ASIC promises to initially “go easy” on enforcement of new laws affecting the financial services industry commencing early October 2021

ASIC promises to initially “go easy” on enforcement of new laws affecting the financial services industry commencing early October 2021

The heading might well be regarded as an “oxymoron” but at least it is eye catching.

The following law reforms commence in October 2021, affecting both financial services providers and providers of credit services:

Reform Commencement Date
Reference checking and information sharing requirements 1 October 2021
Breach reporting and the ‘notify, investigate and remediate’ obligations 1 October 2021
Design and distribution obligations 5 October 2021
Hawking (AFS Licensees only) 5 October 2021
Deferred sales model for add-on insurance products (AFS Licensees only) 5 October 2021
Internal dispute resolution (RG 271) 5 October 2021

ASIC recognises that even though these changes have been in the pipeline for a long time (in some cases more than 2 years), implementation of all these changes at the one time will present a major challenge to industry participants. The changes are also being made against the background of continuing disruption due to the Covid 19 pandemic and lockdowns in various States and Territories.
Accordingly, ASIC has issued a media release, 21-213MR (ASIC’s approach to new laws reforming financial services sector) setting out its initial approach to enforcement.  ASIC states that it:

  • recognises the changes require significant changes to businesses’ systems and processes,
  • there will be a period of transition as industry finalises implementation of additional compliance measures, and
  • as a consequence, will take a reasonable approach in the early stages of these reforms provided industry participants are using their best efforts to comply.

These assurances by the regulator that ASIC will be reasonable must be balanced by its fundamental obligation to enforce the laws the Government has passed.  ASIC’s Chairman, Joe Longo, has said that ASIC’s initial approach extends to technical or inadvertent breaches, where firms have systems changes underway and act quickly to address problems as they arise. However, where firms are not acting in good faith or where we detect conduct causing actual harm, ASIC will not hesitate to enforce the law.

Thus, licensees can take some comfort that ASIC may not take a strict view and act on technical breaches where implementation of the new obligations is not bedded down and there is no harm to consumers.  It would be wise, however, to ensure good faith efforts to comply can be demonstrated, and not to delay implementation on the strength of these assurances from ASIC.

Another indication of the rushed nature of the implementation of these changes is the fact that it was only on Tuesday 7 September 2021 that ASIC finally published its final regulatory guidance designed to assist credit and Australian Financial Services (AFS) licensees meet their new breach reporting obligations – 21-235MR (ASIC publishes guidance on breach reporting).  We understand that further changes, to provide relieve to credit licensees by more closely align the regime for credit licensees with that of financial services licensees are still to come.  Rather than delay implementation the changes will be made initially by ASIC under its rule-making powers, with legislation to follow. The implications for credit licensees, particularly large and complex organisations, seeking to comply with such peripatetic goalposts remain uncertain.

Implementation of many of these changes has already been deferred. The obvious question that arises is why, if today’s environment is so difficult and challenging for industry participants, was the implementation of this raft of changes not deferred again?

Too much haste – we say.