Following is a summary of changes in the Australian financial services industry that we consider to be most relevant to financial services organisations such as yours. Should you require more specific information in relation to any topic, please let us know. This Quarterly Update should not be taken as legal advice.

Regulatory changes in the financial services industry

Quarterly Update

April - June 2017

(Released September 2017)

The May release of the federal budget always makes for an eventful June quarter and 2017 was no exception. We saw:

� the big 4 banks hit with a levy; � movement at the station for the Asia Region

Funds passport; � the Productivity Commission given a brief to

review competition in the financial sector; � the external dispute resolution review finalised,

with confirmation that the three schemes for financial services, credit and superannuation are to be amalgamated;

� tightening of the use of limited recourse borrowing arrangements in superannuation funds;

� ASIC taking over responsibility from the Minister for Revenue and Financial Services to issue market and clearing and settlement facility licences;

� judgment day for several wrongdoers, which has been a long time coming in many cases;

� the first cab off the rank (Westpac) penalised for infringing derivative transaction reporting rules;

� the devil coming out in the detail on the ASIC industry levy;

� ASIC looking to establish a panel to obtain some external input in some of their banning decisions;

� plenty of feedback and food for thought from ASIC for responsible entities of registered schemes and custodians;

� some clarity from ASIC on that old chestnut “independently owned”;

� AUSTRAC continuing to pursue law enforcement outcomes and educate their regulated industries on money laundering and terrorism financing risks;

� the Office of the Australian Information Commission preparing for the notifiable data breaches regime commencing next year;

� more of the F word (fintech) and the C word (cybersecurity); and

� a few new regulatory acronyms in circulation - AFCA, NDB and CSF to name a few.

There are plenty of case studies here about what not to do, which we hope you will find useful in training your staff on compliance obligations and spotting potential incidents / breaches in future.

2

Quarterly Update June 2017

GENTLE REMINDER: THINGS YOU SHOULD HAVE DONE SINCE THE LAST QUARTERLY UPDATEAs a gentle reminder, following are some things you should have actioned since receiving our last Quarterly Update:

� attended to your usual end of financial year reporting obligations for the year ended 30 June;

� implemented your compliance arrangements in time for the 1 July commencement of the Common Reporting Standards;

� progressed the updating of your Product Disclosure Statements (PDSs) and periodic statements to ensure that they will comply with the fee disclosure requirements and ASIC guidance in Regulatory Guide 97: Disclosing fees and costs in PDSs and periodic statements by 30 September 2017 (bearing in mind that the last business day of the transition period is Friday 29 September, right before the October long weekend and commencement of daylight saving);

� if you have platform investors in your products, started to think about the changes you will need to make to give the underlying investors access to your internal and external dispute resolution system by 1 January 2018 (realistically this means being ready before Christmas);

� allocated some time between now and February 2018 to update your privacy compliance framework so that you will have arrangements for reporting of notifiable data breaches to the Office of the Australian Information Commissioner; and

� if you are a responsible entity of registered schemes, put in place arrangements to ensure that any gaps between your risk management framework and ASIC’s expectations in Regulatory Guide 259: Risk management systems of responsbile entities are addressed before ASIC’s facilitative approach draws to a close in March 2018.

3

Quarterly Update

3

June 2017

3

TABLE OF CONTENTS

SECTION & ARTICLE PAGE NO.

Hottest topics 6

� Results of 2016 surveillance of responsible entity compliance 6 � ASIC report card calls for improvement on compliance with custody requirements 7 � Some welcome transparency on managed investment scheme constitution bug-bears 8 � ASIC industry funding has arrived 9 � Big bank levy introduced 13 � Multi-fund, hedge fund superannuation product disclosure statements (PDSs) remain

outside the PDS regime 13

� Stronger super reforms staying on ice 13

Regulatory innovation initiatives 13

� ASIC move further along “regtech” path 13 � Sharing the innovation love - ASIC expands international fintech cooperation

regulatory network 14

Recent law reform 15

� New market and CS facility licensing powers for ASIC 15 � Supernnuation reforms tidied up 15

Reviews and inquiries 15

� Taking the ASIC enforcement regime to task 15 � Statutory scheme of last resort next on the external dispute resolution (EDR) law

reform menu? 16

� Productivity commission reviewing competition in the Australian financial system 17 � Planning for the future of retirement income products 17

ASIC enforcement activity 17

� Court proceedings 17 � Former Octaviar Group (formerly MFS) executives heavily punished for breach of

duties 18

� Former Avestra directors disqualified for 10 years 19 � $50,000 penalty and five year disqualification for former AWB chairman 20 � Prison sentence for dishonest director 21 � ASIC obtain clarity on proof of fault in civil proceedings 21 � Financial advisers 21 � Insider trading - one all 22

ASIC in the administrative appeals tribunal (AAT) 22

4

Quarterly Update June 2017

Administrative actions 23 � Macquarie foreign exchange (FX) business joins the big 4 banks in the enforceable

undertaking (EU) club 23

� Markets disciplinary panel infringement notice penalties 23 � Westpac first to cop infringement notice for breach of derivative transaction

reporting rules 23

� Joint operation with Queensland police targets criminal syndicate and outlaw motorcycle gang members 24

� Banning of individuals 25ASIC ask what we really think - consultation papers for the June quarter 26

� Blast from the past - multiple withdrawal periods relief for registered schemes proposal 26

� Get ready for another panel! 26 � Proposed guidance to improve compliance in sell-side research 26 � Preparing for crowd sourced funding (CSF) 27 � Consultation on expiring class orders 28

ASIC reports 29

� Market integrity report for second half of 2016 released 29 � ASIC shine the spotlight on black marks in wholesale spot FX market 29 � Work in progress on emerging market issuers 30

Other ASIC activity 31 � Confirmation that “independently owned” is taboo 31 � Big 4 banks agree to lift their game on unfair contract terms 32 � Temporary reprieve for charitable investment fundraisers preparing for the new

world of licensing 33

� Infringement notices issued for online advertising content 33 � Update on fees-for-no-service compensation paid by AMP and big 4 banks 33 � Macquarie equities - remediation program substantially complete, almost 3 years on 33 � Financial reports 34 � Audit file reviews 34

AUSTRAC 35 � AUSTRAC ready to collect - consultation on industry contribution levy 35 � Law enforcement outcomes 36 � Industry guidance 36 � Consultation on changes to AML/CTF rules 37 � Other activities 37

ASX 37

4 5

Quarterly Update

5

June 2017

5

APRA 38 � Proposal to allow substituted compliance with foreign margin requirement

requirements for non-centrally cleared derivatives 38

� Financial institutions supervisory levies increased for 2017-2018 38RBA 38Australian cyber security centre 39

� Results of first cyber security survey published 39 � Warning issued on cyber attacks targeting managed service providers 39

OAIC 40 � Preparing for the notifiable data breaches (NDB) regime 40 � Personal information guidance updated after Telstra judgment 41 � Guidance on European Union data protection regulations released 41 � Other OAIC activities 41

Wath this space - coming soon 42 � Santa and the Asia region funds passport are coming! 42

Law reform initiatives 42 � Dispute resolution framework reforms - get ready for AFCA and internal dispute

resolution reporting! 42

� Extension of CSF to proprietary companies 43 � Regulation of financial benchmarks 43 � Proposal to toughen foreign bribery laws 44

Update on ASIC instruments 44

6

Quarterly Update June 2017

HOTTEST TOPICS

RESULTS OF 2016 SURVEILLANCE OF RESPONSIBLE ENTITY COMPLIANCEOn 13 June the Australian Securities and Investments Commission (ASIC) released a report on their proactive surveillance of 28 responsible entities which manage over $49 billion in scheme property across 336 schemes. The responsible entities selected were identified by ASIC profiling methodology as representing a higher risk of non-compliance in ASIC’s areas of focus, which included governance, risk, compliance with licence conditions and Corporations Act 2001 (Cth) (Corporations Act) obligations, disclosure, cyber-resilience and use of scheme property.

Areas in which ASIC found room for plenty of improvement included:

� managing conflicts of interest; � breach reporting; � custody; � risk management systems; � rewards and incentives; and � whistle blowing.

ASIC are recommending that responsible entities review and consider whether:

� their professional indemnity coverage is adequate, having regard to the nature, size and complexity of their business;

� conflicts management and cyber resilience measures should be strengthened;

� custody measures meet compliance requirements;

� top management are accountable in disputes; � remuneration, rewards and incentives are

aligned with the responsible entity’s values; � whistleblowing measures are appropriate; and � culture is consumer-focused.

ASIC observations included: � board involvement was not always sufficient

when it came to:> conflicts management;

> dispute resolution;> whistle blowing; and> product approval and review;

� there was a “general lack of awareness” of requirements for professional indemnity insurance;

� in a small number of cases there appeared to have been no review of breach reporting measures;

� half of the responsible entities who appointed external custodians did not have documented measures for monitoring them and board oversight was “generally lacking”;

� in a small number of cases custody measures were not being reviewed every 12 months;

� in two cases there were no risk management systems in place;

� the top three risks that responsible entities identified were operational, market and regulatory risks;

� in some cases the quality of compliance plans was poor – with insufficient detail to reflect legal obligations, monitoring responsibilities and procedures and in some cases inadequate allocation of resources;

� nine responsible entities had been the subject of malicious cyber activity in the 12 months prior to the surveillance;

� a “significantly high” proportion of agreements with external service providers did not explicitly address cyber risks;

� less than half of the responsible entities had documented measures to address rewards and incentives;

� less than half of the responsible entities had measures addressing employees’ right to report misconduct of the employer and less than one-third had specific whistleblowing measures in place; and

� there was a “lack of consumer-focused measures” in place for product design, approval and review.

Following the surveillance findings ASIC indicated that:

6 7

Quarterly Update

7

June 2017

7

� three responsible entities would continue to be subject to further, more targeted surveillance work because they were required to address concerns that arose from the ASIC surveillance; and

� 20 out of the other 25 responsible entities included in the surveillance were required to address concerns that ASIC raised and tell ASIC what action they had taken. Those areas included:> confirming that minimum professional

indemnity insurance requirements were met;> amending conflicts management measures;> providing additional information about

breaches;> confirming that agreements with third party

custodians met requirements;> reviewing dispute resolution measures

to assess whether there were systemic weaknesses;> updating risk management systems;> lodging replacement compliance plans;> reviewing cyber resilience measures; and> introducing or updating whistleblowing

measures.

See ASIC Media Release.

ASIC REPORT CARD CALLS FOR IMPROVEMENT ON COMPLIANCE WITH CUSTODY REQUIREMENTS

On 22 June ASIC released a very comprehensive report of their review on compliance with asset holding requirements by custodians and responsible entities of managed investment schemes. The review took place between late 2016 and early 2017, covering both custodians and responsible entities. The review was conducted using a combination of documents obtained under notices issued under the Corporations Act and the Australian Securities and Investments Commission Act 2001 (Cth) (ASIC Act), information gained through on-site visits meeting with executive management and operational staff, review of financial documents annually submitted to ASIC and publicly available materials. ASIC found that, while there were some

examples of good practice (for example, there was strong compliance with the financial requirements and some encouraging commitment to invest in new technology, systems and processes to help reduce operational risk), overall compliance fell short of their expectations.

ASIC were disappointed to see: � a “generally poor” level of understanding of the

requirements – one entity did not understand how the requirements applied to unregistered schemes;

� some failures to update custody agreements to address the requirements that were introduced through ASIC instruments in 2013 (as outlined in ASIC Regulatory Guide 133 Managed investment schemes and custodial or depository services);

� in the case of responsible entities providing self-custody, inadequate separation of the roles of responsible entity and custodian;

� inadequate resourcing and training in the compliance function;

� insufficient prioritisation of the selection and monitoring of custodians;

� poor responsiveness to ASIC’s review inquiries (which suggested insufficient resourcing);

� some non-automated processes and systems, which can lead to increased operational risk;

� some difficulties locating key documents; and � poor understanding and management of

conflicts of interest by responsible entities doing self-custody.

ASIC required a “significant number” of the entities to undertake corrective action to address their concerns and they are conducting further surveillance on two entities that demonstrated significant non-compliance across a number of areas. As a result of these outcomes, ASIC will maintain their focus and priority in this area and are clearly expecting licensees with asset holding responsibilities to do the same.

We recommend taking note of and aspiring to ASIC’s examples of strong compliance, including:

8

Quarterly Update June 2017

� a board and compliance staff that thoroughly understand the requirements;

� board and board committee engagement (eg, including custody as a standing agenda item);

� being able to locate information about custodians and current custody agreements;

� being able to demonstrate that there are processes for selecting, monitoring and supervising custodians or sub-custodians;

� having a formal process to report and rectify breaches;

� identifying risks associated with the custodian function and having arrangements in place to manage those risks; and

� for responsible entities undertaking self-custody, the custodian function is appropriately

separated from the responsible entity function with:> robust information barriers between the

responsible entity and custodial functions;> separate boards and reporting lines;> physical separation of responsible entity

and custodian, even in different geographic locations;> sharing of functions between the

responsible entity and custodian businesses to limited to IT licences and/or the legal and compliance function; and> custodian breaches reported to the

responsible entity.

See ASIC Media Release.

SOME WELCOME TRANSPARENCY ON

MANAGED INVESTMENT SCHEME CONSTITUTION BUG-BEARSOn 24 May ASIC published a new information sheet that sets out some of the common issues they identify in the content of constitutions lodged as part of the process for applying for registration of a managed investment scheme and explains how ASIC respond when those issues arise.Issues on which ASIC may push for amendments to the constitution when assessing a scheme registration application are set out below:

TOPIC ASIC CONCERN

Definition of scheme member ASIC wish to ensure that anyone who meets the statutory definition of “member” in the Corporations Act has the benefit of provisions covering complaints and withdrawal rights and may request amendments.

Fees and expenses Section 601GA(2) of the Corporations Act provides that any right of the responsible entity to be paid fees or expenses out of scheme property must be set out in the constitution and must only be available in relation to the proper performance of its duties.Where the constitution refers to the proper performance of the responsible entity’s “powers or duties”, ASIC will request amendments so that any reference to proper performance of powers is deleted or qualified as an exercise of powers in the proper performance of its duties.ASIC also request amendments to provisions about fees payable to the responsible entity that don’t clearly identify all the variables affecting the calculating of the fee (for example, where there are uncertain timing variables or performance periods).

8 9

Quarterly Update

9

June 2017

9

Withdrawals ASIC request amendments to provisions about withdrawal procedures that are insufficiently clear about what steps members need to take and what they need to do to satisfy any pre-conditions in order to exercise their right to withdraw (for example, if the provisions are too general and provide too much discretion for the responsible entity).ASIC may also inquire further if the timeframe to pay the withdrawal amount is more than 21 days from when the responsible entity accepts a withdrawal request. ASIC will only allow a longer period if there is a reasonable explanation for it (legitimate explanations include extreme market events).

Winding up ASIC require scheme constitutions to say that, after winding up the scheme, the responsible entity must obtain an independent audit of the final accounts conducted by a registered company auditor or audit firm – a reference to an “independent auditor” or an “independent review” won’t do.

We welcome this transparency from ASIC. The approach taken in the information sheet is consistent with our previous experience in assisting clients with scheme registration applications. We anticipate that ASIC will take a consistent approach between individual officers and offices on these issues, which we would similarly welcome, as it can be frustrating when one individual challenges a clause of a constitution when others previously haven’t done so.

See ASIC Media Release.

ASIC INDUSTRY FUNDING HAS ARRIVEDIn June the ASIC Supervisory Cost Recovery Levy Act 2017 (Cth) was passed to facilitate the commencement of the ASIC industry funding model from 1 July. ASIC will be recovering its costs of regulation by imposing industry levies on industry participants, with the intention being that the regulated population will bear the costs of regulation.As we have previously mentioned, the devil is in the detail. Treasury released exposure draft regulations on 4 May and consultation closed on 26 May, with the ASIC Supervisory Cost Recovery Levy Regulations 2017 (Cth) also commencing on 1 July.

For each industry subsector that ASIC regulates, there will be a flat or a graduated levy charged, the amount of which will depend on regulatory costs and the size and activity levels of the relevant subsectors. Where ASIC’s costs are approximately the same for each entity in the subsector, a flat levy is imposed (each entity in the subsector will pay the same amount). Graduated levies will be applied if ASIC’s costs vary significantly across the sub-sector. In some cases the graduated levy consists of a fixed minimum amount that all participants pay and a variable component, whereas in other cases it is purely a variable component. For publicly listed companies, there is a maximum cap on the levy.

10

Quarterly Update June 2017

A high level summary of how different types of entities are to be levied is set out below:

INDUSTRY SECTOR AND SUBSECTORS NATURE OF LEVY

CorporateLarge proprietary companies FlatUnlisted public companies FlatRegistered company auditors FlatAuditors Variable, based on audit fee revenueAuthorised audit companies Variable, based on audit fee revenueRegistered liquidators $2,500 plus variable component (based on the entity’s share of

the total number of notifiable events)Listed public companies $4,000 plus variable component if market cap is above $5 million

and up to $20 billion$664,000 if market capitalisation is above $20 billion

Deposit-taking and creditMargin lenders FlatCredit intermediaries $1,000 plus variable component (based on number of credit

representatives)Credit providers $2,000 plus variable component for credit providers that provide

more than $100 million in credit contacts (based on their share of the total value of credit contracts above the $100 million threshold)

Deposit product providers $2,000 plus variable component for deposit product providers that provide more than $100 million in deposits (based on their share of the total value of deposits above the $100 million threshold)

Payment product providers $2,000 plus variable component (depending on share of total revenue from payment product activity)

Small amount credit providers $2,000 plus variable component (depending on share of total amount of credit provided under small amount credit contracts)

Investment managerment, superannuation and related servicesCustodians FatManaged discretionary account providers

Flat

Traditional trustee company service providers

Flat

Operators of investor directed portfolio service (IDPS)

$10,000 plus variable component (depending on share of total revenue from IDPS activity)

Responsible entities $7,000 plus variable component for responsible entities with more than $10 million in funds under management (depending on share of total funds under management above the $10 million threshold)

10 11

Quarterly Update

11

June 2017

11

Superannuation trustees $18,000 plus variable component for superannuation trustees with more than $250 million in funds under management (depending on total funds under management above the $250 million threshold)

Wholesale trustees Flat fee for 2017-2018 financial yearAfter that it will be $1,000 plus variable component based on share of gross assets under management

Financial adviceLicensees that provide only general advice to retail or wholesale clients

Flat

Licensees that provide personal to retail clients on products that are not relevant financial products

Flat

Licensees that only provide personal advice to wholesale clients

Flat

Licensees that provide personal advice on relevant financial products to retail clients

$1,500 plus variable component depending on share of total number of registered financial advisers authorised to provide advice on behalf of the licensee

Market infrastructure and intermediariesAustralian derivative trade repository licensees

Flat

Credit rating agencies FlatExempt CS facilities FlatExempt markets FlatForeign market operators FlatRetail over-the-counter derivatives issuers

Flat

Small derivatives market operators

Flat

Small equity market operators FlatSmall equity market operators with self-listing function only

Flat

Small futures market operators FlatTier 1 clearing and settlement facilities

Flat

Tier 2 clearing and settlement facilities

Flat

12

Quarterly Update June 2017

Tier 3 clearing and settlement facilities

Flat

Tier 4 clearing and settlement facilities

Flat

Cash equities participants $9,000 plus variable component depending on share of total number of messages and transactions reported on a large equity market and recognised by ASIC’s market surveillance system

Corporate advisers $1,000 plus a variable component for corporate advisers with more than $100,000 in revenue from prescribed financial services (depending on their share of revenue above the $100,000 threshold)

Future participants $9,000 plus variable component depending on share of total number of messages and transactions reported on a large futures market and recognised by ASIC’s market surveillance system

Large equity market operators Variable, based on share of total value of transactions entered into on large equity markets

Over-the-counter traders $1,000 plus variable component depending on share of total number of people conducting over-the-counter derivative trading they engage

Securities dealers $1,000 plus variable component depending on share of total value of transactions

InsuranceInsurance product distributors FlatRisk management product providers

Flat

Insurance product providers Minimum $20,000 plus variable component for providers with more than $5 million in insurance product revenue (depending on share of insurance product revenue above the $5 million threshold)

The regulations set out the criteria for determining which subsectors a regulated entity belongs to and the calculation methodology for each subsector’s industry levy. Each year ASIC will make a legislative instrument setting out information about each subsector that must be used in the formula for calculating the levy each subsector will pay. Once again, the devil remains in the detail.The levy will not be recovering the costs associated with:

� the Superannuation Complaints Tribunal; � the Companies Auditors Disciplinary Board; � the ASIC Registry; or � supervising auditors of self-managed superannuation funds.

See ASIC Media Release.

12 13

Quarterly Update

13

June 2017

13

BIG BANK LEVY INTRODUCEDAs part of the 2017-2018 budget measures, the Federal Government announced that from 1 July it would be introducing a new tax on big banks. The Major Bank Levy Act 2017 (Cth) received Royal Assent on 23 June. An authorised deposit-taking institution (ADI) must pay a quarterly levy if its total liabilities for the quarter, as reported under an applicable reporting standard determined by APRA under the Financial Sector (Collection of Data) Act 2001 (Cth), exceeds the levy threshold (which is initially $100 billion and will be indexed quarterly). The levy is 0.015% of the ADI’s “applicable liabilities amount” which is the total liabilities for the quarter excluding certain prescribed amounts.

MULTI-FUND, HEDGE FUND SUPERANNUATION PRODUCT DISCLOSURE STATEMENTS (PDSs) REMAIN OUTSIDE THE PDS REGIME Since 2012, PDSs for multiple funds, hedge funds and superannuation platforms have been exempt from the shorter PDS regime that otherwise applies to superannuation funds and managed investment products under ASIC Class Order [CO 12/749] Relief from the Shorter PDS regime. The relief was due to expire on 30 June, but has been extended a further 12 months until 30 June 2018. Over the coming 12 month period ASIC will conduct public consultation to consider whether, due to their complexity, these types of PDSs should remain outside the shorter PDS regime.

See ASIC Media Release.

STRONGER SUPER REFORMS STAYING ON ICEOn 24 June ASIC issued relief instruments which pushed back the commencement of the following reforms that form part of the Stronger Super legislation package:

� the choice product dashboard obligations, which require Registrable Superannuation Entity (RSE) licensees to ensure that a product dashboard for choice products is available on the relevant superannuation fund’s website and included in periodic statements (commencement has been extended from 1 July 2017 to 1 July 2019);

� the portfolio holdings disclosure obligations, which require RSE licensees to publish certain portfolio holdings information for a superannuation fund on the fund website (commencement has been extended from 31 December 2017 to 31 December 2019); and

� the requirement for superannuation trustees to publicly disclose information about employer sub-plans (commencement has been extended from 1 July 2017 to 1 July 2018).

See ASIC Media Release.

REGULATORY INNOVATION INITITIATIVES

ASIC MOVE FURTHER ALONG “REGTECH” PATHOn 26 May ASIC released a report about the Innovation Hub and their approach to regulatory technology (referred to as ‘regtech’).The report provides an update on progress made to date and future innovation initiatives in ASIC’s pipeline relating to the use of new technologies in performing regulatory and compliance functions, for which the term ‘regtech’ has been coined. Examples of regtech include artificial intelligence, data reporting and big data analysis. The ASIC Innovation Hub has been in place since 2015 and provides fintech businesses with assistance in addressing their regulatory obligations. Innovators are able to access senior ASIC staff for informal guidance and have their licence application process streamlined (meanwhile, at least in our clients’ experience, the waiting time in the licence application queue for those who seek to provide financial services in the more traditional and established way continues to increase!). Since mid-2016 the Innovation Hub has also included engagement between ASIC and the regtech sector. Outputs from the Innovation Hub to date have included:

� presentations delivered by ASIC staff to fintech audiences;

� informal assistance given to 125 out of 168 entities ASIC have worked with, resulting in 33 new licences and 10 variations being granted for Australian financial services licences (AFSLs) and Australian credit licences (ACLs);

14

Quarterly Update June 2017

� launch of webpages tailored to an innovative audience;

� establishment of the Digital Financial Advisory Committee, a quarterly gathering of fintech industry, academic, regulator and consumer representatives which influences the Innovation Hub activities and communications;

� cross-border regulatory collaboration with a fintech focus, which includes attending meetings and signing information sharing agreements;

� issuing new regulatory guides and information sheets on emerging innovative activities such as digital financial product advice, peer-to-peer lending and distributed leger technology (or blockchain);

� the regulatory sandbox framework (currently being used by a single entity), which allows certain qualifying businesses to operate unlicensed for a finite period while they test their business model; and

� the inaugural regtech roundtable meeting held in February for regulators and industry participants to discuss future regtech application opportunities in Australia (and the associated risks and benefits).

Proposed future initiatives include: � the establishment of a new regtech liaison

group of representatives of industry, technology firms, academic institutions, consultants, regulators and consumer bodies to facilitate discussion and collaboration on regtech applications;

� trialling new regtech technologies to ASIC’s regulatory, supervisory and enforcement work. Currently the technologies being trialled include a social media monitoring tool, tools which can analyse document sets and webpages and tools that can help identify how different entities are connected; and

� hosting an industry “hackathon” later in the year to attempt to solve challenges to the financial sector in a collaborative way (which regulators in the UK and Canada have already conducted).

Feedback on the proposed initiatives was due on 4 July, with ASIC accepting informal email feedback as well as “traditional formal letters” (how innovative!). See ASIC Media Release.

SHARING THE INNOVATION LOVE - ASIC EXPANDS INTERNATIONAL FINTECH COOPERATION REGULATORY NETWORK ASIC have been entering into a number of agreements with international regulators to promote the sharing of information about innovation in financial services, which includes emerging market trends and regulatory challenges triggered by innovation growth. In some cases, Australian fintech businesses can access regulatory fintech assistance overseas, with ASIC offering reciprocal fintech assistance to offshore players seeking to enter the Australian market.In the June quarter ASIC entered into:

� an information sharing agreement with Otoritas Jasa Keuangan in Indonesia (see ASIC Media Release);

� a fintech cooperation agreement with the Hong Kong Securities and Futures Commission (see ASIC Media Release);

� a Cooperation Framework with the Japan Financial Services Agency (see ASIC Media Release); and

� a Cooperation Agreement with the Malaysia Securities Commission (see ASIC Media Release).

ASIC now have agreements covering fintech referral and cooperation and information sharing agreements with their counterpart regulators in Singapore, Malaysia, Hong Kong, Japan, the United Kingdom and Ontario, Canada. Information sharing agreements are in place with the Kenyan and Indonesian regulators.

In the Asia region alone, investment in fintech grown from $0.5 billion in 2013 to $8.6 billion in 2016 and for this reason ASIC and other regulators are making fintech and innovation a strategic priority.

14 15

Quarterly Update

15

June 2017

15

RECENT LAW REFORM

NEW MARKET AND CS FACILITY LICENSING POWERS FOR ASIC

On 10 April an instrument of delegation was issued by the Minister for Revenue and Financial Services which delegates a number of market and clearing and settlement facility licensing powers to ASIC (Commission members and Senior Executive Service staff), including the power to:

� grant a licence; � impose conditions on a licence; � suspend or cancel a licence; � issue, vary and revoke licence exemptions; � disallow changes to operating rules; and � regulate compensation arrangements.

On 12 April Treasury released a set of Guidelines for ASIC’s exercise of those powers.ASIC will be subject to the same statutory timeframes for decision-making as the Minister but “in order to enhance efficiencies” they are “expected to set more expedient performance indicators” and periodically review those indicators.The Guidelines also cover:

� an obligation for ASIC to provide a quarterly report to the Minister and the Reserve Bank of Australia (RBA) covering decisions made under the delegation for that quarter, as well as upcoming matters that will require the exercise of the relevant delegated powers;

� the ability for the Minister to “call up” matters on which the Minister wishes to make a decision in place of ASIC, which may occur in the case of matters of national significance or during events of financial turbulence; and

� an obligation for ASIC to consult with applicants before making a decision and to provide a notice of decision (providing reasons, in the case of a refusal).

See Minister for Revenue and Financial Services Media Release.

SUPERANNUATION REFORMS TIDIED UP

On 27 April Treasury released exposure draft legislation which would effectively prevent self-managed superannuation funds (SMSFs) from financing limited recourse borrowing arrangements (LRBAs) through a transfer of accumulation funds to the pension phase. Rules applicable to SMSFs and complying superannuation funds with less than 5 members so that:

� where the repayment of an LRBA shifts value between accumulation phase interests and retirement phase interests, the amount will be credited to the transfer balance cap; and

� the outstanding balance of the LRBA is included in the total superannuation fund balance.

The amendments are intended to address concerns that SMSF members could circumvent contribution caps using LRBAs. The amendments apply to new LRBAs entered into on or after 1 July 2017.Consultation closed on 3 May. The Treasury Laws Amendment (2017 Measures No. 2) Act 2017 (Cth), which covers the above amendments, was passed by both Houses of Parliament and received Royal Assent on 22 June. See Minister for Revenue and Financial Services Media Release.

REVIEWS AND INQUIRIES

TAKING THE ASIC ENFORCEMENT REGIME TO TASKIn October 2016 the Federal Government established the ASIC Enforcement Review Taskforce to thoroughly examine the effectiveness of ASIC’s enforcement regime. The Taskforce consists of a panel of representatives of Treasury, ASIC, the Attorney-General’s Department and the office of the Commonwealth Director of Public Prosecutions. A group of subject matter experts drawn from industry bodies, consumer groups and academia are assisting the panel.

16

Quarterly Update June 2017

On 11 April the Taskforce released a consultation paper proposing reforms to the breach reporting regime for AFSL holders and credit licensees, which include:

� providing greater clarity on when reporting obligations are triggered;

� introducing an express requirement to report misconduct by individual advisers and employees;

� increasing the potential penalties for failure to report a breach;

� requiring that ASIC publish data on major licensees’ breach reports; and

� aligning the credit licensee reporting regime with the breach reporting regime for AFSL holders.

Consultation closed on 12 May.

On 28 June the taskforce released position papers covering the following topics (with consultation closing on 26 July):

� harmonisation and enhancement of search warrant powers (recommending the alignment of ASIC’s search warrant powers with those available to other agencies including the Australian Competition and Consumer Commission (ACCC), which would broaden the scope of material ASIC could search for and seize, as well as the purposes for which seized material may be used);

� strengthening ASIC licensing powers, which contains proposals to:> give ASIC the power to refuse a licence

application or suspend or cancel an existing licence where the controller of the applicant or licensee fails to meet a “fit and proper person” standard; > impose a statutory obligation on licensees

to notify ASIC of a change of control within 10 business days;> align the AFSL assessment requirements

with the ACL requirements;> allow ASIC to cancel or suspend a licence if

the licensee has not commenced business within 6 months;

> allow ASIC to refuse a licence application if a false or misleading statement is made in the application; and> require applicants to confirm that there has

been no material change to information given in the licence application before it is granted; and

� industry codes in the financial sector (proposing to require members of certain industry sectors to comply with enforceable industry codes that meet minimum standards imposed by ASIC and are periodically monitored by a separate body that reports in to ASIC).

The final report of the taskforce is due by the end of September 2017.

STATUTORY SCHEME OF LAST RESORT NEXT ON THE EXTERNAL DISPUTE RESOLUTION (EDR) LAW REFORM MENU?In May the expert panel appointed in 2016 to conduct the review of the financial system’s EDR framework released a supplementary issues paper on matters related to an industry-funded statutory compensation scheme of last resort. The panel’s terms of reference were updated in February of this year to direct the panel to make recommendations (rather than observations) on the establishment, merits and potential design of a compensation scheme of last resort, and consider the merits and issues involved in providing access to redress for past disputes.Any compensation scheme of last resort established would apply in situations where consumers had received a decision in their favour awarding compensation but the compensation had not been paid. The issues paper also looks at the ramifications of allowing consumers who had been unable to access redress or obtain a decision relating to a dispute prior to the scheme’s establishment to claim compensation.Consultation closed on 28 June. The panel will review feedback and then deliver a supplementary final report to the Federal Government setting out its recommendations in the second half of this year.

16 17

Quarterly Update

17

June 2017

17

PRODUCTIVITY COMMISSION REVIEWING COMPETITION IN THE AUSTRALIAN FINANCIAL SYSTEMOn 8 May the Treasurer asked the Productivity Commission to undertake an inquiry into competition in Australia’s financial system. This follows the report of the Financial System Inquiry (FSI) (released in 2014), which recommended that the Federal Government review the state of competition in the financial sector every three years. This recommendation arose out of a concern that the high concentration and degree of vertical integration in some parts of the Australian financial system could potentially limit the benefits of competition.Under the terms of reference, the Productivity Commission is to review competition in the financial system “with a view to improving consumer outcomes, the productivity and international competitiveness of the financial system and economy more broadly, and supporting financial system innovation, while balancing financial stability objectives”, including (but not limited to):

� how concentration, vertical and horizontal integration and major firm business models impact competition and consumer outcomes;

� the degree and nature of competition in household deposits and mortgages and credit and financial services for small and medium sized businesses;

� how Australia fares against other comparable countries in competition and productivity;

� barriers to and enablers of innovation and competition (including policy and regulation); and

� potential policy changes that could be made in line with existing Federal Government commitments and inquiries (such as the Productivity Commission inquiries covering superannuation and data availability and use).

On 29 June the Productivity Commission held a roundtable hearing at their Melbourne office, which was attended by representatives of the Australian Prudential Regulation Authority (APRA), ASIC, ACCC, consumer organisations, Bank

of Queensland, Adelaide Bank, ME Bank and Suncorp – with the 4 major banks, AMP and Macquarie noticeably absent!A consultation paper was released on 6 July, with submissions to be received by 15 September.

PLANNING FOR THE FUTURE OF RETIREMENT INCOME PRODUCTS On 29 May Treasury released the Retirement Streams Income Review, which is a continuation of the process that began in 2013 when the Federal Government announced in its superannuation election policy that it would review minimum withdrawal amounts for account-based pensions and regulatory barriers restricting the availability of “relevant and appropriate” income stream products in the Australian market. A discussion paper was released for public consultation in July 2014, and this was followed by two rounds of targeted consultation in 2015.The review document, which is dated May 2016, includes recommendations to:

� maintain the current annual minimum drawdown requirements;

� have the minimum drawdown requirements reviewed every five years by the Australian Government Actuary (to ensure that they remain appropriate having regard to any life expectancy increases);

� only consider changing the minimum drawdown amounts in the event of significant economic shocks and based on further advice from the Australian Government Actuary;

� develop a set of income stream rules to allow lifetime products to qualify for the earnings tax exemption if a declining capital access schedule is satisfied;

� continue to prohibit additions to existing income stream products but allow purchase through multiple premiums;

� prevent self-managed superannuation funds and small APRA funds from offering the new category of lifetime products; and

� implement a coordinated process to streamline administrative dealings with multiple government agencies (wouldn’t that be nice!).

18

Quarterly Update June 2017

In December 2016 a discussion paper on Comprehensive Income Products for Retirement (CIPRs) proposed the development of an actuarial test for certifying a product that meets minimum requirements of a CIPR. A CIPR is intended to provide a retiree with a higher level of product income over their lifetime than an account-based pension drawn down at minimum rates, but without any increase in the risk of outliving the income. Treasury asked the Australian Government Actuary to consult with an Actuarial Technical Expert Group to develop the certification test. The Australian Government Actuary released a report for this purpose on 29 May.

ASIC ENFORCEMENT ACTIVITY

COURT PROCEEDINGS

The June quarter saw closure for ASIC in a number of matters involving allegations of breach of director duties of responsible entities and a public company, which had literally been going on for years.

FORMER OCTAVIAR GROUP (FORMERLY MFS) EXECUTIVES HEAVILY PUNISHED FOR BREACH OF DUTIESOctaviar Limited (Octaviar) was formerly known as MFS Limited and it was a publicly listed company. The company collapsed in 2008, owing $2.5 billion. In May 2016 ASIC were successful in civil proceedings against five former executives of Octaviar’s subsidiary MFS Investment Management Limited, which had been the responsible entity of a number of registered schemes. The Supreme Court of Queensland found that each of the former executives had acted dishonestly in their role as an officer of that company in misappropriating $147.5 million worth of funds from the registered scheme known as the Premium Income Fund to pay debts owed by other related entities in the Octaviar (which was then known as MFS) group and falsifying and backdating company documents. The combined number of contraventions of the Corporations Act came to 217.

On 26 May the judgment on penalties and orders was delivered. Each of the defendants was:

� disqualified from managing corporations, with the disqualification period ranging from five years to a permanent ban;

� ordered to pay a pecuniary penalty, ranging from $90,000 to $650,000; and

� ordered to pay compensation to the Premium Income Fund and the majority of ASIC’s costs, which ranged from $90,000 to $205,755,601.

Of the five individuals, the former CFO and Company Secretary David Anderson and the former Deputy CEO and director Craig White received the heaviest penalties. Douglas J accepted ASIC’s submission that legal requirements had been “flagrantly ignored” and penalties should reflect the defendants’ “complete disregard” for their Corporations Act duties. Douglas J made the following remark:

“The insouciant attitude of the defendants to this misuse of money intended to be for PIF’s investors beggars belief”.

This was a long, drawn out and undoubtedly expensive process which began with ASIC commencing proceedings in 2009, followed by a 60 day hearing in September 2014, the finding on liability handed down in May 2016, the hearing on final orders and penalties held in October 2016, with judgment reserved and finally delivered at the end of May. See ASIC Media Release.On 14 June ASIC applied to the Supreme Court of Queensland for orders to wind up a number of subsidiaries of Octaviar whose sole director was David Anderson (who was disqualified from managing corporations for 25 years by the Supreme Court of Queensland). ASIC sought orders to wind up the companies on the basis that they were in contravention of Corporations Act provisions, including the requirement that a proprietary company have at least one director. See ASIC Media Release.

18 19

Quarterly Update

19

June 2017

19

The Supreme Court of Queensland appointed liquidators to wind up the companies on 23 June, on the basis that it was in the public interest to do so as the companies were in a state of “constitutional paralysis”. ASIC had also expressed concern about Mr Anderson’s conduct in connection with the companies’ assets. See ASIC Media Release.

FORMER AVESTRA DIRECTORS DISQUALIFIED FOR 10 YEARSOn 12 May the Federal Court delivered its judgment in proceedings brought by ASIC against two former directors of Avestra Asset Management Limited (Avestra), which had been the responsible entity of a number of registered schemes. The Federal Court had already ordered the winding up of five of the Avestra schemes in 2015 and in 2016 it ordered that Avestra be wound up. Beach J ordered that the two directors each be disqualified from managing corporations and restrained from providing financial services for 10 years.Avestra had:

� used scheme property to acquire shares in a related party of Avestra, both directly at the registered scheme level and indirectly through a fund that the registered scheme invested in;

� invested scheme property into a wholesale fund that lent funds to Avestra and a related party of Avestra; and

� invested scheme property into offshore funds which resulted in a related party of Avestra receiving a benefit,

without obtaining member approval.

The directors admitted that they had contravened a number of important Corporations Act requirements including failing to:

� obtain member approval of related party transactions;

� act in the best interests of scheme members; � do all things necessary that financial services

were provided efficiently, honestly and fairly under Avestra’s AFSL (due to Avestra’s inadequate management of conflicts between its own interests and members’ interests, failure

to continue to provide monthly investment reports as the previous responsible entity had done and failure to disclose that some schemes would invest heavily in a small number of Malaysian listed stocks);

� notify scheme members of a material change in investment risk (due to increased exposure to high-risk investments, which was contrary to the investment strategy and risk profile that had previously been disclosed to members);

� exercise the required level of care and diligence (due to investment management decisions they made which exposed schemes to greater risk, as well as one director’s failure to keep the compliance committee, of which he was a member, informed of conflicts of interest and potential contraventions of the Corporations Act);

� have in place adequate arrangements to manage conflicts of interest (as conflicts between members’ interests and investors’ own interests were not disclosed to members);

� give priority to members’ interests where there is a conflict between the interests of members and the interests of the responsible entity;

� comply with their duties as officers and directors of Avestra; and

� provide complete disclosure of Avestra’s interests in substantial shareholding notices lodged with the Australian Securities Exchange (ASX), which meant that the notices were misleading in a material respect.

Beach J was of the view that Avestra had a “significantly deficient corporate culture” and this caused it to act “with a systematic and serious disregard of its fiduciary and regulatory obligations”.

The judgment provides some insight into the concepts of a “financial benefit” to the responsible entity being “given out of” scheme property, both of which were given a broad interpretation. Avestra was found to have received a financial benefit through:

20

Quarterly Update June 2017

� the investment of scheme property into wholesale funds managed by Avestra or its related entity - because it increased the size of Avestra’s funds under management and enabled Avestra to potentially earn additional fees; and

� the use of wholesale funds in which scheme property was invested to acquire shares in a company that Avestra wished to take over – even though Avestra only held the legal title (and not the beneficial interest) in the shares, it obtained benefits of commercial value in transactions that followed (being the appointment of its related party as investment sub-manager of certain other schemes connected with the target and the target agreeing to acquire a related company of Avestra).

The benefits Avestra received as a result of scheme property being invested in wholesale funds it operated were held to have been “given out of” scheme property, with Beach J noting that the legislative provisions include the giving of financial benefits indirectly through one or more interposed entities.The modified section 207 of the Corporations Act that applies in a registered scheme context says that the purpose of the relevant provisions as they apply to registered schemes is to protect the interests of scheme members as a whole, by acquiring member approval for giving financial benefits “to the responsible entity or its related parties” out of scheme property. There were some decisions by the sub-investment manager of a wholesale fund (which had the same two directors as Avestra and was wholly owned by companies of which their wives were the sole shareolder and director) into which registered schemes invested, and those decisions benefited Avestra, but Avestra was not the responsible entity at the time those decisions were made (Avestra subsequently became the responsible entity of those schemes). Beach J adopted a purposive approach and, expressing the view that section 207 “understates the true breadth of the statutory purpose”, held that:

� the sub-investment manager was “an agent of, or person engaged by” the previous responsible entity;

� Avestra was a related party of the investment manager; and

� the prohibition should be read as including the provision of benefits to a related party of an agent of the responsible entity (not just a related party of the responsible entity).

Other observations of interest from the judgment include:

� some of the problems arose because Avestra had invested scheme property in unregistered funds that it was responsible for operating – and this would not have been possible if the previous subsection 601FC(4) prohibition on registered schemes investing in unregistered schemes had not been removed from the Corporations Act in 2007; and

� counsel representing ASIC were praised for the “notable thoroughness and sophistication” of their submissions – this is a welcome contrast to some other cases in which ASIC’s pleadings and preparation have attracted judicial criticism and, in some instances, compromised the result.

See ASIC Media Release.

$50,000 PENALTY AND FIVE YEAR DISQUALIFICATION FOR FORMER AWB CHAIRMANIn December 2016 the Supreme Court of Victoria found that the former chairman of AWB Limited (AWB), Trevor Flugge, had breached his duties as a director because he had failed to make adequate inquiries about certain payments that were made by AWB to contractors for inland transportation of its wheat in Iraq, which ultimately benefited the Iraqi government (which was the subject of United Nations Security Council sanctions at the time). In April the Supreme Court of Victoria ordered that Mr Flugge to pay a $50,000 pecuniary penalty and be disqualified from managing corporations for a period of five years.

20 21

Quarterly Update

21

June 2017

21

The AWB proceedings have been a long process for ASIC, which began with a UN inquiry in 2004. ASIC has lodged an application in the Victorian Court of Appeal for leave to appeal from the Supreme Court of Victoria’s dismissal of proceedings against former AWB General Manager of Trading, Peter Gear, for breach of directors’ duties.

See ASIC Media Release.

PRISON SENTENCE FOR DISHONEST DIRECTORFollowing an ASIC investigation, a director of Jacqalex Pty Ltd was sentenced to two years’ imprisonment for dishonestly using his position to misappropriate investor funds. The relevant misconduct occurred in 2010. The director had solicited and received funds from investors to trade on their behalf in financial products and applied over $100,000 to fund his personal trading activities and pay for personal expenses, including credit card debt. As a consequence of the conviction he will be banned from managing a corporation for five years. See ASIC Media Release.

ASIC OBTAIN CLARITY ON PROOF OF FAULT IN CIVIL PROCEEDINGSThe approach ASIC have historically taken in civil proceedings is that they do not need to prove Criminal Code fault elements, such as intention and recklessness. Doubt was cast on this following the Full Federal Court decision in February in Gore v ASIC [2017] FCAFC 13, where the Court expressed a view that ASIC must prove Criminal Code fault elements to obtain civil remedies relating to a breach of the Corporations Act involving the offer of securities without a prospectus.ASIC have commenced proceedings against Whitebox Trading Pty Ltd, alleging a contravention of certain market manipulation provisions of the Corporations Act. ASIC asked the Federal Court to reconsider whether they needed to prove Criminal Code fault elements and in May the Court agreed to do so, on the basis that it held significant consequences for ASIC as well as other regulators. See ASIC Media Release.

A hearing took place in the Full Federal Court on 8 June and on 21 June the Full Federal Court decision was handed down in ASIC’s favour. See ASIC Media Release.

FINANCIAL ADVISERSDuring the June quarter ASIC had some success in the war on non-compliant financial advisers.On 14 March ASIC commenced proceedings against a number of companies involved in the “Yes FS” business, seeking declarations relating to misleading and deceptive conduct and failure to ensure that representatives complied with the “best interests” duty and gave appropriate advice. The trial is due to commence on 2 October. On 8 May ASIC obtained an interim order in the Federal Court prohibiting the Yes FS business from engaging in certain promotional activities that involved offering prospective clients cash payments in connection with the provision of financial advice about superannuation or insurance products and prohibiting a company that is not licensed from providing financial services. The Federal Court made the order sought on the basis that there was an “appreciable risk” of continued non-compliance. See ASIC Media Release. On 30 March ASIC for the first time obtained orders in the Federal Court that the best interests obligations that were introduced into the Corporations Act as part of the Future of Financial Advice (FOFA) reforms had been breached. NSG Services Pty Ltd (NSG) consented to declarations that it had failed to ensure that its representatives provided advice in accordance with best interests obligations and to ensure that their advice was appropriate. This had resulted in clients receiving inappropriate advice about superannuation accounts and insurance which ASIC have described as “costly, unsuitable and unnecessary”. The following deficiencies were noted in NSG’s processes and procedures:

� the new client advice process was not obtaining all the required information from clients or giving them all required information;

� training was insufficient to ensure compliance with the best interests duty;

� monitoring of representatives was inaccurate;

22

Quarterly Update June 2017

� there was no regular performance review process;

� compliance policies were inadequate, did not cover representatives’ legal and regulatory duties, were not followed and were not enforced;

� there were no regular internal audits and issues identified in external audits had not been sufficiently addressed; and

� under the “commission only” business models, representatives were only remunerated for selling the superannuation and life insurance products.

On 28 June NSG had the penalty hearing set down for 17 and 18 July adjourned until 26 and 27 October. See ASIC Media Release.On 15 June the Federal Court set aside the Administrative Appeal Tribunal (AAT) decision not to ban former National Australia Bank Limited (NAB) financial adviser, Gerard McCormack, who was found by the AAT to have engaged in misleading or deceptive conduct. ASIC’s submissions described the AAT decision overturning the five year ban that ASIC had imposed as “manifestly unreasonable and irrational”. ASIC were successful on all their grounds of appeal, including that the AAT erred in law in its decision by:

� presuming that a banning order can only be made where there is a real threat that the relevant misconduct is likely to recur in the future;

� finding that a banning order would not be effective to maintain the public interest or confidence in the financial services industry because no person suffered financial detriment;

� failing to take into account the relevant consideration of general deterrence by proceeding on the basis that, because recurrence of the misconduct was a remote possibility, it would not deter similar conduct; and

� failing to take into account the dishonesty involved in the relevant misconduct.

The matter was remitted to the AAT. See ASIC Media Release.

INSIDER TRADING – ONE ALLIt was a case of win some, lose some for ASIC with insider trading prosecutions in the June quarter.On 3 April Steven Noske was convicted of insider trading in the Supreme Court of Western Australia relating to trading in WestSide Corporation Limited (WestSide) shares in February 2012. ASIC alleged that Mr Noske traded on inside information he became aware of while being consulted by the managing director of LNG Limited on some aspects of a proposed takeover of WestSide before it was announced to the market (see ASIC Media Release). On 28 April he received an 18 month prison sentence and was fined $20,000 (see ASIC Media Release).On 23 May ASIC were unsuccessful in having former Credit Suisse Management Australia investment banker Darren Thompson committed to trial on 11 charges of procuring insider trading. Mr Thompson’s close friend Michael Hull pleaded guilty to insider trading charges and was sentenced to 17 months’ imprisonment. ASIC had alleged that Mr Thompson procured Mr Hull to acquire shares in seven listed Australian companies when in possession of information gained through Mr Thompson’s employment. See ASIC Media Release.

ASIC IN THE ADMINISTRATIVE APPEALS TRIBUNAL (AAT)In the June quarter ASIC had some mixed results in the AAT:

� a former credit representative who had stepped beyond the boundaries of referral arrangements (which only allowed him to give consumers’ names and contact details to lenders) and was found to have acted as a credit assistance provider to consumers without being authorised under an ACL had the period of the ban imposed by ASIC reduced from permanent to four years (see ASIC Media Release);

22 23

Quarterly Update

23

June 2017

23

� an individual who had provided documents containing false information to support an application for a visa, knowing they would be provided to an Australian government department, had the length of ban from providing financial services imposed by ASIC reduced from six years to four years (see ASIC Media Release); and

� the decision to ban the former managing director of Provident Capital Ltd Michael O’Sullivan from managing corporations for five years and from providing financial services for seven years was upheld, but the AAT qualified the ban by allowing him to continue to remain as a director of three private companies involved solely in activities relating to his immediate family. Mr O’Sullivan has appealed the AAT’s decision to the Federal Court (see ASIC Media Release).

ADMINISTRATIVE ACTIONS

MACQUARIE FOREIGN EXCHANGE (FX) BUSINESS JOINS THE BIG 4 BANKS IN THE ENFORCEABLE UNDERTAKING (EU) CLUBOn 19 May ASIC accepted an EU from Macquarie Bank Limited (Macquarie) relating to misconduct in its wholesale foreign exchange business that occurred between 1 January 2008 and 30 June 2013. Macquarie’s systems, controls and framework for supervision and monitoring had failed to prevent Macquarie staff from:

� disclosing confidential details of client orders and Macquarie trading activity to external third parties; and

� trading in a manner that appeared to have been intended to cause trading to occur at the trigger price for a stop loss order.

Under the terms of the EU Macquarie must improve its internal systems, controls, training, guidance and framework for monitoring and supervising staff who are trading spot FX and non-deliverable forwards to prevent inappropriate disclosure of confidential information to external parties and inappropriate order management and trading in stop loss orders. ASIC will appoint an independent consultant to conduct an assessment

of the proposed changes and their implementation. Macquarie will then need to have that program annually reviewed internally and externally, and senior executives will need to give attestations to ASIC, over a three year period. Macquarie also agreed to pay $2 million to support The Smith Family’s financial education program. The Macquarie EU follows NAB, Westpac Banking Corporation (Westpac), Australia and New Zealand Banking Group Limited (ANZ) and Commonwealth Bank of Australia (CBA) all entering into EUs with ASIC in connection with misconduct that occurred in their wholesale FX businesses. See ASIC Media Release.

MARKETS DISCIPLINARY PANEL INFRINGEMENT NOTICE PENALTIESOn 15 June ASIC announced that UBS Securities Australia Limited (UBS Securities) had paid $280,000 in penalties for two infringement notices, both of which were caused by problems with systems. One infringement related to a failure of the UBS Securities crossing system that caused an alleged breach of requirements to deal fairly in due turn with orders under Chapter 4A of the ASIC Market Integrity Rules (Competition in Exchange Markets) 2011 (Competition Rules). The other infringement occurred because there were confirmations issued by UBS Securities that allegedly did not meet the disclosure requirements of the ASIC Market Integrity Rules (ASX Market) 2010 or the ASIC Market Integrity Rules (Chi-X Australia Market) 2011. Some confirmations incorrectly stated that trades had been executed on the ASX Market when they had been executed through the UBS Securities crossing system and some confirmations had not disclosed to counterparties that UBS Securities was acting as principal. There was also some incorrect reporting to ASIC which incorrectly stated that UBS Securities had acted as agent of a client when it was acting as principal, which allegedly breached Competition Rule 5A.2.1. The relevant conduct took place between 2014 and 2016. See ASIC Media Release.

24

Quarterly Update June 2017

On 23 June ASIC announced that Macquarie Securities (Australia) Limited (Macquarie Securities) had paid a penalty of $505,000 under an infringement notice for its alleged failure to comply with ASIC Market Integrity Rules (Chi-X Australia Market) 2011. The conduct that gave rise to the issue of the notice involved a failure to adequately respond to and deal with suspicious client trading activity that was detected by Macquarie Securities’ trade surveillance monitoring software. Management were informed about the activity, but did not take swift action to suspend the account and failed to lodge a Suspicious Activity Report. Macquarie Securities’ management decision that further analysis was required before taking any action to suspend or shut down the client’s account was found to be at odds with the behaviour expected of a reasonable market participant and the “inexplicable delay” in responding was considered a “key organisational failure”. The infringement notice was not published on the ASIC website “for legal reasons”. See ASIC Media Release.We note that the penalty was heavier in the Macquarie Securities decision and this appears to reflect the presence of suspicious activity with the potential to undermine market integrity and efficiency, as well as the greater role played by conscious human decision making, whereas in the case of the UBS Securities failures, imperfect systems had caused technical alleged breaches.

WESTPAC FIRST TO COP INFRINGEMENT NOTICE FOR BREACH OF DERIVATIVE TRANSACTION REPORTING RULESOn 27 June ASIC announced that they had issued the first infringement notice under the ASIC Derivative Transactions (Reporting) Rules 2013, which require counterparties to report derivative transaction and position information to derivative trade repositories, ordinarily by the end of the next business day.Westpac paid a $127,250 penalty for an alleged failure to report information about 112,556 reportable transactions during the 2 October 2013 to 30 April 2015 period. The alleged failure occurred to do a design flaw in the Westpac reporting system which meant that some reportable transactions

were not flowing in to the reporting system when they should have been. Although Westpac became aware of the flaw in July 2014, a decision was made not to divert resources into investigating the incident and an assumption was made that there was only a small number of transactions impacted. Westpac did not detect that there was a material number of unreported transactions until March 2015. Westpac reported the breach to ASIC in April 2015.In determining the penalty, ASIC took into account the difference between the conduct leading up to July 2014, where Westpac had simply been careless in the design of the reporting system and its carelessness had not caused any significant loss or harm, and the period from July 2014 to April 2015, in which Westpac had deferred proper investigation of the issue and failed to investigate or escalate the issue to senior management or the internal compliance function until March 2015, for which ASIC determined there was a higher degree of fault and imposed a heavier penalty. See ASIC Media Release.

JOINT OPERATION WITH QUEENSLAND POLICE TARGETS CRIMINAL SYNDICATE AND OUTLAW MOTORCYCLE GANG MEMBERSOn 27 June ASIC announced that they had conducted a joint surveillance operation with Queensland Police Service with a focus on criminal syndicate and outlaw motorcycle gang members and their affiliates who were company directors or company secretaries or had a registered business name and had been convicted of an offence involving dishonesty. Operation Taskforce Maxima was intended to help prevent companies and businesses being used as a front for criminal activity.A person who has been convicted of an offence of dishonesty that is punishable by at least three months’ imprisonment is automatically disqualified from being a director or company secretary and holding a business name and from taking part in the management of a corporation for a period of five years from the date of conviction or (if a prison term is served) from the date of release from prison.As a result of the operation ASIC removed six people as officeholders from its corporate registered and gave notice that it would cancel two business names. See ASIC Media Release.

24 25

Quarterly Update

25

June 2017

25

BANNING OF INDIVIDUALSBelow we have provided some examples of behaviour that has led to ASIC permanently or temporarily banning an individual from providing financial services. These may serve as useful case studies for internal compliance training for your staff. We note that a number of these decisions have been appealed to the AAT.The ASIC Wealth Management Project, which began in October 2014, has resulted in over 30 advisers being banned from the financial services industry and in the June quarter, they included:

� a permanent ban imposed on a former authorised representative of a licensee owned by ANZ subsidiary OnePath who had double-charged fees to his clients – banking the cheques he received from clients for fees into his personal account and then deducting the fees payable to the licensee from clients’ investments. On 22 June an appeal against ASIC’s decision was lodged with the AAT (see ASIC Media Release);

� a permanent ban imposed on a former authorised representative and credit representative of AMP Financial Planning Pty Ltd who was found to have acted dishonestly with respect to client records and applications for financial products and provided advice on a number of occasions that did not comply with the best interests duty, was not appropriate and did not leave the client in a better position. On 20 July an appeal against ASIC’s decision was lodged with the AAT (see ASIC Media Release); and

� a five year ban imposed on a former Westpac financial planner who had not conducted ongoing reviews (which he had been paid to do) for at least nine clients. ASIC determined that he was neither trained nor competent to provide financial services and he was likely to commit further breaches. Westpac had remediated almost $1.5 million to his former clients (see ASIC Media Release).

ASIC imposed a five year ban on two men who were representatives of NSG (in the matter heard in court referred to above) and were found to have failed to act in the best interests of clients, provided advice that was not appropriate and did not leave clients in a better position. They had also failed to meet their obligations to give clients financial services guides, PDSs and statements of advice (SOAs). Both of them have lodged an appeal against ASIC’s decision in the AAT. See ASIC Media Release. ASIC banned a former staff member of State One Stockbroking Limited from providing financial service for three years. The individual’s duties mainly involved helping clients with technical issues affecting their accounts. He was not involved in providing advice to clients and did not have compliance or monitoring responsibilities, but he was able to access systems that allowed him to observe clients’ trading. He had become aware of some suspicious trading activities of two clients and, without contacting internal compliance staff, he had conversations with those clients in which he alerted them to ASIC inquiries and made suggestions as to what they should say if ASIC asked them questions. ASIC did not accept that he wasn’t required to do anything about the suspicious trading activity because he didn’t work in compliance. ASIC decided he should be banned because, in failing to refer the matter to internal compliance staff, he exhibited “extremely poor judgment” and there was a risk that he may breach financial services laws in the future. See ASIC Media Release.On 30 June ASIC announced that a former authorised representative of Wyndham Vacation Resorts who was sentenced to four years’ imprisonment for fraud had been permanently banned from providing financial services or engaging in credit activity. He had misappropriated over $100,000 worth of clients’ funds (provided to him to purchase second hand timeshare credits) for his own purposes and some of the fraud had continued after Wyndham had terminated his employment. See ASIC Media Release.

26

Quarterly Update June 2017

ASIC ASK WHAT WE REALLY THINK – CONSULTATION PAPERS FOR THE JUNE QUARTER

BLAST FROM THE PAST - MULTIPLE WITHDRAWAL PERIODS RELIEF FOR REGISTERED SCHEMES PROPOSALOn 22 June ASIC released a consultation paper proposing relief to allow registered schemes to have multiple withdrawal periods. ASIC consulted on proposed relief for schemes with multiple withdrawal periods back in 2007 and they currently have a no-action position for schemes that allow different withdrawal periods for different interests in the scheme, which applies if the responsible entity uses the shortest withdrawal period to assess whether the scheme is liquid for the purposes of section 601KA of the Corporations Act. ASIC’s position is that members may generally have different withdrawal rights as long as one group of members is not unreasonably disadvantaged.The consultation paper proposes that ASIC issue an instrument that modifies the Corporations Act so that the shortest withdrawal period is the period specified in the constitution that is used to determine whether the scheme is liquid. The relief would be conditional on the responsible entity publishing a statement on its website that it is relying on the relief.The consultation paper also proposes to remake the ASIC class order that provides various relief to mortgage schemes (which is due to sunset in October). Consultation closed on 4 August. The remade mortgage schemes instrument will commence by 1 October. No indicative timeframe has been given for the multiple withdrawal periods relief. See ASIC Media Release.

GET READY FOR ANOTHER PANEL!In the tradition of the Markets Disciplinary Panel, the Takeovers Panel and the Companies Auditors Disciplinary Board, on 11 April ASIC released a consultation paper proposing the establishment of a Financial Services Panel to whom ASIC would refer significant, complex or novel matters concerning decisions whether to ban individuals

from the financial services and credit industries. The proposed Panel would comprise at least one ASIC staff member, industry participants and experts like academics and lawyers with relevant expertise. Generally there would be three sitting members to consider matters referred to the Panel, with ASIC staff providing a Secretariat function.This proposal stems from the December 2015 report of the ASIC Capability Review (which was a recommendation of the FSI Report), which stated that ASIC should “proactively develop opportunities to enhance the use of co-regulation… where this will deliver superior regulatory outcomes”. In the consultation paper ASIC have suggested that the use of the Panel would assist ASIC to “take into account current industry practices”. Appendix 1 to the consultation paper points to the use of similar bodies in the United Kingdom, New Zealand and Ontario, Canada.Consultation closed on 23 May. The consultation paper anticipates the Panel being established in August. The consultation does not describe the implementation process but we assume that amendments would need to be made to the ASIC Act in order for ASIC to delegate its powers to non-staff members. See ASIC Media Release.

PROPOSED GUIDANCE TO IMPROVE COMPLIANCE IN SELL-SIDE RESEARCHThe term “sell-side research” means general advice prepared and distributed by an AFSL holder to help investors make decisions about financial products. ASIC conducted a review into sell-side research and released their report in August 2016. ASIC had some concerns about how material non-public information and conflicts of interest were being handled in sell-side research and corporate advisory activities. ASIC then met with industry representatives who consistently advocated for more detailed ASIC guidance about these matters.On 30 June ASIC released a consultation paper seeking feedback from market participants, investment banks, corporate advisers, buy-side investors and other users and providers of sell-side research on proposed guidance relating to:

� what AFSL holders should do to manage conflicts of interest at each stage of the capital raising process;

26 27

Quarterly Update

27

June 2017

27

� how to identify and handle material, non-public information; and

� how research teams should be structured and funded.

Consultation closed on 31 August. ASIC intend to publish a regulatory guide later in 2017. They have also indicated in the report that there will be further review and consultation on share allocations in the future. See ASIC Media Release.

PREPARING FOR CROWD SOURCED FUNDING (CSF)In preparation for the commencement of CSF legislation for public companies from 29 September, on 22 June ASIC released:

� a consultation paper seeking feedback on proposed guidance for public companies about the requirements of the new regime; and

� a consultation paper seeking feedback on proposed guidance for licensed intermediaries seeking to provide a “crowd-funding service”, which is a new type of financial service that imposes unique obligations on intermediaries who are operating platforms for CSF offers.

The consultation papers also include draft ASIC instruments which would extend certain relief for offer documents under the ASIC Corporations (Consents to Statements) Instrument 2016/72 to apply in the CSF context and impose certain financial requirements as AFSL conditions on licensees with a crowd-funding service authorisation.Anyone wishing to become authorised to provide a crowd-funding service will need to apply for an AFSL or AFSL variation from ASIC after the legislation commences. ASIC are proposing to release guidance about the types of matters they will assess in decided whether to grant an authorisation for providing a crowd-funding service. Unless applicants for this type of authorisation are given priority in the ASIC queue, based on our clients’ experience they can expect to be waiting months for ASIC to review their application. Consultation closed on 3 August. See ASIC Media Release. ASIC also have a dedicated crowd-sourced funding webpage.

28

Quarterly Update June 2017

CONSULTATION ON EXPIRING CLASS ORDERSDuring the June quarter ASIC also released the following consultation papers relating to class orders, some of which are due to expire / sunset on 1 October 2017:

Consultation Paper Affected class order/s Proposed action

Consultation Paper 282 Remaking ASIC class orders on financial counselling licensing reliefConsultation closed on 15 June.See ASIC Media Release.

� Class Order [CO 03/1063] Licensing relief for financial counselling agencies (due to sunset on 1 October 2017)

� Class Order [CO 11/926] Credit licensing exemptions for NGOs (non-government organisations) providing credit assistance to consumers (due to sunset on 1 April 2022)

� ASIC Credit (Financial Counselling Agencies) Instrument 2015/992 (due to sunset on 1 April 2026)

� Class order to be remade without significant change

� Class order to be remade and combined in a single instrument with ASIC Credit (Financial Counselling Agencies) Instrument 2015/992, without significant change

� Instrument to be remade and combined in a single instrument with Class Order [CO 11/926] Credit licensing exemptions for NGOs (non-government organisations) providing credit assistance to consumers, without significant change

Consultation Paper 285 Remaking ASIC class order on disclosure relief for an offer to a director or secretary: [CO 04/899] Consultation closed on 30 June.See ASIC Media Release.

� Class Order [CO 04/899] Definition of ‘senior manager’—modification (due to sunset on 1 October 2017)

� Class Order to be remade without significant change

Consultation Paper 283 Remaking ASIC class order on credit union member shares: [CO 02/1176]Consultation closed on 23 June.See ASIC Media Release.

� Class Order [CO 02/1176] Credit union member shares (due to sunset on 1 April 2018)

� Class order to be remade without significant change

28 29

Quarterly Update

29

June 2017

29

Consultation Paper 286 Remaking ASIC class orders on mortgage offset accounts and factoring arrangementsConsultation closed on 6 July.See ASIC Media Release.

� Class Order [CO 03/1048] Mortgage offset accounts (due to sunset on 1 October 2017)

� Class Order [CO 04/239] Factoring arrangements: Licensing, hawking and disclosure relief (due to sunset on 1 October 2017)

� Class order to be remade without significant change

� Class order to be remade without significant change

ASIC REPORTS

MARKET INTEGRITY REPORT FOR SECOND HALF OF 2016 RELEASEDOn 20 April ASIC released its regular market integrity report covering the 1 July to 31 December 2016 period. Key outcomes and areas of focus for that period included:

� criminal actions (2), civil outcomes (6), infringement notices issued by the Markets Disciplinary Panel (6, with a total dollar value of $1.48 million), imposition of additional AFSL conditions (2) and bans (2);

� the ASX equity market outage; � insider trading; � misconduct in the wholesale spot foreign

exchange market � market cleanliness; and � handling of confidential information and

conflicts of interest.

In 2017 ASIC are prioritising and focusing on: � culture and conduct risk – increasing

their use of cultural indicators in risk-based surveillance and looking further into how culture drives conduct;

� (continuing) confidential information and conflicts of interest – including guidance on sell-side research;

� technology risk and cyber resilience – with a focus on technological and operational risk management of critical infrastructure providers and improving overall cyber resilience across markets; and

� market innovation – with a view to creating an environment of trust and confidence to support advances in technological development.

See ASIC Media Release.

ASIC SHINE THE SPOTLIGHT ON BLACK MARKS IN WHOLESALE SPOT FX MARKETOn 26 May ASIC released a report relating to their recent investigations into the wholesale spot FX businesses of the major Australian financial institutions. The report follows ASIC obtaining EUs from NAB, Westpac, ANZ, CBA and Macquarie in 2016 and 2017 relating to alleged misconduct and inadequate systems and controls. The banks were required to make changes to their spot FX businesses and have an independent expert appointed by ASIC conduct an assessment. The EUs also netted $13 million in contributions to financial literacy projects.

30

Quarterly Update June 2017

The report identifies the behavioural drivers of conduct which ASIC consider need to be managed to avoid misconduct and sets out “good practice principles” to manage those drivers so that inappropriate practices can be effectively prevented and (should they occur) detected and dealt with.

The report will serve as a “reference point” for future ASIC surveillance of FX markets and “where appropriate, the broader wholesale over-the-counter markets”.

See ASIC Media Release.

WORK IN PROGRESS ON EMERGING MARKET ISSUERSOn 6 April ASIC issued their second report on emerging market issuers. The first report was issued in August 2013 and the latest report provides an update on the work done by ASIC to date and the current state of play. An “emerging market issuer” is any listed entity that is incorporated, or has a significant exposure or strong connection (through business operations, shareholders or board and management) to, an emerging market. Emerging markets include Easter Europe, the Asia-Pacific (excluding Singapore, Hong Kong, Japan and New Zealand), Africa, South America, Mexico, Central America, the Caribbean and the Middle East. The report observes that:

� in 2016, 19% of disclosure documents lodged with ASIC by companies that were listed or seeking to list came from emerging market issuers, and over half of these came from Western Australia;

� between 1 July 2013 and 31 December 2016 there had been 57 new emerging market issuer listings on ASX, of which 46 were from Asia (with most of the 46 being from China); and

� emerging market issuers exhibited a general lack of liquidity, trading on 48% of trading days with an average of 18.5 trades on those days.

ASIC’s top 5 concerns arising from emerging market issuers’ disclosure documents in 2016 were:

� business model disclosure; � use of funds; � risks; � misleading and deceptive content; and � failure to provide clear, concise and effective

disclosure.These were in line with ASIC’s concerns about other issuers, but for the emerging market issuers concerns about financial information disclosure were more prevalent.

ASIC warn that: � language and cultural barriers need to be

addressed to ensure that all directors effectively participate in due diligence process so that they can give informed consent to the lodgment of the prospectus;

� where directors are not fluent in English, ASIC expect to see documents translated in to their own language;

� Australian resident directors’ involvement also needs to be more than superficial;

� Australian advisers overseeing due diligence conducted offshore need to fully understand the political and cultural environment the issuer operates in, relevant local business practices and local laws that apply to the issuer and their advisers – failure to do so may not be effective to prevent misleading disclosure;

� exchange market operators need to ensure that they effectively monitor compliance with their listing rules in and carefully vet proposed listings – ASIC have published good practice principles for listing standards and has instigated changes to the ASX and Sydney Stock Exchange listing standards;

� where the exchange rules require an exchange-approved adviser to be appointed to assist the issue with listing and meeting their obligations, the adviser needs to be conscious that emerging market issuers do not necessarily understand the legal and regulatory requirements and take responsibility for ensuring that the issuer complies;

30 31

Quarterly Update

31

June 2017

31

� high overseas participation makes it more challenging for ASIC to investigate market misconduct. ASIC may need to engage more closely with market participants to prevent misconduct and rely on them meeting their obligations to prevent manipulative trading under the market integrity rules; and

� they have concerns around the reliability of audit and other expert work done outside Australia (for which ASIC do not have oversight) and this may require Australian auditors to apply additional scrutiny in verifying information about the existence or value of the underlying assets.

In ASIC’s view emerging market issuers still face a number of challenges that could lead to increased risk, including:

� geographically scattered boards and limited financial resources may compromise the quality of corporate governance;

� geographically diverse operations could make it more difficult to implement effective internal controls and risk management systems;

� limits on the ownership of assets by foreign entities in some jurisdictions may lead to more complex ownership or contractual arrangements that could be difficult to enforce; and

� verifying information or opinions about offshore operations and performance could be problematic.

See ASIC Media Release.During the June quarter ASIC also released reports relating to:

� their first survey of the marketplace (also known as peer-to-peer) lending sector (see ASIC Media Release);

� decisions on relief applications during the October 2016 to March 2017 period (see ASIC Media Release);

� superannuation member experience (see ASIC Media Release); and

� supervision of regulated liquidators for 2016 (see ASIC Media Release).

OTHER ASIC ACTIVITY

CONFIRMATION THAT “INDEPENDENTLY OWNED” IS TABOOUnder section 923A of the Corporations Act, the words “independent”, “impartial”, “unbiased” and “words of like import” may only be used by a financial service provider if they:

� do not receive commissions, volume-based payments or other gifts and benefits;

� operate free from direct or indirect restrictions on the financial products for which they provide financial services; and

� operate without any conflicts of interest.

To resolve uncertainty about whether the expressions “independently owned”, “non-aligned” and “non-institutionally owned” and similar expressions constituted “words of like import” for section 923A purposes, ASIC obtained external legal advice. On 27 June ASIC confirmed that those expressions will be treated as restricted terms, which may therefore only be used by a financial service provider that meets the eligibility criteria specified above.ASIC have acknowledged the uncertainty across the industry to date on this issue, and they are therefore adopting a “facilitative compliance period” of six months to allow any non-compliance in websites or documents issued by financial advice firms to be amended to remove any terms of the nature described above. The facilitative compliance period does not cover use of the terms “independent”, “impartial” and “unbiased” as they were not the subject of any uncertainty.ASIC are intending to update Regulatory Guide 175 Licensing: Financial product advisers – Conduct and disclosure (which was only just updated in March), but have issued a brief Q & A in the meantime in which they:

32

Quarterly Update June 2017

� explain that, although terms like “independently owned”, “non-aligned” and “non-institutionally owned” are commonly used to describe the ownership and structure of a financial service provider, in ASIC’s view they can imply that the financial service provider “has an independent decision-making structure, free from conflicts of interest and influence from a product issuer”, which could mislead or confuse investors;

� clarify that the receipt of asset-based fees paid by clients will not of itself make a financial service provider ineligible to use a restricted term because they are not calculated based on the volume of business that is placed with an issuer of a financial product; and

� provide some guidance on how the use of an approved product list (APL) impacts the ability to use a restricted term. ASIC’s view is that an APL is, by its nature, restrictive. However, an APL will be less likely to prevent a financial service provider from using a restricted term if it is used as an open list of products or if the process to recommend a product that does not appear on the APL is straightforward. The more difficult it is for a financial service provider to recommend a product that is not on the APL to a client, the more likely it is that the APL will be viewed as a restriction that will prevent the use of a restricted term.

See ASIC Media Release.

BIG 4 BANKS AGREE TO LIFT THEIR GAME ON UNFAIR CONTRACT TERMS The unfair contract terms legislation has applied to standard form small business contracts since 12 November 2016, covering loans of up to $1 million under standard form agreements offered to small businesses employing less than 20 people.ASIC undertook a joint review of eight lenders’ small business standard form contracts with the Australian Small Business and Family Enterprise Ombudsman (ASBFEO) and in March 2017 they expressed their disappointment with the level of non-compliance of the banks after they had been given a 12-month transition period to prepare for the new requirements.

ASIC and ASBFEO hosted a round table with the big 4 banks (ANZ, CBA, NAB and Westpac) and obtained their commitment to do a comprehensive review of all small business loans entered into or renewed from 12 November 2016 and make the necessary changes to those documents to ensure they are compliant.The types of terms that will need to be changed in order to comply with unfair contract terms legislation include:

� “entire agreement” clauses – to ensure that lenders are not absolved from responsibility for conduct, statements or representations made to borrowers outside the contract;

� financial indicator covenants – for example, where there is automatic default by the borrower if the value of secured property falls below a set loan-to-valuation ratio;

� material adverse event clauses – which give the lender the power to call a default for an unspecified negative change in the borrower’s circumstances;

� unlimited indemnification clauses that seek to protect the lender for losses, costs, liabilities and expenses, which include those outside the borrower’s control; and

� unilateral variation clauses – the circumstances in which the bank is allowed to unilaterally vary the terms will need to be clear and limited, and at least 30 days notice of any contract changes will need to be given.

This will represent a fairly significant shift in the balance of power between small business borrowers and big bank lenders. See ASIC and ASBFEO Joint Media Release.

32 33

Quarterly Update

33

June 2017

33

TEMPORARY REPRIEVE FOR CHARITABLE INVESTMENT FUNDRAISERS PREPARING FOR THE NEW WORLD OF LICENSINGFrom 1 January 2018 charities that offer certain debenture or managed investment scheme investments to retail investors will be subject to new rules and may be required to obtain an AFSL to continue to conduct these activities. Charities needed to have lodged an identification statement with ASIC by 28 February in order to be exempt from the new rules for the remainder of 2017. Some charities failed to do so. ASIC have given relief to allow ASIC to accept identification statements after 28 February and provide interim relief will for the period from the date ASIC accept an identification statement until 31 December.ASIC are encouraging affected charitable investment fundraisers to submit their identification statements to ASIC and make an application for an AFSL “due to the time taken to process applications”. We will not be surprised if the 1 January 2018 start date is pushed out again due to ASIC not being in a position to process all the AFSL applications prior to that date.See ASIC Media Release.

INFRINGEMENT NOTICES ISSUED FOR ONLINE ADVERTISING CONTENTIn the June quarter ASIC issued infringement notices, which carry a $10,800 penalty, relating to the following statements that appeared in online advertising which ASIC alleged were false or misleading:

� statements made by Synergy Financial Markets Pty Ltd to the effect that clients who held managed discretionary accounts with Synergy would only pay them “when your account profits” in circumstances where brokerage fees and commissions and management fees were payable irrespective of the profitability of the account (see ASIC Media Release); and

� unsubstantiated claims by Capital Debt Solutions Australia Pty Ltd that it was “trusted and recommended by more than 6,000 Australians” and that its debt agreements were “government approved” (see ASIC Media Release).

UPDATE ON FEES-FOR-NO-SERVICE COMPENSATION PAID BY AMP AND BIG 4 BANKSOn 19 May ASIC provided an update on the amount of compensation paid by AMP, NAB, Westpac, CBA and ANZ in refunds and interest relating to fees that were collected from customers for ongoing advice where no advice was provided. The estimated total amount of compensation payable now stands at $204 million, plus interest and to date over $60 million has been paid. Since ASIC published their report in October 2016, the amount of funds paid or offered had increased by $37 million and the institutions’ estimates of the total required compensation for general and personal advice fee-for-service failures had increased by approximately 15%.The estimated compensation payable by CBA is more than double any of the other institutions’ estimates at over $105 million, with ANZ’s total standing at over $52 million. The estimates for AMP and NAB were well below $10 million and the Westpac estimate of future compensation is “not yet available”.ASIC will issue a further update by the end of 2017. See ASIC Media Release.

MACQUARIE EQUITIES – REMEDIATION PROGRAM SUBSTANTIALLY COMPLETE, ALMOST 3 YEARS ONBack in January 2013 ASIC accepted an EU from Macquarie Equities Limited (MEL), following an ASIC surveillance in 2011 across a significant number of advisers’ client files which detected serious compliance deficiencies in the provision of advice and record keeping that had not been reported to ASIC. In August 2014 MEL commenced a remediation program under which over 160,000 letters were sent to all clients MEL had since it obtained its AFSL in 2004, inviting them to raise any concerns about the quality of advice received.On 8 June ASIC announced that the remediation program was “substantially complete”, with approximately $24.7 million paid to 263 clients, with a small number of remaining complaints the subject of pending litigation or Financial Ombudsman Service (FOS) processes. See ASIC Media Release.

34

Quarterly Update June 2017

FINANCIAL REPORTS On 31 May ASIC announced their areas of focus for reviewing financial reports by listed entities and other entities of public interest for the year ending 30 June. The ASIC Financial Reporting Surveillance Program uses risk-based and random processes to select financial reports that are reviewed for compliance with the Corporations Act and accounting standards.ASIC have issued warnings and reminders that:

� directors are primarily responsible for the quality of the financial report and should not simply rely on the independent auditor. They don’t need to be accounting experts but they should be prepared to ask for explanations and advice about the accounting treatment and be prepared to challenge accounting estimates and treatment were appropriate;

� there are major new accounting standards that will have “the greatest impact on financial reporting since the adoption of International Financial Reporting Standards” so the impact of these standards must be clearly explained in the financial reports;

� they will focus on material disclosures of information useful to investors and other users of financial reports, such as assumptions supporting accounting estimates and significant accounting policy choices;

� AFSL holders need to ensure that the client money requirements of the Corporations Act are met and auditors need to test for compliance and report breaches;

� listed companies need to disclose information on matters that may have a material impact on their future financial position – such as climate change or cyber security; and

� complaints and other intelligence will inform ASIC’s review of financial reports of proprietary and unlisted public companies, and will follow up those that fail to lodge their financial reports.

The areas of ASIC focus for financial reports for the year ending 30 June 2017 will cover:

� accounting estimates - impairment testing and asset values;

� accounting policy choices:> revenue recognition;> expense deferral;> off-balance sheet arrangements; and> tax accounting; and

� key disclosures:> estimates and accounting policy judgments;

and> impact of new revenue, financial instrument,

lease and insurance standards.See ASIC Media Release.

On 30 June ASIC announced the results of a review of the 31 December 2016 financial reports of 90 entities. They made inquiries of 23 entities on 28 matters seeking explanation of accounting treatment. Key areas of concern for ASIC covered:

� asset values and impairment testing; � consolidation accounting; � amortisation of intangible assets; � revenue recognition; � tax accounting; and � estimates and accounting policy judgments.

The most common problem areas were impairment of non-financial assets and inappropriate accounting treatments. See ASIC Media Release.

AUDIT FILE REVIEWSIn July 2016 ASIC undertook consultation on communicating audit findings to directors, audit committees or senior managers. After reviewing submissions received, on 23 June they released a report and new regulatory guide which covers:

� when ASIC will communicate financial reporting and audit quality findings identified from audit file reviews to directors, audit committees or senior managers;

� the process ASIC will follow before the audit findings are communicated; and

� when directors will be informed of routine ASIC audit file reviews.

34 35

Quarterly Update

35

June 2017

35

ASIC are seeking to improve the transparency, help directors meet their financial reporting obligations and support audit quality. See ASIC Media Release.On 29 June ASIC released the results of their audit firm inspections for the 18 months ending 31 December 2016 and issued three new information sheets relating to:

� improving and maintaining audit quality (which seeks to help auditors lift audit quality);

� audit quality – the role of others (which explains how parties other than auditors can contribute to audit quality); and

� ASIC audit inspections (which explains ASIC’s approach to inspecting audit firms and measuring inspection findings).

The ASIC audit inspection program works cooperatively with audit firms to improve and maintain audit quality. ASIC inspect audit firms that audit listed entities and other significant public interest entities and publish a report every 18 months. There is a focus on higher audit risk areas and the report focuses on what needs improvement more than what has been done well, so it is not representative of general audit firm industry performance.For the 18 months to 31 December 2016, ASIC reviewed 93 audit files. ASIC were disappointed to find that, in 25% of key audit areas, auditors did not obtain reasonable assurance that the financial report as a whole was free of material misstatement. ASIC are encouraging audit firms to continue to focus on:

� audit of asset values, particularly impairment; � audit of revenue; � maintaining a strong internal culture that

promotes audit quality; � improving quality and consistency; and � identifying the root causes of ASIC audit

inspection findings through quality reviews and considering what measures can be introduced to avoid future findings.

See ASIC Media Release.

AUSTRAC

AUSTRAC READY TO COLLECT –CONSULTATION ON INDUSTRY CONTRIBUTION LEVYOn 26 May the Australian Transaction Reports and Analysis Centre (AUSTRAC) released a consultation paper and draft Ministerial Determination for the 2017-2018 Industry Contribution levy. AUSTRAC impose the levy on reporting entities to recover their regulatory and financial intelligence function costs.AUSTRAC have identified the following strategic priorities:

� the Fintel Alliance (a public-private partnership launched in March for collaboration and innovation among AUSTRAC, other domestic and international regulators and private sector organisations for sharing intelligence);

� bolstering their financial intelligence capability – the initial 2-week pilot Financial Intelligence Analyst Course was held in February and further courses are proposed for this year;

� further expanding their industry engagement to work more collaboratively detect, deter and prevent financial crime – including through the dedicated Fintel Alliance Innovation Hub that was set up to assist emerging entities and industries and give AUSTRAC greater insight into new and emerging products and technologies;

� the “smarter regulation” program – which involves taking a less one-size-fits-all approach to regulation and improving AUSTRAC’s responsiveness to improve regulatory outcomes;

� refining their regulatory risk framework to incorporate risk-based, principles-based and responsive approaches and differentiating between industry sectors in how they go about monitoring, supervising and influencing compliance outcomes – and there’s a BEAR in there - since July 2016 the Breach Evaluation and Response (BEAR) has been used to assist with regulatory decision making;

36

Quarterly Update June 2017

� continuing to work with the Attorney-General’s Department on the comprehensive legislative review of the anti-money laundering and counter-terrorism financing (AML/CTF) laws, which will continue in to 2019;

� increasing international engagement – this includes summits and working groups with counterpart regulators in Asia, taking a leading role in global financial intelligence initiatives and entering into more memoranda of understanding to allow greater information sharing with financial intelligence agencies in other countries; and

� providing more industry-specific money laundering (ML) and terrorism financing (TF) risk assessments and guidance – risk assessments have been conducted on the superannuation, financial planning and stored value cards sectors and sector-specific guidance is being developed for superannuation and for pubs and clubs. More generally the AUSTRAC Compliance Guide has been updated and AUSTRAC published feedback on its compliance assessments.

Consultation closed on 23 June.

LAW ENFORCEMENT OUTCOMESSuccessful law enforcement outcomes in the J une quarter that involved money laundering offences included:

� a prison sentence of 10 years imposed on a major player in an international crime syndicate that laundered more than $29 million in proceeds of crime in Australia, which was uncovered following AUSTRAC analysts detecting suspicious movements of large cash amounts through a complex network of newly established Australian company accounts (see Minister for Justice Media Release); and

� the first ever conviction in Australia for operating an unregistered remittance service, which resulted in suspended prison sentences of 24 and 26 months for the directors of the offending company and $2 million in proceeds of crime being forfeited, following an AUSTRAC investigation (see AUSTRAC Media Release).

INDUSTRY GUIDANCERisk assessment tool for financial plannersAUSTRAC released their report on the financial planning sector in December 2016. The report found that criminal offences could occur at any stage of the cycle of a customer’s relationship with their financial planner.To assist financial planners in detecting suspicious activity, on 27 April AUSTRAC released a poster document titled Financial Crime Red Flags – a Guide for Financial Planners which provides examples of suspicious activity at each stage of the relationship cycle, and what kind of financial crime or crimes the activity could relate to (money laundering, tax evasion, fraud, terrorism financing, cyber-enabled fraud and welfare fraud).See AUSTRAC Media Release.Case study on unexplained wealthOn 10 April AUSTRAC released a case study which explains how AUSTRAC information led to a law enforcement investigation into large and unexplained movements of cash totalling approximately $4.1 million within Australia and offshore by a married couple. As a result of the investigation approximately $2.4 million worth of bank accounts and property were seized and forfeited to the Commonwealth.AUSTRAC have provided the following indicators which may be of assistance to reporting entities identifying future suspicious transactions:

� multiple cash deposits (between $10,000 and $70,000 in size) made on the same day across different accounts and different branches;

� sending multiple international funds transfer instructions greater than the reportable threshold ($20,000) to the same individuals from different branches of the same bank on the same day; and

� purchasing bank cheques for large amounts (more than $20,000), wholly or primarily funded by cash.

In this case the suspicious activity took place over a number of years and the offshore beneficiaries were located in China.See AUSTRAC Media Release.

36 37

Quarterly Update

37

June 2017

37

CONSULTATION ON CHANGES TO AML/CTF RULESThe implementation process following the statutory review of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) that began in 2013 continues.During the June quarter AUSTRAC released draft amendments to the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007n (No. 1) (Cth) (AML/CTF Rules) covering:

� Chapters 1 (key terms and concepts), 4 (customer identification procedures), 8 (AML/CTF programs), 9 (joint AML/CTF programs), 15 (ongoing customer due diligence), 30 (disclosure certificates) and 36 (exemption of certain designated services within a corporate structure) for the purposes of implementing recommendations of the Statutory Review (the consultation period ran from 24 April to 22 May);

� exemptions from certain identification requirements in Chapter 4 and Chapter 15 of the AML/CTF Rules for corporate customers who are ‘custodians’ (the consultation period ran from 3 April to 1 May); and

� Chapter 51 (which covers definitions of ordering and beneficiary institutions, financial institutions and non-financial institutions), to ensure that International Funds Transaction Instructions between PayPal Australia and PayPal Hong Kong are reported to AUSTRAC, consistent with previous amendments to Chapter 51 in 2012 which introduced reporting requirements for PayPal Singapore and PayPal USA (AUSTRAC claim to have released these draft amendments on 22 May but we were not able to locate them on the draft AML/CTF Rules page).

OTHER ACTIVITIESDuring the June quarter AUSTRAC also:

� released the Draft Privacy Impact Assessment for the Fintel Alliance initial operational projects and the AUSTRAC Data Matching Program;

� released a risk assessment of stored value cards, which were rated medium risk but, of the three risk assessments done by AUSTRAC thus far (the others being superannuation and financial planning), they have the highest vulnerability of vulnerability to criminal exploitation, and they are known to have been used by individuals involved in terrorist attacks (see Minister for Justice Media Release) and

� signed a Memorandum of Understanding with the Papua New Guinea Financial Analysis and Supervision Unit for the exchange of financial intelligence (see Minister for Justice Media Release).

ASXFollowing the September 2016 ASX Trade outage, ASX conducted an internal review of its cash equity market closing price methodologies under a number of market disruption scenarios. In June ASX released a consultation paper setting out the results of the review of how the closing prices were determined, published and used. From the review, ASX concluded that its existing methodology for calculating the ASX market closing price remained fit for purpose, and that the market would benefit from improved transparency by publishing information on the ASX website about what the ASX market closing price represents (the last traded price executed on the ASX market) and how ASX Clear establishes the ASX settlement price (which is used by ASX Clear to determine daily margin calls and settlement pricing for derivative contracts, such as exchange-traded options). The consultation paper seeks feedback on whether the existing ASX methodology is fit for purpose (and if not, why not) and proposed draft disclosure for the ASX website about the ASX market closing price and the ASX settlement price. Consultation closed on 7 July.

38

Quarterly Update June 2017

APRA

PROPOSAL TO ALLOW SUBSTITUTED COMPLIANCE WITH FOREIGN MARGIN REQUIREMENT REQUIREMENTS FOR NON-CENTRALLY CLEARED DERIVATIVESOn 9 May APRA released a draft Prudential Standard CPS 226 Margining and risk mitigation for non-centrally cleared derivatives (CPS 226) for consultation. APRA are proposing to allow APRA-regulated entities to comply with margin requirements or provisions issued or administered by certain foreign regulators where either the APRA-regulated entity or the counterparty it transacts with is subject to the foreign requirements or provisions. The relevant foreign regulators are located in Canada, the European Union, Hong Kong, Japan, Singapore, Switzerland and the United States and APRA have formed the view that they are comparable in outcomes to the Basel Committee on Banking Supervision and the International Organisation of Securities Commissions (IOSCO) framework and the CPS 226 requirements. Consultation closed on 6 June.See APRA announcement.

FINANCIAL INSTITUTIONS SUPERVISORY LEVIES INCREASED FOR 2017-2018On 26 May Treasury released a discussion paper seeking submissions on the financial institutions supervisory levies for the 2017-2018 financial year, which recover APRA’s operational costs as well as some specific costs incurred by other agencies including ASIC, the ATO and the Department of Human Services. Consultation closed on 22 June.The levies have been increased for the 2017-2018 financial year to provide APRA with additional funding for:

� new regulatory activities to “support a stable, efficient and competitive financial system” ($26.8 million increase over 4 years);

� the introduction and administration of legislation to make ADIs and their executives more accountable, which will involve more heavily policing banking senior executives for APRA (an additional $8.2 million over 4 years); and

� the administration of new monitoring powers relating to the provision of credit by non ADI-lenders (an additional 2.6 million over 4 years).

APRA released the updated Cost Recovery Implementation Statement on 30 June.

RBADuring the June quarter the RBA:

� released the semi-annual Financial Stability Review in April, which notes that in the 6 months leading up to April, the global economic outlook had improved, with some long standing vulnerabilities remaining (being household debt and the housing market in Australia) and a change in some of the risks faced by global markets;

� released a report in May of the 2017 assessment of the RBA’s Information and Transfer System against the Principles for Financial Market Infrastructures developed by the IOSCO Technical Committee and Committee on Payments and Market Infrastructures (spoiler alert – RBA gave itself a pass mark on observing all relevant Principles). Unsurprisingly, cyber-security will be a key focus area for the next assessment period; and

� released its June quarter Bulletin, with this edition’s topics including the Australian exchange-traded funds (ETF) market, capital flows, banking fees, Australian banks’ responses to tighter capital and liquidity requirements, the continuing decline of the cheque system and China’s listed corporate and interbank repo markets. The chapter on the Australian ETF market notes that:> the Australian ETF market had more than

tripled over a 4 year period to about $25 billion at the end of March 2017;> global assets under management in

exchange-traded products stood at around $5 trillion at the end of 2016, of which over 70% was in the US;> ETFs make up about 1.5% of Australian

market capitalisation (compared with approximately 5% in Canada and Europe and 10% in the US);

38 39

Quarterly Update

39

June 2017

39

> the Australian ETF market is more easily concentrated in equity ETFs than other developed economy markets;> on average ETF turnover represents about

1% of total ASX turnover (compared with the US where ETF turnover accounts for about one-third of trading in US stocks);> Australia’s ETF market is dominated by

investors who use a financial adviser/broker and self-managed superannuation funds, whereas in the US, Canada and Europe, there is a stronger institutional investor representation;> in recent years in Australia the greatest

dollar growth has been in domestic and global equity ETFs and the greatest percentage growth has been in fixed-income ETFs;> ETFs in Australia were generally tracking

closely to their benchmark; and> key risks faced by the market include:

reduced liquidity in times of market stress; counterparty default risk in synthetic ETFs (which do not hold the underlying physical benchmark assets); and the increased use of more complex structures like leveraged and inverse ETFs, which carry different investment risks that may not be well understood by potential investors.

AUSTRALIAN CYBER SECURITY CENTRE

RESULTS OF FIRST CYBER SECURITY SURVEY PUBLISHEDIn 2016 the Federal Government launched its cyber security strategy to increase awareness of cyber security threats and facilitate collaboration with industry to mitigate online risks.On 19 April the results of the 2016 Australian Cyber Security Centre (ACSC) Survey were released.

Alarmingly 90% of the Australian organisations surveyed were experiencing some form of attempted or successful cyber security compromise, with some being targeted up to 100 times a day. While organisations have been able to respond to and recover from cyber threats, the threats they face are changing continually and therefore there is no room for complacency.

The conclusions drawn by the ACSC from the survey results included:

� senior executives and board need to regularly consider cyber security threats – not just where there is an incident requiring a response;

� there is a need to improve understanding of the value of the data and systems that require protection and of the factors that can increase cyber security risk;

� cyber security plans need to consider the whole of business operations and impacts, and they should be regularly reviewed to ensure that they remain relevant and effective; and

� as cyber incidents can be difficult to detect and there is a reluctance within organisations to admit that incidents have occurred, it is likely that they are being underreported.

This is the first survey of its kind and the intention is to conduct the survey annually for benchmarking purposes.See Attorney-General and Cyber Security Minister Joint Media Release.

WARNING ISSUED ON CYBER ATTACKS TARGETING MANAGED SERVICE PROVIDERSOn 4 April the ACSC released a warning that a global cyber campaign had been targeting major international Managed Service Providers, some of which operate in Australia, since at least mid-2016. Managed Service Providers deliver ICT infrastructure, which could include security services, specialised advice or equipment, remote management of networks and data storage. The cyber criminals use the Managed Service Providers to gain access to their clients’ information.

40

Quarterly Update June 2017

The ACSC is working with international partners and the private sector to assess the scale and impact on Australia. To date it is estimated that only a small proportion of the activity has been detected. The ACSC encourage organisations to report any suspicious activity. Managed Service Providers have been asked to identify any affected clients and organisations who have concerns are encouraged to contact their Managed Service Providers to find out how they are responding and inquire as to whether and how clients might be affected. The ACSC recommend that organisations consider the Australian Signals Directorate guidance on questions to ask Managed Service Providers and, more broadly, Strategies to Mitigate Cyber Security Incidents, which includes the “Essential Eight” measures which should be adopted at a minimum to address cyber security risk.See ACSC Media Release.

OAIC

PREPARING FOR THE NOTIFIABLE DATA BREACHES (NDB) REGIMEOn 7 April the Office of the Australian Information Commissioner (OAIC) launched the Notifiable Data Breaches webpage, which has been set up to help organisations prepare for the February 2018 commencement of amendments to the Privacy Act 1988 (Cth) (Privacy Act) that will require certain data breaches to be reported to the OAIC. This regime is known as the Notifiable Data Breaches (NDB) scheme.A data breach occurs when personal information held by an organisation being lost or subjected to unauthorised access or disclosure. The OAIC provides the following examples of data breaches:

� a device containing a customer’s personal information is lost or stolen;

� a database containing personal information is hacked; and

� personal information is accidentally provided to the wrong person.

Once the NDB scheme obligations have commenced, organisations regulated by the Privacy Act will need to:

� promptly assess suspected data breaches (which involve) to determine whether they are likely to result in serious harm to any individual;

� inform any individuals who are likely to be at risk of serious harm of the breach and provide recommendations as to what steps the affected individuals should take; and

� notify the OAIC of the breach.The OAIC recommends that organisations prepare for the NDB scheme commencement by:

� reviewing their practices, procedures and systems for securing personal information, having regard to the OAIC’s Guide to securing personal information;

� preparing (or updating) their data breach response plan to ensure that they will be able to respond promptly to suspected data breaches, having regard to the best practice model set out in the OAIC’s Data breach notification — A guide to handling personal information security breaches and Guide to developing a data breach response plan; and

� ensuring that privacy governance and compliance is consistent with the OAIC privacy management framework.

On 2 June the OAIC published exposure draft guidance for public comment about:

� entities covered by the NDB scheme; � identifying eligible data breaches; � notifying individuals about an eligible data

breach; and � the role of the OAIC in the NDB scheme.

Consultation on the draft guides closed on 14 July.

40 41

Quarterly Update

41

June 2017

41

PERSONAL INFORMATION GUIDANCE UPDATED AFTER TELSTRA JUDGMENTIn 2015 a journalist made a complaint to the Privacy Commissioner about Telstra Corporation Limited (Telstra). The complainant sought to access the metadata information held by Telstra relating to his mobile phone service, including cell tower logs, inbound call and text details, duration of data sessions, telephone calls and URLs of websites accessed using the phone. Telstra refused to provide information about the locations and details of numbers that called and sent text messages to his phone on the basis that privacy laws would not allow Telstra to release this information. The complainant alleged that Telstra had denied him access to his personal information in breach of the Privacy Act. The Privacy Commissioner declared Telstra to be in breach and required Telstra to disclose the information sought, other than phone numbers of incoming callers.Telstra successfully appealed the Privacy Commissioner’s decision to the AAT. The Privacy Commissioner appealed the AAT’s decision to the Full Federal Court, and the appeal was dismissed on 19 January. The Privacy Commissioner was unsuccessful because the Full Federal Court took the view that the information which the complainant had sought to access from Telstra was not “personal information” for the purposes of the Privacy Act. The term “personal information” is defined in the Privacy Act as information or an opinion about an identified individual or an individual who is reasonably identifiable.The Full Federal Court considered the meaning of “about” the individual in the definition of personal information. The Full Federal Court rejected the Privacy Commissioner’s submission that, if there was information from which an individual’s identity could reasonably be ascertained held by an organisation, it would always necessarily be “about” the individual. The Full Federal Court accepted the AAT’s finding that the information to which access had been sought was not “about” the individual who was seeking access and therefore it was not personal information that Telstra was required to provide.

The Privacy Commissioner decided not to appeal the Full Federal Court decision to the High Court.On 8 May, in light of the Full Federal Court decision, the OAIC released guidance titled “What is personal information?” to supplement its Australian Privacy Principles guidelines.See OAIC announcement.

GUIDANCE ON EUROPEAN UNION DATA PROTECTION REGULATIONS RELEASEDFrom 25 May 2018 any Australian business that has an establishment in the European Union, offers goods or services in the European Union or monitors behaviours of individuals in the European Union may be required to comply with the European Union General Data Protection Regulation (GDPR) requirements. The GDPR requirements are “same same but different” to the Privacy Act, with data handling measures that don’t have an equivalent in the Privacy Act.The OAIC has released guidance to help affected Australian businesses prepare for GDPR compliance.See OAIC announcement.

OTHER OAIC ACTIVITIESOther OAIC activities during the June quarter included:

� the release of the results of the 2017 Australian Community Attitudes to Privacy Survey as part of Privacy Awareness Week, which surveyed 1,800 people. Some general trends shown from the survey include:> the degree of concern about privacy has

increased in the past 5 years, with 79% of survey respondents uncomfortable with businesses sharing their personal information with other organisations and 93% concerned about organisations sending their personal information overseas;> privacy risks are perceived to be greater

online than offline, yet Australians are not making optimal use of existing privacy tools to protect themselves online;

42

Quarterly Update June 2017

> a majority of respondents had decided not to deal with a business due to privacy concerns; and> 26% of respondents knew someone who

had been the victim of identity theft; and � tendering for the independent review of the

Privacy (Credit Reporting) Code 2014 (Cth) (CR Code). The CR Code is a mandatory code that binds credit providers and credit reporting bodies, and a breach of the CR Code constitutes a breach of the Privacy Act. Under the CR Code the OAIC must initiate an independent review of the operation of the CR Code within 3 years of its commencement date (see OAIC Statement).

WATCH THIS SPACE – COMING SOON

SANTA AND THE ASIA REGION FUNDS PASSPORT ARE COMING!The wheels are well and truly in motion for the long-awaited Asia Region Funds Passport (first proposed in 2010 in a report of the Australian Financial Centre Forum), which will allow cross border marketing of managed funds in participating countries. There is a Memorandum of Cooperation in place between Japan, Korea, Australia and New Zealand and it establishes a Joint Committee consisting of representatives of those countries. The second face to face meeting of the Joint Committee was held in Tokyo on 20-21 April and members provided progress updates on implementation.Key outcomes of the meeting included agreement for:

� publishing of the Annual Report in July, which outlines progress made;

� the release of draft guidance about laws and regulations that would apply to imported funds in “host” passport countries for public consultation in July;

� engagement with other countries in the Asia Region that have yet to become participants; and

� a meeting of a working group of tax specialists, chaired by Australia, to consider what information can be given to funds and investors about the tax treatment.

The next Joint Committee will be held in Thailand in October.

LAW REFORM INITIATIVES

DISPUTE RESOLUTION FRAMEWORK REFORMS – GET READY FOR AFCA AND INTERNAL DISPUTE RESOLUTION REPORTING!The final report of the expert panel review of the external dispute resolution (EDR) framework was provided to the Federal Government on 3 April. The Government released the final report on 9 May and announced that it had accepted all 11 recommendations.On 17 May Treasury released exposure draft legislation and a consultation paper relating to the implementation of the reforms, the key aspects of which are:

� replacing FOS, Superannuation Complaints Tribunal (SCT) and Credit Industry Ombudsman (CIO) with single one-stop shop – the Australian Financial Complaints Authority (AFCA); and

� introducing obligations on regulated entities to report internal dispute resolution (IDR) outcomes to ASIC.

The intention is to have AFCA up and running by 1 July 2018, and from that date:

� new disputes will be referred to AFCA; � complainants may choose to transfer existing

disputes from FOS, the CIO or the SCT to AFCA; and

� FOS, the CIO and the SCT will complete their remaining caseloads.

42 43

Quarterly Update

43

June 2017

43

AFCA will have significantly greater jurisdiction limits and compensation caps than its predecessors. It is to be set up as a company limited by guarantee with an independent board of directors made up of equal numbers of industry and consumer representatives. AFCA will be able to determine what funding it needs and how it will obtain the funding. ASIC will be given powers to oversee AFCA’s compliance with its regulatory obligations.The obligations to become AFCA members and report IDR outcomes to ASIC (with ASIC to determine the detail of the reporting framework) will apply to “Financial Firms”, which covers all AFSL holders, unlicensed product issuers, unlicensed secondary sellers, credit providers and credit representatives, superannuation funds (other than self-managed superannuation funds), approved deposit funds, retirement savings account providers, annuity providers, life policy funds and insurers.Consultation closed on 14 June.

EXTENSION OF CSF TO PROPRIETARY COMPANIESLegislation that allows public companies to use CSF is due to commence on 29 September. The Federal Government announced in its 2017-2018 Budget that CSF would be opened up to proprietary companies, with a view to improving access to finance for start up and innovative small businesses. Treasury released exposure draft legislation setting out proposed amendments to the Corporations Act on 9 May. Under the proposed regime, proprietary companies wishing to use CSF would not need to convert to a public company but would be subject to some additional requirements, including:

� a minimum of two directors; � financial reporting in accordance with

accounting standards; � audit requirements if more than $1 million is

raised through CSF; and � the related party transactions rules in Chapter

2E of the Corporations Act.Consultation closed on 6 June.

REGULATION OF FINANCIAL BENCHMARKSIn October 2016 the Federal Government announced measures to increase the regulation of financial benchmarks, following numerous market misconduct incidents in Australia and internationally that involved manipulation of financial benchmarks (such as BBSW in Australia and LIBOR overseas). Treasury released exposure draft legislation on 26 June. It seeks to make amendments to the Corporations Act which reflect recommendations of the Council of Financial Regulators (CFR). The CFR developed their recommendations having regard to the Principles for Financial Benchmarks of IOSCO and public consultation.Key measures contained in the Bill include:

� ASIC will have the power to designate “significant financial benchmarks” if ASIC are satisfied that a benchmark meets any of the following criteria:> it is systemically important in Australia; or> if there is a disruption to its availability or

integrity:- it would cause a material risk of financial

contagion or systemic instability in Australia; or

- Australian retail or wholesale investors could be materially impacted;

� the administrator of any such designated significant financial benchmark will need to obtain a benchmark administrator licence from ASIC and comply with the conditions on their licence;

� ASIC will have the power to make “financial benchmark rules” and rules that require certain information to be given to benchmark administrators and/or ASIC; and

� manipulation of a financial benchmark will constitute an offence.

Consultation closed on 24 July. It is intended that the new legislation will commence on 1 January 2018.

44

Quarterly Update June 2017

PROPOSAL TO TOUGHEN FOREIGN BRIBERY LAWSOn 4 April the Minister for Justice released a consultation paper canvassing proposed reforms to the foreign bribery laws (which are contained in the Criminal Code Act 1995 (Cth)), which include:

� including candidates for public office in the definition of “foreign public official”;

� making bribery to obtain a personal (rather than business) advantage an offence; and

� creating a new corporate offence that would make companies automatically liable for any foreign bribery committed by their employees, contractors and agents unless they are able to demonstrate that they had adequate procedures to prevent foreign bribery in place.

The Attorney-General’s Department also released exposure draft legislation.Consultation closed on 1 May. See Minister for Justice Media Release.

UPDATE ON ASIC INSTRUMENTSThis summary is provided for the benefit of lawyers and compliance officers among our readers who are updating compliance plans, policies and procedures for changes to ASIC instruments. Under the Legislation Act 2003 (Cth), ASIC instruments automatically sunset 10 years after they are registered unless ASIC takes steps to continue their operation. ASIC have been reviewing instruments which are due to sunset and considering whether they should be remade so that their operation continues or revoked, having regard to current ASIC policy. All ASIC legislative instruments are available here.

Instrument Instruments impacted Effect Related documents

ASIC Corporations (Financial Reporting: Natural Person Licensees) Instrument 2017/307

� Class Order [CO 03/748] Reporting requirements under s 989B

� Remade without substantive change

� Consultation Paper 278 Remaking ASIC class order on reporting requirements for AFS licensees who are natural persons

� ASIC Media Release

ASIC Corporations (Amendment) Instrument 2017/464

ASIC Corporations (Recognised Accountants: Exempt Services) Instrument 2016/1151

� Enables the holder of a full Australian financial services licence and its authorised representatives to provide exempt tax advice in reliance on regulation 7.1.29(4) of the Corporations Regulations 2001 (Cth), which corrects an unintended regulatory anomaly

� ASIC Media Release

� Information Sheet 216 AFS licensing requirements for accountants who provide SMSF services

44 45

Quarterly Update

45

June 2017

45

ASIC Corporations (Life Insurance Commissions) Instrument 2017/510

� N/A � The instrument gives effect to the Corporations Amendment (Life Insurance Remuneration Arrangements) Act 2017 (Cth), which allows commissions to be paid for the sale of life insurance. It sets limits on commissions through a commission cap and requires amounts to be repaid if a policy is cancelled within the first 2 years of issue. These changes take effect from 1 January 2018 and are intended to reduce incentives for advisers to give clients inappropriate advice about life insurance products.

� Consultation Paper 245 Retail life insurance advice reforms

� Report 527 Response to submissions on CP 245 Retail life insurance advice reforms

� ASIC Media Release

ASIC Corporations (Amendment) Instrument 2017/386

� Class Order [CO 12/749] Relief from the Shorter PDS regime

� Relief extended by a further 12 months

� ASIC Media Release

ASIC Corporations (Repeal and Transitional) Instrument 2017/271

� Class Order [CO 04/526] Foreign collective investment schemes

� Relief extended for a further two years

� ASIC Media Release

ASIC Corporations (Amendment) Instrument 2017/569

� Class Order [CO 14/443] Deferral of choice product dashboard and portfolio holdings disclosure regimes

� Class Order [CO 13/1534] Deferral of Stronger Super amendments in relation to PDS and periodic statement disclosure

� Interim relief relating to publication of choice product dashboard extended until 1 July 2019

� Interim relief relating to portfolio holdings disclosure extended until 31 December 2019

� Interim relief extended until 1 July 2019.

� ASIC Media Release

46

Quarterly Update June 2017

ASIC Superannuation (RSE Websites) Instruments 2017/570

� Class Order [CO 14/509 Keeping RSEs’ superannuation websites up to date

� Class order repealed. Interim relief extended until 30 June 2018 under new instrument.

� See above

ASIC Corporations (Urgent Superannuation Advice) Instrument 2017/530

� N/A � Temporary relief allowing financial advisers up to 30 days to provide retail clients with an SOA about a superannuation product in connection with advice requested and provided before 1 July 2017 which relates to changes in laws regulating superannuation due to the Treasury Laws Amendment (Fair and Sustainable Superannuation) Act 2016 (Cth).

� ASIC Media Release

ASIC Corporations (Amendment) Instrument 2017/359

� ASIC Corporations (Charitable Investment Fundraising) Instrument 2016/813

� Amends the terms of interim relief so that it will apply where an identification statement is submitted to ASIC before 31 December 2017 (rather than by 28 February 2017).

� Regulatory Guide 87 Charitable schemes and school enrolment deposits

� ASIC Media Release

47

Quarterly Update

47

June 2017

47

PMC LEGAL11 Cairo StreetSouth Coogee NSW 2034Australiawww.pmclegal-australia.com

PAULA MCCABEPh: +61 2 8556 7560Mob: +61 414 422 491pmccabe@pmclegal-australia.com

PIP BELLPh: +61 2 8556 7570Mob: +61 499 220 098pbell@pmclegal-australia.com

PMC Finservices Consulting Pty Ltd (ABN 54 151 362 640) trading as PMC Legal. Liability limited by a scheme approved under Professional Standards Legislation. Legal practitioners employed by PMC Legal are members of the scheme.