Tougher new ASIC warns directors
In this year's federal Budget, The Australian Securities and Investments Commission (ASIC) was awarded more than $400 million in extra annual funding over four years, 25 per cent more than last year. Stronger enforcement is the goal and the agency has expanded responsibilities to stamp out financial sector misconduct, according to Treasurer Josh Frydenberg. Here AICD Communications Executive Shelley Dempsey takes a look at the changing role of ASIC post-Hayne and the warning messages it is sending to board directors.
ASIC chair James Shipton has made it clear that the agency is cracking down, especially on the banks. With a 65 per cent rise in enforcement investigations involving “the big six” early this year alone, ASIC has also conducted over 170 onsite interviews with banking staff at all levels, he said in a speech in late March.
“We now all need to implement the lessons of the Royal Commission – particularly its spirit (that is, not just its words),” he said.
Shipton is warning all directors that they need to play their role. Directors and officers (including of superannuation trustees) are on notice as to their directors’ duties and responsibilities in relation to non-financial risks, he says. These include conduct risk and operational risks such as cyber resilience, privacy and data management.
“My suggestion to the officers and directors in finance – finance’s leaders – is that you need to ‘lean into the future’ as regards senior management and director responsibility and accountability. You can start work immediately by leveraging off existing guidance coming from APRA's CBA inquiry, the Royal Commission and our own supervisory and corporate governance work.
“Given that there will be an extension of the Banking Executive Accountability Regime (BEAR) obligations to firms regulated by ASIC, with an additional focus on conduct, this leaning into the future is a very real and practical imperative.”
He adds that these obligations are not new - it is already the law that directors and officers are ultimately accountable for their company’s management of non-financial risks. “Financial institutions must respond responsibly to the challenge and not, as we have seen in some segments, with resistance and reluctance to the job we as a conduct regulator are expected to do.”
Strategic change and ASIC action
ASIC has reported that it has 25 investigations in train relating to the Royal Commission, including 13 specific referrals from Commissioner Hayne, and expects some of these matters to result in criminal prosecutions. In addition, it has already launched proceedings in relation to two other case studies, and is assessing another 16 case studies to determine whether investigations should be started.
While meaningful change is the ultimate responsibility of financial institutions, ASIC is taking charge with a strategic change program moving forward, which includes new regulatory approaches to build trust and fairness, says Shipton.
Between February 2018 to March 2019 alone, all ASIC enforcement investigations increased by 15 per cent and wealth management investigations by 129 per cent.
ASIC is also working with the Australian Financial Complaints Authority (AFCA) and collaborating on projects and data to improve industry behaviour. In its first four months of operations, AFCA had received 24,000 complaints - a 42% increase in volume compared with earlier schemes.
Last year ASIC adopted its ‘Why not litigate?’ enforcement stance, and ASIC’s new Office of Enforcement will coordinate this stance.
“The guiding principles and operational guidelines for our enforcement work, coordinated by the Office of Enforcement, will have as their starting point a focus on deterrence, public denunciation and punishment of wrongdoing by way of litigation.”
Intensive supervision and culture
Many new civil penalties now apply to misconduct that before had no penalty at all, Shipton adds. Maximum prison terms for the most serious offences have risen to 15 years and maximum civil penalties have increased to $1.05m for individuals and over $500m for companies.
“Moving forward, ASIC will continue to enhance the way we regulate, particularly with the adoption of a more intensive supervisory approach. Our new supervisory approach helps detect cultural failings that lead to conduct problems and breaches of the law.”
Data and market analysis will be used by ASIC to detect misconduct early. “Since supervision has a strong focus on governance and culture, it allows ASIC to thoroughly understand the business models and risk management of firms and adjust our regulatory approach to the complexity, innovations and continuous change in entities and markets.”
New supervisory initiatives
ASIC’s Corporate Governance Taskforce is a new supervisory initiative currently being piloted by ASIC, having been prompted by the Financial Services Royal Commission and the APRA prudential inquiry into the Commonwealth Bank. More than half of the ASX50 are under review by the Taskforce, which is examining the role of the board and officers in the oversight of risk, and executive remuneration practices. The Taskforce has dedicated funding of $6.8 million to operate to June 2020. Approximately 20 ASIC staff are dedicated to the Taskforce, and external advisers have been engaged to support its work.
In parallel, ASIC has also been an undertaking a pilot supervision program (known as ‘close and continuous monitoring’) since October 2018, that places ASIC staff onsite at targeted entities. This new program – initially focused on the banks – is intended to ‘add a focus beyond current known [legal] breaches to look at factors that create significant risk of future breaches’ and has seen 170 onsite interviews with banking staff at all levels.
“Initial findings are proving of significant regulatory value and will be fully and frankly disclosed to CEOs and boards to improve their processes, systems and cultures,” says Shipton.
ASIC is already providing important feedback to CEOs and other business leaders on concerns being found in their management, reporting and control systems - so this work is off to an early but “extremely strong start”, he adds.
Expansion of work
Over the past 18 months, ASIC has significantly expanded its priorities and work, increasing and accelerating court-based enforcement outcomes and is looking to use the full extent of its new penalties and powers.
“We are also implementing the Government’s package of reforms and our new obligations and responsibilities in response to the Royal Commission. Importantly, this includes an expanded role for ASIC to become the primary conduct regulator in superannuation,” says Shipton.
In announcing the new funding boost for ASIC as part of the Budget, Frydenberg said the funding ensures ASIC has the resources it needs to perform its critical role in ensuring the law is adhered to in the financial sector and that “consumers are put first, second and third”.
ASIC now has a new role in applying a conduct-focused lens to the BEAR regime and the funding will support expanded regulation of financial services by ASIC in accordance with Royal Commission recommendations – in the areas of credit, financial advice and insurance.
“The Government is taking action on all 76 of Commissioner Hayne’s recommendations and, in a number of important areas, going further,” Frydenberg said.