1. Home
  2. news
  3. spotlight new breach reporting guidelines

Spotlight on: New Breach Reporting Guidelines 

June 30, 2021

The Financial Sector Reform (Hayne Royal Commission Response) Bill 2020 amends the Corporations Act 2001 to strengthen the existing breach reporting regime for financial services licenses. The changes are scheduled to take effect on 1st October 2021 however members will need to assess their current breach reporting practices in light of the new regime prior to this date and if necessary, seek advice on how to incorporate practices that comply with the new regimes.  

Under the new regime, licensees will be required to notify the Australian Securities and Investments Commission (ASIC) within 30 days after the AFS Licensee first knows, or is reckless with respect to whether, there are reasonable grounds to believe a reportable situation has arisen. 

reportable situation arises when; 

  • the licensee or its representative has breached/ or is likely to have breached a core obligation and the breach is significant; 
  • the licensee has commenced an investigation into whether the licensee or representative has breached a core obligation and the breach is significant and the investigation has continued for more than 30 days; or 
  • in the course of providing a financial service, the AFS licensee or representative has engaged in conduct constituting gross negligence; or committed serious fraud. 

The test for significance has also changed. A breach of a core obligation is deemed to be significant if: 

  1. the provision breached is an offence that may involve imprisonment (3+ months for dishonesty offences, 12+ months for others); 
  2. the provision breached is a civil penalty provision, or s 1041H(1) of the Corporations Act or s12DA(1) of the ASIC Act (misleading or deceptive conduct in relation to a financial product or service); or 
  3. the breach results, or is likely to result, in material loss or damage to clients or members. 

The legislation also introduces new obligations on AFS Licensees to investigate reportable situations that may cause loss or damage to retail clients who received personal advice, to notify those potentially affected clients, and to pay compensation to affected clients within 30 days of completing the investigation. 

Whilst the legislation setting out the structure of the new regime has passed parliament, certain regulations on which some obligations are based are yet to be finalised by Government and ASIC is yet to finalise its guidance on the new breach reporting regime.  

The National Insurance Brokers Association (NIBA) has confirmed that it will provide further guidance to its members once these matters are finalised but has urged brokers, in light of the large number of upcoming regulatory changes, to begin work now.