Banking on fear: ASIC's new focus


Baring kicked-in teeth”

The immediate threat to end grandfathered remuneration, which may be delayed but ultimately inevitable, and the disintermediation of Westpac, has attracted considerable industry attention in recent weeks.

Understandably, any threat to the status quo causes anxiety and reaction.

Unfortunately, like a classic sleight of hand, these may simply have distracted our attention from a potentially more profound threat; an ambitious regulator with enhanced powers and a professed willingness to use them.

The Banking Royal Commission, perhaps inadvertently, “trashed” ASIC’s reputation.

Instead of the ‘cop on the beat’, the regulator was presented as timid, somnambulistic and too accommodating to the parties indifferent to the laws designed to prevent, and punish, misconduct.

However, as a Melbourne lawyer recently observed, the fact that ASIC have “had their teeth kicked in” hasn’t stopped them from aggressively pursuing a range of new actions. It might be tempting to dismiss this anomalous and ambitious behaviour as over-compensation before ASIC’s inevitable return to its natural state of regulatory capture, except the rhetoric is matched by some critical changes.

No one expects the Spanish Inquisition

Compliance with the law is not a matter of choice… Negotiation and persuasion, without enforcement, all too readily leads to the perception that compliance is voluntary. It is not.
— Commissioner Kenneth Hayne, Final Report, FSRC p 484

The appointment of the “practically menacing”, Daniel Crennan QC, as ASIC Commissioner and Deputy Chair for enforcement should alert us all to the real possibility of fearless, effective and consistent enforcement activity.

Instead of a bureaucrat, academic or ASIC alumni, a successful litigator – and one with marked success against the banks – has accepted the challenge to enhance ASIC’s capability (and reputation) for enforcement.

As the principal regulator of financial services in Australia, ASIC has a broad range of powers in order to administer and enforce the law – such as penalties, fines, injunctions, banning, enforceable undertakings and infringement notices. ASIC have retained these powers but also been presented with a broader range of powers designed to deter misconduct and offer alternatives to negotiated outcomes.

In a previous article, we alerted you to the Treasury Laws Amendment (Strengthening Corporate and Financial Sector Penalties) Bill 2018.  

The Bill materially increased the penalties applicable to contraventions breaches of the Corporations Act 2001. If you had dismissed the prospect of increased civil and criminal penalties as an empty threat against banks, bank executives and the financial planning elite, prepare yourself for disappointment. The Treasury Laws Amendment (Strengthening Corporate and Financial Sector Penalties) Act 2019 came into force on 13 March 2019 after obtaining swift approval by both houses in February and Royal Assent on 12 March 2019.

The new penalty regime, significant on its own account, has been reinforced by the Government’s decision to allocate an additional $35 million to the Federal Court to bolster their capacity to hear criminal prosecutions. Add in the $41.6 million allocated to the Director of Public Prosecutions to prosecute referrals from ASIC and the full extent of the plan to “restore trust in Australia’s financial sector” becomes clear.

These new penalties (and the real possibility of their enforcement) should alarm all advisers, AFS Licensees (AFSL) Insurers and Bank executives.

ASIC’s new mantra of ‘why not litigate” signals a new age of accountability and enforcement.

Welcome to the New Normal.

You’re one microscopic cog
In his catastrophic plan
Designed and directed by
His red right hand
— "Red Right Hand", Nick Cave and the Bad Seeds

Powers or preferences?

Historically, ASIC have often suggested that “inadequate powers” were the reason for their sporadic effectiveness in deterring misconduct and enforcing the law.

Others argued that rather than requesting new powers, ASIC should have more effectively used the powers they did have. It was a perennial debate that was unlikely to be resolved without some catalyst. In the wake of the Royal Commission, the role of ASIC’s culture, and their apparent institutional timidity, will come under increased focus now that parliament has empowered ASIC to seek significantly larger penalties to deter misconduct.

Work through the Act in detail, but until you do here are some of the key points for Licensees and Advisers need to appreciate:

  • Civil penalties for companies will significantly increase from $1 million to 10% of the annual turnover of a corporation up to a maximum of $525 million;

  • Individuals will enjoy an increase of civil penalties from $200,000 to $1.05 million. Courts can also make ‘relinquishment or disgorgement orders’ and take into account profits made from the misconduct;

  • Custodial  penalties for the most serious offences – such as dishonest conduct or disclosure failures – have been increased to 15 years. Thankfully, handing out the wrong version of your FSG won’t see you locked up for any more than 5 years; 

  • A new, and simpler, definition of dishonesty that removes the necessity to prove conscious knowledge that the conduct was dishonest. 

  • Licensee failures – such as misconduct, failures to act efficiently, honestly and fairly or to promptly report breaches – attract a wider range of significant civil penalties. If you are a licensee, a Responsible Manager or Executive, take the time to consider the new Section 1317QA. The substance of this section  is that, if you fail to satisfy an ongoing obligation – such as breach reporting or efficient, honest and fair conduct – each day you fail to comply is another contravention with a separate penalty.

 The imperative to act (NOW)

And all financial services entities must comply with all the laws that apply to them, not just with those bits of the law that they find to be commercially acceptable.
— Commissioner Kenneth Hayne, Final Report, FSRC p 484


ASIC already appears to be broadening the scope of their surveillance activities.

We’re not the only ones to notice their new willingness to investigate and challenge participants’ conduct of businesses. In the current environment, there are a number of immediate (non-FASEA) actions you should, as a responsible licensee, take. We’d suggest that you:

  1. Review the currency, adequacy and operation of your compliance framework (including your risk management capability).

  2. Consider the capability, competence and capacity of your compliance function.

  3. Revise your Regulatory Engagement Policy.

  4. Run an ‘ethical hacking’ exercise to test the robustness and resilience of your compliance framework and business processes.

  5. Since your obligation to act “efficiently, honestly, and fairly” is now explicitly covered by this new regime, ensure the obligation is broadly embedded in your governance framework (including all your measures, processes and procedures”).

  6. Revise your Incident Management Policy. Then review it again. Simplify the definitions, improve the effectiveness of your processes to improve clarity, responsiveness and speed of escalation. Remove the bureaucratic measures that frustrate your compendious duties. Consider your lawyers as ‘optional extras’.

  7. Consider how regulatory technology can better protect you and mitigate your risks.

There is lot to do and we’re available to help.

If you’d like to schedule a a Licensee Review, or just discuss how your existing arrangements need to be refined, call us. We’re happy to help.