You’ve got to know when to hold ’em, know when to fold ’em and know when to walk away advises the old song but if you’ve been served with a notice from the regulator, it might help to start with a deep breath.
According to Hillary Ray of legal firm The Fold, working with the Australian Securities and Investments Commission (ASIC) rather than against it may be a better option than “lawyering up” when a breach is detected.
“Don’t panic,” she advises. “Put yourself in ASIC’s shoes and work with them to resolve the issue. Don’t underestimate how helpful it can be when approached the right way.”
Ray suggests these seven points when dealing with ASIC:
| 1. Find out who you’re dealing with |
| The different sections of ASIC and each have a different approach. Stakeholder teams are usually interested in a collaborative approach. If it’s already in enforcement, a different strategy will be needed. |
| 2. Know your business strategy |
| Remind yourself of your goals, objectives and your client’s needs – is a quick resolution important to you? |
| 3. Review the facts |
| Do a triage and look at the conduct or product at issue. Can it be remedied easily, for example, by putting together a robust compliance plan that includes communicating with clients. |
| 4. Get advice |
| Lawyers or compliance professionals will help you to see all the issues (some of which may be technical or not obvious), to prioritise the issues and assist with your strategy. |
| 5. Choose your weapon |
| Litigators excel at being aggressive and adversarial, but will this inexorably lead to a tougher outcome? Commercial lawyers who seek common ground upon which to forge a deal that both parties can live with may be better suited for a frank discussion with the regulator. Check your lawyer’s preferred style before appointing them. |
| 6. Put yourself in ASIC’s shoes |
| Always consider self-reporting potential regulatory issues. ASIC expects that breaches will occur. But it likes proactive businesses who deal with breaches as a manageable occurrence. If in doubt, report it. |
| 7. Life after a breach |
| Taking a partnering approach with the regulator can not only iron out any potential breach, but will also educate the regulator on the direction of the products, technology and software. Be proactive. Consider doing an audit of your compliance framework and processes either in house or by external counsel. Don’t wait for ASIC to knock if you can deal with issues now. |
