The extension of the AML/CTF regime to gatekeepers

The Labor party is considering more stringent anti-money laundering and counter-terrorism financing (AML/CTF) laws, including extending protections against dirty cash to so-called ‘gatekeepers’ of the financial services and general corporate industries, including, the real estate, accounting, trust/company service provider and legal professions. Australia is one of just three major developed countries that have not subjected gatekeepers to the remit of its AML/CTF law, which has led to calls for progress on the reforms.

The real estate sector, in particular, has been identified as a significant arena for reform. It is widely considered that proceeds of crime from overseas entities is laundered through the purchase of Australian real estate.

What may the reforms entail?

The ‘Tranche 2’ reforms have been in the works for quite some time. Gatekeepers covered by the considered reforms will likely need to:

  • identify and manage their money-laundering and terrorism-financing risk through risk-based procedures and controls;
  • establish, maintain and carry out procedures for customer due diligence (including, where applicable, establishing the identity of beneficial owners of non-individual entities, such as companies and trusts);
  • report suspicious matters to AUSTRAC on an ongoing basis;
  • keep records of its compliance; and
  • conduct introductory and ongoing training.

Issues for professional privilege

Lobby groups have fiercely opposed the ‘Tranche 2’ reforms in Australia for quite some time. Legal professional privilege is a cornerstone of the legal profession, and lawmakers will need to tread carefully to avoid its abrogation through statute. To this end, the Australian government may follow its United Kingdom counterparts and the Financial Action Taskforce’s (FATF) in introducing legislation that exempts lawyers from reporting under ‘privileged circumstances’.

Next steps

The Australian Financial Review reports that the government is expected to settle its position on the Senate committee’s recommendations this month.

The above post is merely general commentary and is not legal advice.

Increased penalties under proposed privacy legislation amendments

In response to the high-profile Medibank and Optus data breaches in recent weeks, the Albanese Government has sought to introduce legislation to significantly increase penalties for repeated or serious privacy breaches.

The Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, passed the House of Representatives on 9 November 2022, and seeks to increase maximum penalties from $2.22 million currently, to whichever is the greater of:

  • $50 million;
  • If a court can determine the value of a benefit, three times the value of any benefit obtained through the misuse of the information; or
  • If the court cannot determine the value of the benefit, 30% of a company’s adjusted turnover in the relevant period.

Greater powers for the OAIC

The Bill will also afford the Office of the Australian Information Commissioner (OAIC) greater powers to resolve and quickly share information about data breaches, to better protect consumers personal information.

For instance, if the Bill ascends to law, the OAIC will be able to:

  • conduct assessments of an entity’s compliance, or an entity’s ability to comply, with the notifiable data breach regime;
  • request information about an actual or suspected eligible data breach by an entity, or more holistically, the entity’s compliance with the eligible data breach regime under the Privacy Act;
  • share information and documents with enforcement bodies, complaints bodies, and other privacy regulators, and also may share information with any third parties, or publish information, where the sharing of that information is in the public interest;
  • issue infringement notices for failure, without reasonable excuse, to respond, or provide information to the OAIC, where required under the law;
  • in relation to complaints, order an entity to engage an independent adviser to review the acts or practices that were subject to the complaint, and the remediation of that complaint, and additionally, can require an entity to prepare a statement about the conduct in-scope, and provide that information to the complainant or disseminate the statement in the public domain.

More to come in the future

The Commonwealth Attorney General’s Office reports that the significant privacy breaches in Australia in recent weeks have shown that existing safeguards are outdated and inadequate. They further state that the increase in penalties and strengthening of the OAIC’s powers is part of a broader overhaul of the Privacy Act 1988, that will take place in 2023.

The above post is merely general commentary and is not legal advice.

‘True to Label’ remains a priority for ASIC

On 8 September 2022, the Australian Securities and Investments Commission (ASIC) has reported on its surveillance of responsible entities and fund managers for false or misleading representations about investment performance.

Background

ASIC’s managed funds surveillance is the successor to ASIC’s ‘True to Label’ initiative whereby, ASIC originally commenced monitoring of the industry for concerns that fund names did not align or accurately correspond to, the underlying assets and characteristics of the fund.

From October 2021, ASIC commenced its current initiative in taking a broader analysis of performance and risk representations in the marketing material disseminated by funds across the Australian jurisdiction.

Recent surveillance

ASIC’s recent surveillance has reported that thirteen responsible entities or trustees of unregistered managed investment schemes have voluntarily amended or arranged for their respective investment managers to amend, their marketing practices and materials as a result of ASIC’s inquiries. The funds in question, which house a broad range of underlying assets and investment strategies together held approximately $1.4 billion in assets under management. The amendments made and ASIC’s report do not constitute an admission of guilt or a finding of a contravention of statutory provisions by a relevant Court or ASIC.

The regulator’s concerns mainly centred around inadequate warnings regarding past or future returns, comparisons between risk levels of products, and understating the risks of investment when compared to the benefits of the funds.

ASIC’s expectations

ASIC’ expectations in this regard are that marketing material must:

  • give balanced messages about returns, benefits and risks;
  • give clear and prominent risk disclosures;
  • not overstate the reliability, security or safety of an investment;
  • compare products appropriately (e.g. term deposits shouldn’t be seen as comparable in terms of risk levels to leveraged derivatives);
  • disclose the risks of reliance on past performance as an indicator of future returns; and
  • take care with the use of imagery and graphs to ensure they do not confuse the end user.

ASIC Deputy Commissioner Karen Chester stated that ‘our primary concern is retail investors and potentially unsophisticated wholesale investors, especially retirees, making important investment decisions based on marketing that does not accurately represent fund performance.’

Key takeaways

As always, misleading and deceptive conduct within the financial services industry remains a priority enforcement action for ASIC. Responsible entities, trustees of unregistered schemes and investment managers, and all other financial services providers for that matter, must be vigilant in the review process prior to the dissemination of marketing material.

An array of statutory provisions exist in both the Corporations Act 2001 (Cth) and the ASIC Act 2001 (Cth) to outlaw such conduct. Some of these provisions are in fact ‘offence’ provisions of strict liability, which makes a business liable to criminal prosecution even when they did not intend to mislead, deceive or make false representations. Under section 912D(4) of the Corporations Act, breaches of misleading and deceptive conduct laws by Australian Financial Services Licence or Australian Credit Licence holders will also trigger requirements to submit ‘reportable situation’ to ASIC.

Further, it also cannot be overstated, that ASIC is equally concerned with unsophisticated wholesale investors as it is retail clients. As such, financial services businesses should pay careful attention to wholesale clients who solely meet the statutory income or wealth tests, when they may still lack sound knowledge of the risks of their investment.

The above post is merely general commentary and is not legal advice.