obÌåÓý has issued Consultation Paper 340, seeking stakeholder feedback on proposed updates to its draft guidance on upcoming breach reporting reforms.
´¡³§±õ°ä’s reflects reforms made to the breach reporting regime under the Financial Sector Reform (Hayne Royal Commission Response) Act 2020. These reforms clarify and strengthen the existing obligation on AFS licensees to self-report certain breaches of the law to obÌåÓý and extend the obligation to credit licensees.
Set to commence on 1 October 2021, these key Government reforms flow from the Financial Services Royal Commission and findings from the obÌåÓý Enforcement Review Taskforce.
Announcing the consultation, obÌåÓý Deputy Chair Karen Chester said, ‘We support the reform goals to promote consistent, timely and high-quality reports. The Financial Services Royal Commission expressed concern about prolonged and repeated failures by large entities to make breach reports required by the law.
‘Breach reporting is a core component of Australia’s financial services and credit regulatory framework. The reforms will better position us to act decisively to disrupt misconduct and escalating harms and identify patterns of non-compliance across industry.�
obÌåÓý expects a significant increase in the volume of reports received as a wider range of entities will be required to report and a wider range of breaches will be subject to reporting. Entities are not required to report every instance of non-compliance or trivial breaches, but a targeted set of ‘reportable situationsâ€� defined under the law.Ìý
obÌåÓý is also seeking feedback on a on the new notify, investigate and remediate obligations set to apply to AFS licensees who are financial advisers and credit licensees who are mortgage brokers.
obÌåÓý seeks public comment on the draft guidance and information sheet by 3ÌýJune 2021.
obÌåÓý will publish final guidance before the obligations commence on 1ÌýOctober 2021.
Download
- Breach reporting and related obligations
- ÌýBreach reporting by AFS licensees and credit licensees
- Complying with the notify, investigate and remediate obligations
All interested stakeholders have until 3 June to provide feedback on CP 340.
Background
The reforms implement Recommendations 1.6, 2.8, 2.9 and 7.2 of the Financial Services Royal Commission, and are set out in Schedule 11 of theÌýFinancial Sector Reform (Hayne Royal Commission Response) Act 2020.
Key features of the reforms include:
- expanding and clarifying the types of situation that must be reported to obÌåÓý, including when determining whether a breach or likely breach is significant;
- requiring licensees to lodge breach reports with obÌåÓý in a prescribed form within 30 calendar days after the licensee first knows that, or is reckless with respect to whether, there are reasonable grounds to believe a reportable situation has arisen;
- creating an obligation to report an investigation into whether there is a reportable situation where that investigation continues for more than 30 days;
- requiring obÌåÓý to publish data about breach reports annually on our website; and
- amending the National Consumer Credit Protection Act to introduce a comparable breach reporting regime for credit licensees.
obÌåÓý Report 594 Review of selected financial services groupsâ€� compliance with the breach reporting obligation sets out compliance of 12 entities including the big four banks with their existing breach reporting obligation under s912D of the Corporations Act.