Key Legal and Regulatory Developments

Capital and Prudential Requirements

APRA Releases its Policy and Supervision Priorities for 2021

On 1 February, APRA released its policy and supervision priorities for the coming year. APRA's key policy priorities include (i) strengthening crisis preparedness; (ii) updating prudential standards on operational risk, governance and risk management, and consulting with industry on guidance for climate change financial risk; and (iii) supporting implementation of the government's Your Future, Your Super reforms.

APRA's key supervision priorities include (i) increased action on crisis readiness, including recovery and resolution planning and stress testing; (ii) increased scrutiny of entities' cyber security capabilities; (iii) conducting a risk culture survey and undertaking a range of governance, culture, remuneration and accountability-related supervisory reviews and deep dives; and (iv) addressing areas of MySuper underperformance. APRA's policy and supervision priorities for 2021 can be found here.

APRA Seeks to Enhance Flexibility and Resilience of ADI Capital Framework

On 8 December, APRA released for consultation its proposed changes to the ADI capital framework aimed at embedding 'unquestionably strong' levels of capital, improving the flexibility of the framework, and improving the transparency of ADI capital strength. APRA's proposed changes include: (i) providing for greater risk sensitivity within the risk weighting framework, including more differentiated risk weights for different types of mortgages and reduced risk weights for small business lending; (ii) providing for ADIs to hold a larger share of their required capital as buffers, enhancing the ability of the framework to respond flexibly to future stress events; (iii) improving the transparency of the framework by requiring all ADIs to disclose their capital ratios on a common basis, and making it easier to reconcile the Australian framework with international standards; and (iv) introducing a simplified framework and reduced compliance requirements for smaller ADIs. APRA proposes to implement the new framework from 1 January 2023. APRA's media release can be found here.

APRA Chair Wayne Byres' Statement to the Basel Committee Regarding Operational Resilience

On 16 October, at an outreach meeting for the Basel Committee on Banking Supervision, APRA Chair Wayne Byres reflected on the lessons learned from COVID-19 on operational resilience, including: (i) the importance of board oversight of risks exceeding tolerance levels; (ii) that business continuity plans could be more robust with respect to offshore service providers; and (iii) increased information security risks. APRA Chair Wayne Byres' statement can be found here.

APRA Issues letter to ADIs Regarding Interim Capital Treatment of New or Additional Equity Investments

On 10 November, APRA issued a letter to all ADIs to advise of interim changes to the capital treatment of new or additional equity investments in banking and insurance subsidiaries. The interim changes reflect the direction of the proposed revisions to Prudential Standard APS 111 Capital Adequacy: Measurement of Capital, which is likely to be finalised in 2021 and implemented in 2022. The interim changes do not restrict or prohibit ADIs from making new investments or increasing their existing investments in banking and insurance subsidiaries in the period ahead. However, the interim changes will ensure that any new or additional equity investments, particularly where the aggregate value of the investment is large relative to the ADI's CET1 capital, are backed by appropriate capital to reduce the risk to Australian depositors. APRA's letter to ADIs can be found here.

APRA Begins Roll-Out of a New Supervision Risk and Intensity Model

On 6 October, APRA announced that it would begin using its new Supervision Risk and Intensity ("SRI") Model from this month, with the new system expected to be fully implemented by June 2021. The SRI Model will replace the Probability and Impact Rating System and the Supervisory Oversight and Response System that APRA has used since 2002. APRA will use the SRI Model to assess the systemic significance of APRA-regulated entities, and the level of risk each entity faces. These assessments will then guide the nature and intensity of APRA's supervisory response. APRA's media release can be found here.

APRA Issues Letter to ADIs Regarding the Treatment Of Loans Impacted by COVID-19

On 22 September, following a review of all ADIs' plans for the assessment and management of loans with repayment deferrals, APRA issued a letter to ADIs encouraging them to consider better practices in the areas of governance and oversight, customer engagement and contact strategies, credit assessment processes and credit management and resourcing. APRA's letter to ADIs can be found here.

Financial Markets

ASIC Issues Guidance on the LIBOR Transition

On 30 November, ASIC issued practical guidance for Australian entities on the LIBOR transition ("INFO 252"). INFO 252 sets out (i) frameworks, practices, and recommendations on fair treatment of clients, representation of product performance, and client communication strategies; (ii) ASIC's expectation of the industry, including what ASIC considers to be best practices; and (iii) buy-side entity specific guidance and recommendations. INFO 252 can be found here.

On 13 October, ASIC, with the support of APRA and the RBA, strongly urged Australian institutions to adhere to the ISDA IBOR Fallbacks Protocol and Supplement, which was subsequently released on 23 October. ASIC stressed that industry wide adoption of the protocol and supplement would significantly reduce the risk of contractual disputes, litigation and frustration of contracts by creating a consistent approach to fallback rates. All financial and corporate institutions that use derivatives contracts referencing LIBOR have been strongly encouraged to review and adhere to the protocol by its effective date of 25 January 2021. ASIC's media release can be found here.

A detailed Jones Day White Paper on ISDA's IBOR Fallbacks Supplement and Protocol can be found here.

ASIC Commences Investigation into the ASX Outage

On 23 November, the ASX confirmed that ASIC had commenced an investigation into an outage which occurred on the ASX cash equity market trading platform, Centre Point, on 16 November 2020. ASIC is particularly concerned that too many firms are reliant on the ASX to trade listed securities and did not appear to have adequate business continuity arrangements to trade when the ASX's Centre Point was unavailable. ASIC's investigation will consider whether the ASX has met its obligations under its Australian Market Licence, including whether it has sufficient financial, technological and human resources to operate its markets. ASIC views outages of this nature with significant concern and together with the RBA, a co-supervisor of the ASX, have informed the ASX of their intention to conduct an independent review in the first half of 2021. ASIC's media release can be found here.

Anti-Money Laundering and Sanctions

Renewed Focus on Australian Sanctions

On 7 December, a Parliamentary Committee issued their final report following a year-long inquiry into the use of targeted sanctions by the Australian Government to address human rights abuses. The Committee has recommended the Australian Government enact standalone targeted sanctions legislation to address human rights violations and corruption, similar to the US Magnitsky Act. Australia's consideration of Magnitsky-style laws forms part of a global movement to impose targeted sanctions on individuals and entities that are alleged to be involved in human rights abuses. It has never been more important for Australian companies to ensure their sanctions compliance programs and risk assessments are in order, particularly for financial institutions who are likely to have obligations under both domestic and foreign sanction laws. The Australian Government is yet to publish their response to the Parliamentary report. The Parliamentary report can be found here.

Extensive Amendments to the AML/CTF Act Receive Royal Assent

On 17 December, the Anti-Money Laundering and Counter-Terrorism Financing and Other Legislation Amendment Act 2020 (Cth) ("AML/CTF Amendment Act") received Royal Assent. The AML/CTF Amendment Act implements the second phase of reforms arising from the recommendations of the Report on the Statutory Review of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 ("AML/CTF Act") and Associated Rules and Regulations. The AML/CTF Amendment Act amends the AML/CTF Act to: (i) expand the circumstances in which reporting entities may rely on customer identification and verification procedures undertaken by a third party; (ii) prohibit financial institutions from entering into a correspondent banking relationship with another financial institution that permits its accounts to be used by a shell bank; (iii) require banks to conduct due diligence assessments before entering, and during, all correspondent banking relationships; and (iv) expand the exceptions to the prohibition on tipping off to permit reporting entities to share suspicious matter reports and related information with external auditors, and foreign members of corporate and designated business groups. The AML/CTF Amendment Act can be found here.

Cybersecurity

Framework Launched to Test Cyber Resilience of Australia's Financial Services Industry

On 8 December, the Council of Financial Regulators, comprising the RBA, the Federal Treasury, ASIC and APRA, released a Cyber Operational Resilience Intelligence-led Exercises ("CORIE") framework to test and demonstrate the cyber maturity and resilience of institutions within the Australian financial services industry. The CORIE framework has been developed to aid preparation and execution of industry-wide cyber resilience exercises. A key objective of the CORIE framework is to provide data and reporting to inform the regulators of systemic weaknesses that may present a risk to the integrity and stability of Australia's financial markets. The CORIE framework also aims to identify actions to uplift the cyber resilience of financial institutions. The CORE framework can be found here.

APRA Unveils Cybersecurity Strategy for 2020 – 2024

On 26 November, APRA Executive Board Member Geoff Summerhayes unveiled APRA's Cyber Security Strategy 2020 – 2024 to the Financial Services Assurance Forum. APRA's Cyber Security Strategy comprises three primary focus areas: (i) establish a baseline of cyber controls by reinforcing the embedding of non-negotiable cyber practices; (ii) enable boards and executives of financial institutions to oversee and direct correction of cyber exposures. This will be achieved by formulating sound practice guidance, and stepping up APRA's scrutiny of cyber oversight practices; and (iii) rectify weak links within the broader financial eco-system and supply chain by fostering the maturation of provider cyber-assessment and assurance, and harmonising the regulation and supervision of cyber across the financial system (not limited to APRA-regulated entities). APRA's Cyber Security Strategy 2020 – 2024 can be found here.

A Jones Day White Paper on Accountability for Cybersecurity in Australia – A Major Regulatory and Litigation Risk can be found here.

Consumer Protection

ASIC Releases Regulatory Guide on Design and Distribution Obligations

On 11 December, ASIC released Regulatory Guide 274: Product design and distribution obligations ("RG 274") following public consultation. The design and distribution obligations require issuers and distributors to develop and maintain effective product governance arrangements across the life cycle of financial products to ensure that consumers are receiving products that are consistent with their likely objectives, financial situation and needs. The design and distribution obligations take effect on 5 October 2021. RG 274 can be found here.

ASIC Warns Fund Managers to be 'True to Label'

On 22 September, ASIC warned fund managers that they need to do more to ensure their products are 'true to label', that is that the product name aligns with the underlying assets. ASIC's warning follows a targeted surveillance of 37 managed funds operated by 20 responsible entities that collectively hold $21 billion in assets. ASIC's surveillance identified two significant concerns: (i) confusing and inappropriate product labels across 14 "cash" funds; and (ii) redemption features not matching the liquidity of underlying assets. ASIC has sought corrective action from 13 responsible entities where significant concerns were identified. ASIC's media release can be found here.

Product Intervention Order in Relation to Contracts for Difference

On 23 October, ASIC made a product intervention order imposing conditions on the issue and distribution of contracts for difference ("CFDs") to retail clients. ASIC's order strengthens consumer protections by reducing CFD leverage available to retail clients and by targeting CFD product features and sales practices that amplify retail clients' CFD losses. It also brings Australian practice into line with protections in force in comparable markets elsewhere. ASIC's media release can be found here.

Legislative Reform

Hayne Royal Commission Response Act Receives Royal Assent

On 17 December, the Financial Sector Reform (Hayne Royal Commission Response) Act 2020 (Cth) ("HRCR Act") received Royal Assent, after being introduced to Parliament on 12 November and passed by both Houses on 10 December. The HRCR Act strengthens the protections for consumers by (i) strengthening the unsolicited selling (anti-hawking) provisions, including for superannuation and insurance products; (ii) introducing a deferred sales model for add-on insurance products; (iii) making the handling and settlement of insurance claims a 'financial service', which will require insurers to comply with Australian Financial Services ("AFS") licensing obligations.

The HRCR Act also amends the Superannuation Industry (Supervision) Act 1993 (Cth) ("SIS Act") to prohibit the trustee of a superannuation fund from having a duty to act in the interests of another person, other than those arising from their duties as trustee of a superannuation fund. This amendment is intended to prevent a trustee from operating a business other than the business of a superannuation fund. ASIC will also be given greater powers to regulate and take enforcement action against superannuation trustees.

Finally, the HRCR Act allows ASIC to designate provisions of financial services industry codes as enforceable, with breaches attracting civil penalties. The HRCR Act can be found here.

Federal Government Consults on Comprehensive Reforms to the Superannuation System

As foreshadowed in the 2020-21 Federal Budget, on 26 November the Government released for consultation the 'Your Future, 'Your Super' package of reforms, including exposure draft legislation and explanatory materials. The package of reforms makes three key proposals: (i) introduce a new annual performance assessment for MySuper products and other products specified in regulations with consequences for failing an assessment, including notification to beneficiaries and a prohibition on accepting new beneficiaries into a product if it has failed the performance assessment in two consecutive years; (ii) replace the current best interest duty of trustees and directors in ss 52 and 52A of the SIS Act with a wider 'best financial interests' duty and, concerningly, to impose a reverse evidentiary burden on trustees and directors in relation to this duty; and (iii) amend the Superannuation Guarantee (Administration) Act 1992 (Cth) to require employers to make contributions for new employees who commence employment on or after 1 July 2021 to a 'stapled fund' for that employee. Consultation on the package of reforms closed on 24 December. The 'Your Future, Your Super' exposure draft legislation and explanatory materials can be found here.

Licencing and Regulatory Relief

Regulation of Stored-Value Facilities

On 6 November, the Council of Financial Regulators ("Council") comprising the RBA, the Federal Treasury, ASIC and APRA, released a comprehensive report on the regulation of stored-value facilities ("SVFs") in Australia. SVFs are payment services that enable customers to store funds in a facility for the purpose of making future payments. The Council made a number of recommendations, notably that: (i) SVFs should be introduced as a new class of regulated product, replacing 'purchased payment facilities' in the regulatory framework; (ii) issuers of payment products that hold client funds for only a short period of time for the purpose of facilitating a payment should be required to hold an AFS licence; and (iii) ASIC and APRA should be jointly responsible for regulating and supervising SVFs. The Council's report can be found here.

ASIC Extends COVID-19 Relief for Financial Advice Regarding Early Access to Superannuation

On 23 September, ASIC extended to 15 April 2021 the temporary financial advice relief which was due to expire on 15 October 2020. The relief allows advice providers not to give a statement of advice to clients when providing advice about access to early superannuation, and permits registered tax agents to give advice to existing clients about early access to superannuation without needing to hold an AFS licence.

Recent Decisions from the Australian Courts

Federal Court Rules in Favour of ASIC Finding Section 33 Notice Was Not Unreasonably Broad

In ASIC v Maxi EFX Global AU Pty Ltd [2020] FCA 1263, Wigney J ruled in ASIC's favour in a dispute over whether a s 33 Notice issued to Maxi EFX Global AU Pty Ltd ("Maxi EFX") lacked sufficient clarity or was unreasonably broad. Maxi EFX failed to produce certain documents required under the s 33 Notice, arguing that the notice was unclear, that ASIC was not entitled to seek such a broad range of documents and that certain documents were in the possession of an overseas back-office service provider which was a related entity. His Honour held that the s 33 Notice was validly issued and that the documents requested were in the possession, custody or control of Maxi EFX, notwithstanding the fact that they may have been physically retained by a service provider located overseas. The Court found that the service provider held the relevant documents "on behalf of, or on account of" Maxi EFX because they had access to servers which stored the relevant documents pursuant to a services agreement with Maxi EFX.

His Honour noted that the s 33 Notice reflected the extremely broad scope of ASIC's investigation and that a s 33 Notice is not analogous to a subpoena, or discovery or interrogatories in litigation and cannot, therefore, be objected to on the grounds that it involves a "fishing expedition". The judgment of Wigney J can be found here.

Jones Day's Commentary on ASIC’s Assertive Approach to Information-Gathering Powers and Challenging Privilege Claims can be found here.

ASIC Successfully Challenges RI Advice's Claim for Legal Professional Privilege

In ASIC v RI Advice Group Pty Ltd [2020] FCA 1277, O'Callaghan J ruled in ASIC's favour in a dispute over legal professional privilege, finding that a privilege claim by RI Advice Group Pty Ltd ("RI Advice") could not be upheld. RI Advice had claimed privilege over an internal report, which it said had been prepared at the direction of an in-house lawyer for the purposes of the lawyer giving legal advice. His Honour found that, even if the report had been privileged, RI Advice would have waived its privilege by previously producing copies to ASIC without objection. The judgment of O'Callaghan J can be found here.

Fallout from the Financial Services Royal Commission

High Court Dismisses Westpac Subsidiaries' Appeal

On 3 February, the High Court delivered a unanimous judgment dismissing the appeal of Westpac Securities Administration Limited ("WSAL") and BT Funds Management Limited ("BTFM") and upholding an October 2019 decision of the Full Federal Court.

The High Court found that WSAL and BTFM had provided "personal advice" within the meaning of s 766B(3)(b) of the Corporations Act 2001 (Cth) ("Corporations Act") by impliedly recommending to 14 customers on 'courtesy calls' that they should rollover their external superannuation account. WSAL and BTFM were not licenced to provide personal financial advice. In reaching their decision, the High Court clarified the distinction between personal advice which must be given in the customer's best interest, and general advice given as part of a marketing campaign.

In finding that WSAL and BTFM provided personal advice to 14 customers, the High Court found that Westpac not only breached the conditions of their AFS licences and financial services laws, but also failed to do all things necessary to ensure that the financial services covered by their AFS licences were provided efficiently, honestly and fairly within the meaning of s 912A(1) of the Corporations Act. The matter will now return to the Federal Court for a hearing on relief on a date to be advised. The judgment of the High Court can be found here.

NAB Ordered to Pay a $14 Million Penalty for Dealing with Unlicensed Home Loan Referrers

On 19 October, Lee J ordered NAB to pay a penalty of $15 million for contraventions of s 31(1) of the National Credit Act, which prohibits credit licensees from conducting business with persons engaging in credit activity without an Australian credit licence. The contraventions relate to NAB's 'Introducer Program', whereby a third-party Introducer (who did not hold a credit licence) could 'spot and refer' a potential customer to NAB in exchange for commission if the customer entered into a loan with NAB. NAB's 'Introducer Program' was the subject of the Financial Services Royal Commission case studies. This matter marks the first time ASIC has brought proceedings for contravening s 31(1) of the National Credit Act. The judgment of Lee J can be found here.

ANZ Ordered to Pay a $10 Million Penalty in Relation to Periodic Payment Fees

On 1 October, Allsop CJ ordered ANZ to pay a $10 million penalty after finding the bank was not contractually entitled to charge (i) fees for periodic payments that could not be made due to insufficient funds in the customer's account; and (ii) transaction fees charged for successful periodic payments, in circumstances where the periodic payments were made between two accounts held in the same name ("Same-Name Fees"). ANZ admitted that it was aware of the risk it was not contractually entitled to charge Same-Name Fees from July 2011 and continued to charge them until September 2015. As a result of this conduct, the Court found that ANZ had engaged in unconscionable conduct in contravention of s 12CB of the ASIC Act, and breached its obligations as an AFS licensee to comply with financial services laws and to do all things necessary to ensure that ANZ's financial services were provided efficiently, honestly and fairly in contravention of ss 912A(1)(a) and (c) of the Corporations Act. The judgment of Allsop CJ can be found here.

NAB Superannuation Trustees Ordered to Pay a $57.5 Million Penalty for Fees for No Service

On 11 September, Yates J ordered two entities in NAB's wealth management division to pay a total penalty of $57.5 million after finding that NULIS Nominees (Australia) Limited ("NULIS") and MLC Nominees Pty Ltd ("MLC Nominees") had made false and misleading representations to superannuation members about their entitlement to charge plan service fees and members' obligations to pay the fees in contravention of s 12DB of the ASIC Act. The Court also made declarations that NULIS and MLC Nominees failed to ensure that their financial services were provided efficiently, honestly and fairly in contravention of s 912A(1)(a) of the Corporations Act. In his decision, Yates J described NULIS and MLC Nominees' contraventions of s 12DB of the ASIC Act as "very serious" and, in determining the amount of penalties to impose, found it was appropriate to consider the very large scale of the business within the MLC Wealth segment of the NAB Group in which NULIS and MLC Nominees operated. The judgment of Yates J can be found here.

AUSTRAC Enforcement Action

AUSTRAC and Westpac Agree to $1.3 Billion Penalty

On 21 October, following agreement between the parties, Beach J ordered by consent that Westpac is to pay a penalty of $1.3 billion for contraventions of the AML/CTF Act. The contraventions of the AML/CTF Act and respective penalties imposed are as follows:

• Innumerable contraventions of s 81 (AML/CTF program) – $400 million;
• 262 contraventions of s 36 (ongoing customer due diligence) – $300 million;
• 96 contraventions of s 98 (correspondent banking preliminary risk assessment and due diligence; assessment) – $300 million;
• 19,502,841 contraventions of s 45(2) (late IFTI reports) – $270 million penalty;
• 76,144 contraventions of s 45(2) (late IFTI reports without payer name) – $20 million penalty;
• 3,516,238 contraventions of s 115 Act (record keeping failures) – $7 million; and
• 10,540 contraventions of s 64(7)(f) and (6) (electronic funds transfer instruction failures) – $3 million.

In his judgement, Beach J highlighted three specific concerns with Westpac's systems, the first two His Honour considered systemic. First, Part A of Westpac's AML/CTF program failed to properly identify, mitigate and manage ML/TF risks and Westpac's transaction monitoring program was seriously deficient. Second, the inadequacies in the Part A program led to inadequacies in systems and controls for IFTIs, including the numerous contraventions of s 45(2) of the AML/CTF Act. Third, Westpac failed to appropriately monitor vostro accounts and Australasian Cash Management payment flows concerning correspondent banking arrangements. This increased Westpac's exposure to ML/TF risks and even more significantly, these deficiencies increased the exposure of the Australian payments system to such risks. The judgment of Beach J can be found here.

AUSTRAC Issues Infringement Notice to State Street over IFTI Breaches

On 16 September, AUSTRAC issued an infringement notice to State Street Bank and Trust Company ("State Street") for failing to report IFTIs in contravention of s 45(2) of the AML/CTF Act on 99 occasions. Under the infringement notice, State Street is required to pay a penalty of $1.25 million. In a media release announcing the infringement notice, AUSTRAC CEO Nicole Rose stressed the importance of reporting IFTI's accurately and on time, as these reports are relied upon by law enforcement agencies to track criminals and criminal activity. AUSTRAC's media release can be found here.

Other Regulatory Enforcement Action

ASIC Enforcement Update January to June 2020

ASIC released its enforcement update report for the period 1 January to 30 June 2020. Consistent with ASIC's Interim Corporate Plan for 2021-21, ASIC's enforcement priorities include (i) Royal Commission referrals and case studies; (ii) misconduct related to superannuation and insurance; (iii) cases that engage ASIC's new powers or provisions that now carry penalties or higher penalties; (iv) illegal phoenix activity; (v) audit misconduct; and (vi) new types of misconduct, such as those carried out online or using emerging technologies. ASIC's enforcement update can be found here.

OTC Derivatives Issuers to Pay a $75 Million Penalty

On 26 October, Beach J ordered AGM Markets Pty Ltd ("AGM"), an AFS licence holder, to pay a penalty of $35 million, and ordered AGM's authorised representatives, OT Markets Pty Ltd ("OTM") and Ozifin Tech Pty Ltd ("Ozifin"), to each pay a penalty of $20 million (an aggregate penalty of $75 million). In the liability judgement delivered in February 2020, Beach J found that AGM, OTM and Ozfin had engaged in systemic unconscionable conduct while providing over-the-counter derivative products to retail investors in contravention of ss 12CB and 12DB of the ASIC Act and failed to comply with their best interest obligations in contravention of ss 961K and 961L of the Corporations Act. AGM, OTM and Ozfin are now all in liquidation. The Court rejected ASIC's submission that the appropriate aggregate penalty should be $100 million and was satisfied that the total penalty of $75 million well wiped out any profits made by the defendants from the conduct. The judgment of Beach J can be found here.

APRA Takes Action Against Bendigo and Adelaide Bank for Breaching Prudential Standard on Liquidity

On 21 October, APRA increased Bendigo and Adelaide Bank's minimum liquidity requirement following failures by it to comply with Prudential Standard APS 210 Liquidity ("APS 210"). APRA has required an independent review of the bank's adherence with APRA's liquidity requirements and the restatement of relevant disclosures made under Prudential Standard APS 330 Public Disclosure. APRA's media release can be found here.

ASIC Commences Proceedings Against Dixon Advisory for Alleged Conflicts, Best Interest Failures and Inappropriate Advice

On 4 September, ASIC commenced proceedings against Dixon Advisory and Superannuation Services Limited ("Dixon"), a subsidiary of ASX-listed Evans Dixon Limited. ASIC alleges that Dixon representatives failed to act in their clients' best interests, failed to provide advice that was appropriate to the clients' circumstances and failed to give priority to clients' interests in contravention of ss 961B, 961G and 961J of the Corporations Act. ASIC is seeking a pecuniary penalty and orders that Dixon put in place appropriate systems, policies and procedures to ensure compliance with the best interest obligations. ASIC's media release can be found here.