Jones Day | Sep 20, 2021

In Short: On 26 August 2021, the Australian Securities and Investments Commission (“ASIC”) released its Corporate Plan for 2021-25, the first under its new chair and deputy chair. The Corporate Plan outlines ASIC’s regulatory priorities and actions over the next four years and represents a significant change in direction for Australia’s corporate regulator.

See:  Australia: An Update On The Consumer Data Right

The Result: ASIC’s Corporate Plan reflects its new mandate to contribute to the government’s economic goals, including to support Australia’s post-pandemic economic recovery. The Corporate Plan sets out initiatives to overhaul ASIC’s internal governance framework as well as ASIC’s new targeted regulatory enforcement strategy, which is focused on poor product design and governance, failure to implement new standards set by law reform initiatives, and failure to adequately manage cyber risks that harm consumers.

Looking Ahead: Whilst ASIC is no longer pursuing a ‘why not litigate?’ strategy, it is clear that ASIC will remain a formidable regulator—and litigant—in the areas of greatest harm to consumers and markets. ASIC will be conducting speedier investigations and using the full suite of its enforcement tools, including enforceable undertakings, product intervention orders, and infringement notices. As a result, all regulated entities, as well as their directors and officers, should continue to be mindful of, and seek advice on, their new and existing obligations.

Overhaul of ASIC’s Internal Governance Framework

ASIC’s Corporate Plan for 2021-25 is the first of its kind released under new Chair Joseph Longo and new Deputy Chair and Head of Enforcement Sarah Court, who each started in their new roles on 1 June 2021 following a series of high-profile internal governance and enforcement failures.

The Corporate Plan sets out ASIC’s intention to:

• Actively and transparently communicate and engage with its stakeholders and other regulatory agencies and take their feedback into account when making regulatory decisions;
• Improve its infrastructure and systems to strengthen its key internal operations, processes, and governance frameworks to effectively support its regulatory work;
• Enhance and utilise effectively its data and cyber resilience capabilities in fulfilling its regulatory mandate and organisational priorities; and
• Nurture a workplace environment that promotes a culture of speaking up, challenging, accountability, and a multidisciplinary approach to mitigating harms.

See:  Lawmakers Take Aim at Big Tech with Push for Sweeping Overhaul of Antitrust

ASIC also has established a dedicated unit solely for the purposes of identifying ways to change how it administers the law so as to minimise the costs and burden of regulatory requirements for its regulated entities and consumers. ASIC has already indicated that one of the key areas of focus will be Chapter 7 of the Corporations Act 2001 (Cth) that deals with the provision of financial services, which Mr Longo has flagged as being in need of reform. Through ASIC’s new dedicated unit, the government also expects ASIC to ensure that its regulatory guidance is not unduly prescriptive, and does not limit businesses’ discretion and flexibility to operate in the manner they see fit whilst still complying with the law.