Reportable Situations Regime - ASIC Relief and Insights
The reportable situations regime which commenced in 2021 has created many compliance headaches for Australian financial services licensees and Australian credit licensees. One of the Core Strategic Projects for ASIC in 2022-2023 is to improve the operation of the regime.
ASIC relief
On 19 October 2023, ASIC announced amendments to the regime which have been made in the ASIC Corporations and Credit (Amendment) Instrument 2023/589 (available here) (the ASIC Instrument). These changes will hopefully ease the burden of complying with the reportable situations requirements.
There are 2 key changes:
Exclusions for certain breaches: Licensees do not have to report certain breaches of the misleading or deceptive conduct provisions and the false or misleading representations provision. The breaches must only impact one person, not cause any financial loss or damage, and not give rise to any other reportable situation.
Extended reporting time: Licensees have up to 90 days (from 30 days) to report a reportable situation that has underlying circumstances that are the same or substantially similar to an earlier reportable situation.
These changes are explained below.
Exclusion for certain breaches
The ASIC Instrument excludes certain breaches of the misleading or deceptive conduct provisions in s 1041H(1) of the Corporations Act 2001 (Corporations Act) and s 12DA(1) of the Australian Securities and Investments Commission Act 2001 (ASIC Act) and the false or misleading misrepresentations provision in s 12DB(1) of the ASIC Act from being deemed ‘significant’ breaches of ‘core obligations’ and therefore automatically reportable.
For a breach to qualify for the exclusion it must:
only impact one person or, if it relates to a financial product, credit product, consumer lease, mortgage or guarantee that is, or is proposed to be, held jointly by more than one person, those persons;
not result in, and be unlikely to result in, any financial loss or damage to any person (regardless of whether that loss or damage has been, will be or may be, remediated); and
not give rise, and be unlikely to give rise, to any other reportable situation.
According to the Explanatory Statement for the ASIC Instrument, the reason for this exemption is that ASIC had been receiving a large volume of reports of breaches of this kind that had “little or no intelligence value”, involving “a cost for licensees with little regulatory benefit.”
Examples of exempted events
The Explanatory Statement for the ASIC Instrument gives examples of reportable situations that would no longer automatically be deemed significant following this change:
a customer service agent states that car hire is available ‘for 14 days’ rather than ‘up to 14 days’ when the consumer seeks to hire the car for 14 days;
a sales agent quotes a lower savings rate on a savings account at account opening than its actual rate, and the institution promptly advises the consumer of the actual rate and pays that higher rate in circumstances where, given the speed of identifying and paying the higher rate, the account holder has suffered no financial loss or damage;
a staff member mistakenly advises a consumer that a payment will be processed on the following day but that day is a public holiday so the payment will not be processed until a day later in circumstances where there is no financial loss incurred by the consumer as a result of the payment being processed a day later;
a Statement of Advice given to a client contains an error that the adviser rectifies with the client promptly and involves no actual or expected financial loss to the client i.e. is not an error that, if the correct information was provided, could have influenced the client’s decision;
an approval letter issued to a superannuation fund member confirming their account balance fails to include a total and permanent disablement benefit amount that has been approved, but the payment made to the member includes this amount, and the omission was not made in circumstances where another omission has arisen, or is likely to arise (e.g. because the root cause of the omission is a defective letter template or systems error);
a 100 basis point discount, which was outlined in a letter of offer accompanying a new home loan, is not applied when the linked transaction account is set up, but the mistake is identified before the first monthly repayment and rectified so that it applies to that repayment and later repayments, and further reportable situations because of the non-application have not arisen and are not likely to arise as the error was a one off and not due to a systemic fault such as a defective template;
a staff member incorrectly advises a customer about the amount of daily external transfer they are permitted to make during a phone call and corrects the error on the same call in circumstances where there is no actual or anticipated financial loss to the consumer; and
in a sales call regarding a credit card, a staff member mistakenly advises that the interest rate will be 17% per annum when it is actually 15% per annum but the customer proceeds with acquisition of the card based on a 17% per annum rate, the bank promptly advises the customer of the lower rate and charges the lower rate.
Examples of events that would not be exempt
Here are some examples of conduct that may involve misleading or deceptive conduct or false or misleading representations that would not qualify for the new exemption:
an advertising campaign for a credit card product distributed to a wide audience has the wrong annual percentage rate disclosed; and
a rate discount for a home loan included in the letter of offer was not correctly applied to a whole class of customers (not just a single borrower).
Extended reporting time
The ASIC Instrument also provides for an increased timeframe of 90 days (from 30 days) to lodge a report with ASIC if the situation has underlying circumstances that are the same as, or substantially similar to, underlying circumstances of a reportable situation previously reported to ASIC.
The 90 days is measured from when the licensee first became aware, or is reckless with respect to whether, there are reasonable grounds to believe that a reportable situation has arisen.
The Explanatory Statement for the ASIC Instrument says that there is a burden associated with such reports for licensees who are investigating an already reported breach and identifying further reportable situations. ASIC believes that the additional time will contribute to better reporting by licensees and enable them to address and rectify breaches more quickly.
ASIC insights on the reportable situations regime
On 31 October 2023, ASIC published its second report on the reportable situations regime, covering the period from July 2022 to June 2023.
The report includes a breakdown of the more than 16,000 reports made, based on issue categories. This shows that in the reporting period, 44% of all complaints related to false or misleading statements, by far the largest category. The relief which has now been given by ASIC may reduce the number of complaints in this category in future years. The second largest category of complaints was general conduct obligations of licensees, coming in at 18%.
In its commentary on the report, ASIC said that there has been little improvement made in the key areas of concern which ASIC had highlighted in its first report for the previous reporting period.
Only 11% of licensees have lodged a report since the regime commenced in October 2021. ASIC says that this indicates that some licensees may not have systems and processes in place to detect and report breaches. ASIC has commenced surveillance activity to target licensees who may not be meeting their reporting obligations.
Another issue of concern is that licensees are taking too long to identify and investigate some breaches. For 17% of the reports, the licensee took more than a year to identify and commence an investigation into an issue.
ASIC is also concerned that compensation of impacted customers is taking too long. The reporting indicates that in 8% of cases involving compensation, the compensation had taken (or was estimated to take) more than a year to complete.
Finally, the ASIC analysis of reports showed that 66% of the identified root causes of breaches was attributed to staff negligence or error. ASIC is concerned that licensees may not be properly identifying the underlying root causes, such as the reasons for repeated staff negligence or error.
Practical considerations
The amendments to the reportable situations regime are aimed at reducing the regulatory and administrative burden on licensees.
Reportable situations compliance however continues to be an important aspect of licensee obligations, and ASIC’s report shows that many licensees may not be fully compliant with the requirements.
Licensees may wish to consider the following measures:
have appropriate training available and the practical resources for staff to make assessments on the likelihood of the breach/reportable situation causing harm;
perform detailed assessments of the underlying circumstances of the relevant conduct that led to a reportable situation and ensure that the underlying root cause is well understood and defined by the business i.e., documented, measured, and reasonable steps to rectify are recorded;
carry out new product and process changes with appropriate management and framework controls to ensure there are no system deficiencies that may lead to a process failure;
ensure that the obligations are continually updated considering regulatory changes, and remain current to the type of products/services provided by the licensee;
identify appropriate risks for the incidents/reportable situations that are repetitive in nature, and take reasonable steps to implement controls to mitigate/prevent reoccurrence of the risks; and
undertake a thematic review including an audit of the incident/reportable situation management framework by senior management for effective resource allocation and to ensure the standard of incident reporting remains robust.
Do you need legal help with reportable situations? Contact us to discuss.
Kathleen Harris and Patrick Dwyer
Legal Directors
Thanks to Ron Kaushik for his assistance in preparing this article.