What if ASIC comes knocking?

There seems to be much uncertainty, and perhaps even folklore, within the financial services profession surrounding the approach the Australian Securities andInvestments Commission (ASIC) might take when it ‘comes knocking’.

This article is not intended to provide an exhaustive overview of the law in this area and it is not intended to provide or amount to legal advice.

What does ASIC do?

The breadth of ASIC’s work as the corporate watchdog vis-à-vis other regulators within Australia is not always fully understood.

Broadly speaking:

~ ASIC regulates companies and financial services, and promotes investor, creditor and consumer protection;

~ The Australian Prudential Regulation Authority (APRA) establishes and enforces prudential standards and practices for deposit-taking institutions, insurance companies and larger superannuation funds to ensure, under all reasonable circumstances, that they can meet their financial promises;

~ The Reserve Bank of Australia regulates monetary policy and the stability of the financial system; and

~ the state and territory fair trading or consumer affairs agencies regulate consumer credit under the Uniform Consumer Credit Code.

More specifically, ASIC administers the following legislation (or relevant parts of it), as well as relevant regulations made under it:

~ Corporations Act 2001;

~ Australian Securities and Investments Commission Act 2001;

~ Insurance Contracts Act 1984;

~ Superannuation (Resolution of Complaints) Act 1993;

~ Superannuation Industry (Supervision) Act 1993;

~ Retirement Savings Accounts Act 1997;

~ Life Insurance Act 1995; and

~ Medical Indemnity (Prudential Supervision and Product Standards) Act 2003.

ASIC is not the only regulator of all parts of these Acts. For example, parts of the last four Acts dealing with prudential regulation are administered by APRA.

ASIC’s statutory mandate is found within section 1(2) of the ASIC Act. In essence, this mandate requires ASIC to administer corporate and financial services laws to:

~ enforce the laws of the Commonwealth;

~ protect consumers, investors and creditors and promote their informed and confident participation in Australian markets; and

~ maintain, facilitate and improve the performance of the financial system and the entities within it to enhance commercial certainty, reduce business costs and promote the efficiency and development of the Australian economy.

Within the ambit of its statutory mandate, ASIC:

1. Regulates a wide range of businesses and activities, including some (1):

~ 1.48 million companies;

~ 5,890 company auditors;

~ 747 registered liquidators;

~ 15 financial markets, including the Australian Stock Exchange;

~ five clearing and settlement facilities;

~ 4,415 financial services businesses, including fund managers, stockbrokers, financial advisers and insurance brokers; and

~ 4,310 managed investment schemes.

2. Protects consumers, investors and creditors of corporations, including an estimated (2):

~ 15.9 million with a deposit account;

~ 10.7 million investing through superannuation or annuities;

~ 10 million with credit or charge cards;

~ 6.6 million with a home, personal or investment loan;

~ 4 million directly owning shares;

~ 2 million having invested through a financial adviser; and

~ 1.1 million investing in managed funds.

As you can imagine, in order to fulfil its broad mandate, ASIC needs recourse to (and does have) a broad range of remedies and powers.

Remedies available to ASIC

In the context of the remedies open to ASIC, they can be broadly categorised as follows:

~ criminal action — serious offences are prosecuted through the Commonwealth Director of Public Prosecutions, while ASIC can and does prosecute the more minor contraventions of the law;

~ civil action — includes civil penalties, injunctive relief, corrective action (for example, corrective advertising), and compensatory action; and

~ administrative action — where, for example, a person is banned from holding an Australian Financial Services Licence (AFSL).

ASIC also can and does accept Enforceable Undertakings in lieu of pursuing some civil and/or administrative actions (3).

These remedies are not mutually exclusive. For example, ASIC can take civil action where immediate protective steps are warranted while an investigation of possible criminal offences is ongoing.

Also, ASIC can commence criminal proceedings notwithstanding that it has already obtained a civil penalty outcome in respect of conduct that is the same or substantially the same.

History shows that it is a key part of ASIC’s enforcement policy that it does not bring civil proceedings in substitution for criminal proceedings in matters involving serious corporate crime.

Powers available to ASIC

ASIC can and does conduct informal investigations, which simply means that it is taking steps to ‘ensure compliance’ with the law. Surveillances are one such method of informal investigation. Even when ASIC is merely ensuring compliance with the law, it has the power to inspect and require the production of books (4).

On the other hand, if ASIC is actually conducting an ‘investigation’ (5), it has the power to do the following:

~ inspect and require the production of books (6);

~ obtain and execute a search warrant (7); and

~ conduct an examination and/or seek reasonable assistance (8).

The powers to inspect and require the production of books are frequently used and, except where a search warrant has been obtained, ASIC generally provides a reasonable timeframe for compliance with the notice (even though it is not required to do so). The failure to produce books can result in the execution of a warrant (to obtain/seize the books) and/or a penalty (9).

Generally speaking, the power to require the production of books overrides the general rules at common law governing legal professional privilege and self-incrimination, although in the latter case the information provided cannot be used in a criminal proceeding against the person or a proceeding to impose a penalty on the person (10).

How does ASIC set its enforcement priorities and strategies?

ASIC is generally transparent in relation to its regulatory and enforcement priorities and policies. For example, ASIC’s annual report generally identifies its key priorities across the organisation.

As has been publicly stated by Professor Berna Collier while a commissioner of ASIC (11), the factors that ASIC takes into account when considering whether to take enforcement action include:

~ an examination of ASIC’s jurisdiction in the matter;

~ the level of evidence (12);

~ whether an achievable or appropriate remedy exists for ASIC to pursue;

~ whether the matter involves serious corporate wrongdoing or serious risk or detriment to consumers and the market; and

~ whether the matter satisfies ASIC’s regulatory and enforcement priorities.

The chairman of ASIC, Jeffrey Lucy, during his opening address to the 2006 ASIC Summer School (13), in effect stated that when setting its enforcement priorities and strategies, ASIC assesses key regulatory risks in the ensuing periods while also maintaining an ability to take into account and respond to emerging issues that inevitably arise from time to time.

How best can you prepare yourself for when ASIC comes knocking?

In the context of the financial services industry, ASIC is concerned with ensuring financial services are being provided efficiently, honestly and fairly (14).

If ASIC comes knocking, which should usually be to conduct a surveillance to ensure compliance with the law, it will be assessing your business against the requirements of the financial services laws, your licence authorisations and conditions and ASIC policy.

When you applied for your AFSL you would have lodged ‘proofs’ with ASIC summarising the procedures that your business had in place in order to demonstrate that it could provide its financial services efficiently, honestly and fairly .

Many AFSL holders will have a compliance manual, which details these procedures. It will include procedures covering: appointment of responsible officers and representatives; training; IT; complaints handling; risk management; managing conflicts of interest; dispute resolution; outsourcing; and maintaining adequate financial resources and compensation arrangements.

At the end of the day, you will need to be able to demonstrate that the compliance manual has not only been adhered to but also kept up to date to reflect changes in your business practices and the regulatory environment. Does it tell the truth about what happens in your business? Is your compliance manual a living document?

As Lucy has also said (15), you “must also have sound procedures in place for dealing with things when they go wrong. In my view, this cannot be limited to complaints handling processes”.

You should be able to demonstrate a positive culture of compliance within your organisation. If the procedures you have are actually being followed, as distinct from simply sitting on the shelf, this is likely to demonstrate the right culture. This factor is significant, especially given the recent amendments to the Commonwealth Criminal Code in the context of corporate liability. (16)

Unfortunately, it is our experience from the compliance audits that Holley Nethercote has conducted that some people in some organisations are not even vaguely familiar with their compliance manual or the regulatory requirements.

Clearly, it is in your interest to ensure that steps to remedy these gaps are not left until ASIC gives you notice that a visit is pending.

Conclusion

If ASIC comes to your door, it may not necessarily mean that it suspects or believes for some reason that you or other members of your organisation have contravened the law.

It may be the case that ASIC is merely taking steps to ensure the law is being complied with. In fact, it is possible that ASIC is knocking on the doors of your competitors or others in your industry or market sector at the same time.

Either way, if you are compliant, you will have nothing to fear or hide. In any event, being aggressive or overly defensive is not recommended.

Like any law enforcement or regulatory agency, ASIC is not interested in pursuing those who comply with the law. It also seems obvious that ASIC recognises that the levels of compliance and standards of corporate governance are high.

So, the likelihood of ASIC coming knocking at your door is relatively low.

However, as history shows, ASIC will not hesitate to take action, swift and strong, in the appropriate instances, which often necessarily involves or otherwise impacts upon persons and organisations that may be nothing more than ‘innocent bystanders’ (so to speak).

Perhaps this is a small price to pay for having an industry that, in a real and perceived way, is professional and credible.

Angelo Venardos, formerly a solicitor with Holley Nethercote Commercial Lawyers , is a senior legal counsel with the Queensland Police Force.