Gadens Regulatory Recap

30 May 2023
Matthew Bode, Partner, Brisbane Michael Kenny, Partner, Melbourne Daniel Maroske, Partner, Brisbane Kate Mills, Partner, Sydney Caroline Ord, Partner, Melbourne

This edition of the Gadens Regulatory Recap considers updates from ASIC, APRA, OAIC, RBA, AFCA, and key legislative updates. We also take a look at the proposed changes to Buy Now Pay Later services and the debanking of Binance in the unregulated crypto space.


  1. Enforcement: ASIC’s public focus over the past fortnight has been on enforcement activities, with ASIC having issued eight interim stop orders on 16 May in relation to TMDs; banned a former fund manager for naked short selling; and released further instances of AFSL holders having their licences cancelled and suspended. Two other significant enforcement actions for the period were: 
    • ASIC commences proceedings for responsible lending breaches: ASIC has brought civil penalty proceedings in the Federal Court against Money3 Loans Pty Ltd (Money3) for alleged breaches of its responsible lending obligations in the period between May 2019 and February 2021. ASIC alleges that Money3 did not properly assess whether borrowers could meet their repayment obligations prior to establishing loan contracts for the purchase of second-hand vehicles. 
    • AMP penalised for charging deceased members for life insurance: The Federal Court has found in ASIC v AMP Superannuation Limited [2023] FCA 488 that the AMP Group was in breach for charging deceased customers over $500,000 in life insurance premiums and over $100,000 in advice fees. In delivering the decision, Justice Hespe emphasised the systemic failures and lack of oversight within the AMP Group, resulting in the failure to identify, investigate, and remediate the systemic issues that were evident for many years. Two of the AMP companies, AMP Life Limited and AMP Financial Planning Proprietary Limited, were penalised a total of $24 million for the breaches. 


2. APRA reforms for the strengthening recovery and resolution planning: Following a significant period of consultation, APRA has finalised new requirements and guidance to strengthen the preparedness of superannuation funds, insurers and banks to respond to a crisis. The updated guidance includes: 

    • Prudential Practice Guide CPG 190 Recovery and Exit Planning (CPG 190) – all entities must develop and maintain credible plans for managing stress, including actions to restore financial resilience or exit regulated activities in an orderly manner
    • Prudential Standard CPS 900 Resolution Planning (CPS 900) – large and complex entities must support APRA in preparing bespoke resolution plans
    • Prudential Practice Guide CPG 900 Resolution Planning (CPG 900) – contains a high-level framework for assessing critical functions, guidance to assist entities in determining the third parties essential to the ongoing provision of functions, and details of APRA’s expectations on the use of external experts. 

3. APRA responds to consultation on minimum capital requirements for PPF providers: On 19 May APRA released its response to last year’s consultation on proposed amendments to Prudential Standard APS610 (Prudential Requirements for Providers of Purchased Payment Facilities). The consultation proposed specific amendments to the Prudential Standard to align the capital requirements more closely with those that are applicable to other APRA-regulated industries. In responding, APRA noted that four submissions were received, all of which welcomed further review of APS610, and largely supported further lowering of capital requirements. 


4. OAIC & Information Commissioner Review Consultation: The OAIC is seeking submissions from stakeholders on the drafting of revisions to the Directions applying to certain procedures to be followed in Information Commissioner reviews. The revised Directions’ purpose is to set out the procedures that agencies, ministers and applicants would be required to follow during Information Commissioner reviews. Submissions are due Friday, 2 June 2023. 

5. Clearview AI Inc and Australian Information Commissioner [2023] AATA 1069: Earlier this month the AAT delivered its decision into whether Clearview AI Inc (Clearview) was within the jurisdiction of the Privacy Act 1988 (Cth) (Privacy Act) in circumstances where the company was based in the United States, without an Australian office, and without having generated revenue in Australia. Clearview, which operates a facial recognition tool, was previously found by the Australian information Commissioner to have breached the Privacy Act in its collection and use of the personal information, namely facial images, and biometric data, in breach of the Australian Privacy Principles. The Administrative Appeals Tribunal concluded that Clearview has sufficient “Australian link” for the Privacy Act to apply on the grounds that it accesses images held on servers that are located in Australia, and that it was “carrying on business in Australia for the purposes of the Privacy Act.” 


6. Buy Now Pay Later products to be regulated as credit cards: This week the Treasury indicated that ‘Buy Now Pay Later’ financial services, such as Afterpay, will be regulated as credit products under the National Consumer Credit Protection Act 2009. Gadens have published a deep dive into the proposed regulation earlier this week, which you can review here


7. Payments System Board meets for May: On 25 May 2023, the RBA’s Payments System Board met to address a number of issues, including competition in the debit card market. The Board is contemplating regulatory action to prohibit card schemes, and stop issuers setting a default network to ensure that merchants can determine the appropriate network for the processing of debit transactions. The Board also indicated an intention to improve the security of online debit transactions, with further industry consultation to be undertaken. 


8. AFCA releasees Systemic Issues Insights Report: AFCA has this fortnight released it’s biannual Systemic Issues Insights Report. Relevantly, AFCA revealed that, in the first half of the financial year, it has identified and investigated systemic issues resulting in remediation to 186,924 consumers, conducted 106 detailed systemic issues investigations, and resolved 39 systemic issues with financial firms. 83 reports were referred externally to other regulators including ASIC, APRA, OAIC and ATO.
Common systemic issues identified by AFCA relate to transaction processing errors, credit reporting, calculation of premiums, and assessment of client suitability for certain financial products. AFCA recommends that financial firms should: 

    • take responsibility and accountability for the systematic issue
    • action a range of holistic solutions rather than one-off changes
    • set up sustainable and long-term improvement in systems, processes, and complaints handling by establishing a dedicated team and education program. 

Legislative Updates 

9. Amendments to the National Consumer Credit Protection Regulations: The National Consumer Credit Protection Amendment (Financial Sector Reform) Regulations 2023 have been passed, commencing 13 June 2023, and will amend the current credit regulations to provide further protections to consumers who enter into small amount credit contracts (SACCs) and consumer leases. The amendments also reinforce measures to target persons engaging in avoidance schemes relating to credit contracts and product intervention orders. 

10. Feedback sought for Treasury Laws Amendment (Measures for Consultation) Bill: The government is welcoming feedback on the Treasury Laws Amendment (Measures for Consultation) Bill 2023 that seeks to amend the Corporations Act to allow AFCA to hear superannuation complaints. The recent Full Federal Court case of MetLife v AFCA [2022] FCAFC 173 held that superannuation complaints did not fall within AFCA’s jurisdiction, in which the Explanatory Memorandum to the Bill has described as contrary to policy intent. Submissions are open until 16 June 2023. 

Other news

11. The Debanking of Binance: Following the action by ASIC to cancel Binance’s Australian financial services licence earlier in April, Binance has recently taken another hit. Binance Australia informed its users that Australian dollar PayID deposits and bank transfer services would no longer be an available option on its platform. This was a result of its third-party service provider, Cuscal, restricting Binance’s access and effectively, debanking them. Westpac has also blocked their customers from transacting with Binance. Both providers have adopted this approach due to an increased focus on fraud detection activities and scam protection measures. 

If you found this insight article useful and you would like to subscribe to Gadens’ updates, click here.

Authored by:

Caroline Ord, Partner
Kate Mills, Partner
Matthew Bode, Partner
Michael Kenny, Partner
Daniel Maroske, Director
Anna Fanelli, Senior Associate
Elizabeth Ziegler, Senior Associate
Kaleb Cox, Senior Associate
Zira Norman, Senior Associate
Nigel Mok, Associate

This update does not constitute legal advice and should not be relied upon as such. It is intended only to provide a summary and general overview on matters of interest and it is not intended to be comprehensive. You should seek legal or other professional advice before acting or relying on any of the content.

Get in touch