Compliance training solutions and CPD courses for banking and financial workplaces.

Additional Budget Estimates, Opening Statement by ASIC Acting Chair Sarah Court, Senate Economics Legislation Committee, 11 February 2026

ASIC has banned Melbourne-based financial adviser Neil McPherson from providing financial services, controlling an entity that carries on a financial services business or performing any function involved in the carrying on of a financial services business for four years.

ASIC found that Mr McPherson gave inappropriate advice to certain clients which was not in their best interests because he recommended clients invest most of their superannuation into the High Growth class, the Growth class or the Balanced class of the Shield Master Fund which were high risk investments, during the time he was authorised by MWL Financial Services Pty Ltd.

ASIC has reason to believe that Mr McPherson is not a fit and proper person, is not competent and is likely to contravene a financial services law.

The banning order took effect from 5 February 2026.

Mr McPherson‘s banning has been recorded on Banned and Disqualified Register.

Mr McPherson has the right to appeal the decision to the Administrative Review Tribunal.

Treasurer Jim Chalmers has introduced the Treasury Laws Amendment (Building a Stronger and Fairer Super System) Bill 2026 into Parliament. Colloquially known as Div 296, the 0.3 per cent of Australians with the highest super balances are proposed to pay additional tax. Reworking of the bill followed the government’s October backflip on taxing unrealised gains after the plan received heavy criticism.

The new version will see the additional tax payable only on the realised investment earnings generated by the portion of an individual’s total superannuation balance that exceeds $3 million, as well as a higher tax rate totalling 40 per cent on earnings from the TSB portion exceeding $10 million.

US Securities and Exchange Commission Chair Paul Atkins and 2025 Nobel prize-winning economist Joel Mokyr are among a range of international experts who will address ASIC’s upcoming symposium, ‘The Asia Pacific opportunity – Innovating for growth’.

Tickets are now available for the event, which will bring together financial services, markets and technology leaders.

The symposium will follow the Asia-Pacific meetings of IOSCO and with the European Commission, meaning securities regulators from across the world will join other experts including the Chair of the European Securities and Markets Authority Verena Ross at the symposium in Sydney.

John Lonsdale, Chair – Australian Prudential Regulation Authority

Thank you for the opportunity to appear before you once again today.

Let me begin by assuring the Committee that Australia’s financial system remains strong, stable and resilient. Australians can be confident in the financial and operational resilience of the banks, insurers and superannuation funds that APRA supervises. However, uncertainty and risks in the global financial system are at heightened levels.

Developments impacting the global financial system have continued apace in recent months. In particular, we see geopolitical risks, amplified by disruptions from cyber-attacks and operational outages, and the risk of regulatory fragmentation across the international financial system, adding to the potential for shocks to the Australian financial system.

In response to these risks, APRA is taking action. Alongside our fellow agencies on the Council of Financial Regulators (CFR), we are working with entities to ensure they are resilient to a broad range of geopolitical scenarios. We are progressing work with entities to deliver resilience action plans; expanding and testing the CFR crisis response playbook with stronger intelligence sharing; strengthening system infrastructure through payment backups and broader contingencies; progressing industry surge capacity for sanctions; and establishing the crisis powers that may be required.

With the frequency and intensity of cyber-attacks across the financial system remaining elevated, lifting cyber security policies and practices across our regulated industries is another top priority. Within the superannuation sector, we are requiring several trustees to bring forward actions to harden their cyber controls. By April this year, the seven superannuation funds impacted by the last year’s “credential-stuffing” attacks will have uplifted their authentication controls. This follows our work requiring impacted trustees to have independent assessments of the effectiveness of their authentication controls. Across all industries, we are working with entities to assess potential risks from concentrations of third-party service providers. This will inform CFR work to develop more effective oversight arrangements for mitigating these risks.

Australian fixed-income specialist, FIIG Securities Limited (FIIG), has been ordered to pay $2.5 million in pecuniary penalties after ASIC brought a case against the firm for failures to protect thousands of clients from cyber security threats for more than four years.

FIIG’s failures worsened a 2023 cyber-attack which saw around 385 gigabytes of confidential information stolen and highly sensitive client data leaked onto the dark web – including driver’s licences, passport information, bank account details and tax file numbers.

FIIG notified some 18,000 clients that their personal information may have been compromised.

FIIG admitted that it failed to comply with its Australian Financial Services (AFS) licence obligations and that adequate cyber security measures – suited to a firm of its size and the sensitivity of client data held – would have enabled it to detect and respond to the data breach sooner. It also admitted that complying with its own policies and procedures could have supported earlier detection and prevented some or all of the client information from being downloaded.

The Federal Court today ordered FIIG to pay a $2.5 million penalty and pay $500,000 towards ASIC’s costs. The Court also ordered FIIG to undertake a compliance programme involving the engagement of an independent expert to ensure its cyber security and cyber resilience systems are reasonably managed.

ASIC is taking further steps to support thousands of Australians who invested in the Shield Master Fund (Shield) and First Guardian Master Fund (First Guardian), which have collapsed.

So far, less than 2,000 of around 11,000 Australians who invested approximately $1.1 billion in Shield and First Guardian have lodged complaints with the Australian Financial Complaints Authority (AFCA), prompting ASIC to take further action to ensure investors understand the impact.

From tomorrow (Friday 6 February 2026), ASIC will begin sending further information to investors, including a link to a dedicated consumer website that contains trusted and independent support, and options to make a complaint: takeyoursuperback.com.

The new consumer website has been independently developed by Super Consumers Australia with funding from ASIC. Super Consumers Australia is an independent consumer advocacy organisation that is helping consumers impacted by the collapse of First Guardian and Shield understand what they can do.

The website provides First Guardian and Shield investors with guidance and resources to help navigate next steps including:

• how to lodge a complaint with AFCA to seek compensation, including deadlines for submitting complaints
• how to access support services if they are experiencing financial hardship or need someone to talk to

Consumers should visit takeyoursuperback.com for further information and details on how they can make a complaint to AFCA.

To date, around 4,000 consumers have benefited from approximately $421 million in payments from Macquarie and compensation from Netwealth as part of court enforceable undertakings agreed to by ASIC as part of its investigations into Shield and First Guardian.

ASIC’s investigations into Shield and First Guardian continue. Nearly 50 people across ASIC are working across 26 investigations, which are among the largest and most complex cases in ASIC’s history.

AUSTRAC has developed guidance for your industry to help you understand your obligations under anti-money laundering and counter-terrorism financing (AML/CTF) laws.

The Australian Prudential Regulation Authority (APRA) has reduced liquidity add-on requirements imposed on Macquarie Bank Limited in 2021 and 2022.

APRA took action against Macquarie Bank following material breaches that revealed weaknesses in the bank’s liquidity risk controls and operational risk management.

In April 2021, APRA required Macquarie Bank to increase its Net Cash Outflow (NCO) overlay by 15 per cent in the Liquidity Coverage Ratio (LCR) calculation and reduce the Available Stable Funding (ASF) by 1 per cent for its Net Stable Funding Ratio (NSFR) calculation. APRA also agreed a remediation plan with the bank to address the identified weaknesses.

After further NCO calculation errors were identified, linked to control weaknesses, APRA increased the NCO overlay by an additional 10 per cent in April 2022, bringing the total overlay to 25 per cent.

Following a detailed supervisory assessment, including a Financial Accountability Regime attestation from Macquarie Bank outlining the progress of its remediation and independent assurance, APRA has now concluded that the bank has remediated aspects of liquidity risk management and reporting controls that affect the NCO and ASF calculations to a level that supports a partial removal of its liquidity add-on requirements. Consequently, the NCO add-on has been reduced to 15 per cent and the ASF adjustment has been removed. These changes take effect immediately.

The remaining NCO add-ons will remain in place until APRA confirms that all outstanding remediation activities are completed and effectively embedded. This is separate to the $500m operational risk capital overlay, which is subject to its own remediation activities and remains unchanged.

In the lead-up to Valentine’s Day, the National Anti-Scam Centre has released its final quarter scams statistics, showing an increase in romance scams reports and losses across 2025. The data highlights the need for Australians to talk to family and friends about the tactics scammers use to build trust and steal money.

Romance scams remain one of the most financially and psychologically damaging financial crimes in Australia, with more than $28.6 million in financial losses reported to Scamwatch between January and December 2025. This represents a 21.8 per cent increase in losses experienced by 1,330 Australians.  Scammers overwhelmingly contacted people through online methods, such as social media; dating platforms and online forums with online contact responsible for more than 80 per cent of financial losses.

ACCC Acting Chair Catriona Lowe said criminals use carefully rehearsed tactics designed to build trust quickly and shift conversations toward requests for money, gifts or personal information.

“Romance scammers operate all year round, but the lead up to Valentine’s Day is a good time to have a heart-to-heart with loved ones and build awareness of how these scams work so we can help people better protect themselves and others,” Ms Lowe said.

“Criminals exploit technology, trust, and emotion for financial gain. Reporting suspicious activity to Scamwatch and sharing what you know can stop them from causing further harm and protect others.”

People are encouraged to access resources on Scamwatch to provide support to loved ones who may be targeted by scammers, including red flag signs, conversation starters and the manipulation tactics deployed by scammers.

Sydney-based stockbroking firm Petra Capital Pty Ltd (Petra Capital) has been fined $205,350 by the Markets Disciplinary Panel (MDP) for misreporting regulatory data on more than 3,600 occasions.

Following an ASIC investigation, the MDP found Petra Capital breached the market integrity rules by failing to provide accurate information, being a unique code used to identify clients executing orders or transactions.

Petra Capital’s inconsistent use of client reference information when reporting regulatory data led to one client appearing as multiple clients on 3,632 occasions. This was caused by a system update and affected 14,741 trades between 3 March 2022 and 5 December 2023.

The MDP considered Petra Capital to be ‘careless’ and found that it should have taken steps to ensure its reporting format complied with the law, including by proactively and periodically reviewing its systems and the underlying assumptions in its coding.

ASIC is urging immediate action from superannuation trustees to strengthen anti-scam and fraud practices after its latest review exposed significant gaps in communications for members.

ASIC assessed scams and fraud-related website content across 47 superannuation funds, benchmarking them against comparable website content from the big four banks (ANZ, Commonwealth Bank, NAB, and Westpac).

The review focused on the availability, quality and actionability of anti-scams and fraud content, including by checking the website content for clarity and relevance, prominence on the website and readability. ASIC’s review found banks scored positively in over 80% of criteria assessed, whereas most super funds scored positively against just 40–60% of the same criteria.

ASIC Commissioner Simone Constant said despite being custodians of $4.3 trillion in Australian retirement savings, the superannuation industry has been slow to respond to evolving scams and fraud risks to members.

The Australian Prudential Regulation Authority (APRA) has published remarks delivered this afternoon by APRA Deputy Chair Margaret Cole to the Conexus Chair Forum.

In her speech “Tales of the unexpected”, Ms Cole emphasises APRA’s resolute focus on lifting trustee standards across a range of areas including operational risk management, cyber controls and investment governance to build fund resilience and protect Australians’ retirement savings.

Her comments include:

• “When you look back at events in superannuation over the past few years, “expect the unexpected” would be an appropriate maxim for the industry. Too many trustees have been caught off guard by situations they did not expect or had not taken steps to prevent. In many cases, these were situations that might not have been anticipated but were not entirely unforeseeable either.”
• “Trustees should be especially vigilant about the cyber risk to assets sitting in retirement phase products. These products provide greater avenues for funds to be withdrawn from the superannuation system.”
• “Shortcomings in trustee governance of investment valuations, liquidity and platforms will continue to be a focus for APRA. Platform trustees, in particular, can expect continued heightened scrutiny this year.”
• “The imposition of licence conditions is a critical APRA tool. Licence conditions drive immediate attention and action to addressing deficiencies, typically without an extended period of court litigation. In my time at APRA, we have become more muscular in our use of this tool. You can expect this to continue.”

The full speech is available on the APRA website at: APRA Deputy Chair Margaret Cole’s remarks to the Conexus Chair Forum

Today’s decision by the Administrative Review Tribunal relating to Bunnings Group Limited’s use of facial recognition technology (FRT) is an important reiteration of the key principles and protections contained in Australian privacy law.

The Tribunal affirmed the Privacy Commissioner’s finding that Bunnings contravened Australian Privacy Principles (APP) 1 (open and transparent management of personal information) and 5 (notification of the collection of personal information) when rolling out FRT in its stores.

The Tribunal found that Bunnings failed to provide appropriate notice to individuals of its use of FRT and should have completed a ‘formal, structured and documented’ risk assessment of its FRT system which considered the privacy implications.

The Tribunal also affirmed the Privacy Commissioner’s statement of the relevant factors when considering whether Bunnings was entitled to rely on an exemption to the requirement to obtain consent for the collection of personal information, namely whether the FRT was a suitable and effective response to the problem of repeat offenders, whether less privacy-intrusive alternatives were available, and whether the use of FRT was proportionate.

However, the Tribunal departed from the Privacy Commissioner’s ultimate finding that Bunnings had contravened APP 3.3 (collection of solicited personal information).

The Tribunal was satisfied that Bunnings was entitled to rely on exemptions to the requirement to obtain consent, for the limited purpose of combatting retail crime and protecting their staff and customers from violence, abuse and intimidation within their stores.

ASIC Chair Joe Longo has welcomed the appointment of Sarah Court as the agency’s incoming Chair.

Mr Longo said Ms Court would bring deep regulatory expertise to the role from her career of public service.

‘Sarah is an exceptional regulator with a strong record in enforcement that demonstrates her integrity and impact,’ Mr Longo said.

‘Her work as ASIC’s Deputy Chair has been instrumental to the success of the agency’s structural transformation that has strengthened our enforcement posture and work, leading to better outcomes for consumers and a fairer financial system.

‘ASIC will be in very capable hands under her leadership.

‘Over the coming months, I will support Sarah, the Commission and all our staff to ensure a smooth and orderly transition.’

Sarah Court commences as ASIC Chair on 1 June 2026.

The Federal Court has ordered Australian Unity Funds Management Limited (Australian Unity) to pay a $7.125 million pecuniary penalty for breaching design and distribution obligations (DDO) by failing to confirm the suitability of one of its products for retail investors.

As responsible entity of the Australian Unity Select Income Fund (Fund), Australian Unity admitted that it failed to take reasonable steps to ensure that interests in the Fund were only distributed to investors who matched the criteria outlined in its three Target Market Determinations (TMDs) for the Fund.

As a result, hundreds of retail investors were able to invest in the Fund even though the product may not have been suitable for them under those TMDs.

Australian Unity, also known as AUFM, admitted that it issued interests in the Fund to retail clients:

• on 89 occasions without requiring them to submit, as part of their application, a completed questionnaire with answers to questions to determine whether they were within the target market described in the Fund TMDs, and
• on 239 occasions without reviewing submitted questionnaires that had been completed by them to determine whether they were within the target market described in the Fund TMDs.

28 self-managed superannuation fund (SMSF) auditors had their registrations cancelled, conditions imposed on them, or were disqualified by ASIC in the first half of the 25-26 financial year.

SMSF auditors are responsible for providing assurance over the $1 trillion in retirement savings held in Australia’s 661,000 SMSF accounts. They must act as trusted gatekeepers who contribute to the integrity and confidence in the SMSF regime.

Between 1 July 2025 and 31 December 2025, ASIC:

• disqualified 4 SMSF auditors,
• imposed additional conditions on 2 SMSF auditors, and
• cancelled the registration of 22 SMSF auditors.

ASIC took this action after finding breaches of professional obligations and standards, including:

• failing to comply with auditing and assurance standards, independence and continuing professional development requirements or to hold professional indemnity insurance,
• failing to provide ASIC with annual statements,
• failing to advise ASIC of changes to their contact details on the public register of SMSF auditors and not responding to regulatory compliance requests, and
• failing to carry out enough audit work to meet the practical experience requirements.

Andy Choi, Robert Morey, Andrew Orphanides and Ermis Yianni were disqualified from being SMSF auditors.

John Couroyannis and Dawid Maj had additional conditions imposed on their SMSF auditor registrations. The specific conditions can be viewed by searching the SMSF auditor’s name in ASIC’s Professional Registers Search.

Of the 22 auditors who had their registrations cancelled, 9 were cancelled over a failure to perform any significant audit work during the last 5 years. These auditors were referred to ASIC by the ATO, further adding to the 11 auditors who had their registrations cancelled last year as part of the ATO’s ongoing project to identify auditors who fail to maintain the necessary practical experience. These auditors were Yvonne Ching, Patrick Hoey, Christopher Leech, Rochelle Massih, Barry Mendel, Rick Siew, Thien Siow, John Whiting and Weifeng Zhu.

Ahmed Afifi and Fredel Twum were cancelled for not updating their contact details on the public register and failing to respond to regulatory compliance requests.

The registrations of 11 SMSF auditors were cancelled by ASIC for failing to comply with their obligation to lodge multiple annual statements.

Former finance director Brendan Gunn of Brisbane, has pleaded guilty to dealing with more than $180,000 when it was reasonable to suspect that those funds were the proceeds of crime, derived from suspected international scams that targeted Australian investors.

At the time of offending, Mr Gunn was a director of Mormarkets Pty Ltd (Mormarkets), a company that accepted deposits from Australians for cryptocurrency and other supposed investment opportunities. While Mormarkets’ bank accounts were in operation, Mr Gunn was repeatedly notified of suspicious activity or reports of fraud, with the accounts progressively closed.

The Federal Court has found BPS Financial Pty Ltd (BPS Financial) must pay $14 million in pecuniary penalties over its promotion and operation of its ‘Qoin Wallet’ crypto product.

BPS Financial promoted the Qoin Wallet as a non-cash payment facility linked to a digital crypto token called ‘Qoin’.

In 2024, the Federal Court found that BPS Financial engaged in unlicensed conduct over almost three years by issuing and providing financial advice about the Qoin Wallet without holding an Australian Financial Services License. The Court also found that BPS Financial engaged in misleading and deceptive conduct when it made several false and misleading representations about the Qoin Wallet.

In 2025, the Full Federal Court found that BPS Financial engaged in unlicensed conduct over an additional 10-month period because BPS could not rely on the ‘authorised representative’ exemption under the Corporations Act when issuing the Qoin Wallet.