Risk and Compliance

ASIC has opened its consultation on the Australian Banking Association’s proposed changes to its Banking Code of Practice. The Code contains a set of contractually enforceable standards that customers and small business can expect subscribing banks to uphold. The ABA plans to apply for ASIC approval of the revised Code.

ASIC will look to take strong, targeted enforcement action in the coming months and into 2024, as part of its focus on member outcomes in the superannuation sector.

The enforcement focus comes after ASIC’s enforcement and regulatory update highlighted ASIC’s work to protect consumers, including calling on banks to ensure better consumer outcomes and civil penalty action against Westpac Banking Corporation after alleged failures to address financial hardship notices.

ASIC calls on organisations to prioritise their cyber security after its report into the cyber capability of corporate Australia identified significant gaps.

The report summarises the results of ASIC’s recent cyber pulse survey. The results of the voluntary self-assessment survey have exposed deficiencies in cyber security risk management of critical cyber capabilities, indicating that organisations are reactive rather than proactive when it comes to managing their cyber security.

ASIC has taken action against H.E.S.T. Australia Limited (HESTA), the trustee of HESTA superannuation fund, for alleged false or misleading statements made in their marketing material.
HESTA paid $48,600 to comply with three infringement notices issued by ASIC regarding alleged false or misleading statements about its ‘Balanced Growth’ superannuation investment option.

ASIC has overseen more than $17.4 million in combined compensation payments to over 2,000 retail clients affected by breaches of financial services laws by eight retail OTC derivative issuers.

Coinciding with AGM season, in recent weeks financial services regulators have released their annual reports. We’ve collated them all, to make them easier for you to look up, read, and consider any points of interest for your organisation.

The Australian Prudential Regulation Authority (APRA) has published its Annual Report for the 2022-23 financial year.

The Annual Report is available on the APRA website at: APRA Annual Reports

With spring now in full swing, here is our latest round-up of the plays regulators have been following.

The Australian Prudential Regulation Authority (APRA) has published a speech delivered by Member Suzanne Smith to the Insurance Council of Australia’s Annual Conference in Sydney.

In “Worth the risk: finding a better balance in general insurance”, Ms Smith discussed the need to keep the insurance sector strong while also finding a way to ensure cover remains accessible and affordable for the community.

Strong, sustainable insurance businesses are central to a thriving economy. Essential to this is the availability of affordable, appropriate cover to every household and business that needs protection along with confidence to take financial risks. Getting everyone on the same page and finding solutions to the myriad of issues I have outlined won’t be easy. I’m sure there will be mis-steps and we may not always agree. But if we are truly going to insure the future together, working together to leverage our strengths and harness the collective wisdom is definitely worth the risk.

The Australian Prudential Regulation Authority (APRA) has published a speech delivered by Chair John Lonsdale to the Citi Australia and New Zealand Investment Conference in Sydney.

In “Aftershock: lessons from a real-life banking stress test”, Mr Lonsdale outlined the steps APRA was taking to shore up financial system stability in response to the lessons learned from the global banking turmoil of earlier this year.

The Australian Prudential Regulation Authority (APRA) is consulting on proposals that would significantly increase visibility of how superannuation members’ money is spent and invested.

APRA has written to superannuation trustees inviting their feedback on its plans to publish total fund expenditure and expanded asset allocation data by mid-2024.

The data will be collected later this year following recent amendments to reporting standards under Phase 1 of APRA’s Superannuation Data Transformation, a multi-year project to enhance the depth, breadth and quality of data collected. APRA’s initial proposal is to determine most of the new superannuation data collected as being non-confidential and, therefore, able to be published.

The Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) have published an information package to support the financial services industry in implementing the Financial Accountability Regime (FAR).

The FAR imposes a strengthened responsibility and accountability framework for APRA-regulated entities in the banking, insurance and superannuation industries and their directors as well as their most senior executives. In doing so, the FAR aims to improve the risk and governance cultures of those financial institutions.

Implementing the FAR fulfils recommendations made by the financial services Royal Commission that provisions modelled on the Banking Executive Accountability Regime (BEAR) be extended to all APRA-regulated entities.

The FAR replaces the BEAR, which came into effect on 1 July 2018 and was solely administered by APRA. In addition to authorised deposit-taking institutions (ADIs), the FAR will apply to insurance companies, superannuation trustees and licensed non-operating holding companies (NOHCs). Additionally, the FAR introduces conduct-focused prescribed responsibilities, and will be jointly administered by APRA and ASIC.

The FAR will come into force for the banking industry on 15 March 2024 and for the superannuation and insurance industries on 15 March 2025.

ASIC has released its annual licensing report today. Report 772 Licensing and professional registration activities: 2023 update outlines ASIC’s licensing and professional registration activities, discusses new and proposed changes to processes, and notes other ASIC work that affects licensees.

ASIC has remade three class orders that were due to expire (‘sunset’) on 1 October 2023 under the Legislation Act 2003.

ASIC has commenced civil penalty proceedings in the Federal Court against Westpac Banking Corporation for failing to respond to customers’ hardship notices within the time required by law.

ASIC alleges that between 2015 and 2022, a deficiency with Westpac’s online hardship notice process resulted in 229 Westpac customers not receiving a response to their hardship notice within the required timeframe of 21 days.

All of these customers told Westpac they were experiencing financial hardship. Many of these customers also told Westpac about their difficult circumstances and vulnerabilities, including their inability to work, the impacts of serious medical conditions or their carer responsibilities.

In some cases, customers endured debt collection activities by Westpac while waiting for the bank to respond to their hardship notices.

ASIC and the RBA (the Regulators) have issued a joint letter outlining regulatory expectations of ASX Clear Pty Limited (ASX Clear) and ASX Settlement Pty Limited (ASX Settlement) when engaging with the newly established ASX Cash Equities Clearing and Settlement Advisory Group (Advisory Group).

The Advisory Group, with Independent Chair Alan Cameron AO, was established to advise ASX Clear and ASX Settlement on strategic clearing and settlement issues following longstanding industry concerns over the CHESS replacement program. Concerns raised included the adequacy of ASX’s stakeholder engagement and governance process and ASX’s management of intragroup conflicts of interest.

The letter requires ASX Clear and ASX Settlement to resource, consult and engage with the Advisory Group in good faith and in the public interest.

ASIC has released an open letter to lenders—which has been sent directly to 30 large lenders—calling on them to make sure they appropriately support customers experiencing financial hardship.

ASIC is seeing evidence that an increasing number of customers are experiencing financial distress and difficulty due to cost-of-living pressures. In this context, it is critically important that lenders have appropriate arrangements to respond to and support consumers experiencing financial hardship.

In the letter ASIC sets out expectations of lenders to meet their obligations. These include:

• proactively communicating how and when customers can seek assistance,
• genuinely considering customer circumstances to develop sustainable solutions where possible, and
• communicating regularly with customers throughout and at the end of the assistance period.

The Australian Prudential Regulation Authority (APRA) has unveiled its latest Corporate Plan designed to preserve the soundness and stability of the banking, insurance and superannuation industries.

The 2023-24 Corporate Plan outlines an evolution in APRA’s priorities for the coming four years in response to new and developing risks impacting the global financial system.

Among APRA’s key priority areas over the plan’s horizon are:

• addressing system-wide risks by enhancing cross-industry stress-testing, and ensuring macroprudential policy settings remain appropriate for the operating environment;
• a heightened focus on operational resilience, including cyber resilience, crisis management and operational risk management, to maintain the continuity of critical financial services;
•  climate-related financial risks, including a Climate Vulnerability Assessment for general insurers and embedding climate risk in APRA’s approach to supervision; and
• improving superannuation transparency to provide members with enhanced insights about investment performance and increasing APRA’s focus on retirement outcomes.

ASIC will take further enforcement action to protect Australian consumers and small businesses in an environment where scams, digitally-enabled misconduct and predatory lending practices are increasingly prevalent.

Releasing ASIC’s latest Corporate Plan, ASIC Chair Joe Longo said the plan follows a year of progress against the organisation’s strategic priorities and strong enforcement outcomes in 2022-23.

ASIC demonstrated strong enforcement outcomes throughout 2022-23, continuing to deliver as an active and effective regulator. Over the three years to 30 June 2023, we commenced over 125 criminal actions, resulting in 92 criminal convictions and 39 custodial sentences. In the same period, we commenced close to 200 civil actions, resulting in over 130 successful civil claims. More than $500 million in criminal and civil penalties were also imposed by the courts.

The Australian Prudential Regulation Authority (APRA) has published a speech delivered by Member Therese McCarthy Hockey to GRC2023 in Sydney.

In “From fires to firewalls: the evolution of operational risk”, Ms McCarthy Hockey spoke about how the increasing dependence of banks, insurers and superannuation funds – and their customers – on technology is creating new risks that need to be managed to ensure critical financial services remain available.