New significance test for breach reporting
The new breach reporting regime requires licensees to lodge a report within 30 days (previously 10 days) and the significance test has been expanded, according to The Fold Legal.
An analysis by the law firm on the new regime which is due to commence on 1 October, 2021, said licensees needed to review its breach assessment processes to ensure they could meet the new timelines.
“The 30-day clock now starts ticking once you have reasonable grounds to believe there has been or will be a significant breach, or you are reckless as to whether there are reasonable grounds,” it said.
The breach must be reported to the Australian Securities and Investments Commission (ASIC) at the investigation stage if an investigation had continued for over 30 days, and a second report needed to be provided to ASIC on the outcome of the investigation.
On the significance test, a breach of a core obligation was now deemed significant if:
- The provision breached is an offence that may involve imprisonment for 12 months (three months for dishonesty offences);
- The provision breached is a civil penalty provision;
- The provision breached relates to misleading or deceptive conduct under the Corporations Act or the ASIC Act; or
- The breach results, or is likely to result, in material loss or damage to clients or members.
The analysis noted that gross negligence and serious fraud were automatically reportable as well, and for credit licensees, a breach of a “key requirement” under the national credit code was also deemed to be significant.
“By deeming a breach with a civil penalty provision as significant, it means that almost all breaches of the relevant legislative provisions will be reportable, regardless of their size. This means you should expect to lodge breach reports more frequently,” it said.
The Fold pointed to the explanatory memorandum that contemplated Treasury introducing new regulation to pare back the deeming provisions if ASIC received too many minor, technical, or inadvertent breach reports.
If a breach was not automatically deemed to be significant, licensees needed to assess if the breach was significant by considering:
- The number or frequency of similar breaches;
- The impact of the breach on their ability to provide the services covered by their licence; and
- The extent to which the breach indicates the licensee’s compliance arrangements are inadequate.
The Fold also said licensees would also be required to report breaches by other licensees to ASIC in certain circumstances. This aimed to target individual financial advisers and mortgage brokers.
Recommended for you
The UK-based global asset manager has formed a new group executive committee to accelerate its growth strategy following the commencement of its new CEO this month.
Momentum Media has announced 26 winners across 10 individual and 15 group categories for its brand-new Australian AI Awards.
The financial services industry is currently “overwhelmed with quality and quantity of candidates”, Kaizen Recruitment explains, leading executives to face 12-month long recruitment processes.
Zenith Investment Partners has appointed an experienced research executive as its new group head of research following the departure of Bronwen Moncrieff.
