Sean Hughes

Acknowledging improvements are required for the breach reporting regime, ASIC will continue to engage with Treasury and the industry over how the system operates.

In an announcement on Wednesday morning, the corporate regulator recognised there has been significant investment made across the industry and will attempt to minimise further impacts.

“ASIC will continue to engage with Treasury on how the regime is meeting its policy objectives,” ASIC stated.

It added the regulator will continue to engage with the industry on reporting practices adopted by licensees to better understand any issues creating an unnecessary compliance burden.

“ASIC will communicate clear expectations for compliance with the new regime and design solutions to ensure the consistency and quality of reporting meets the policy objectives of the regime, as well as improve the efficiency of ASIC’s data collection and analysis.”

Breach reporting was part of the Red October reforms introduced last year and required AFSLs to report any breaches to ASIC in writing within 30 calendar days it has reasonable knowledge of the breach.

But research by Gadens and Lawcadia found the industry “didn’t know what it was doing” when it came to breach reporting and ASIC chair Joe Longo has acknowledged those struggles.

The system won’t be removed as the regulator stated it provides a “critical source of intelligence” to identify emerging trends of non-compliance in the industry.

“It also allows detection of significant non-compliant behaviours early, facilitating prompt regulatory action where appropriate,” ASIC stated.

ASIC commissioner Sean Hughes said the regulator is aware the regime has led to several implementation challenges.

“However, ASIC remains committed to the successful implementation of this regime and we have developed a comprehensive plan of work to ensure that it meets its objectives for ASIC, industry and consumers.”

Hughes said ASIC will work with stakeholders to find “common-sense solutions”.

“ASIC will consider whether enhancements are required to the approved form on the regulatory portal for lodging reports. We will also consider whether further practical guidance should be developed to assist licensees in meeting their obligations.”

Reporting the reports