Keeping on top of the latest financial services regulatory & compliance trends?

Investing time in your professional development within a rapidly changing financial services industry is challenging. To meet that challenge, the Australian regulators weekly wrap is designed to keep you at forefront of your practice by quickly setting out the top 5 developments from the past week, analysis and practical considerations for the future.

Never miss an update by signing up to receive emails here or by following me on LinkedIn here. You can also access past editions of the Australian regulators weekly wrap by clicking here.

This week, to mark a big month in financial services regulatory regimes, we are confirming the key reforms which start this month.

  1. Breach reporting (ASIC): the new breach reporting obligations implement recommendations from the Financial Services Royal Commission, and are included in the Financial Sector Reform (Hayne Royal Commission Response) Act 2020. These obligations require AFSL and ACL holders to self-report specific matters to ASIC, and allow ASIC to detect non-compliance behaviours early and take action where appropriate. The primary shift under this new regime is to a more expansive scope of ‘reportable situations’ (i.e. matters that must immediately be reported to ASIC), and the introduction of ‘deemed significant breaches’. Largely gone will be the days of subjective assessments of ‘significance’ of a particular issue, with the decision of whether a matter is reportable to ASIC or not hinging on that assessment. There is far more prescriptive rigour around what is reportable to ASIC now. ‘Deemed significant’ breaches, which must be reported to ASIC irrespective of the number of customers affected, the quantum of loss, or broader impact to compliance frameworks, include: 1) breaches that constitute the commission of an offence and the commission of the offence is punishable on conviction by a penalty that may include imprisonment for three months or more if the offence involves dishonesty, or 12 months or more in any other case; 2) breaches of a civil penalty provision (if the provision is not exempted under the regulations; 3) for AC licensees, breaches that constitute a contravention of a key requirement under s111 of the National Credit Code; 4) breaches that amount to misleading or deceptive conduct; or 5) breaches that result, or are likely to result, in material loss or damage to clients. An obligation to report the breach to ASIC within 30 calendar days is automatically triggered if any ‘deemed significant breach’ occurs, such as conduct that amounts to contravention of a relevant civil penalty provision or commission of a relevant offence. More information is here and you can see a demo of our revamped breach reporting tool here.

Thought for the future: October will be a ‘pitiless’ month for licensees (I am sticking with my AFR language). For clients and potential clients reading this and thinking ‘I am not ready’; my firm’s practice group has a wealth of precedential material e.g. policies, procedures and controls built up over the last 6 + months. I appreciate that there is a great deal on, so please do reach out if we can help you expedite your compliance!

AU financial services lawyer in compliance, regulatory & disputes. Email sign-up: and LinkedIn: