October regulator enforcement wrap

By Categories: CompliancePublished On: 21 October 2022

Related Learning: RG 234 | RG 274 | AML/CTF

It’s been a busy month for regulators, with few issues or sectors of financial services spared. Spring clean your compliance into good shape with our highlights from October enforcement activity.

For the complete list of what ASIC, AUSTRAC, Treasury and APRA have been up to lately, head to Regulatory News page.

ASIC targets more issuers for DDO non compliance

ASIC has made interim stop orders preventing Holon Investments Australia Limited (Holon) from offering or distributing three funds to retail investors because of non-compliant target market determinations (TMDs).

ASIC is concerned that Holon has not appropriately considered the features and risks of the funds in determining their target markets. A year after design and distribution obligations (DDO) became enforceable, the corporate regulator has been quick to commence surveillances and take action.

To date ASIC has issued ten DDO interim stop orders. Six remain in place, while four have been lifted following actions taken by the entities to address ASIC’s concerns. Learn more.

Best things in life aren’t always free

ASIC has launched legal action against Latitude Finance Australia and Harvey Norman Holdings Ltd over the promotion of interest free payment methods.

ASIC alleges that from January 2020 to August 2021, advertisements promoting ‘no deposit’, ‘interest free’ payment methods over a specified term for purchases at Harvey Norman were misleading because they:

  • did not disclose that consumers could only use the interest free payment method if they applied for and used a Latitude GO Mastercard
  • misrepresented the true cost of using the payment method by failing to adequately disclose establishment fees and monthly account service fees.

ASIC reminds financial services firms to comply with their legal obligations not to make false and misleading statements nor engage in misleading or deceptive conduct (RG 234), and to take a consumer centric approach to designing and distributing their products (RG 274). Learn more

Regulators collaborate on Optus data breach responses

APRA is working in close collaboration with the federal government, peer regulators and other relevant bodies to facilitate closer coordination and a controlled process of data sharing between Optus and APRA-regulated entities.

Banks can provide a signed attestation that the data being acquired from Optus:

  • will be used for the sole purpose of taking steps to protect customers from fraud or theft
  • will be stored, managed and used in accordance with the principles and requirements of Prudential Standard CPS 234 Information Security.

Additionally, entities will need to provide written commitments to the ACCC that they will comply with Privacy Act obligations, while AUSTRAC has offered guidance on meeting customer due diligence requirements and reporting obligations that may apply. Elsewhere, the federal government is working on amendments to the Telecommunications Regulations 2021. Learn more

RACQ action strong reminder about robust risk governance

APRA will require RACQ to develop and implement a comprehensive, APRA-approved, risk transformation program after the prudential regulator identified significant weaknesses in the financial firm’s risk governance during a prudential review undertaken this year.

While APRA acknowledges RACQ’s June announcement that it will make a significant investment in its systems and processes, it seeks to ensure the material risk governance concerns identified are addressed. RACQ is also required to:

  • engage a third party to provide independent assurance over the delivery of the risk transformation program and provide periodic reporting to APRA; and
  • assign accountability under the Banking Executive Accountability Regime for successful delivery of the risk transformation program to an appropriate, named executive.

APRA said it will not hesitate to require action and highlight publicly, where appropriate, when entities do not meet its expectations regarding effective risk management practices and strong risk governance. Learn more

Casino’s star faded but not fallen

The NSW casino regulator has defended its decision not to revoke Star’s licence and instead issue a $100 million fine. An inquiry found the Sydney casino wasn’t fit to hold it due to breaches, including facilitating money laundering by customers and allowing a junket operator linked to organised crime to bring in high-rolling gamblers.

However, the NSW Independent Casino Commission said the company had shown contrition and a willingness to reform under the new chief executive, and that it was mindful of the “thousands of Star employees [that] would have lost their jobs overnight”.

A manager, Nick Weeks of Wexsted Advisors, has been appointed to take control of the company’s Pyrmont casino for at least 90 days. Learn more

Share

Financial Education Professionals acknowledges the Traditional Owners of Country throughout Australia. We pay our respects to Elders past, present and emerging.