ASIC’s Enforcement Priorities Change: Are You in the Firing Line?

ASIC has announced new key enforcement priorities for 2022-23 as part of its Corporate Plan, including broadening its focus to include digitally enabled misconduct, extending to scams and crypto-assets.

ASIC’s focus in the area of crypto-assets will include both regulated and unregulated crypto assets, with ASIC proposing to take enforcement actions to protect consumers from crypto-asset related harm. It will include crypto-assets that mimic traditional financial products but seek to avoid regulation.

In the regulated space, it will also include supervising and assessing PDSs and TMDs of major crypto offerings and implementing and monitoring a regulatory model for exchange traded products with underlying crypto investments.  ASIC will also work to raise public awareness of the risks associated with crypto-assets and DeFi more generally.

However, non-crypto providers should not rest easy. While ASIC’s priorities may include crypto-assets for the first time in a meaningful way, its priorities are not confined to this area.  ASIC is also proposing to review the product governance arrangements of small amount credit providers and BNPL providers, including a review of TMDs.

More broadly, ASIC also intends to take enforcement action:

  • To address poor design and distribution of products, including in relation to insurance, superannuation, credit and other financial products;
  • Against licensees where there are egregious failures to mitigate cyber-risks and related cyber resilience governance failures;
  • Against misleading or deceptive conduct, including advertising and promotions that misrepresent performance, risks or the nature of products;
  • Against inappropriate gamification, social trading and ‘finfluencer’ conduct;
  • To address mismanagement of property schemes, including responsible entity failures and inappropriate financial advice relating to high-risk schemes exposing investors to significant losses;
  • To protect financially vulnerable consumers affected by predatory lending practices, high-cost credit, debt management or debt collection misconduct, including by unlicensed or ‘fringe’ entities; and
  • Against claims handling misconduct and general insurance pricing misconduct.

ASIC has already started on some of its priorities, with a media release this week announcing it will take action in the securities lending space. This falls within their key focus for poor design and distribution of products as ASIC will intervene where it sees unfair or inappropriate offers of securities lending arrangements to retail clients. Design features which ASIC considers may not be fair or appropriate can include:

  • Bundling of securities lending with other services;
  • Automatic opt-in of clients to securities lending;
  • No vetting of investors (e.g. based on experience, assets or income); and / or
  • A fee split that heavily favours the provider.

ASIC has also indicated that securities brokers offering crypto-assets may come under scrutiny because ASIC is concerned that crypto offerings alongside regulated securities may give investors a false sense of security, by leading them to believe crypto-assets have a similar risk profile and / or the benefit of regulatory protections. ASIC’s view is that securities brokers must ensure that the differences in risks and protections must be made clear to investors. 

ASIC’s other concerns in this channel include that:

  • ‘Zero brokerage’ claims may not be true where a service is ‘bundled’ with other products or services that are subsidising the ‘zero fee’ offering and such offers may cause retail investors to take on additional risk; and
  • Some online brokers operate as authorised representatives, and ASIC is reminding such licensees of their obligations to have adequate resources to monitor and supervise and to review and engage with the design process for new offerings. We note that ASIC has already taken action against one funds management licensee for related breaches of its obligations in relation to authorised representatives.

In summary, providers of crypto-assets, securities lending for retail clients, small amount credit contracts and BNPL should consider themselves on notice – now is the time to get your house in order, before a please explain letter arrives from ASIC.

Other industry sectors that should be mindful of these priorities are finfluencers, credit providers and debt management services, particularly those operating in markets for borrowers with poor credit histories, and general insurers and licensees with claims handling authorisations.

All licensees should consider their practices as they relate to design and distribution, cyber risk and resilience, and advertising and marketing.

With a new Labor government focused on consumer protection, ASIC will want to be seen to be making inroads in this space and is unlikely to leave any stone unturned. In our experience, ASIC often starts investigations and regulatory action in one area and it can expand over time to capture a range of other areas. This is because when ASIC starts looking at your business, it can often raise more questions. Accordingly, it is critical that any engagement with ASIC is appropriately managed and you take steps to proactively address any known issues or risk areas.

If you have concerns because you are in any of the above industries, because you are uncertain about how you are managing your obligations in an area ASIC is focusing on, or because you have already received correspondence from ASIC, we can assist – please contact us to find out how we can help.

For more information, please contact Jaime Lumsden or Michele Levine.