ASIC to focus on ‘public denunciation’ of misconduct

Speaking at the Insurance Council of Australia Annual Forum 2019 in Sydney on Wednesday (27 February), ASIC Commissioner Sean Hughes said the corporate regulator will this year place greater focus on “court-based outcomes to provide strong public denunciation and punishment of wrongdoing”.

In the final royal commission report, Commissioner Kenneth Hayne concluded that “the law was too often not enforced at all, or not enforced effectively”, after criticising ASIC for having “rarely” taken wrongdoers to court in his interim report. One of his final recommendations was that when ASIC is considering any legal violation, it should ask the critical question: “Why not litigate?”

“We will start by asking ‘why not litigate?’ While we recognise that in some cases, other regulatory actions may be a better targeted and appropriate response – and we certainly cannot litigate all the breaches and reports of misconduct we receive – general and specific deterrence require the sanction of a court,” Mr Hughes said at the forum.

Commissioner Hayne had proposed that ASIC and the Australian Prudential Regulation Authority (APRA) be subjected to a new oversight body if it is found to have not enforced the law effectively in the upcoming years.

Earlier this month, the Treasury Laws Amendment (Strengthening Corporate and Financial Sector Penalties) Bill 2018, which allows ASIC to impose harsher criminal and civil penalties for corporate and financial sector misconduct, passed Parliament.

At the time, ASIC deputy chair Daniel Crennan welcomed the news, saying: “ASIC will now be in a stronger position to pursue harsh civil penalties and criminal sanctions against those who have breached the corporate laws of Australia.”

Mr Hughes also said ASIC would be working more closely with APRA. Commissioner Hayne had stressed in his final report the importance of information-sharing between the corporate and prudential regulators, warning that not doing so could result in further enforcement failings.

“ASIC has always been keen to encourage a more holistic regulatory approach to supervision,” the ASIC commissioner said.

“As with our joint work in gathering data on life insurance claims, you should be confident that we are aware of the importance of ‘one-touch’ regulation. When we are preparing our data requests, we look at data already collected and use definitions already developed.

“[We] are both committed to ensuring that we work collaboratively in discharging the twin peaks regulators’ approach to the insurance sector, while recognising we each have unique responsibilities and approaches.”

It was also recommended by the royal commission that the Banking Executive Accountability Regime (BEAR) – which came into effect for the big four banks on 1 July 2018 and will come into effect for other ADIs on 1 July 2019 – be co-regulated by ASIC and APRA as the regime has “both a conduct and prudential outlook”.

The final report stated that the BEAR requires ADIs and “accountable persons” to act with “honesty and integrity, and with due skill, care and diligence” while also requiring them to take “reasonable steps to prevent matters from arising that would adversely affect the ADI’s prudential standing or prudential reputation and their actions”.

Mr Hughes also touched on the progress the corporate regulator has made since it was announced that ASIC would embed “corporate cops” into the big four banks and AMP to monitor governance and compliance actions across extended periods of time as part of its “close and continuous monitoring supervisory approach” (CCM).

The ASIC commissioner said the regulator is taking a “thematic approach” to CCM, with the focus initially placed on breach reporting.

“Breach reporting is a fundamental financial services obligation. It helps the regulator to engage with conduct issues and has a consumer care element,” he said.

“Breach reports are also an important source of information for ASIC about risks and potentially unlawful conduct in the financial services sector. Failure, or simply delay, in breach reporting, undermines our ability to take timely and appropriate action… [and] also [increases] the risk of consumer loss or detriment.”

“We expect that our reporting back to the senior management and boards of these entities following these reviews will also provide important insights about the risk management and the culture of each institution.”

In the first half of the 2019 financial year, the corporate regulator saw a 75-plus per cent year-on-year surge in breach reports, which Mr Hughes says is “likely to be due to the focus of the royal commission and increased awareness of ASIC’s expectations around compliance with this significant duty.”

A specialist ASIC team commenced monitoring and reviewing the internal dispute resolution functions at the same five banks in November, Mr Hughes said.

“As the first step in the financial dispute resolution system, internal dispute resolution has a vitally important role in Australia’s consumer protection framework,” he added.

The ASIC commissioner urged financial institutions to be “proactive” in identifying and addressing issues moving forward.

“Look at withdrawn claims and make sure you understand what is happening. Look at the complaints your customers make and understand what is driving these. Be prepared to have the difficult conversation with policyholders, to learn from your mistakes and their experiences. Ask yourselves the hard questions about whether, or how, your products or sales practices need to change,” Mr Hughes suggested.

“None of us can stand back and wait for another inquiry or royal commission for answers to issues which we can resolve for ourselves.

“ASIC looks forward to working with enhanced powers and resourcing, its strengthened enforcement culture and the full range of other regulatory tools available to it, to strive for a fair, strong and efficient financial system for all Australians.”

[Related: ASIC alludes to criminal proceedings]