The Final Report has been released and for those who followed the public hearings, the recommendations are not surprising. The regulators, ASIC and APRA, have been given increased regulatory scope and more tools to regulate. The key question is, following on from the Final Report, where next for the regulation of financial services in Australia?
APRA and ASIC effectiveness
APRA and ASIC came under significant criticism for not being effective regulators in responding to misconduct. The regulators’ responses were often seen as inadequate in comparison to the scale of the misconduct, and the regulators were too willing to co-operate with industry participants.
To increase the capability of the regulators a number of recommendations were made, such as regular capability reviews of both APRA and ASIC, and a new oversight authority overseeing both the regulators. The new independent oversight authority will need to report biennially to the Minister on the effectiveness of the regulators. These reports will create a strong impetus for the regulators as being seen to be active, and suggest increased enforcement action to demonstrate results and accountability.
ASIC’s specific approach to enforcement was also subject to recommendations, suggesting a decrease in the use of infringement notices, an increase in the use of court action, and separating out enforcement staff from non-enforcement staff at ASIC. The Final Report acknowledges that enforcement activity is radically different from day to day regulatory functions, and that enforcement staff should only be involved with regulated entities on a matter specific basis. This may create regulatory uncertainty where enforcement staff take different views from other areas of ASIC, but will work toward making enforcement staff independent from industry participants.
Relationship between APRA and ASIC
The Final Report has recommended that the twin peaks model of APRA and ASIC each having related but separate remits remains in force. Despite this, their roles will change significantly. ASIC will have a role in administering the BEAR - presently this is APRA’s sole responsibility. The roles of ASIC and APRA under the Superannuation Industry (Supervision) Act 1993 will be adjusted such that APRA will be responsible for establishing and enforcing prudential standards, and ASIC’s role will concern the relationship between RSE licensees and individual consumers. To reflect a new statutory obligation to co-operate with each other, ASIC and APRA will also sign a new memorandum of understanding dealing with how they intend to comply with that obligation.
The scope of the BEAR is being expanded to include all APRA regulated entities, including insurers and superannuation RSEs. Government has recommended a similar regime be introduced for ASIC, non-prudentially regulated entities. Both regimes will feature the obligation to deal with APRA and ASIC in an open, constructive, and co-operative way. The new transparency obligation will change how licensees interact with ASIC, in a shift from a more adversarial approach toward an obligation to co-operate and be forthcoming with information to ASIC.
More active regulators
A new trend is already emerging of regulators taking more regulatory action, which some say is a strategy of taking ‘easy wins’. Historically the regulators have avoided taking enforcement action over every breach. Instead they have focused on technical or difficult cases which will have precedent value and develop the industry understanding of the law. In future we can expect a more active regulator who is more likely to prosecute breaches. This may also flow on to general interactions with ASIC. When receiving a notice to produce from ASIC, a common request from licensees to date is for additional time to respond, which is typically granted. Our experience is that ASIC is becoming more reluctant to grant extensions, or at least the extensions requests, in a number of cases.
ASIC is also set to take more criminal actions following the evidence presented during the Royal Commission. The Commonwealth Director of Public Prosecutions (CDPP) has historically operated under a memorandum of understanding where criminal cases were generally referred to the CDPP by ASIC. With more criminal cases potentially in the pipeline, the CDPP will take on an additional focus, but will ASIC keep more criminal cases ‘in-house’?
Resources of the regulator
While ASIC is set to become more active, a question remains about where the extra resources will come from. ASIC was previously required to employ staff under the Public Service Act 1999, limiting how it could hire new people, and what it could pay existing staff. With this restriction gone, and additional funding for new staff, ASIC has recently started hiring additional legal resources for enforcement.
Resourcing may also come from other agencies as well. APRA has a related regulatory ambit, but has previously not been active in its enforcement approach. With APRA and ASIC both entering into a memorandum of understanding creating a positive obligation to cooperate, we may see the end result of a centralised enforcement team sharing resources across both regulators.
How breaches are reported and uncovered to the regulators was also a theme in the Royal Commission. Legislative reform is underway in Australia to encourage whistleblowers to come forward, with draft legislation currently before the Australian Parliament that contains significantly enhanced protections for whistleblowers. The Labor party has also recently committed to introducing a further suite of measures to support whistleblowers, should it be elected, including payment of ‘bounties’ (similar to the position in the US). If these measures are enacted, this could drastically change the landscape in Australia, noting Australians are currently the third largest source of international complaints to US regulatory authorities, behind Canada and Britain.
Breach reporting has also become enhanced with additional obligations on licensees. The BEAR for ADIs features an obligation on ADIs to deal with the regulator (APRA) in an open, constructive, and cooperative way. A similar obligation on licensees to deal with ASIC in an open, constructive and cooperative way would be a step above the existing obligation to act “efficiently, honestly, and fairly” in providing financial services to customers, and would assist with stronger disclosure to the regulators.