AFSL cyber security failures on ASIC’s radar in 2025
ASIC has unveiled a slew of new enforcement priorities for the year ahead where it intends to direct expertise and resources, including a closer watch on licensees falling short on cyber security protections.
In a statement on 14 November, ASIC explained the only enforcement priority targeted towards licensees is one regarding “licensee failures to have adequate cyber security protections”.
Last month, ASIC chair Joe Longo told AFSLs that cyber protection should be “top of mind” as they manage their businesses, noting that while firms and directors are all facing challenges, cyber security should not fall to the wayside.
“Most firms will be victims of some attack and they need to be able to respond to that. I would remind directors that they have to take these issues seriously. They are under legal obligations to manage this risk and put in place systems and processes,” Longo said in an appearance before the standing committee on economics.
The regulator’s 2023 Cyber Pulse Survey, which included almost 700 participants including 120 financial advisers, previously found over half (58 per cent) of respondents had limited or no capability to adequately protect confidential information. A third (33 per cent) did not have a cyber incident response plan.
Earlier this year, ASIC also highlighted the case of RI Advice, which was found by the Federal Court in May 2022 to have breached its licence obligations to act efficiently and fairly when it failed to have adequate risk management systems to manage its cyber security risks.
Elsewhere, ASIC will be looking into greenwashing and misleading conduct involving ESG claims; strengthening investigation and prosecution of insider trading; and licensee failures to have adequate cyber security protections, along with nine other new enforcement priorities.
These sit alongside its “enduring priorities” that include targeting market misconduct and systemic compliance failures by large financial institutions, and transgressions risking consumer harm, among others.
According to ASIC, the last year has seen its new investigations increase by 25 per cent on the previous year, along with a rise in new civil proceedings (23 per cent).
However, ASIC deputy chair Sarah Court maintained numbers “only tell one part of the story”.
“Numbers don’t capture the full impact of the enforcement actions filed including the resulting compliance and deterrence we achieve, particularly in relation to consumer and investor protections and changing industry behaviour,” she said.
AUTHOR
Rhea Nath
Recommended for you
The board of Insignia Financial has reached a decision regarding the possible acquisition of the firm by US private equity giant Bain Capital.
Six of the seven listed financial advice licensees have reported positive share price growth in 2024, with AMP and Insignia successfully reversing earlier losses.
There has been a 16.3 per cent rise in the wealth of Australian billionaires this year to over $200 billion, UBS finds, as Australian advisers shift their offerings to meet this expansion and service their unique needs.
AZ NGA is looking to triple in size over the next five years as US investment giant Oaktree completes its $240 million investment in the professional services company.
