AFSL cyber security failures on ASIC’s radar in 2025
ASIC has unveiled a slew of new enforcement priorities for the year ahead where it intends to direct expertise and resources, including a closer watch on licensees falling short on cyber security protections.
In a statement on 14 November, ASIC explained the only enforcement priority targeted towards licensees is one regarding “licensee failures to have adequate cyber security protections”.
Last month, ASIC chair Joe Longo told AFSLs that cyber protection should be “top of mind” as they manage their businesses, noting that while firms and directors are all facing challenges, cyber security should not fall to the wayside.
“Most firms will be victims of some attack and they need to be able to respond to that. I would remind directors that they have to take these issues seriously. They are under legal obligations to manage this risk and put in place systems and processes,” Longo said in an appearance before the standing committee on economics.
The regulator’s 2023 Cyber Pulse Survey, which included almost 700 participants including 120 financial advisers, previously found over half (58 per cent) of respondents had limited or no capability to adequately protect confidential information. A third (33 per cent) did not have a cyber incident response plan.
Earlier this year, ASIC also highlighted the case of RI Advice, which was found by the Federal Court in May 2022 to have breached its licence obligations to act efficiently and fairly when it failed to have adequate risk management systems to manage its cyber security risks.
Elsewhere, ASIC will be looking into greenwashing and misleading conduct involving ESG claims; strengthening investigation and prosecution of insider trading; and licensee failures to have adequate cyber security protections, along with nine other new enforcement priorities.
These sit alongside its “enduring priorities” that include targeting market misconduct and systemic compliance failures by large financial institutions, and transgressions risking consumer harm, among others.
According to ASIC, the last year has seen its new investigations increase by 25 per cent on the previous year, along with a rise in new civil proceedings (23 per cent).
However, ASIC deputy chair Sarah Court maintained numbers “only tell one part of the story”.
“Numbers don’t capture the full impact of the enforcement actions filed including the resulting compliance and deterrence we achieve, particularly in relation to consumer and investor protections and changing industry behaviour,” she said.
AUTHOR
Rhea Nath
Recommended for you
High-net-worth clients with between $5-10 million are found to have the greatest unmet advice needs, according to LGT Crestone, with inheritance planning viewed as the most-sought after help.
The advice industry is in an “arms race” according to minister for financial services, Daniel Mulino, around the use of technology in superannuation switching scams such as Shield Master Fund.
Advisers are now serving more ongoing clients, according to a CFS report, but efficiency limitations continue to hinder the 82 per cent looking to serve more.
The FAAA is hopeful the education and experience pathway deadline will be the “last big thing” that could cause an adviser exodus but concern now turns to advisers moving to the wholesale space.
