On the pulse
ASIC flags key observations from inaugural IDR data publication – see media release.
ASIC InFocus – December 2024 – see InFocus.
ASIC puts insurers on notice for blind spots in complaints handling – see media release.
ASIC invites feedback on proposed updates to digital asset guidance – see media release.
APRA and ASIC release observations from the banking industry's implementation of the Financial Accountability Regime – see media release.
APRA Chair John Lonsdale’s speech to the European Australian Business Council – see speech.
APRA maintains current macroprudential settings in uncertain environment – see media release.
APRA releases response to consultation on minor amendments to prudential framework for ADIs, insurers and RSE licensees – see media release.
APRA releases details on insurance Climate Vulnerability Assessment – see media release.
APRA releases quarterly general insurance and life insurance statistics for September 2024 – see media release.
ACCC grants interim authorisation to the Australian Banking Association Ltd for certain provisions of the Banking Code of Practice – see media release.
AUSTRAC issues 16 businesses with infringement notices for failing to comply with reporting requirements – see media release.
AICD: Cyber Security Governance Principles refreshed to capture evolving risk environment – see media release.
AASB S2: Climate-related Disclosures – see Disclosures.
Expanding the Consumer Data Right to non-bank lending – see media release.
Scam Prevention Framework bill referred to Senate Economics Legislation Committee for inquiry and report by 3 February 2025 – see parliament webpage.
G+T Insight - Regulators give us some intel – how the banking industry has implemented FAR – Silvana Wood and Janina Del Rosario (5 December 2024).
G+T Insight - One small step - the Privacy Amendment Bill has passed – Melissa Fai and Claire Harris (4 December 2024).
G+T Insight - Government introduces legislation to regulate Buy Now, Pay Later – Silvana Wood and Chris Whittaker (4 December 2024).
G+T Insight - Government announces new digital competition regime – Elizabeth Avery and Louise Klamka (3 December 2024).
G+T Insight - It’s here! Everything you need to know about the merger reform legislation – Elizabeth Avery and Simon Muys (29 November 2024).
G+T Insight - ACCC and government call out private equity in merger reforms – Rachel Basil and Alex Kauye (27 November 2024).
G+T Insight - The Legal 500: Blockchain (Australia) – Emily Shen and Peter Reeves (25 November 2024).
ASIC
ASIC flags key observations from inaugural IDR data publication
ASIC has released its first publication of industry-wide data reported under the internal dispute resolution (IDR) data reporting framework.
Under the IDR framework, most licensed financial firms are required to report IDR data to ASIC on a six-monthly basis. This inaugural industry-wide report is a key milestone in the implementation of the framework. Publishing IDR data promotes transparency by sharing valuable information with consumers while also helping to drive improvements in IDR practices.
Key observations from the over 4.7 million complaints reported by financial firms of all types for the period 1 July 2023 to 30 June 2024 include:
general insurance products were subject to the most complaints (33% of all complaints), followed by credit products (22%) and deposit-taking products (15%)
most complaints were about service (45%), followed by charges (22%) and transactions (11%)
most outcomes involved an explanation or apology only, or no remedy (43%), followed by a service-based remedy (39%) and a monetary remedy (13%)
over three-quarters of all complaints were resolved within one day
623,555 complaints resulted in a monetary remedy, collectively totalling over $375 million.
While ASIC does not verify that financial firms’ self-reported data accurately reflects their underlying complaints handling, ASIC found variations in the volume of complaints reported by comparable firms and gaps in the IDR data that indicate the data reported to ASIC may not fully reflect the complaints received by some firms. As a result, ASIC is concerned that some firms are not reporting IDR data accurately.
Moreover, 5,035 firms declared no complaints to report for the full year period. This number is higher than ASIC expected.
ASIC will assess compliance with the reporting requirements by reviewing firms that make a nil submission against other datasets, including reports of misconduct, reportable situations and data from the Australian Financial Complaints Authority (AFCA).
ASIC Commissioner Alan Kirkland said it is important for firms to foster a positive complaints management culture, including a focus on gathering accurate data, adding that firms should reflect on the detailed requirements and practical guidance outlined in ASIC’s IDR data reporting handbook.
See ASIC media release.
ASIC InFocus – December 2024
Christmas closedown - ASIC still online this festive season
Telephone and online enquiry services will be unavailable from 12:00 PM AEDT Tuesday 24 December 2024 to 8:30 AM AEDT Thursday 2 January 2025. Read more.
Coming soon - ASIC Professional Registers Search
On Monday 9 December 2024, the Professional Registers Search will launch, seeing an end to the Beta. Read more.
Registered agents: Ceasing to act as a company’s agent
Learn about what forms to lodge when ceasing to act as a company's agent, and how to avoid your address staying as the company's registered office. Read more.
See ASIC InFocus.
ASIC puts insurers on notice for blind spots in complaints handling
Insurers are failing to identify one in six customer complaints, effectively denying those Australians critical protections available through the IDR regime, an ASIC review has found.
ASIC’s review of the IDR practices of 11 general insurers highlighted shortcomings in several areas, including the failure to identify complaints and systemic issues, as well as inadequate communications to customers.
ASIC’s analysis of insurance complaints handling comes as the volume of general insurance complaints made to AFCA swelled by 50% in the 2022-23 financial year and rose again in 2023-24.
ASIC also found that immature IDR systems and processes contributed to poor complaints handling and reporting. There was also significant variability in insurers’ communication practices.
Commissioner Kirkland said the issues highlighted in ASIC’s review were disappointing, particularly as insurers were told to improve their IDR practices following an ASIC review of claims handling in the aftermath of the 2022 Queensland and New South Wales floods.
ASIC expects all insurers to act on the findings outlined in this report and take steps to uplift their approach to complaints handling. ASIC will ask the insurers in the review to prepare an action plan outlining how they will address these issues and better support their customers.
See ASIC media release.
ASIC invites feedback on proposed updates to digital asset guidance
On 4 December, ASIC released Consultation paper 381 Updates to INFO 225: Digital Assets: Financial Products and Services (CP 381) outlining proposals to update Information Sheet 225 Crypto Assets (INFO 225).
To provide greater clarity about the current law, ASIC has proposed a range of updates to INFO 225, including adding 13 practical examples of how the current financial product definitions apply to digital assets and related products.
See ASIC media release.
APRA
APRA and ASIC release observations from the banking industry's implementation of the Financial Accountability Regime
APRA and ASIC have published a letter containing observations on registration and notification lodgements made since the Financial Accountability Regime (FAR) commenced for the banking industry.
The letter identifies areas that require further consideration by banking entities and reiterates specific aspects, consistent with previously released FAR guidance, to entities across the banking, insurance and superannuation industries.
Entities should review the observations and areas for further consideration provided in the letter for the purposes of ensuring compliance with their obligations under the FAR.
See APRA media release, joint letter and our G+T Insights article.
APRA Chair John Lonsdale’s speech to the European Australian Business Council
In his speech, APRA Chair John Lonsdale outlined the increasing focus on geopolitical and operational risks facing Australia's financial system, highlighting APRA’s upcoming system-wide stress test aimed at understanding risk transmission between key sectors like banking and superannuation. He emphasised the importance of resilience in the face of rising global tensions, technological dependence and economic shocks.
APRA is enhancing its regulatory framework with a specialist geopolitical risk team and new operational risk standards to ensure financial institutions can withstand disruptions. Lonsdale also affirmed the strength of Australia’s financial system, with well-capitalised banks and robust macroprudential buffers, while noting ongoing efforts to monitor and adjust settings in response to emerging risks, including rising household debt and mortgage stress.
See the full speech here.
APRA maintains current macroprudential settings in uncertain environment
APRA will keep its current macroprudential policy settings steady following its regular review of domestic and international economic and financial conditions and risks. APRA’s macroprudential policy tools are aimed at mitigating financial stability risks at a system-wide level to promote a safe and stable financial system that enables households and businesses to confidently borrow, save and invest for the future.
In reaching the decision to keep the settings steady, APRA took account of high household indebtedness and a pick-up in credit growth, persistent cost-of-living pressures, a weakening jobs market and heightened geopolitical risks. Balanced against these risks, APRA noted that bank lending standards remain sound and non-performing loans remain low.
As a result of these considerations, APRA has confirmed that:
the mortgage serviceability buffer will remain at 3 percentage points
the countercyclical capital buffer will remain at 1 per cent of risk-weighted assets
no limits on lending or constraints on capital distributions are being introduced.
APRA Chair John Lonsdale said the risk of financial shocks had persisted over the past year however the sources of economic uncertainty had shifted.
See APRA media release and the reasons for decision.
APRA releases response to consultation on minor amendments to prudential framework for ADIs, insurers and RSE licensees
APRA has released a response to the consultation on proposed minor amendments to the prudential framework for authorised deposit-taking institutions (ADIs), insurers and registrable superannuation entity (RSE) licensees.
The response letter issued on 5 December follows the release of the proposed updates for consultation in September 2024. The intention is to refresh the prudential framework in a timely manner between more comprehensive reviews of prudential standards.
The letter to industry, finalised prudential standards and non-confidential submissions are available on the APRA website at: Minor updates to the prudential framework.
See media release.
APRA releases details on insurance Climate Vulnerability Assessment
APRA has published an information paper outlining the objectives and design of the insurance Climate Vulnerability Assessment (CVA) that is underway with Australia’s five largest general insurers.
The insurance CVA will help improve understanding of potential future insurance affordability challenges. It is intended to provide stakeholders with a more informed view of how insurance affordability may evolve between now and 2050 in response to the physical and transition risks from a changing climate.
APRA, the Insurance Council of Australia (ICA) and various government and private sector organisations are collaborating with IAG, Suncorp, Allianz, QBE and Hollard to model insurance affordability for two climate scenarios and an additional baseline scenario.
The scenarios in the insurance CVA are not predictions of future climate outcomes and should not be interpreted as an official forecast. Instead, they explore possible future states under different climate-related assumptions. These assumptions are not intended to indicate likely future policy developments or responses from APRA or other government agencies.
See APRA media release.
APRA releases quarterly general insurance and life insurance statistics for September 2024
See general insurance performance statistics and quarterly life insurance performance statistics.
Other bodies and regulators
ACCC grants interim authorisation to the Australian Banking Association Ltd for certain provisions of the Banking Code of Practice
On 4 December 2024, the ACCC granted interim authorisation with conditions to the Australian Banking Association Ltd (ABA) to continue arrangements regarding its Banking Code of Practice. In particular, the interim authorisation allows ABA member banks to continue to set minimum criteria for eligibility and mandate minimum features for basic accounts, stipulate certain special features of basic accounts, low fee and no fee accounts, and suspend default interest charges for farming loans during a drought or natural disaster.
The interim authorisation is granted with the same conditions as imposed in the previous authorisation, save for certain reporting requirements.
The interim authorisation will enable the ACCC to continue its assessment of the substantive application AA1000683 for revocation and substitution, including consideration of any issues raised by interested parties in submissions.
Further information about the ACCC’s interim decision is available on the ACCC’s public register.
See ACCC media release.
AUSTRAC issues 16 businesses with infringement notices for failing to comply with reporting requirements
On 27 November, AUSTRAC issued sixteen businesses with infringement notices for failing to meet their reporting obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act). The infringement notices were issued because the businesses failed to submit their 2023 annual compliance reports.
While most of the 17,000 businesses AUSTRAC regulates submitted their compliance reports, AUSTRAC CEO Brendan Thomas emphasised that ensuring compliance and using enforcement measures to secure this, is essential if AUSTRAC is to continue safeguarding Australian communities from serious crime.
The infringement notices ranged from $3,765 for sole traders to $18,780 for companies. Eleven businesses have paid their infringement notices to resolve AUSTRAC’s concerns. The other five businesses remain under AUSTRAC investigation.
AUSTRAC regularly communicates to businesses about their reporting requirements, with regular reminders until the 2023 lodgement period ended on 31 March 2024. The notices were issued to businesses across a wide range of industry sectors including precious metal traders, bookmakers, pubs and clubs, non-bank lenders and financiers, alternative remittance dealers, trustees of managed investments schemes and stock brokers.
A key aspect of Australia’s anti-money laundering and counter-terrorism financing regime is ensuring AUSTRAC receives information from businesses to support our work and help provide the actionable data for our intelligence work, and the work of our law enforcement partners
This action follows AUSTRAC issuing eight infringement notices in April this year regarding failure to lodge the 2022 compliance report.
The list of the 11 businesses which have discharged their infringement notices are available on the enforcement actions taken page of the website.
See AUSTRAC media release.
AICD: Cyber Security Governance Principles refreshed to capture evolving risk environment
Digital supply chain risk, data governance and regulatory and legislative shifts are some of the key updates captured in the refreshed Cyber Security Governance Principles (the Principles).
Since their release in October 2022, the Principles, produced by the AICD and the Cyber Security Cooperative Research Centre (CSCRC), have become the leading source of cyber security governance guidance for Australian boards.
Given the scale and speed of changes in the cyber security landscape, the updated Principles reflect the evolving cyber threat landscape and best practice cyber resilience strategies. New case studies by former Telstra CEO Andy Penn and Ventia Services Group Chair David Moffat are included as well as a foreword by the Federal Government’s Special Envoy for Cyber Security and Digital Resilience, Dr Andrew Charlton.
AICD Managing Director and CEO Mark Rigotti said the Principles have become the leading best-practice guidance for Australian directors when it comes to overseeing and managing cyber risks across all organisations, large and small. The release of the updated Principles is timely, given the passage of the Federal Government’s Cyber Security Bill 2024 on 25 November 2024, which received Royal Assent on 29 November 2024.
See AICD media release.
AASB S2: Climate-related Disclosures
On 25 November 2024, Australian Sustainability Reporting Standard AASB S2: Climate-related Disclosures (AASB S2) was registered as a legislative instrument under the Corporations Act 2001 (Cth) (Corporations Act). AASB S2 is a mandatory standard given force under the Corporations Act for the purposes of the preparation of sustainability reports under the new mandatory climate-related financial reporting regime in Part 2M.3 of the Corporations Act. When applicable, AASB S2 requires an entity to disclose information about climate-related risks and opportunities that could reasonably be expected to affect the entity's cash flows, its access to finance or cost of capital over the short, medium or long term.
Legislation and proposed legislation
Expanding the Consumer Data Right to non-bank lending
On 26 November 2024, the government took another step to reset the Consumer Data Right (CDR) and improve how the CDR can better serve consumers. The government is releasing draft rules for public comment to expand the CDR to non‑bank lending.
These proposed changes will:
expand the CDR to non‑bank lending
remove the requirement for banking and non‑bank lending data holders to share CDR data for niche products and data that does not add significant value to consumers
narrow the scope of obligations to reduce costs for non‑bank lenders and banks
ensure the CDR targets priority use cases, such as consumer finance and lending, without imposing costs and burden on smaller lenders.
Expanding the CDR to non‑bank lending will allow consumers to share their bank data with non‑bank lenders for products like residential mortgages and car loans to get better outcomes when it comes to approvals and interest rates. The government has listened to feedback on the expansion of the CDR to non‑bank lending and these changes will give consumers more ways to take control of their household finances and greater confidence that their data is being protected.
These changes put consumers at the heart of the government’s reset of the CDR. The government encourages all interested parties to make a submission on the draft rules, which can be found on the Treasury website.
Submissions will close on 24 December 2024.
See the Consultation and the Assistant Treasurer’s media release.
Scam Prevention Framework bill referred to Senate Committee for inquiry and report
The Scams Prevention Framework Bill 2024 (which was introduced into Parliament on 7 November 2024) proposes to establish the Scams Prevention Framework (SPF) which:
Imposes significant fines of up to $50 million for banks, social media platforms and telecommunications companies if they do not take ‘reasonable steps’ to prevent, detect, disrupt, respond and report scams and attempted scams in their businesses.
Provides victims of scams with ‘clear pathways’ to compensation if the business fails to meet the new standards.
Provides the ACCC with new powers to direct businesses to take specific steps to keep their customers safe from scammers.
Empowers the Australian Financial Complaints Authority to resolve consumer claims over scams in these sectors.
The Bill has been referred to the Senate Economics Legislation Committee for an inquiry and report. The closing date for written submissions is 9 January 2025. The report is due on 3 February 2025.
See media release by Stephen Jones MP, Assistant Treasurer and Minister for Financial Services.
For an analysis of the consultation version of the Bill, see previous G+T insight.
G+T Insights
G+T Insight: Regulators give us some intel – how the banking industry has implemented FAR – outlines guidance from APRA and ASIC on compliance with the Financial Accountability Regime for authorised deposit-taking institutions, highlighting key observations, upcoming obligations for insurers and super funds, and expectations for accountability frameworks and notifications to ensure robust governance and regulatory adherence – Silvana Wood and Janina Del Rosario (5 December 2024).
G+T Insight: One small step - the Privacy Amendment Bill has passed – discusses the passage of Australia's Privacy and Other Legislation Amendment Bill 2024, which introduces significant reforms to privacy laws, including new transparency requirements for automated decision-making, anti-doxxing offences, a tort for serious invasions of privacy, and enhanced powers for the Information Commissioner, alongside amendments to address public interest and journalism exemptions – Melissa Fai and Claire Harris (4 December 2024).
G+T Insight: Government introduces legislation to regulate Buy Now, Pay Later – discusses Australia's new legislation to regulate Buy Now, Pay Later (BNPL) products under the National Consumer Credit Protection Act 2009, aiming to provide proportionate consumer protections while maintaining access to innovative credit, requiring BNPL providers to hold credit licenses, comply with responsible lending obligations, and implement appropriate consumer safeguards – Silvana Wood and Chris Whittaker (4 December 2024).
G+T Insight: Government announces new digital competition regime – discusses the Australian government's proposed new ex ante competition regime to regulate specific digital platform services provided by designated companies, empowering the minister and ACCC to impose obligations and penalties on platforms with significant economic influence to address competition harms, align with international standards, and ensure flexibility for evolving markets – Elizabeth Avery and Louise Klamka (3 December 2024).
G+T Insight: It’s here! Everything you need to know about the merger reform legislation – discusses Australia's recently passed Treasury Laws Amendment (Mergers and Acquisitions Reform) Bill 2024, which introduces a mandatory and suspensory merger notification regime requiring ACCC approval for certain transactions, replacing the voluntary system, and outlines key aspects such as thresholds, penalties, and transitional arrangements ahead of its full implementation by January 1, 2026 – Elizabeth Avery and Simon Muys (29 November 2024).
G+T Insight: ACCC and government call out private equity in merger reforms – examines the ACCC’s increased scrutiny of private equity roll-ups and serial acquisitions, especially in sensitive industries, alongside impending merger law reforms that will introduce mandatory notifications, stricter thresholds, and a more complex regulatory environment for private equity transactions from 2026 – Rachel Basil and Alex Kauye (27 November 2024).
G+T Insight: The Legal 500: Blockchain (Australia)– our Fintech lawyers have published the Australian Blockchain chapter in The Legal 500, outlining the regulation of Australia's blockchain and cryptocurrency market – Emily Shen and Peter Reeves (25 November 2024).
Calendar
13 December 2024 – Deadline for submissions to Treasury consultation on beneficial ownership disclosure
19 December 2024 – Deadline for feedback to ASIC consultation on sustainability reporting guidance
24 December 2024 – Consultation on consumer data right – non-bank lending and banking data scope closes
1 January 2025 – Mandatory climate-related financial disclosures for Group 1 entities proposed to apply in respect of financial years starting on or after this date
24 January 2025 – Deadline for submissions to Treasury consultation on Crypto Asset Reporting Framework
12 February 2025 – Senate committee report on greenwashing due
28 February 2025 – Updated Banking Code of Practice (2025 version) comes into effect
15 March 2025 – Financial Accountability Regime takes effect for superannuation and insurance bodies