ASIC welcomes the final report of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry. The report raises questions of company culture, governance and directors’ remuneration practices — matters that are of vital interest to ASIC. Issues around culture (the “way we do things around here”), governance (systems and processes that people should follow) and remuneration (what people get paid to do) all have a very strong influence on how people behave. Therefore, culture, governance and remuneration are all matters that ASIC will focus on using new supervisory and enforcement approaches.
At its core, the ASIC approach centres on deterrence, public denunciation and punishment of wrongdoing by way of litigation.
A greater likelihood of detection of misconduct and greater penalties where misconduct is established should be very powerful reasons not to engage in wrongdoing in the first place.
Office of Enforcement
The final report contained 12 recommendations — directed at ASIC or where the Australian Government’s response required immediate action by ASIC — without the need for legislative change.
ASIC immediately began implementing changes to meet the Royal Commission recommendations. Many of these overlap with changes we started making in early 2018 under a strategic program:
- On 7 August 2018, ASIC obtained additional Government funding to accelerate its enforcement outcomes.
- In October 2018, ASIC adopted a “why not litigate?” enforcement stance. For company directors, this means that if ASIC thinks you have broken the law, there is a much greater chance that the courts will now decide whether you have, and if so, how.
- To manage the expected increase in court-based enforcement procedures, ASIC established an Office of Enforcement, which will be up and running in late 2019.
Close and Continuous Monitoring
ASIC’s increased funding has enabled it to make its presence felt “on the ground” in major financial institutions, which we’re calling Close and Continuous Monitoring. This involves regularly placing ASIC staff onsite in major financial institutions to monitor their governance and compliance with laws. A primary goal is modifying behaviour of large institutions to further encourage them to place consumers first in their decision-making and quickly identify and respond to conduct that produces unfair outcomes.
In the first two months of operation, from 31 October–31 December 2018, Close and Continuous Monitoring onsite reviews saw ASIC staff members embedded at major financial institutions for 40 out of 45 working days. It involved more than 100 onsite interviews of banking staff at all levels. These reviews enable early identification of specific issues in institutions to minimise future harmful impact, including through the frank disclosure of ASIC’s findings to CEOs, business leaders and boards.
ASIC does not want to micromanage firm culture. But we do see culture as a strong driver of behaviour. Looking at cultural problems can give us an early warning of where things might be going wrong to help us disrupt bad behaviour before it happens and catch misconduct early. Importantly, it helps with identifying not just individual instances of misconduct, but broader, more pervasive, problems.
ASIC is adopting next-generation regulatory tools, including regulatory technology (regtech), behavioural economics and data analytics. For example, we’re already using natural language processing (NLP) to monitor insurance sales team calls to ensure they respond to risks as they emerge. In future, we plan to use NLP to detect misleading internet advertisements for financial products and promotions.
Increased penalties for misconduct
ASIC’s powers have been enhanced by government amendments to the Corporations Act 2001 (Cth) and other Acts through the Treasury Laws Amendment (Strengthening Corporate and Financial Sector Penalties) Bill 2018.
Australia now has a stronger penalty framework for corporate and financial sector misconduct. Maximum prison penalties for the most serious offences are now 15 years; maximum civil penalties for companies have increased to $525 million; maximum civil penalties for individuals, to $1.05m.