As part of the ASIC Enforcement Review requested by the Government, Treasury has published “Position and Consultation Paper 1: Self-reporting of contraventions by financial services and credit licensees“.
The ASIC Enforcement Review Taskforce’s Terms of Reference included: “The adequacy of the frameworks for notifying ASIC of breaches of law, including the triggers for the obligation to notify; the time in which notification is required to be made; and whether the obligation to notify breaches should be expanded”.
The proposals affect both financial services licensees and credit licensees.
Australian Financial Services Licences
For AFS licensees, the Taskforce’s preliminary view is that self-reporting of breaches of the Corporations Act should still be limited to significant breaches, but that significance should be determined by reference to an objective standard.
In addition it is proposed to make the 10 business day timeframe for reporting commence from when the AFS licensee becomes aware or has reason to suspect that a breach has occurred, may have occurred or may occur rather than when the licensee determines that the relevant breach has occurred and is significant (for example after an investigation).
The Taskforce notes that there have been calls for the early publication of breach reports made to ASIC, including names of individuals concerned either directly or indirectly with the breach, as well as information on whether action, such as dismissal, was taken against senior executives concerned. While the Taskforce supports the push for enhanced transparency and accountability for misconduct in the financial sector, it does not agree that the existing breach reporting regime is the appropriate vehicle for reforms that address this.
In particular the view of the Taskforce is that the House of Representatives Standing Committee on Economics, Review of the Four Major Banks: First Report (Coleman Report)’s recommendation that licensees notify ASIC within 5 days of lodging a breach report, of consequences for senior executives concerned in the breach, including whether or not they have been dismissed, does not seem practical.
The Taskforce does, however, see some merit in recommendation 9 of the Coleman Report for the annual publishing of breach report data at a licensee level.
Australian Credit Licences
The Taskforce notes that legislation governing credit licensees does not currently have a regime for breach reporting equivalent to that for financial services licensees. The Taskforce’s preliminary view is that an equivalent regime should be introduced for credit licensees.
It is not clear how the proposal would relate to the penalty cap given to credit providers who make an application for a penalty before a borrower under section 116 of the National Credit Code.
Preliminary proposals
The Taskforce has developed the following preliminary positions for discussion:
• Position 1: The ‘significance test’ in section 912D of the Corporations Act 2001 (Cth) should be retained but clarified to ensure that the significance of breaches is determined objectively.
• Position 2: The obligation for licensees to report should expressly include significant breaches or other significant misconduct by an employee or representative.
• Position 3: Breach to be reported within 10 business days from the time the obligation to report arises.
• Position 4: Increase penalties for failure to report as and when required.
• Position 5: Introduce a civil penalty in addition to the criminal offence for failure to report as and when required.
• Position 6: Introduce an infringement notice regime for failure to report breaches as and when required.
• Position 7: Encourage a co-operative approach where licensees report breaches, suspected or potential breaches or employee or representative misconduct at the earliest opportunity.
• Position 8: Prescribe the required content of reports under section 912D and require them to be delivered electronically.
• Position 9: Introduce a self-reporting regime for credit licensees equivalent to the regime for AFS licensees under section 912D of the Corporations Act.
• Position 10: Ensure qualified privilege continues to apply to licensees reporting under section 912D.
• Position 11: Remove the additional reporting requirement for responsible entities.
• Position 12: Require annual publication by ASIC, of breach report data for licensees.
The closing date for submissions is Friday, 12 May 2017 .