Gadens Regulatory Recap – 11 June 2024

This edition of the Gadens Regulatory Recap highlights recent developments from ASIC, APRA, AUSTRAC, OAIC and ACCC including various enforcement actions taken by the regulators.

ASIC  

1. 5 million+ Australians have struggled to make loan and debt repayments, yet many not asking for help:

ASIC is launching a new awareness campaign Just Ask! Hardship Help is Available and following up with lenders to see what steps they are going to take to improve how they support customers dealing with financial hardship, after a recent study by ASIC’s MoneySmart of over 1,000 Australians raised concerns about the landscape of financial hardship in Australia.

The research showed that 41% of Australians who have loans expect to struggle to make loan repayments in the next 12 months, with the key reasons being cost of living pressures (64%), reduced income (39%), and unexpected expenses (37%). But despite this, 55% of those surveyed were unaware that they are entitled to ask credit providers for financial hardship assistance and 33% did not know where to go for help.

Commenting on the research, ASIC Commissioner Alan Kirkland said “Australians facing financial hardship should reach out to their bank or lender and ‘Just Ask’ for help. Seeking financial hardship assistance is a right, and lenders are required to respond to every request for hardship assistance”.

2. ASIC to launch new Progressional Registers Search:

ASIC is launching a new Professional Registers Search (PRS) in late June 2024, allowing users to search multiple professional registers with one single search. The PRS aims to improve user experience and ensure easier access to licensing information. Feedback will be collected to drive ongoing improvements.

The first release of the PRS will include AFS licensees and authorised representatives, credit licensees and representatives, official and registered liquidators, registered managed investment schemes, approved self-managed super fund auditors, and registered auditors. Further updates are planned for late 2024 to provide access to all professional register extracts and documents.

The PRS is a core part of ASIC’s digital transformation to become a data-informed regulator, providing a single point of contact for stakeholders and advocating for innovation in the financial sector to increase regulatory compliance and reduce harm.

3. ASIC Enforcement Activities: ASIC has been particularly active in the past fortnight, and has engaged in a variety of enforcement activities.

ASIC cancelled the Australian financial services licence (AFSL) of a retail over the counter derivatives issuer, XTrade.AU Pty Ltd (XTrade) following an investigation that revealed vulnerable clients were encouraged to trade in contracts for difference in instances where it was not appropriate for them to do so. ASIC’s investigation indicated that XTrade failed to comply with its general obligations as an AFSL holder, including that they failed to do all things necessary to ensure that financial services were provided efficiently, honestly and fairly. XTrade applied to the Administrative Appeals Tribunal (AAT) for a review and stay of ASIC’s decision. However, the AAT refused the stay application. The AAT is yet to make its final decision on the substantive review application.

Separately, ASIC has suspended the AFSL of an organisation for failing to meet statutory audit and financial reporting lodgement obligations for the 2022 and 2023 financial years, as well as reporting obligations for a number of registered managed investment schemes that it is responsible entity for.

ASIC has permanently banned a former director from the financial services and credit industries on the basis that he falsified a number of documents by forging client signatures and misappropriated more than $650,000 in client funds. ASIC found that this conduct indicated that he was a person who “lacks the honesty, integrity, professionalism and trustworthiness to participate in the financial services and credit industries.”

A separate director has also been permanently banned from providing financial services following a conviction for fraud offences. Following an ASIC investigation, the financial adviser pled guilty to nine counts of fraud totalling $652,500, having dishonestly used funds deposited by clients to pay personal debts and expenses.

A separate director has been suspended from managing corporations for a period of five years due to his involvement in four companies that entered liquidation, and a finding that he had acted improperly and failed to meet his obligations as a director. His conduct included a failure to prevent insolvent trading, failure to exercise his powers and discharge his duties with care and diligence, and failure to appropriately maintain books and records.

ASIC has accepted a court-enforceable undertaking from a registered company auditor and audit firm following an investigation in which the auditor admitted that he failed to ensure that the audit of a property development company was conducted in accordance with the ethical requirements required. The firm also admitted that it failed to establish and maintain a system of quality control to ensure that staff complied with the relevant auditing and ethical requirements.

The Federal Court has determined that LGSS Pty Limited, as trustee of the superannuation fund Active Super (Active Super) contravened the law and made misleading representations with respect to environmental, social, and governance (ESG) credentials. Specifically, Active Super made various claims in marketing material that it eliminated investments that posed risks to the environment and the community, such as coal mining, oil tar sands, and that divestments had been made of Russian investments. It was also found that, from 1 February 2021 to 30 June 2023, Active Super had invested in certain securities that it claimed were restricted by ESG investment screens that were in place, and that these investments were held both directly and indirectly. Justice O’Callaghan stated that “no reasonable person would construe the … representations as mere “guiding principals”, because the critical language used in them (such as “not invest”, No Way” and “eliminate”) was unequivocal.” The Court will consider appropriate declaratory relief and the pecuniary penalties at a later date.

The Federal Court has relieved Block Earner from liability to pay a penalty for contraventions relating to an unlicensed financial services and its crypto-related product, ‘Earner’. While the Court indicated that Block Earner’s contraventions were serious, liability to pay the penalty was relieved on the basis that Block Earner acted honestly, not carelessly, in offering the Earner product. Gadens previously covered the Federal Court’s original decision in the 21 February 2024 edition of the Regulatory Recap.

Finally, the former director of DanFX Trade Pty Ltd, which operated an unlicensed foreign exchange trading business, has been sentenced in the Brisbane District Court to seven years and three months imprisonment for fraud offences, following a referral by ASIC to the Commonwealth Director of Public Prosecutions. This conviction follows an investigation by ASIC, which revealed that Mr Daniel Ali misappropriated $771,303 in client funds invested for trading and investment purposes for his personal expenses, including the purchase of real estate, a motor vehicle for a personal associate, and to pay returns to other investors.

APRA

4. APRA clarifies expectations on cyber security and adequacy of backups:

On 3 June 2024, APRA wrote to all APRA-regulated entities to emphasise the importance of data backups in ensuring cyber-resilience across the industry. Cyber resilience is amongst APRA’s policy and supervision priorities, as well as one of the Essential Eight cyber mitigation strategies, and the regulator states in its correspondence that entities are expected to regularly review practices, and that common areas of weakness and concern would be provided to regulated entities in order to uplift practices.

5. Federal Court finds individual in contempt for breaching orders to stop unauthorised banking business:

On 29 May 2024, the Federal Court made a finding that Mr Andrew Garret was in contempt of court for failing to comply with orders made against him. This finding follows APRA’s ongoing legal action with Mr Garrett relating to carrying on an unauthorised banking business, namely Dynamic Capital Bank, Banque de Capital Dynamique, and Banca di Como. APRA commenced proceedings to find Mr Garrett in contempt in September 2023, alleging that Mr Garrett continued to operate and market the businesses in Australia, despite not being authorised to carry on a banking business. Gadens has previously covered APRA and Mr Garrett’s ongoing matters in the Regulatory Recap.

6. APRA applies additional licence conditions on Mercer Super:

APRA has imposed additional conditions on Mercer Super’s licence, following identification of a number of breaches of core prudential standards. The additional conditions require Mercer Super to:

• engage an independent expert to develop and implement a remediation plan that addresses the deficiencies identified by APRA;
• appoint an independent third party to complete an operational effectiveness review of Mercer Super’s risk management and compliance frameworks; and
• develop a plan to remedy any deficiencies identified in the review.

APRA has also noted the importance of growing financial services businesses adopting    appropriate levels of controls to ensure that core prudential systems and frameworks continue to serve the needs of current and future clients.

AUSTRAC

7. AUSTRAC accepts Enforceable Undertaking from online betting company Sportsbet:

On 30 May 2024, AUSTRAC accepted an enforceable undertaking from Sportsbet Pty Ltd (Sportsbet) to uplift its compliance with Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) laws. This undertaking follows a campaign of supervision by AUSTRAC, and the regulator ordering both Sportsbet and competitor, Bet365, to appoint external auditors to report on compliance with AML-CTF legislation. The terms of the enforceable undertaking require Sportsbet to comply with an ongoing remedial action plan, which will be monitored by AUSTRAC, as well as reports to be provided to AUSTRAC by an auditor.

OAIC

8. Senate estimates opening statement May 2024:

On 29 May 2024, The Australian Information Commissioner and Freedom of Information Commissioner Elizabeth Tyd made an opening statement to the Constitutional Affairs Legislation Committee containing a summary of Office of the Australian Information Commissioner (OAIC) statistics for the first three quarters of this financial year.

The statistics show that the OAIC:

• received 1,572 Freedom of Information (FOI) review applications;
• finalised 1,380 FOI review applications;
• has 2,200 matters on hand;
• received 240 complaints; and
• its performance against its KPI of 80% of matters finalised within 12 months is at 69%.

The minister acknowledged that the statistics show that the OAIC has further improvements to make and stated that the department is refining its processes to increase its efficiency and effectiveness.

You can read the whole opening address here.

9. Innovate Australia Showcase 2024:

On 29 May 2024, Privacy Commissioner Carly Kind addressed the Innovate Australia Showcase on the topic of ‘innovation’.

The Commissioner addressed issues raised by recent trends in digital surveillance and why these changes call for ‘modern, technologically neutral, robust’ regulatory protections against a backdrop of Australians becoming increasingly concerned about the harvesting and distribution of their digital footprint.

The commissioner also addressed changes in Australian’s attitude towards the value of their personal information with a recent survey by the departments finding:

• 84% of Australians want more control and choice over the collection and use of their information; and
• 89% wanted to see government pass more legislation that protects their personal information.

Finally, the minister foreshadowed changes to the Privacy Act to be made in the second half of 2024 stating that these reforms will shift the onus of responsibility for protecting personal information from the individuals that provide that information to entities that use and store that information.

The changes will also extend existing obligations to comply with privacy requirements onto public sector entities and foreshadowed that certain entities would be required to appoint privacy officers and conduct privacy impact assessments for high privacy risk projects.

Read the whole speech here.

10. Statement on TikTok preliminary inquiries:

Privacy Commissioner Carly Kind has made a statement on preliminary inquiries into video sharing social media platform TikTok. The inquiry set out to determine if a further investigation into privacy risks associated with TikTok is warranted. The department found that there is no clear and obvious breach into Australian privacy law that would warrant an investigation. Read the full statement here.

ACCC

11.  Watch out for scammers claiming to fix technical issues, as losses spike:

The Australian Competition and Consumer Commission has warned consumers to be wary of remote access scams following a reported loss of $15.5 million to consumers.

Typically, these scams operate when a scammer calls individuals and informs them that they need to download a certain app or software to restore control to their account, phone, or computer. The software or app in fact grants the scammer remote access to consumer devices where the scammer is able to make fraudulent transactions.

The ACCC has provided tips on how to avoid the scam here.

If you found this insight article useful and you would like to subscribe to Gadens’ updates, click here.

Authored by:

Caroline Ord, Partner
Sinead Lynch, Partner
Kate Mills, Partner
Michael Kenny, Partner
Daniel Maroske, Partner
Kelly Griffiths, Partner
Matthew Bode, Partner
Anna Fanelli, Senior Associate
Martin Van Aardt, Lawyer
Bronte Anderson, Lawyer
Declan Melia, Lawyer