Financial Accountability Regime – OCC, not ‘OTT’

In this article, we address a cryptic pillar of the current Banking Executive Accountability Regime (BEAR) and the proposed Financial Accountability Regime (FAR): the obligation to deal with APRA and ASIC in an open, constructive and cooperative way.

What would this obligation require? What would it not require? How can we prepare for it?

In this article, and approached from a FAR perspective, we refer to this obligation as the OCC Obligation (short for ‘open, constructive and cooperative’). The OCC Obligation will have important implications for how firms will be required to interact with APRA and ASIC, but an obligation to be ‘cooperative’ is not an obligation to ‘capitulate’.

In other words, the OCC Obligation is not an ‘OTT’ obligation.

For a summary of FAR, we have published an article here.

A paucity of views and relevant extrinsic indicia

The OCC Obligation gives the BEAR some additional ‘bite’,[1] as contraventions can result in civil penalties and the disqualification of accountable persons. Under FAR, breach of the OCC Obligation can additionally result in civil penalties against accountable persons in their personal capacity.

By way of background, in the Consultation Paper on FAR released by Treasury in January 2020 (FAR Consultation Paper),[2] it was proposed that FAR will require APRA-regulated entities to:

take reasonable steps to … deal with APRA in an open, constructive and cooperative way [and to] deal with ASIC in an open, constructive and cooperative way.

Treasury has proposed that accountable persons will be subject to an identical accountability obligation, except that their obligation would not be subject to a ‘reasonable steps’ qualification. Accountable persons would simply be required to:

deal with APRA in an open, constructive and cooperative way [and to] deal with ASIC in an open, constructive and cooperative way.

BEAR already requires Authorised Deposit-taking Institutions (ADIs) and their accountable persons to comply with a variant of the OCC Obligation with respect to APRA (but not ASIC). For example, section 37C of the Banking Act 1959 (Cth) requires ADIs to:[3]

take reasonable steps to … deal with APRA in an open, constructive and cooperative way

But APRA’s 2018 Information Paper on Implementing the BEAR, and the FAR Consultation Paper, express no view on what these obligations actually require.[4] Similarly, there have been no cases on BEAR, and the Explanatory Memorandum to the Bill for BEAR provides no view as to the scope of the obligation.[5]

We caution against focussing too closely on how the individual words ‘open’, ‘constructive’ and ‘cooperative way’ may have been interpreted in cases outside financial services legislation. Doing so may stray from the statutory context of the actual proposed obligation. As the High Court explained in CIC Insurance Ltd v Bankstown Football Club Ltd:[6]

[T]he modern approach to statutory interpretation (a) insists that the context be considered in the first instance, not merely at some later stage when ambiguity might be thought to arise, and (b) uses ‘context’ in its widest sense to include such things as the existing state of the law and the mischief which, by legitimate means such as those just mentioned, one may discern the statute was intended to remedy.

To understand the OCC Obligation then, we must look to the actual text of the provision and its context. Treasury has suggested that the provisions for FAR will mirror the equivalent provisions under BEAR, and we have adopted that assumption.

Principle 1: ‘Dealing’ is not an open-ended concept

The OCC Obligation is expressed as an obligation to ‘deal with’ APRA and ASIC in a particular manner. The circumstances when APRA-regulated entities and their accountable persons will ‘deal with’ these regulators is not an open-ended concept  extending to all interactions with the regulator.

For example, it would not regulate the manner in which accountable persons must register to attend the ASIC Annual Forum.

Rather, the obligation to ‘deal with’ APRA and ASIC is applicable to dealings as set out in applicable prudential and conduct legislation, which is specifically set out in legislation, and include for example situations where entities:

• apply for an AFS, RSE, or general insurance licence, or registration to carry on a life insurance business;
• respond to statutory notices to attend an examination, provide books, or provide reasonable assistance as part of an investigation or other regulatory activity, such as thematic reviews;
• report breaches under s 912D of the Corporations Act;
• provide mandatory notifications and reporting data, for example as set out in APRA’s Reporting Standards or notification to ASIC
• applications for approval for certain actions, such as approval for a person to gain a controlling stake in an RSE, or for relief from specified obligations; and
• respond to and negotiate outcomes with respect to investigations or enforcement by ASIC (under the ASIC Act) or APRA (under the applicable legislation for the industry), including (where appropriate) in relation to proposed remediation programs.

In our view, the OCC Obligation will apply to the situations above, where APRA-regulated businesses will be ‘dealing’ with APRA and ASIC under their regulatory remit.

In our view, it would be incorrect to construe the OCC Obligation as amounting to a new standalone obligation to report additional categories of information to APRA or ASIC or to perform additional actions beyond what is already required under the law, under the pretext of dealing with APRA and ASIC in a particular way. Rather, the OCC Obligation should inform the way in which regulated entities engage with ASIC and APRA for the purposes of their existing legal and regulatory obligations.

If however, an APRA-regulated business does voluntarily proceed to give information to APRA or ASIC, and the information falls squarely within the scope of APRA or ASIC’s statutory remit, then we think it is more likely that the OCC Obligation would apply with respect to the provision of that information (a similar approach is taken in Corporations Act s 1308). This highlights the careful consideration that businesses should always exercise, in each case, before deciding to APRA or ASIC information on a voluntary basis.

Principle 2: ‘Open, constructive and cooperative’ is likely a compendious phrase

In our view, the phrase ‘open, constructive and cooperative’ is likely to be interpreted in a manner similar to the compendious approach taken by courts to the obligation in Corporations Act s 912A(1)(a) for AFS licensees to do all things necessary to ensure that financial services are provided ‘efficiently, fairly and honestly’. As Young J stated with respect to that obligation:[7]

In one sense it is impossible to carry out all three tasks concurrently. To illustrate, a police officer may very well be most efficient in control of crime if he just shot every suspected criminal on sight. It would save a lot of time in arresting, preparing for trial, trying and convicting the offender. However, that would hardly be fair. Likewise a judge could get through his list most efficiently by finding for the plaintiff or the defendant as a matter of course, or declining to listen to counsel, but again that would hardly be the most fair way to proceed.

In a similar token, the OCC Obligation is not to be understood as including an obligation to act ‘openly’ to an unlimited degree (for example, disclosing confidential information not required to be provided under the law), ‘constructively’ to an unlimited degree, and ‘cooperatively’ to an unlimited degree. Instead, in the course of acting ‘cooperatively, for example, one must also have regard to the dictates of acting ‘openly’ and ‘constructively’.

For example, where a regulated entity has a different view on the interpretation of a point law compared to the view of the regulator, the dictates of an ‘open’ and ‘constructive’ approach will call for a full and frank discussion with the regulator about the differences of interpretation, not capitulation to a view that the entity may consider is incorrect.

Similarly, this can be particularly relevant in the production of documents where, for example, the provision of a significant volume of documents to the regulator on an investigation could be counterproductive and give rise to impediments on the regulator in undertaking the investigation.

What does the OCC Obligation require?

This then brings us to a key question. What, then, does the OCC Obligation practically require?

In our view, accountable persons will be more likely to breach the OCC Obligation if they are found (for example) responsible for:

• applications to APRA or ASIC that contain incomplete, misleading or incorrect information;
• responses to APRA and ASIC investigations (including responses to notices to produce or attend examinations) that take an unjustifiably narrow interpretation of the information required to be provided;
• breach reports, reports of investigations or reports of compensation under the Corporations Act that omit details likely to be regarded as central to accurately describing the particulars of the breach;
• the omission of critical information, or provision of misleading information in the course of formal stakeholder engagement with APRA or ASIC, which could be viewed as obstructing the work of APRA and ASIC; or
• an unreasonable delay in the provision of the information described above.

Meanwhile, APRA-regulated entities (at an organisational level) are likely to breach this obligation where they have inadequate controls to ensure that persons in their business deal with APRA and ASIC in an open, cooperative and constructive way.

Practically, this is likely to mean that the APRA-regulated entity should have a governance and control environment in place that minimises, for example, the ability for accountable and other persons to provide incomplete, misleading or incorrect information to ASIC or APRA. It would also be prudent for the APRA-regulated entity to have formal procedures and guidelines that apply for dealing with ASIC and APRA. In our experience, most APRA-regulated entities already have a robust regulatory engagement framework, which can be updated to ensure compliance with the OCC Obligation.

What does the OCC Obligation not require?

From that understanding, it is clear that the OCC Obligation would have real weight, particularly on accountable persons who will be responsible for matters which involve ‘dealing with’ ASIC or APRA.

But it is also not intended to be an ‘OTT’ obligation, extending indefinitely into the unconstrained spectrum of any kind of interaction with APRA and ASIC and requiring unquestioning compliance with requests and expectations from the regulator.

In that regard, it is relevant to turn to what the OCC Obligation does not require.

Principle 3: ‘Cooperation’ does not mean ‘capitulation’

As mentioned above in Principle #2, the inclusion of the words ‘open’ and ‘constructive’ in the OCC Obligation emphasise that the obligation requires genuine, full and frank engagement with APRA and ASIC, with a view towards cooperative and constructive resolution of any disagreement.

The word ‘cooperative’ itself connotes a collaborative approach between two equal parties. In contrast, the word does not connote a ‘deferential’ approach by one party to the other party.

Importantly, the OCC Obligation should not be misconstrued as requiring APRA-regulated entities to surrender any of their existing rights and obligations with respect to their dealings with APRA or ASIC.

For example, the OCC Obligation will not displace the right of APRA-regulated entities to assert their right to legal professional privilege nor their obligation to keep information confidential unless that obligation is displaced by law. In fact, the FAR Consultation Paper specifically notes that the OCC Obligation ‘will not displace legal professional privilege’.

In other words, the OCC Obligation is directed at the manner in which APRA-regulated entities must interact with APRA and ASIC – but it does not displace the substantive rights of APRA-regulated entities with respect to their dealings with the regulator. In fact, as we have stated above, ‘open’ and ‘constructive’ dealing emphasises the importance of candour with APRA and ASIC about when the entity is legitimately entitled to take a position with respect to matters such as legal professional privilege.

[1] As mentioned by APRA in https://www.apra.gov.au/bear-gets-bigger.

[2] Australian Treasury, Implementing Royal Commission Recommendations 3.9, 4.12, 6.6, 6.7 and 6.8: Financial Accountability Regime (22 January 2020).

[3] Banking Act 1959 (Cth) s 37C. For the obligation that applies to accountable persons, see at: s 37CA.

[4] https://www.apra.gov.au/sites/default/files/information_paper_implementing_the_bear.pdf

[5] See Explanatory Memorandum, Treasury Laws Amendment (Banking Executive Accountability and Related Measures) Bill 2018 (Cth), [2.50].

[6] CIC Insurance Ltd v Bankstown Football Club Ltd (1997) 187 CLR 384 (Brennan CJ, Dawson, Toohey and Gummow JJ), 408.

[7] Story v National Companies & Securities Commission (1988) 13 NSWLR 661, 672 (Young J). We note suggestions by Allsop CJ and O’Bryan J that the phrase ‘honestly, efficiently and fairly’ refer to three concurrent obligations: ASIC v Westpac Securities Administration Limited [2019] FCAFC 187 (at [170] and [426]). However, this approach has not yet been adopted by lower courts. Reconsideration of this obligation was not pleaded in the appeal of this decision to the High Court.