Proposals for ‘significant’ reforms to breach reporting regime for AFS licensees

Treasury has released a consultation paper in relation to proposed reforms to the self-reporting regime for Australian financial services licensees (AFS licensees) under the Corporations Act 2001 (Cth) (Act). 

The consultation paper is based on a review of the regime by the ASIC Enforcement Review Taskforce (Taskforce), and sets out a number of preliminary positions to reform that regime.

The current self-reporting regime

The self-reporting regime currently requires that if an AFS licensee breaches, or is likely to breach, one or more of the relevant obligations, and the breach or likely breach is ‘significant’, then the AFS licensee must report the matter in writing to ASIC.

The key proposed reforms to this regime are outlined below.

‘Significance’ test

The key trigger for the self-reporting obligation concerns the ‘significance’ of the breach. This threshold currently requires AFS licensees to undertake a qualitative assessment of any breach or likely breach having regard to the factors set out in section 912D(1)(b) of the Act.

The consultation paper proposes that the ‘significance test’ in section 912D of the Act is retained (contrary to some speculation that it would not be) but that the test is amended so that the significance of breaches is determined objectively.

This would be achieved by requiring AFS licensees to notify ASIC of breaches or likely breaches that a reasonable person would regard as significant having regard to the existing factors set out in section 912D(1)(b) of the Act (for example, the actual or potential financial loss to clients).

Extension of the obligation to report

AFS licensees are currently only required to report ‘significant’ breaches, or likely breaches, of relevant obligations under the Act.

The Taskforce proposes to extend the reporting requirement to include the conduct of employees and representatives. The stated purpose of this extension is to ensure that ASIC is notified of any misconduct or other serious regulatory issue by representatives as early as possible so that ASIC can investigate further where necessary.

Timing of the obligation to report

Currently, AFS licensees are required to report any significant breaches (or likely breaches) as soon as practicable and within 10 business days from the time that they become aware of the relevant breach or likely breach.

The Taskforce considers that the trigger for reporting could be changed to be the time that the AFS licensee “becomes aware or has reason to suspect that a breach has occurred, may have occurred or may occur”.

Civil penalty and infringement notice regimes

The Taskforce proposes that civil penalty and infringement notice regimes are added to ASIC’s enforcement remedies for non-compliance with the self-reporting obligation. The proposal to increase the range of enforcement options may become more important if the criminal penalty in relation to non-compliance is increased as part of the proposed reforms.

Submissions in relation to the consultation paper are due by Friday 12 May 2017.