Chapter 6

Regulation of Financial Services

Application of Australian law to the provision of financial services is a highly technical subject and any particular proposal needs to be considered on its merits.

6.1 Banking business

An entity that carries on 'banking business' in Australia must be an authorised deposit-taking institution (ADI) supervised by the Australian Prudential Regulation Authority (APRA). For the purposes of the Banking Act 1966 (Cth) (as amended), an entity carries on banking business if it:

  • takes deposits; and
  • makes loans and advances.

An entity regulated as an ADI is subject to comprehensive supervision by APRA on a range of matters including prudential conduct, capital adequacy, governance and outsourcing. The effect of these policies is to place material boundaries on the conduct of ADIs.

Some particular aspects of banking business are also subject to regulation by the Reserve Bank of Australia (RBA), the Australian Securities and Investments Commission (ASIC) and the Australian Transaction Reports and Analysis Centre (AUSTRAC).

A foreign bank wishing to establish in Australia could seek to become an ADI by creating a new subsidiary that is subject to the supervision of APRA. Alternatively, a foreign bank could apply for registration as a foreign ADI. If this type of approval is granted, the foreign ADI is supervised by the relevant regulator in its own jurisdiction. Typically, however, there will be constraints on its operations which are imposed by APRA. These are likely to include:

  • a minimum initial deposit amount (of, say, $500,000) which may be accepted by the foreign ADI from an Australian resident;
  • disclosure to customers (and any other third parties) of the fact that the foreign ADI is subject to prudential supervision in another place and not by APRA; and
  • a requirement to maintain liquid capital within the Australian branch of the foreign ADI sufficient to meet liabilities which are or may become payable within the next 30 days.

Another approach open to a foreign bank is to establish a representative office in Australia. This may enable it to maintain a presence so that it can receive enquiries about services which it provides offshore. A representative office does not carry on business in Australia.

Use of the term 'bank' requires approval from APRA and is usually conditional.

Banks have authority to deal in foreign currencies, except in certain transactions involving foreign governments and agencies.

6.2 Payment systems

As a primary concern, regulation of payment systems in Australia is directed at parties which hold value on behalf of customers. Under the Payment Systems (Regulation) Act 1998 (Cth), an entity that participates in a ‘designated payment system’ and which holds value for a customer must be an ADI or a purchased payment facility provider approved by APRA. For these purposes designated payment systems include, for example, VISA, MasterCard and American Express, as well as Australian domestic clearing and settlement services such as EFTPOS.

There are some exceptions to this requirement, including storing value which can be used to pay no more than 50 persons, or storing value that does not exceed A$10 million. This provides some relief for smaller businesses during a start-up phase.

In practice, some providers of payment systems enter into an alliance arrangement with an ADI so that under the alliance structure, value is stored with the ADI for the benefit of the provider's customers.

Australia also has an e-Payments Code, a voluntary code of practice which regulates electronic payments (including ATM, EFTPOS, debit and credit card transactions, online payments, internet and mobile banking and BPAY). Banks, credit unions, building societies and other providers of electronic payment facilities to consumers may elect to subscribe to this Code. Subscribers must warrant that they will comply with the Code in the terms and conditions they give consumers, and consumers can complain about a breach of the Code to the subscriber.

In general, the Code:

  • requires subscribers to give consumers clear and unambiguous terms and conditions, information about changes to terms and conditions (such as fee increases), receipts and statements;
  • sets out the rules for determining who pays for unauthorised transactions; and
  • establishes a regime for recovering mistaken internet payments.

Although not a strict legal requirement, ASIC expects that an Australian Financial Services Licence (AFSL) holder will comply with the e-Payments code as a matter of good licensing practice, if that code is relevant to any of those products. 

6.3 Other financial services regulations

Chapter 7 regulation and the Australian Financial Services Licence Regime

Some products and services of financial services providers (including banks and other financial institutions) are subject to regulation under the financial services provisions of Chapter 7 of the Corporations Act. Chapter 7 applies to a financial services provider that targets customers located in Australia, even if that financial services provider has no place of business in Australia.

Chapter 7 of the Corporations Act regulates the financial services industry in several ways:

  • Conduct in relation to a broad range of financial products is regulated, including securities (such as shares and debentures; see Chapter 8 of this publication 'Fundraising'), derivatives, foreign exchange contracts, general and life insurance products, interests in managed investment schemes, deposit accounts, superannuation interests and non-cash payment facilities such as smart cards, cheques, travellers cheques and certain electronic payment facilities and margin lending facilities. Other forms of credit products are specifically excluded from the financial services regime.
  • Providers of financial services are subject to a single licensing regime. This includes banks involved in issuing, dealing or giving advice in relation to financial products.
  • Providers of financial services face consumer protection and disclosure obligations in relation to certain activities connected with financial services and products.

Generally speaking, persons issuing regulated financial products to retail clients face more extensive initial and ongoing disclosure obligations than those dealing just with wholesale clients. Entities should also consider consumers protection provisions under the Australian Securities and Investments Commission Act 2001 (Cth) and the Australian Consumer Law (see Chapter 15 of this publication, 'Consumer protection and product liability') as well as data privacy laws (see Chapter 22 of this publication, 'Privacy').

There are some exceptions to the licensing regime where financial products are exempted under regulations or Class Orders.

Financial Sector (Collection Of Data) Act

Under the Financial Sector (Collection of Data) Act 2001 (Cth), an entity which carries on business in Australia and has assets from the provision of finance must register with APRA if the sum of its assets from the provision of finance in Australia exceeds $50million.

A registered entity has an obligation to report monthly to APRA. Reporting obligations include relevant assets of related companies (whether or not themselves registered) which would not otherwise be reported. In practice, APRA usually requires only quarterly reporting until the assets of a registered entity from the provision of finance exceed $250 million.

The purpose of the Act is to enable APRA to collect data about the level of indebtedness in Australia. This informs monetary policy set by the Reserve Bank of Australia and enables the Australian Bureau of Statistics to publish accurate information about Australia's indebtedness, for the purposes of ensuring transparency within the market for the benefit of investors.

Since early 2018, under the Banking Act 1966 (Cth), APRA has possessed power to impose prudential standards on entities that are registered financial corporations under the Financial Sector (Collection of Data) Act 2001 (Cth). To date APRA has not exercised this power, and its Chairman has said that for the time being it does not intend to so. 

Anti-Money Laundering and Counter-Terrorism Financing Act 2006

An entity providing credit or financial services will almost certainly be providing a 'designated service' for the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act). The AML/CTF Act was introduced to meet Australia's international treaty obligations established by the Financial Action Task Force (FATF). Its broader objectives include detecting, deterring and disrupting money-laundering and terrorism financing (ML/TF) activity and other serious financial crimes.

If an entity provides designated services for the purposes of the AML/CTF Act it will be considered a 'reporting entity' and become subject to regulation by AUSTRAC. There are numerous consequences to this, including that the reporting entity must:

  • enrol or register with AUSTRAC;
  • carry out an assessment of the ML/TF risks in its business having regard to matters such as customer profile, jurisdictions affected by the financial service, and specific product/channel risk;
  • establish, maintain and adhere to an effective AML/CTF program which is approved and overseen at Board level and is designed to identify, mitigate and manage those ML/TF risks by reference to a range of prescribed matters; and
  • adhere to various obligations including in relation to:
    • initial customer identification and verification;
    • monitoring transactions to detect unusual activity that may be suggestive of ML/TF activity or other financial crime;
    • reporting certain matters to AUSTRAC (including certain suspicious activity, threshold cash and e-currency transactions, international transfers, and annual compliance reports); and
    • additional due diligence regarding customers, employees and some third parties.

AUSTRAC is an active regulator which enforces the legislation. The legislation presently prescribes a civil penalty of $21 million for each breach of the Act.

The Financial Transaction Reports Act

The Financial Transaction Reports Act 1988 (Cth) operates alongside the AML/CTF Act and imposes a number of obligations on cash dealers, including an obligation to report suspect transactions, cash transactions of A$10,000 or more or the foreign currency equivalent, and international funds transfer instructions to AUSTRAC. For these purposes a cash dealer is widely defined, and is not limited to parties which are in fact dealing with currency. For example, any AFSL holder is a cash dealer. It also requires the verification of the identity of persons who are signatories to accounts, and prohibits accounts being opened or operated in a false name.

6.4 Consumer credit regulation

Generally speaking, an Australian credit licence will be required for a business that provides credit to individuals who are ordinarily resident in Australia where the credit is provided for:

  1. personal domestic or household purposes; or
  2. investment in or improvement of residential real estate.

This type of credit is subject to the National Credit Code (contained in the National Consumer Credit Protection Act 2009 (Cth)) (NCC), and the credit provider:

  1. must carry out responsible lending obligations; and
  2. is subject to a range of policy expectations of the regulator, the Australian Securities and Investments Commission (ASIC).

Under the NCC there are requirements of a highly prescriptive character relating to the form and content of loan and security documentation, as well as statutory disclosures and notices which must be made. The NCC specifies mechanisms for enforcement of loans, prescribes a process for dealing with hardship variations of contract requested by a debtor, provides relief against terms of an arrangement which may be characterised as "unjust", and also provides for disputes to be dealt with by an approved external dispute resolution scheme which has jurisdiction to make decisions that are binding on the credit provider. Presently the approved external dispute resolutions schemes are the Financial Ombudsman Service and the Credit and Insurance Ombudsman but policymakers are proposing the merger of these schemes.

Last updated: 01/03/2019

Key contacts

Andrew Booth
Head of Finance, Australia
+61 3 9288 1269
Tony Coburn
+61 2 9322 4976
Michael Vrisakis
+61 2 9322 4411
Luke Hastings
Regional Head of Practice (Disputes) Australia
+61 2 9225 5903
Bryony Adams
+61 2 9225 5288
Andrew Eastwood
+61 2 9225 5442
Juliana Warner
Managing Partner
+61 2 9225 5509