ASIC releases guidance on new breach reporting regulations

The corporate regulator said the reforms, set to commence on 1 October, will “address long-standing concerns” about breach reporting.

The new guidance states that AFS licensees will be required to report breaches found after 1 October 2021 even if they occurred prior to that date.

However, credit licensees do not have to report breaches found prior to 1 October which will allow them to have a “relatively gradual implementation upon commencement”.

Other requirements for AFS licensees include an obligation to report an investigation into whether there is a reportable situation where that investigation continues for more than 30 days and to lodge breach reports with ASIC “after the licensee first knows, or is reckless with respect to whether, there are reasonable grounds to believe a reportable situation has arisen”. 

Currently, AFS licensees have 10 business days within which to report.

“ASIC analysis in 2018 revealed it took more than four years (on average) for large financial institutions to identify incidents that proved to be significant breaches. Today’s remediation tally reveals how much consumer harm these delays caused, and ultimately at great cost to those firms,” deputy chair Karen Chester said on Tuesday.

“The government’s new reporting obligations put strong guard rails in place that will benefit firms and consumers alike.

“The new obligations will help firms identify and act swiftly on the breaches that matter, making sure they get the attention they deserve. Licensees and boards will have greater confidence they are doing the right thing by consumers, and ultimately their firm and shareholders.

“The new obligations also benefit consumers by allowing ASIC to better identify and swiftly address systemic problems. There will be greater transparency for consumers and firms with the publication of breach reporting data by ASIC from late 2022.”

Ms Chester’s comments come after ASIC commissioner Danielle Press said that the regulator is aware that the incoming reforms, which also include a new reference-checking regime to vet potential advisers, are complex.

“We understand that there is a confluence of regulation coming into play on the 5th of October, and we are cognisant that industry is struggling to get their heads around some of it and we are working with them pretty closely,” Ms Press said late last month.

Neil Griffiths

Neil is the Deputy Editor of the wealth titles, including ifa and InvestorDaily.

Neil is also the host of the ifa show podcast.