Reportable Situations Regime: One Year On.

Almost a year on from the introduction of the reportable situations regime, ASIC has released their first report highlighting valuable insights gained to date. Click here to read the full report.

The new regime came into effect 1 October 2021 and requires both financial services licensees and credit licensees to self-report specific matters to ASIC.

Under the regime, a licensee must lodge a report within 30 days of when the licensee first knows or is reckless with respect to whether there are reasonable grounds to believe a reportable situation has arisen, including breaches by other licensees in certain circumstances. This new reporting provision is targeted at misconduct by individual financial advisers and mortgage brokers.

The rationale behind the regime was to improve the financial services regulatory structure by detecting and addressing non-compliance in the industry early. Early intervention may reduce the financial impact on customers.

Key insights from ASIC’s report include:

  • A total of 11,070 reports and updates were made by licensees during the 9-month period. This is a 450% increase from the 2,435 received in the 2021 financial year;
  • Only 6% of the licensee population lodged reports and 74% of these reports were lodged by the same 23 licensees;
  • 79% of breaches were identified by a licensee’s internal sources, including customer facing staff as well as risk and compliance staff;
  • Key product areas include credit products, general insurance products and deposit taking products;
  • Key issues include false or misleading statements about a product, service information or warning statement, lending and general licence obligations;
  • Root causes appear to be staff negligence, process deficiency and system deficiency; and
  • 82% of breaches impacted customers (both financially and non-financially) with 96% of impacted customers being financially remediated.

Key takeaways

With the threshold for breach reporting now so low, it is surprising that only 6% of industry participants reported breaches and seems improbable this can accurately reflect the likely actual instances of reportable situations. As a result, we expect ASIC will take a closer look at all licensees’ systems and processes for detecting, investigating and reporting non-compliance.

Additionally, with licensees listing the root causes of reportable situations as staff negligence or errors, it is possible ASIC will release information and parameters for appropriate root cause analysis.

Finally, the median time to identify and investigate a breach was 39 days, with the mean being 380 days, and the median time to finalise customer remediation and compensations was 37 days post-investigation with the mean being 120 days. With this in mind, we expect ASIC will look to penalize excessive investigation periods and enforce timely remediation activities (without sacrificing customer outcomes).

For further information regarding your reporting obligations, please see our Licensee Breach Reporting and Credit Licensee Reporting articles.

For clarification on what constitutes a reportable situation, or for a review of your compliance systems, processes and policies, please contact Jaime Lumsden.