losses;
• disruption of high-risk scams, such as fake FIFA World Cup tickets, phishing relating to QANTAS loyalty points, and a scam targeting international students in Australia;
• working with the Australian Communications and Media Authority (ACMA) to direct telcos to comply with the Reducing Scam Calls and Scam SMS Rules; and
• referral of $2,455 scam victims to specialised support services.

Notably, the NASC observed a 41.2% increase in reports of scams to Scamwatch when compared to the same period last year, with text messages as the most common contact method (36.0%), while phone is the highest loss contact method ($92.5 million, accounting for 23.2% of losses), followed by social media scams ($78.6 million, accounting for 19.7% of losses).

13. Regulatory intersections between competition, consumer and privacy laws speech: On 30 November 2023, Gina Cass-Gottlieb, Chair of the ACCC delivered a speech to the Asia Pacific Privacy Authorities Forum, highlighting the work that the ACCC has done relating to digital platform markets since 2017 and the intersection between competition law and privacy. In particular, the challenges for consumers in participating on digital platforms in light of unfavourable terms and conditions, particularly as it relates to data collection and use, was noted. Ms Cass-Gottlieb highlighted the following efforts of the ACCC:

• coordination with other regulators, such as the OAIC;
• providing recommendations to the Government;
• the ICN Intersection Project alongside the AGCM (Italy’s competition authority), CCB (Canada’s competition authority), and the FTC (the US’s competition authority) to work collaboratively and develop a handbook for authorities to refer to when faced with data and privacy intersection in competition enforcement activities; and
• the Digital Platform Regulators Forum in Australia, which includes the ACCC, ACMA, OAIC, and the Office of the eSafety Commissioner.

AFCA 

14. AFCA identifies increase in complaints by First Nations people: AFCA issued a media release on 27 November 2023 noting a discouraging increase in the number of complaints it has received from Aboriginal and Torres Strait Islander people this financial year. Figures point to a 13% rise in complaints over the last financial year, mainly in relation to banking products such as personal loans and credit cards in addition to twice the proportion of financial hardship complaints coming from First Nations people.

AFCA acknowledged the challenge of financial inclusion for First Nations peoples and has called on institutions to be more sensitive to the cause and to dedicate further resources to help First Nations people with financial issues.

OAIC

15. Privacy Commissioner and Freedom of Information Commissioner appointed by OAIC: On 27 November 2023, the Attorney-General announced the appointments of a new Freedom of Information Commissioner and a standalone Privacy Commissioner, appointments which were welcomed by the Australian Information Commissioner, Angelene Falk. Ms Falk highlighted the significance of moving to a three-commissioner model during a time in which the protection of privacy and access to information is crucial. The new Freedom of Information Commissioner, Elizabeth Tydd, will commence her role on 19 February 2024, and the new Privacy Commissioner, Carly Kind, will commence her position on 26 February 2024.

Treasury 

16. Treasury commences consultation on mandatory industry codes for scams: On 30 November 2023, Treasury released its consultation paper proposing to introduce mandatory industry codes to combat scams particularly in the banking, telecommunications and digital platform sectors and is seeking feedback on its new Scams Code Framework (SCF). The SCF is based upon the following three key principles:

• a whole-of-ecosystem approach with active participation and collaboration by all stakeholders;
• a flexible framework to deal with and respond effectively to scammers’ adaptive behaviour; and
• a framework that complements current existing regimes and controls.

The consultation is open until 29 January 2024.

17. Treasury commences consultation on use of genetic testing results in life insurance underwriting: On 27 November 2023 the Australian Treasury commenced its consultation on the use of genetic testing results in life insurance underwriting.

The consultation seeks responses on several potential policy responses and the impacts of life insurers utilising genetic test findings in underwriting on genetic testing, following earlier stakeholder concerns regarding experiences with life insurance and genetic test results.

The consultation paper sets out matters for consideration, including:

• that life insurance can be individually risk-rated;
• genetic testing can indicate potential for individual health risks;
• life insurers can request genetic testing results;
• concerns about the impact on participation in medical research involving genetic testing;
• moratorium on the use of genetic tests in life insurance;
• the increase of the prevalence of genetic testing;
• options for regulatory intervention; and
• international approaches to the use of genetic testing results in life insurance underwriting.

The consultation is open until 31 January 2024.

18. Treasury commences consultation on the retirement phase of superannuation: On 4 December 2023, Treasury released its discussion paper Retirement phase of superannuation seeking views on how the superannuation system can best provide the security and income Australians need as they live longer and healthier lives in retirement, by examining three key areas:

• supporting members to navigate the retirement income system;
• supporting funds to deliver better retirement income products and services; and
• making lifetime income products more accessible.

The consultation is open until 9 February 2024.

19. Government issues response to Statutory Review of Payment Times Reporting Act: On 5 December 2023, Treasury released the Government response to the Statutory Review of the Payment Times Reporting Act 2020. The Government agrees with all 14 recommendations of the Statutory Review published on 31 August 2023 and is committing $8.1 million over 4 years to fund a range of initiatives that will deliver better outcomes for small businesses and ensure continuous improvement of payment practices by large businesses operating in Australia. Government initiatives will include an overhaul of the Payment Times Reporting Scheme, targeted activities to increase pressure on large businesses with poor payment practices and embedding fair payment terms for small businesses in a range of other Government policies and processes.
20. Treasury releases first Enterprise Data Strategy: On 5 December 2023, the Treasury released its Enterprise Data Strategy for 2023-2025. This strategy is the Treasury’s first data strategy and sets a direction for investment in data capability across the department. The strategy focuses on four major themes:

• data governance and leadership;
• data capability;
• data analytics and visualisation; and
• data access and acquisition.

The strategy is intended to allow Treasury to work alongside the broader public sector, and better equip the department to provide necessary advice for the Government and consumers.

21. Treasury releases final government response to Quality of Advice Review: On 7 December 2023, Treasury released the Government response to the Quality of Advice Review, as part of its Delivery Better Financial Outcomes package. In its final tranche of financial advice reforms, the Government will:

• introduce a modernised and flexible best interests duty that will apply to all personal advice providers;
• introduce a new class of financial advice provider, to be called ‘qualified advisers,’ who will not be able to charge fees/receive commission, to increase the availability and affordability of simple personal advice;
• allow more flexibility for superannuation trustees to provide advice; and
• replace Statements of Advice with a more fit-for-purpose principles-based advice record.

22. Treasury commences consultation on designated complaints: On 7 December 2023, Treasury commenced its consultation on draft legislation to implement a designated complaints function within the ACCC. If the legislation were introduced, designated complainants would be approved by the Minister, having regard to their experience and ability in representing the interests of consumers and/or small businesses in Australia and the extent to which they will act with integrity as a complainant. The designated complaints function, which is largely based on the ‘super complaints’ framework in place in the United Kingdom, would allow certain organisations to make complaints directly to the ACCC, and that responses would be required within specific timeframes.

The consultation is open until 8 January 2024.

23. Treasury commences consultation on Payments System Modernisation: On 8 December 2023, Treasury released its second consultation paper on a licensing framework for payment service providers (PSPs) to ensure the regulation of payment services is fit-for-purpose and provides consistent regulation based on the activity a payment service provider performs. The paper includes an updated list of the following ‘payment functions’ and confirms the AFSL framework will be leveraged to regulate PSPs:

• stored-value facilities (‘traditional SVFs’);
• payment stablecoins (‘payment stablecoin SVFs’);
• payment instruments;
• payment initiation services;
• payment facilitation services;
• payment technology and enablement services; and
• cross-border transfer services.

In addition, the framework proposes:

• a set of regulatory requirements to facilitate greater access to payment systems;
• graduated regulatory requirements for stored-value facilities, including payment stablecoins;
• a framework for industry standard-setting; and
• a new rule-making power to enable the introduction of a mandatory revised ePayments code to provide enhanced consumer protections.

The consultation is open until 2 February 2024.

Other

24. ALRC financial services inquiry final report submitted to Attorney-General: On 30 November 2023 the Australian Law Reform Commission announced that its final report in its Review of the Legislative Framework for Corporations and Financial Services Regulation, ‘Confronting Complexity: Reforming Corporations and Financial Services Legislation’ was submitted to the Commonwealth Attorney-General. While the final report has not yet been made public, Dr Vanessa Ho of the ALRC delivered a speech highlighting the regulatory challenges of evolving technology in the financial services sector, drawing on learnings of the Review. The challenges highlighted included ‘robo-advice’, buy-now-pay-later services, and crypto assets. We look forward to reviewing the final report of the ALRC review.

If you found this insight article useful and you would like to subscribe to Gadens’ updates, click here.

Authored by:
Matthew Bode, Partner
Kelly Griffiths, Partner
Michael Kenny, Partner
Sinead Lynch, Partner
Daniel Maroske, Partner
Kate Mills, Partner
Caroline Ord, Partner
Anna Fanelli, Senior Associate
Philip O’Brien, Senior Associate
Zira Norman, Senior Associate
Nigel Mok, Associate
Lachlan Clarke, Seasonal Clerk