The financial services landscape in Australia is rapidly evolving, with regulations needing to be continuously updated in order to keep pace. The Lexology Getting the Deal Through (GTDT) Guide 2022 provides legal practitioners with an analysis of the most current Australian laws and regulations regarding financial services litigation.

In this Australian Chapter of Getting the Deal Through, we cover:

  1. Nature of claims 

  2. Procedure

  3. Disclosure

  4. Interaction with regulatory regime

  5. Update and trends

Nature of Claims

Common causes of action

Common causes of action commenced against banks and financial services providers by customers include breaches of:

  • contract - both express and implied terms;

  • trust - either general trustee obligations or legislative equivalents; and

  • statute - particularly concerning standards of conduct, such as engaging in misleading or deceptive conduct and unconscionable conduct, or concerning consumer credit.

Additionally, for financial services providers other than banks such as financial advisers, common causes of action brought by customers also include negligence and breach of fiduciary duty.

Contract

The legal relationship between a bank and its customer is essentially one of contract, supplemented by laws in equity, tort and statute.

Breach of contract claims frequently arise in the context of the Banking Code of Practice (the Code). The Code sets out standards and obligations for participants in the banking industry, seeking to protect individuals and small businesses. Adherence to the Code is voluntary, but all major banks are signatories. The Code has undergone significant reform in the past decade, with the current version of the Code coming into effect in October 2021. 

Although the Code currently does not have legislative force, signatory banks must incorporate it into their lending documentation and are contractually bound by its terms, such that customers can pursue a breach of contract claim for non-compliance. The most common claim made under the Code is an alleged breach of the bank’s obligation to ‘exercise the care and skill of a diligent and prudent banker’ in applying its credit assessment methods when forming an opinion about a borrower’s repayment ability. This effectively imposes a contractual warranty by the bank about the stipulated standard of care. 

While the Code was approved by the Australian Securities and Investments Commission (ASIC), that approval is without legal ramifications as ASIC is yet to declare part or all of the Code as enforceable under its new code approval regime, which came into force in January 2021. Such approval would attract civil penalties or other administrative enforcement action from ASIC if those provisions were breached. 

The Australian Banking Authority (ABA) commissioned and then in November 2021 published an independent triennial review of the Code, which specifically addressed the factors the ABA should consider in identifying provisions to be designated under ASIC’s enforceable code regime. In its response to the independent review, the ABA has proposed to adopt 48 of the 166 recommendations in full and 34 in part. The ABA indicated it does not yet intend to propose any enforceable code provisions, but remains committed to working with ASIC to agree the best approach for identifying any enforceable provisions moving forward. Key recommendations of the independent review that the ABA supports include those relating to protections for vulnerable customers and expanding the definition of ‘small business’. 

Customers may also allege that a bank has breached an implied term of the contract. Implied terms arise at both common law (such as an implied duty of good faith) and through statute, such as the implied warranty of due care and skill.

Statute

Statutory consumer protection provisions, such as unconscionable conduct and misleading or deceptive conduct, are generally mirrored in the Australian Securities and Investments Commission Act 2001 (Cth) (ASIC Act) for banks providing credit facilities and the Corporations Act 2001 (Cth)  (Corporations Act) for other financial product and service providers. These Acts have largely superseded common law actions, although the common law actions are still available: they are sometimes raised in conjunction with the Acts or raised where they are the only claim available.

Unconscionable conduct

Given its expansive and amorphous nature, unconscionable conduct is a claim regularly invoked by customers against financial services providers. It is also frequently deployed by ASIC. Unconscionable conduct claims are available both at general law (as an equitable doctrine) and under statute.

To establish a claim of unconscionable conduct in equity, it must be shown that:

  • there is a relationship that places one party at a special disadvantage vis--vis the other;

  • the stronger party knows of the special disadvantage; and

  • the stronger party takes unconscientious advantage of its position.

Unconscionable conduct operates on a much wider basis under statute. It does not require a special disadvantage, and a court may take into account a broad range of factors beyond inequality of bargaining power, including the numerical and financial literacy of a customer, undue influence and the service price. This wider scope means it has almost entirely superseded the equitable doctrine in practice.

Misleading or deceptive conduct

Banks and other financial providers must not engage in conduct that is misleading or deceptive or likely to mislead or deceive. An objective test is adopted, and a bank or institution need not intend to mislead or deceive - rather, it is only necessary to show that a customer was, or was likely to have been, misled.

Mere silence can amount to misleading conduct; for example, where a ‘half-truth’ is offered or there is otherwise a reasonable expectation that the provider should have disclosed more information. 

Responsible lending

Responsible lending (RL) laws have received significant attention, being a topic of emphasis in the 2018 Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (Royal Commission). Under the National Consumer Credit Protection Act 2009 (Cth) (NCCP Act), RL laws regulate consumer lending, as distinct from lending for business purposes. Chiefly, RL requires lenders to make an assessment regarding whether a contract is unsuitable for the consumer and make reasonable inquiries and certain verifications as to their requirements, objectives and financial situation.

The RL provisions are broad and reasonable minds differ over what precisely is required. Ultimately, the Royal Commission did not find any structural framework amendments necessary but rather, that the current laws should be upheld and enforced. Banks and other lenders have significantly amended their origination practices as a result, increasing formalities and burdens on both lenders and customers.

However, concerns regarding a perceived ‘one-size-fits-all’ approach to RL obligations and the desire to improve credit flow following covid-19 led to the Australian government proposing RL reforms in September 2020. These are yet to be enacted, with significant delays arising from industry and stakeholder concerns about the impact on the consumer protection regime.

Non-contractual duties

Non-contractual claims in connection with the mis-selling of financial products are generally actionable by both customers and regulators. These protections span disclosure requirements, anti-hawking provisions, suitability assessments and general conduct provisions.

Key non-contractual duties affecting banker and customer relationships in Australia include statutory prohibitions on misleading or deceptive conduct, false or misleading representations and unconscionable conduct. Consumer credit legislation also prohibits mis-selling consumer products that are unsuitable for the customer, as per the RL provisions.

Further, financial services licensees and credit providers are under a general obligation to ensure that their services are provided efficiently, honestly and fairly. A breach of this general obligation is the most commonly reported breach to ASIC, and a breach of this provision can result in penalties, the imposition of licensing conditions and in serious cases, loss of licence. Given the centrality of this obligation across financial services conduct regulation (including in connection with the mis-selling of financial products), the scope of ‘efficiently, honestly and fairly’ is currently being considered by the Australian Law Reform Commission (ALRC) in its wide-ranging review of Australia’s financial services legislation. With a view to improving clarity and minimising compliance difficulties with the obligation as it appears in s912A(1)(a) of the Corporations Act, the ALRC has proposed replacing the word ‘efficiently’ with ‘professionally’, and to insert a note containing examples of conduct that would fail to satisfy the ‘fairly’ standard. A final report setting out the ALRC’s recommendations is expected in November 2023.

Australia also has anti-hawking legislation, which prohibits the unsolicited offering of financial products to a retail client. Such provisions were amended in October 2021, with the introduction of a general ban (rather than separate regimes) on the hawking of financial products to retail clients. In addition to penalties imposed for committing an offence, the client has a right of return and refund in certain circumstances. A new deferred sales model for add-on insurance operates alongside these anti-hawking provisions and prohibits the sale of insurance for at least four days after the purchase of the principal product.

A raft of disclosure provisions also operates to prevent the mis-sale of financial products through pre-acquisition disclosure obligations, including the obligation to provide product disclosure statements. Chapter 3 of the NCCP Act and the Code also contain relevant consumer protections, including in connection with vulnerable or low-income customers.

Statutory liability regime

The ASIC Act provides core regulations regarding the publication of untrue or misleading statements in relation to financial products or services. Misleading or deceptive conduct in relation to disclosure documents (such as prospectuses) and continuous disclosure materials is regulated by the Corporations Act (and the Australian Securities Exchange (ASX) Listing Rules for listed entities).

These laws operate to ensure that statements provided in prospectuses, listing particulars and periodic financial disclosures are accurate, complete and able to be substantiated. Prospectus information will be considered misleading where it is speculative, based on mere opinion or judgement, and not made on reasonable grounds.

Liability for the contravention of these provisions may extend to both the company and individuals, and attracts both criminal and civil penalties. The regime also allows aggrieved parties who have suffered damage or loss to bring a civil claim against the company, which is often the impetus for shareholder class actions.

Continuous disclosure obligations under the Corporations Act and ASX Listing Rules require listed entities to inform the ASX immediately of any information that a reasonable person would expect, if it were generally available, to have a material effect on the price or value of the entity’s securities. These obligations aim to ensure investors have equal and timely access to relevant company information. The breach of continuous disclosure obligations has become the primary basis upon which shareholder class actions are commenced in Australia, with shareholders seeking to recover the diminution in the value of their shares once the information that an entity ought to have disclosed at an earlier time eventually comes to light.

In light of covid-19, effective from May 2020 until March 2021, temporary amendments were introduced to relax the continuous disclosure framework by providing that entities and officers would only be liable for applicable civil penalties where they withheld information with ‘knowledge, recklessness or negligence’. Further legislative reforms have meant this fault element was made permanent with effect from August 2021. However, its passing was not without controversy, such that the provision requires review by an independent expert by February 2024, or otherwise will be subject to an automatic sunset clause.

Duty of good faith

The courts are willing to imply a duty of good faith in certain commercial contracts, such as franchise agreements. However, there is no prima facie duty imposed in contracts between financial institutions and customers and this issue has received little judicial consideration. Accordingly, customers generally invoke statutory duties including the duty not to act unconscionably (which itself requires consideration in respect of whether the parties acted in good faith). Typically, duties are imposed to avoid instances of particular unfairness in the operation of the contract.

Where the duty of good faith applies, it generally requires parties to act honestly and have due regard to the legitimate interests of both parties; in particular, not to act capriciously or arbitrarily to defeat the objects of the contract. However, a financial institution is under no obligation to subordinate its own interests to that of the customer. 

Fiduciary duties

The typical legal relationship between banker and customer is that of debtor and creditor, arising from contract. It is not an accepted fiduciary relationship. However, where a bank has exceeded its usual role and engendered an expectation that it will act in a customer’s best interests (eg, by providing financial advice, gratuitously or otherwise), a fiduciary relationship may arise. Common examples include where:

  • the relationship is one of confidence;

  • there is inequality of bargaining power;

  • there are agency elements;

  • one party undertakes to perform a task in the interests of the other;

  • there is scope for one party to unilaterally exercise discretion; or

  • there is a particular dependency or vulnerability.

Today more than ever, banks and financial institutions engage in a variety of transactions and roles. In circumstances where banks take on certain fiduciary obligations, in particular when acting as trustee (for instance, in the context of financial advice, investment management and superannuation), typical allegations include conflicting duties and failing to prioritise customer interests. 

In the context of financial advice, there is a specific statutory regime that imposes best-interests duties. From 1 January 2021, this duty was extended to mortgage brokers, imposing an obligation with respect to home lending, to act in the best interests of the intending borrower. While a fiduciary can contract to modify its duties, it cannot exclude liability for fraud or the deliberate disregard of its duty.

The government is currently considering a recommendation, made as part of the Treasury’s Quality of Advice Review final report published in December 2022, that the existing best-interests regime for financial advisers be replaced with a new statutory duty to act in the best interests of the client when providing personal advice. This new duty is proposed to act as a ‘true fiduciary duty’ and seeks to remove safe harbour protections, which advisers can currently rely on to show that they have met their best-interests duties.  

Master agreements

Australia uses standard form master agreements such as International Swaps and Derivatives Association Master Agreements, published by the International Swaps and Derivatives Association, and Foreign Exchange and Options Master Agreements. Provisions of these agreements are accorded the full force of contract, but there has been limited judicial consideration of these standard form agreements in Australia.

Limiting liability

Financial institutions can seek to limit or exclude particular liabilities, most commonly in relation to institutional clients. As a general proposition, financial institutions are unable to limit liability or exposure to statutory claims on the basis that it would be against public policy. The Corporations Act, the NCCP Act and the ASIC Act all contain prohibitions on contracting out of legislative provisions. Australian courts typically construe exclusion clauses against the party seeking to rely on them. However, parties can contract to exclude or modify fiduciary obligations.

Australia also has an unfair contract terms regime that precludes certain contractual terms in consumer and small business standard form contracts, including limited liability clauses that go beyond protecting legitimate business interests. This regime was extended to insurance contracts from 5 April 2021. Further amendments, set to commence on 9 November 2023, are expected to considerably broaden the scope of contracts captured by the regime, arising from an expanded definition of ‘small business contract’.

Freedom to contact

While the general position is that parties are free to bargain and contract, there is an overlay of statutory and regulatory requirements and prohibitions, including under:

The unfair contracts regime regulates standard form contracts to both consumers and small businesses. Unfair terms are those that would impose a significant imbalance in the rights and obligations of the parties, are not reasonably necessary to protect legitimate interests and would cause detriment to one party if applied (eg, unilateral variation clauses). The Contracts Review Act 1980 (NSW) also enables the court to make void a contract in its entirety if a provision is considered unjust in the circumstances.

Banks are also restricted from charging penalties, such as late fees or default interest. Additionally, there are laws restricting certain restraints of trade, such as exclusive dealings.

Litigation remedies

Customers can, depending on the underlying cause or causes of action, generally apply for the following remedies:

  • damages (most commonly sought);

  • injunctions;

  • specific performance;

  • termination or rescission of the agreement; and

  • declarations.

Limitation defences

As a matter of procedural law, Australia has a statutory limitation regime, in which each jurisdiction has enacted legislation limiting the time period within which certain claims may be brought. Generally, the period begins to run from the date on which the cause of action accrues (eg, most limitation periods for breach of contract are six years from the date of the alleged breach). 

While courts generally enforce statutory limitation periods strictly, the High Court of Australia affirmed in 2021 that parties may effectively contract out of limitation periods imposed by statute - so long as that conduct is not contrary to the specific statute in question (either by express provision or on grounds of public policy). Further, some jurisdictions have exceptions to limitation periods in circumstances such as where a cause of action is fraudulently concealed.

Although not a judicial body, the Australian Financial Complaints Authority (AFCA), being the external dispute resolution body for financial services organisations, may resolve certain complaints up to six years after the customer first became aware, or ought to have become aware, of the loss suffered. Following the Royal Commission, AFCA’s remit was temporarily expanded between 1 July 2019 and 30 June 2020 to allow AFCA to consider disputes back to 1 January 2008.

Procedure

Specialist Courts

While there are commercial and corporation lists operating in the Federal Court and certain state Supreme Courts for case management purposes, there are no specialist courts for adjudicating financial services disputes. However, the Australian Financial Complaints Authority (AFCA) is considered the ‘one-stop shop’ for the resolution of complaints against financial services institutions. 

Procedural rules

No specific procedural rules apply to financial services litigation. There is a Federal Court Central Practice Note, as well as similar state jurisdiction practice notes, that covers commercial and corporate disputes (of which banking, finance and insurance are sub-areas), as well as economic regulation, competition and access. 

Arbitration

Arbitration in Australia is voluntary, and financial services institutions may agree to arbitration provisions, more commonly with institutional clients. The Australian Securities and Investments Commission (ASIC) does not use arbitration as a dispute resolution method with financial services providers.

Australia is a party to the Convention on the Recognition and Enforcement of Foreign Arbitral Awards (also known as the New York Convention). As such, Australian courts will give effect to private agreements to arbitrate and enforce arbitration awards made in other contracting jurisdictions.

Out-of-court settlements

There are legislative requirements for financial services providers to seek to resolve disputes out of court where possible. However, they are generally not required to refer matters to alternative dispute resolution before commencing proceedings.

AFCA is often the first step to a dispute, as customers can pursue a court outcome if unsatisfied with AFCA’s recommendations. AFCA is also free to consumers and small businesses.

Pre-action considerations

Commonwealth and state jurisdictions have various general pre-action requirements, such as pre-action communications and taking genuine steps to seek to resolve disputes before the commencement of proceedings. 

As a result of farm debt regulations, there are requirements in some jurisdictions for agricultural customers to attend mediation in certain circumstances before a bank can take enforcement action. In December 2022, the government released the ‘National better practice guide for farm debt mediation’, which outlines seven overarching principles for parties involved in mediation to encourage consistent practice across states. 

Unilateral jurisdiction clauses

Unilateral jurisdiction clauses limit one party to suing the other in a particular court and country, while the other party is free to sue in any jurisdiction, ultimately favouring one party. Although there is little Australian judicial consideration of such clauses, it is likely that these would be enforceable under Australian law.

Unilateral jurisdiction clauses nominating a foreign jurisdiction will not prevail over statutory protective provisions of a valid Australian statutory right.

Disclosure

Disclosure obligations

Australia has wide-ranging ‘disclosure’ obligations for litigants (commonly referred to as ‘discovery’). Unlike other jurisdictions, this process is limited to discovery of documents and does not extend to the taking of witness statements.

There are some exceptions to the obligation, including legal professional privilege (documents prepared for the dominant purpose of seeking or being provided legal advice), which is a fundamental common law immunity. Another exception is ‘without prejudice’ material, being material evidencing a willingness or an attempt to settle the matter, which may include concessions not to be relied upon in court (although this material may be shown to the court at the conclusion of the matter on the question of costs).

Further, under the Australian Prudential Regulation Authority Act 1998 (Cth) , financial institutions are generally prohibited from making disclosures of ‘protected information’ (eg, Probability and Impact Rating System and Supervisory Oversight and Response System ratings). Banks frequently redact this material when responding to regulatory investigations and discovery.

Courts can draw inferences where documents likely to exist are not produced without reasonable excuse or where it appears that evidence that could have been adduced in support of a party’s position was not.

The discovery process varies within Australian jurisdictions. Most relevantly, in the Federal Court, parties must apply for discovery orders that facilitate the just resolution of the proceeding as quickly, inexpensively and efficiently as possible. In state and territory jurisdictions, the rules generally allow for discovery of documents relevant to the issues in dispute. Particularly in larger cases, the parties will often seek discovery by categories of documents (as opposed to general discovery).

Although there is no banking secrecy or blocking legislation in Australia, courts have considered the operation of such laws from extraterritorial jurisdictions.

Protecting confidentiality

As a general proposition, financial institutions are required to disclose client information in court to the extent that it is relevant to the issues in dispute. Where third-party information is relevant, courts will usually entertain specific confidentiality requirements. In some circumstances, parties can seek ‘preliminary discovery’ that may give rise to a cause of action (eg, information as to who the proper defendant is). Courts seek to balance the overriding principle of access to relevant information with the burden on the parties and any associated third parties.

Procedural devices to protect confidential information include suppression or non-publication orders, such as where required to protect national security. Courts may also allow redactions for confidentiality or relevance. 

Disclosure of personal data

Where proceedings are brought against a financial services institution, a party will ordinarily be entitled to discovery and inspection of all discoverable documents in the institution’s possession or control. However, the Australian Privacy Act 1988 (Cth)  contains exemptions to the prohibition on disclosing personal information. Individuals are otherwise entitled to disclose their own personal information.

An ‘open banking’ regime was introduced in Australia in 2018, which is essentially a data-sharing regime to support customer choice and competition. The regime introduces comprehensive rights for consumers to access their information that is held by certain entities (such as banks) and, where elected, share this information with third parties. Implementation of the regime was undertaken in phases, with the deadline for full implementation being 1 November 2022. 

Data protection

In Australia, there are complex regimes to deal with the extraction and use of data in court proceedings. Courts will entertain a range of different technological solutions, with electronic discovery now commonplace. There are also instances of courts and regulators permitting artificial intelligence solutions, such as predictive coding, to reduce the size of disclosure sets. Parties may agree (with or without court intervention) on regimes to lessen the burden of discovery, such as by excluding certain types of electronic data from discovery. The Federal Court has developed a template protocol that sets out the terms under which information may be electronically exchanged between parties.

Interaction with Regulatory Regime

Authority powers

Various regulators have broad powers to bring court proceedings against financial service institutions for matters such as contraventions of corporations or specific financial services laws.

The remedies available range from preservative actions (to avoid or limit the damage), recovery actions (to recover assets or obtain compensatory damages) and remedial and protective actions (to remedy contraventions and otherwise prevent further loss or damage). These remedies include:

  • injunctions (interlocutory, mandatory and preventative);

  • civil penalties;

  • criminal penalties and custodial sentences;

  • damages (on behalf of the corporation, or registered scheme, or by those persons who suffered as a result of the contravention);

  • imposition of compliance regimes; and

  • other remedies such as orders to disclose information or publish advertisements.

Regulatory authorities may bring court proceedings for a range of purposes, most notably:

  • to act as a public deterrent;

  • for the imposition of civil penalties (which cannot be imposed by simple agreement); and

  • for any criminal sanction.

The corporate regulator also has powers to intervene in proceedings already on foot.

Court-based enforcement is commonly used by regulatory authorities in Australia. Following the Royal Commission, all major regulators (particularly the Australian Securities and Investments Commission (ASIC)) indicated that they will seek to commence court-based enforcement more frequently.

Australian regulators also have broad investigative and information-gathering powers and can require financial institutions to provide documents and information, attend examinations to answer questions and assist with investigations.

Generally, if ASIC has enough evidence to support a criminal offence, particularly in cases of serious conduct that is reckless, dishonest or intentional, it will refer the matter to the Commonwealth public prosecutor. ASIC can also take administrative protective action (ie, action that does not involve the courts), including disqualification from managing a corporation, revocation, suspension, variation of licence conditions, enforceable undertakings, infringement notices and public warning notices.

Significant litigated regulatory matters in recent times include allegations of market manipulation in connection with financial benchmarks, anti-money laundering, matters related to financial advice and alleged breaches of consumer protection provisions (such as alleged breaches of responsible lending provisions, misleading or deceptive conduct and unconscionable conduct).ASIC’s powers were expanded in 2021 to cover the superannuation industry, enabling ASIC to play a more effective role in regulating conduct and including greater powers to take enforcement action against unlawful and harmful conduct by superannuation trustees. 

Proposed reform in recent years has also included the significant broadening of ASIC’s directions powers, which would empower ASIC to direct financial services and credit licensees to engage in particular conduct if it ‘has reason to suspect’ that a licensee has, or will, breach a financial services law, which appears to be a low bar. While exposure draft legislation was released in early 2020, such measures are yet to be enacted.

As ASIC continues to litigate case studies that were the subject of the Royal Commission, and following the commencement of the new corporate penalty regime introduced in March 2019, there has also been a recent upward trend in pecuniary penalties being ordered by courts for breaches of consumer protection provisions, including under the ASIC Act. Civil penalties imposed by the courts in relation to enforcement actions commenced by ASIC over the 2022 calendar year totalled approximately A$222 million. In October 2020, three companies were ordered to pay a A$75 million penalty for engaging in systemic unconscionable conduct while providing over-the-counter derivative products to retail investors in Australia. This is the largest (single) civil penalty obtained by ASIC to date.

The upward trend in pecuniary penalties is also evident through an increase in civil penalty enforcement action pursued by the Australian Transaction Reports and Analysis Centre (AUSTRAC), the government agency responsible for monitoring compliance with Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime. While civil penalty orders are not as commonly pursued by AUSTRAC, the potential quantum in recent times has dwarfed that of the corporate regulator. In August 2017, the Federal Court ordered the Commonwealth Bank of Australia to pay A$700 million for breaches of AML/CTF obligations, and in October 2020 ordered Westpac Banking Corporation to pay A$1.3 billion. This is the largest civil penalty in Australian corporate history.

Disclosure restrictions on communications

In general, communications between regulators and financial institutions are not the subject of any special privilege that would protect them from being disclosed in the context of litigation.

In recognition of the commercially sensitive material they hold, the key financial services regulators - ASIC, the Australian Competition and Consumer Commission (ACCC) and the Australian Prudential Regulation Authority (APRA) - are subject to confidentiality obligations. Regulators are required to take all reasonable measures to protect from unauthorised use or disclosure of the information given to them in confidence or in connection with the performance of their functions.

The relevant regulatory authorities cannot compel the production of communications or documents subject to a valid claim of legal professional privilege, although it is open for the immunity to be abrogated by legislation in certain circumstances. Parties may voluntarily elect to provide privileged documents to ASIC on a limited and confidential basis under its standard form disclosure agreement. This ‘limited waiver’ regime was introduced to enable ASIC to obtain the relevant information needed to make regulatory and enforcement decisions. The standard agreement provides that the disclosure of information to ASIC is not a waiver of any privilege existing at the time of the disclosure. ASIC will generally treat the information as confidential, but the privilege holder retains responsibility for otherwise safeguarding any privilege claims they wish to maintain (eg, asserting any privilege where ASIC is compelled by law to disclose information under a court order for discovery).

However, the agreement does not prevent third parties from asserting that privilege has been waived. There is some case law in Australia to support the proposition that a voluntary limited waiver should not amount to a wider waiver of privilege, although authorities have not directly considered the position of ASIC’s standard agreement. Until such time, and in the absence of legislative protection being enacted, there will remain a risk of waiver of privilege for parties voluntarily disclosing privileged communications to ASIC.

Specific statutory secrecy provisions may also operate to prohibit the disclosure of information shared between financial institutions and the prudential regulator, APRA. Using its statutory confidentiality powers, other than in permitted circumstances, APRA does not allow the disclosure of certain information (referred to as protected information). APRA uses these prohibitions so that inadvertent disclosure does not provoke a market overreaction or lead to an unwarranted loss of confidence on the part of beneficiaries in the institution who are the subject of the disclosure.

Private claims

Prosecution of corporate, securities and financial services laws is not exclusive to regulators. Private parties can bring proceedings against financial institutions directly for certain kinds of breaches of regulations. However, there must be specific remedial provisions in the statute giving such persons standing to seek relief. Some provisions are enforceable only by regulators. Often, regulatory investigations will act as catalysts for private claims, especially class actions.

The disclosure of complaints made by other parties of a similar nature would usually not be relevant, but that question may fall to be determined on the particular facts and allegations at hand.

Often, claimants will seek to subpoena a regulator to produce documents obtained in its investigations to the extent relevant to the extant action. Whether such orders are made by the court will depend on the relevance of the material and whether it is protected by public interest immunity or other immunities, such as those afforded by APRA to ‘protected information’.

Enforcement

Generally, private parties (customers or otherwise) cannot enforce an agreement between a financial institution and a regulator. Enforceable undertakings are often agreed between financial institutions and ASIC in lieu of legal proceedings. These are essentially administrative out-of-court settlements that are enforceable by ASIC in court in the event they are breached (although ASIC has been criticised for overreliance on this method of resolution and this appears to have had an impact on the number of enforceable undertakings more recently). While private parties cannot directly enforce enforceable undertakings, as a practical matter, if they were to alert the regulator, the regulator would be likely to enforce on their behalf.

Changes to the landscape

There have been significant regulatory changes since the global financial crisis, characterised by a significant increase in the number of regulatory requirements,  including the National Consumer Credit Protection Act (NCCP Act) introduced in 2009. Notably, in 2018 the Federal Government conducted the Royal Commission, which focused on, amongst other things, the role of the regulators. Among the Royal Commission’s recommendations were additional regulation and changes to the approach to enforcement that would include the conduct of more investigations and an increased level of court-based enforcement. From March 2019, the penalties for financial sector and corporate misconduct were also extended and significantly strengthened. This reform included trebling the maximum imprisonment penalties for serious criminal offences from five to 15 years, significantly increasing the maximum civil penalties, introducing civil penalties to existing provisions and introducing a relinquishment remedy in action to avoid unjust enrichment.

Several of the Royal Commission’s recommendations have now been passed into law. These include legislative changes to impose an obligation on a licensee to comply with the Australian Financial Complaints Authority (AFCA), extending ASIC’s power to approve codes of conduct and adding civil penalties to contravening provisions. The role of ASIC’s Financial Services and Credit Panel (FSCP) has also expanded and it now operates as a single disciplinary body for the enforcement of administrative sanctions against financial advisers. The powers of the FSCP include the power to suspend a financial adviser’s registration and to recommend that ASIC commence civil penalty proceedings. Particular attention has also been given to the role of corporate culture, governance and remuneration and their links to corporate misconduct. 

Complaints procedure

Australian financial services and credit licensees (licensees) are both under a general licensing condition to have an internal dispute resolution procedure that meets certain criteria, and to be a member of the AFCA scheme (as an external procedure).

The Banking Code of Practice also stipulates lender requirements as to dispute resolution (both internal and external) and supplements this with obligations, such as obligations relating to complaints handling.

Internal disputes resolution

Internal dispute resolution procedures must comply with the standards and requirements made or approved by ASIC and cover disputes in relation to the credit activities engaged in by the licensee or its representatives. In July 2020, ASIC published an updated regulatory guide (RG 271 - Internal dispute resolution), which aims to ensure consumer complaints are dealt with efficiently and quickly, and that the licensee is able to identify potential systemic issues. Taking effect from 5 October 2021, this guidance also sets out what is captured as a ‘complaint’, timeframes in which disputes should be dealt with internally and how licensees must record and respond to complaints. 

The updated regime under RG 271 also requires licensees to report data to ASIC relating to complaints managed through their internal dispute resolution processes. The requirement to report data has been staggered, with listed firms the first to begin lodging reports by December 2022, and all other firms by 30 June 2023. 

AFCA - external disputes resolution

AFCA is a non-governmental organisation that administers a free and independent dispute resolution scheme as an alternative to litigation. AFCA reviews complaints about credit, finance and loans, insurance, banking deposits and payments, investments and financial advice and superannuation. It can award financial damages (albeit not punitive, exemplary or aggravated damages). Other remedies include forgiveness of debt, release of security, waiver of fees or reinstatement or vitiation of a contract.

Once a dispute is lodged, the lender must cease all enforcement action relating to the dispute (which has been used as a delay tactic by many consumers, particularly where there is imminent enforcement action). AFCA may require information to assess the dispute, usually by requesting documents or interviewing either party.

AFCA aims to resolve complaints using informal methods and by reaching a negotiated settlement. It can make a preliminary assessment that will result in a recommendation of how the dispute should be resolved. If the parties do not accept this, AFCA can make a formal decision called a determination. If the applicant customer accepts the determination, it will be binding on both parties. If the applicant rejects it, neither party is bound, and the applicant customer is free to pursue a court-ordered outcome.

From 21 January 2021, AFCA amended the rules under which it operates to provide clarity for consumers and financial firms regarding its jurisdiction to receive complaints. The change is a direct result of a legislative instrument issued by ASIC on 5 January 2021 and arose after a decision in the New South Wales Supreme Court was handed down in November 2020. The direction required AFCA to update its rules to reflect the same statutory liability for licensees regarding their authorised representatives as set out in the Corporations Act and the NCCP Act, with the changes applying to complaints received from 13 January 2021 onwards. 

Recovery of assets

In the event that a bank or other authorised deposit-taking institution (ADI) (such as credit unions and building societies) fails, the government has a financial claims scheme, also known as the Financial Claims Scheme (FCS), to protect and support the stability of the Australian financial system. Under the FCS, the government guarantees deposits up to A$250,000 for each customer per ADI and also covers situations where a general insurer claims (for claims up to A$5,000). The scheme is administered by APRA.

Following a recommendation of the Royal Commission, the government released a discussion paper on establishing a new compensation scheme of last resort in December 2019. The compensation scheme was due to be legislated by the end of 2020, but was delayed due to the impact of covid-19. Draft legislation to establish the financial services Compensation Scheme of Last Resort (CSLR) was finally introduced in September 2022 before being re-introduced in March 2023, and is currently being considered. The CSLR is intended to provide compensation to eligible consumers who have received a determination for compensation from AFCA that remains unpaid. Under the proposed framework, a consumer would be able to apply for compensation up to A$150,000.

Update and Trends

Challenges and trends

The financial services landscape in Australia remains challenging for financial services institutions. There remains an increasing trend in the number and nature of consumer protection regulations affecting banks. Combined with heightened regulator interest and activity, there is a strong correlation between financial services investigations and civil litigation, including class actions.

Draft legislation providing for the Financial Accountability Regime (FAR) was introduced in September 2022 and March 2023. The proposed regime will expand the scope of the former Banking Executive Accountability Regime and cover a broader range of entities regulated by the Australian Prudential Regulation Authority , impose additional obligations on accountable persons and provide for larger maximum penalties to align with the recent changes to the penalty framework.

Regulatory scrutiny of environmental, social and governance (ESG) claims has also increased. In May 2023, the Australian Securities and Investments Commission (ASIC) released a report detailing the 35 interventions it has made in response to its greenwashing surveillance activities from 1 July 2022 to 31 March 2023. These included corrections to potentially misleading disclosures, issuing public infringement notices and commencing civil penalty proceedings. The report identifies the increasing levels of representations on ESG credentials by listed companies, managed funds and superannuation funds. Such representations are likely to be scrutinised with increased intensity by ASIC and, as such, form an area of increased enforcement activity for financial services providers.

There is also increasing likelihood that digital assets and associated services will be subjected to a form of regulation. In March 2023, the Digital Assets (Market Regulation) Bill 2023 was introduced, proposing a licensing framework to regulate crypto liquidity providers, exchange operators and asset holders (as opposed to digital assets). In doing so, the proposed legislation seeks to leverage rules that already exist and operate well in Australia’s financial services regime.

A topical issue in contemporary litigation is the use of litigation funding. Due to strong demand, attractive returns and limited regulation, third-party litigation funding has evolved in Australia over the past decade and is now commonplace, particularly in class actions. The introduction of an expanded regulatory regime in 2020 required litigation funders to hold an Australian financial services licence (AFSL) and comply with the managed investment scheme (MIS) regime (similar to banks and other credit providers). However, in June 2022, the Federal Court held that a litigation funding scheme did not constitute a MIS and accordingly, need not comply with the MIS provisions of the Corporations Act. Another round of legislative amendments in December 2022 provided litigation fundings schemes with express exemptions from the MIS regime, as well as from AFSL requirements, the product disclosure regime and anti-hawking provisions in the Corporations Act. The regulation of litigation funding schemes has effectively been reversed to what it was prior to the introduction of the 2020 regime, relying on the courts rather than statutory restrictions to provide oversight. With the regulatory environment for litigation funding now more certain, and less burdensome, funding activity is expected to remain strong in the now well-established arena of shareholder class actions. 

In recognition of both the significance and complexity of the financial services regulatory framework within Australia, there are a number of independent reviews on foot exploring the ways in which the law can be simplified and rationalised. In particular, the Australian Law Reform Commission is continuing its comprehensive review of financial services legislation, with a final report expected in November 2023. The government’s efforts to clarify and refine the regulatory framework will be of interest to financial services licensees in the coming years.