Close Menu Phone
ABL
Menu

Update: Breach reporting obligations for AFSL holders and credit licensees

Banking & Finance, Dispute Resolution & Litigation
iStock 637904114 v2
From 1 October 2021, there will be new reporting obligations for Australian financial service (AFS) licensees and credit licensees. These reforms are designed to give effect to some of the recommendations made by the Hayne Royal Commission.

The new requirements are reasonably onerous and are likely to significantly increase rates of reporting to ASIC.

What are the obligations? 

For AFS licensees, the changes revamp existing reporting obligations under s 912D of the Corporations Act 2001 (Cth) (the Act). For credit licensees, the reporting obligations are entirely new, and are set out in s 50A of the National Consumer Credit Protection Act 2009 (Cth) (NCCP). 

Both AFS and credit licensees (together, Licensees) will have new obligations to self-report ‘reportable situations’ to ASIC. Reportable situations fall under the following four categories: 

  1. breaches or ‘likely breaches’ of core obligations that are significant
  2. investigations into breaches or likely breaches of core obligations that are significant
  3. where a Licensee has reasonable grounds to believe a reportable situation has arisen in relation to a mortgage broker or individual financial adviser, and  
  4. situations involving gross negligence, serious fraud, and any other reportable situations which may be prescribed. 

Where a reportable situation arises, Licensees will have 30 days to lodge a report. This period begins to run from the time the Licensee knew a reportable situation had arisen or was reckless with respect to whether there were reasonable grounds to believe a reportable situation had arisen.  

Failure to report is an offence, which could lead to criminal or civil penalties. 

Licensees may be required to notify clients where they have reasonable grounds to suspect that a client has suffered (or will suffer) loss or damage resulting from a reportable situation. 

Where a reportable situation arises, Licensees will have 30 days to lodge a report.

Analysis of reportable situations 

Breaches or likely breaches of core obligations that are significant

While ‘core obligation’ is a new term under the regime, these obligations generally mirror the existing obligations for AFS licensees and include the general obligations under s 47 of the NCCP for credit licensees. 

A ‘likely breach’ of a core obligation occurs where a Licensee is no longer able to comply with a core obligation and the breach, if it occurred, would be significant. 

There are two ways to determine whether a breach of a core obligation is ‘significant’: 

  1. if the breach of the core obligation is ‘deemed’ significant. Breaches which are deemed to be significant include: 
    •  a breach of a civil penalty provision
    •  a breach of certain provisions which may result in imprisonment
    •  engaging in misleading or deceptive conduct in relation to financial products or  financial services
    •  a breach resulting in, or likely to result in, material loss or damage to certain clients or members, or 
  2. if the breach is significant having regard to certain factors including the number or frequency of breaches, the impact of the breach, and the extent to which the breach indicates that the Licensee’s compliance arrangements are inadequate. 

These changes will substantially increase the range of breaches that will be considered ‘significant’. This is particularly so given the expansion of civil penalty provisions in the Act in 2019. 

Investigations into breaches or likely breaches of core obligations that are significant 

Licensees will only be required to report investigations which concern a breach (or likely breach) of a core obligation which is significant where the investigation has continued for more than 30 days. For example, if a Licensee investigates and determines, within 30 days, that there are no reasonable grounds to believe that a reportable situation has arisen, then there is no requirement to report. 

The term ‘investigation’ is not defined. Whether or not an investigation has occurred will differ depending on the size of the business, the Licensee’s internal systems and processes, and the type of breach.  

Licensees should consider whether there has been “information gathering or human effort applied… to determine whether a breach has occurred or will occur”. This could include a communication with representatives, staff or potentially affected clients about the potential breach, or a request for advice from experts or professionals about the conduct. 

Reportable situations about other Licensees 

Controversially, the Act introduces a ‘dobbing in’ obligation for Licensees to lodge a report in relation to other Licensees in certain circumstances. Licensees are required to lodge a report to ASIC if they have reasonable grounds to believe that a reportable situation (other than an investigation) has arisen in relation to mortgage brokers or individual financial advisers who provide personal advice to retail clients.   

Examples of these situations might include where a lender becomes aware of an individual mortgage broker falsifying information in loan application documents, or where a client has received inappropriate advice from a previous financial adviser. 

Situations involving gross negligence, serious fraud, and any other reportable situations 

Other reportable situations include those arising in circumstances prescribed by the regulations in s 912D(2)(c) of the Act and s 50A(2)(c) of the NCCP. 

What next? 

Given the new obligations and potential penalties for non-compliance, it is vital that you and your business are aware of any reportable situations. If you are unsure whether a reportable situation has already arisen in your business, or you would like to know more about how this regime may affect you, please contact our team below.

Read next