‘Flooding the system’: ASIC’s reportable situations relief needs to go further

In a joint response to the Australian Securities and Investments Commission’s (ASIC) proposal to provide additional relief under the reportable situations regime, a number of industry bodies have urged the regulator to go further.

According to the Financial Advice Association Australia (FAAA), the SMSF Association, Chartered Accountants Australia and New Zealand, CPA Australia, and the Institute of Public Accountants, any relief from lodging reports that “provide very little intelligence” is welcome.

In February, ASIC put forward changes to the reportable situations regime that would reduce the burden on licensees and ensure the “high regulatory value” of reports.

Reforms to the reportable situations regime in 2021 expanded what was reportable and pushed for more timely and consistent reporting, however, ASIC is now looking for ways to make it easier for licensees to comply with the regime.

“ASIC’s proposed additional relief aims to reduce the reporting burden on industry while still ensuring that ASIC receives reports of high regulatory value,” the regulator said.

The joint bodies said it is important that the regime strikes an “appropriate balance” between reducing any unnecessary regulatory burdens on AFSLs while “preserving the intention of the reportable situations regime”.

“The resources of ASIC should be focused on identifying and addressing emerging trends of serious non-compliance, including those that could lead to material consumer financial detriment,” the bodies said in a submission.

“They should not be consumed on minor compliance breaches which are currently flooding the system, which is a concern for the sector given ASIC is funded via an industry funding model.

“Further, the obligation to make a reportable situation report to ASIC involves a significant amount of work and cost, particularly for small business licensees, who are often forced to seek expensive legal or compliance advice to understand their obligations and prepare the report.”

According to the joint bodies, this increase in time and money spent on immaterial matter that ASIC would be uninterested in pursuing is a “significant waste” for the businesses.

“To better achieve a sensible balance between the cost of the process and access to meaningful information for ASIC, we recommend the first proposed parameter is amended to the breach has been rectified within 30 days from when it is first identified, not when the breach occurred,” the submission said.

This would be of particular benefit to the financial advice sector, the submission added, given non-compliance with the law is often discovered as a result of a complaint or a client file audit.

“Rarely is it discovered at the time the advice is delivered. This would mean that the benefit to the financial advice sector would likely be limited to administrative matters and licensee level breaches,” the joint bodies said.

“We believe this change is needed, or the proposed relief will likely be ineffective in reducing the actual quantum of breaches reported that provide very little intelligence, but consumes ASIC’s time and resources, and arguably, wastes AFS licensee resources.”

Among ASIC’s proposed relief measures was exempting breaches where the total financial loss or damage to all impacted consumers is not more than $500 (including where the loss has been remediated).

This number should be increased to $1,000, according to the joint bodies, while the maximum number of clients impacted to avoid a report should move from five to 10.

“We believe that this provides a sensible balance between what is reported to ASIC, the associated costs and the value of the information to ASIC. Should this recommendation not be accepted, we recommend that the $500 threshold is at least annually indexed to ensure that it remains effective in reducing low intelligence breaches being reported on mass,” the submission said.

They also pushed for ongoing reviews of the effectiveness of the relief measures every 12 months, as well as greater detail being included in the annual report on reportable situations.

“We also believe that there are further civil penalty provisions that could be excluded by the government from the reportable situations regime, such as the current penalties that apply to fee consent provisions under sections 962R and 962Z of the Corporations Act 2001,” it concluded.

An ASIC report in December last year found licensees across the financial services sector need to up their game when it comes to breach reporting, with ASIC saying its surveillance showed that there is “still more work to do”.

“We encourage all licensees, not just those in the review, to review their current arrangements for complying with reportable situations against our findings, as well as the better practices we set out, and make the necessary improvements,” the regulator said at the time.

In another report last year, ASIC found that just 7 per cent of reports related to financial advice in FY2023–24, which was stable compared with the previous year.

Following the announcement of the relief proposal, the Financial Services Council (FSC) also said the announcement was welcome but didn’t go far enough.

A Positive Economics survey of 29 of the FSC’s superannuation, financial advice licensees, and funds management members found that it costs $3,800 in extensive documentation, senior executive time and auditor reviews every time a minor breach is reported to the ASIC portal.

These minor breaches, the FSC said, include statements being sent to customers one day late, immaterial typos and other inconsequential oversights such as being a few hours late in removing a document from a website.

“The regulator has acknowledged industry concerns that reporting these minor breaches is excessively burdensome. These proposals go some way to addressing some of the problems, however, more work needs to be done,” FSC chief executive Blake Briggs said.

“Our survey found unnecessary regulation in the financial services breach reporting regime has resulted in almost $4,000 wasted every time a minor breach is reported, or $24 million annually, showing a significant need for streamlining the reporting system to get rid of disproportionate regulation which results in businesses and ASIC incurring unnecessary time and expense.

“This includes 34,000 hours of compliance staff time which could be more productively used to enhance governance and reduce risk, as well as resolve genuinely serious breaches where consumers are financially impacted or otherwise harmed.”