The next 12 months will see unprecedented scrutiny of the financial services industry as the Australian Securities and Investments Commission (ASIC) tests it new powers and flexes its regulatory muscles.
Clare McAdam and Andrew Ham of Holley Nethercote, commercial and financial services lawyers, advise that a well worded breach report with clear steps explaining to the regulator how you will remedy the problem are the first step if ASIC comes calling.
In releasing Information Sheet 172 – Cooperating with ASIC earlier this month, the watchdog has indicated that “a cooperative approach to dealings with ASIC may benefit a person or company in many ways”. More simply, cooperation with ASIC is good business.
“In situations where a breach has occurred or is likely to occur, cooperating with ASIC can be in the best interest of the individual and business; as while it can be tempting to resist and deny, these defensive behaviours in themselves can raise concerns,” says McAdam.
Six tips for when they come knocking
Holley Nethercote suggests the following course of action when contacted by ASIC:
- If you receive correspondence in writing, you should consider the tone of the correspondence. Is it an order to do something or only a request? Has the letter been sent to numerous businesses within the sector or only to you?
- If you receive a telephone call, you should consider the tone of the questions the regulator is asking. If you are unsure about what the regulator is enquiring about, or do not feel comfortable responding immediately, you should ask for time to gather the required information and request that the regulator put the question in writing. This will give you time to produce a response. It may also make it easier for you to receive assistance from someone e.g. a lawyer;
- If the regulator wants an appointment to visit you in person, make sure you understand the reason for the visit and who will be attending. You will then be able to decide who should meet them and how to prepare.
- If there is an issue, the following should be considered: Your exposure (have you done something wrong?) and how to minimise this exposure;
- Do you have an obligation to report what has occurred? The Corporations Act 2001 requires “significant breaches” to be reported; and
- Whether you will deny liability or cooperate with ASIC. ASIC has stated that if you are willing to demonstrate that you are prepared to resolve the problem, they are more likely to be lenient.
Game plan
Holley Nethercote suggests businesses develop policies outlining how they intend on approaching a situation once contacted by ASIC.
“In a situation where ASIC is investigating or has requested information, you should consider seeking guidance from a lawyer or someone who has experience with ASIC’s processes, on how best to tackle the situation,” says Ham
“If the regulator has requested information informally, the business must consider whether providing this information to ASIC will breach confidentiality with its clients. The business may need to obtain permission from the client. This is an area in which a lawyer will be able to assist.”