ASIC has sounded the alarm for a second time that Australian financial services licensees may not be fully meeting their obligations under the reportable situations regime.

Releasing its second publication on the reportable situations regime – otherwise known as breach reporting – the regulator has warned that the number of licensees reporting to it is still not as high as expected and it will be stepping up its surveillance and enforcement action until it is.

In the 12 months to 30 June, ASIC received 16,836 reports, of which 11,623 were reported by AFSLs, including financial advice licensees, and the remainder by Australian credit licensees.

But only 813 AFSLs lodged reports out of around 11,000 that were active and current during the period. In other words, the 9 per cent of AFSLs that reported to ASIC lodged just over 14 reports each, on average, while 91 per cent of AFSLs – more than 10,000 of them in total –reported no situations at all.

ASIC’s analysis of the reporting regime has once again found that most reports (71 per cent) were made by just 21 AFSLs, typically large ones.

The reportable situations regime commenced in October 2021 and requires all AFSLs – large, medium and small (including own-AFSL advice firms) – to proactively monitor the services they provide to clients and the conduct of staff, and to self-report to ASIC if they detect breaches of the Corporations Act.

The regulator criticised the industry after the first reportable situations report was released last year, with the number of breaches being lower than expected.

The latest ASIC analysis suggests more than 10,000 AFSLs either monitored for breaches and didn’t find any; monitored for breaches, found some but opted not to report; or simply didn’t bother to monitor at all.

By far the greatest proportion of reports related to credit services (32 per cent of the total number, down from 38 per cent the year before) was mostly related to home loans. The proportion of breaches relating specifically to financial advice accounted for about 7 per cent of reports, or around 1200 reports in total.

The reportable situations regime is a fraught one for many licensees. In the financial advice space. Breaches can crop up for any number of reasons, some inadvertent, some due to systems issues, and some due to deliberate misconduct.

Reporting is a critical element of ASIC’s regulation of the sector. It simply lacks the resources to actively monitor all AFSLs and all authorised representatives itself, so part of that function is pushed down onto licensees.

Monitoring for breaches can be costly, and reporting to ASIC can open a can of worms. It’s understandable, if unforgivable (and not to mention illegal), that breaches may be overlooked or assessed as not worth reporting if found.

Requiring a licensee to report a breach to ASIC is a little like asking a motorist to report to a police station if they ever notice they’ve been speeding. No harm done, let’s move on. But that’s not the point of the breach reporting regime.

The explanatory memorandum to the enabling legislation noted that “breach reporting is a cornerstone of Australia’s financial services regulatory structure”.

“Breach reports allow ASIC to detect significant non-compliant behaviours early and take action where appropriate,” it said. “It also allows ASIC to identify and address emerging trends of non-compliance in the industry.”

But it’s hard to take any action, or to identify and address anything, when nothing is being reported.

The quality of supervision and monitoring of any individual adviser shouldn’t depend on the size of their licensee, and advisers should not be able to evade effective monitoring, supervision and effective regulation by escaping a large licensee and obtaining their own AFSL (or moving to a smaller one).

All clients of all advisers deserve to know their adviser is being effectively regulated and is being supervised and monitored in a meaningful way. The numbers emerging from the breach reporting regime suggest that’s not what’s happening.

The introduction of the breach reporting regime wasn’t smooth. Initially, s912D of the legislation omitted from a licensee’s “core obligations” the obligation to report breaches by authorised representatives. This oversight was only rectified months later, in further legislation.

Even so, the regime is in place, licensees know, or ought to know, their obligations under the regime, and they really ought to be doing a better job. It’s inconceivable that 10,000 AFSLs committed no breaches at all for an entire 12-month period.

The explanatory memorandum to the enabling legislation notes that “breach reporting is a cornerstone of Australia’s financial services regulatory structure”.

“Breach reports allow ASIC to detect significant non-compliant behaviours early and take action where appropriate,” it said. “It also allows ASIC to identify and address emerging trends of non-compliance in the industry.”

Licensees that hoped reporting no breaches might help them evade regulatory scrutiny are likely to find in coming months and years that the strategy has backfired. It increasingly looks like lodging no reports might be a better indicator than lodging a report that something’s not right within a licensee. And ASIC now has a list of 10,000 names where it can start looking.

Join the discussion