The corporate regulator has acknowledged there hasn’t been a consistent approach to how breach reporting legislation has been interpreted and expects it take a few years before the industry fully understands the regime.
Speaking at the Stockbrokers and Investment Adviser Association conference Tuesday afternoon, ASIC chair Joe Longo said breach reporting was “quite an ambitious” piece of law reform.
“It’s quite complex. In the early days we released a regulatory guidance and worked with industry to try and reach some understanding.”
A report by Gadens and Lawcadia released earlier this month found half of advisers rated their understanding of breach reporting as “low”.
Longo said there has been some “teething issues” in administrating the legislation.
“There’s been not an entirely consistent approach to how the legislation was being interpreted by reporters,” Longo said at the conference. “We’re working with those affected to figure out where those issues are with a view to probably release some additional guidance once we’ve gone through some more consultation.”
Reporting the reports
From 1 November ASIC will be publishing data on what it found in those breaches with the aim it will better educate the industry on how the regime works.
Longo said breach reporting is a “very significant part” of the regulator’s regime and the benefits won’t be achieved in one cycle.
“In order to get the full benefits in terms of regulatory policy, enforcement and lifting standards and compliance, we need a consistent approach to what people are reporting and a consistent approach to what we learn from that.”
Longo said from this the aim is to release a publication to the broader market for people to better understand the breach reporting regime and learn from other’s mistakes, but regulator will be “reasonably cautious” with the data it reports publicly.
“The commission is still working through exactly the approach we’re going to take and our approach will probably evolve.”
The industry had enough opportunity to get ready for the Design and Distribution Obligations, Longo said, but there is room for improvement with the regulator’s approach.
“We’ve had a mixed standard of compliance with Target Market Determinations, for example. There is room for improvement and the approach we’re likely to take in the coming months is probably a more intensive approach.”
In February, ASIC stated its DDO powers “will be tested” despite still navigating how to best utilise those very powers.
“We’re still being responsive to what people are grappling with but we’re now at a point where people should complying with the regime,” Longo said at the conference. “If we find examples of material non-compliance then we’ll be taking action.”
When it came to ASIC regulation broadly, Longo understood the heightened anxiety advisers have over what to expect when it comes to making the “perfect” compliance file but said he doesn’t expected perfection.
“I’ve been in financial services most of my life, I don’t go for perfection. I know the legislation is complex and very prescriptive. I know there’s a lot of concern in the industry about how strict ASIC apply this or that rule.”