Risk and Compliance

Insurers are failing to identify one in six customer complaints, effectively denying those Australians critical protections available through the Internal Dispute Resolution (IDR) regime, an ASIC review has found.

ASIC’s review of the IDR practices of 11 general insurers highlighted shortcomings in several areas, including the failure to identify complaints and systemic issues, as well as inadequate communications to customers.

ASIC’s analysis of insurance complaints handling comes as the volume of general insurance complaints made to the Australian Financial Complaints Authority (AFCA) swelled by 50% in the 2022-23 financial year, and rose again in 2023-24.

ASIC Commissioner Alan Kirkland said, ‘Consumers have a right to expect that their complaints will be identified and handled in a fair, timely and effective manner. When things go wrong, the complaints process provides an opportunity to get them back on track.

‘When insurers fail to identify complaints, they risk prolonging the distress of customers, especially those dealing with extreme events like floods. This failure denies customers access to important protections, including the right to escalate a complaint to AFCA for independent review.’

The government announced updates to the Delivering Better Financial Outcomes reforms after consulting widely. These changes aim to:

• expand advice services
• reduce unnecessary compliance
• help advisers focus on high‑quality advice
• maintain strong consumer protections.

First tranche of reforms
The Treasury Laws Amendment (Delivering Better Financial Outcomes and Other Measures) Act 2024 simplifies rules that add costs without benefiting consumers. It became law on 9 July 2024.

This consultation paper is about ASIC’s guidance on digital assets and related products.

It sets out our proposals to update Information Sheet 225 Crypto-assets (INFO 225) to provide further guidance about our interpretation of how the Corporations Act 2001 applies to crypto- and digital assets. It also sets out our proposals for licensing entities that provide financial services in relation to crypto- and digital assets that are financial products.

Released 4 December 2024. Comments close 28 February 2025.

Amends the: Privacy Act 1988 and 7 other Acts to introduce a range of measures to protect the privacy of individuals with respect to their personal information, including expanding the Information Commissioner’s powers, facilitating information sharing in emergency situations or following eligible data breaches, requiring the development of a Children’s Online Privacy Code, providing protections for overseas disclosures of personal information, introducing new civil penalties, and increasing transparency about automated decisions which use personal information; Privacy Act 1988 to introduce a statutory tort to provide redress for serious invasions of privacy; and Criminal Code Act 1995 to introduce criminal offences targeting the release of personal data using a carriage service in a manner that would be menacing or harassing (known as ‘doxxing’).

Amends the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 to: extend the anti-money laundering and counter-terrorism financing (AML/CTF) regime to additional services that are recognised by the Financial Action Task Force as posing high money laundering and terrorism financing risks; reframe and clarify the AML/CTF program and customer due diligence obligations; enable the Australian Transaction Reports and Analysis Centre to require the disclosure of information and conduct examinations; and update the AML/CTF regime to reflect changing business structures, technologies and illicit financing methodologies; and make consequential amendments. Also makes consequential or contingent amendments to 10 other Acts; and repeals the Financial Transaction Reports Act 1988.

The Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) have published a letter containing observations on registration and notification lodgements made since the Financial Accountability Regime (FAR) commenced for the banking industry.

The letter identifies areas that require further consideration by banking entities and reiterates specific aspects, consistent with previously released FAR guidance, to entities across the banking, insurance and superannuation industries.

Entities should review the observations and areas for further consideration provided in the letter for the purposes of ensuring compliance with their obligations under the FAR.

ASIC is updating its regulatory guides (RGs) to ensure they remain simple to follow, effective, current, and appropriate.

This is part of our firm commitment to improving regulatory efficiency and reducing regulatory complexity, as announced at this year’s ASIC Annual Forum.

To assist regulated entities in understanding the law, we publish updated regulatory guidance on an ongoing basis and this work will continue in 2025.

In 2025, ASIC will consult with stakeholders to update some key RGs, taking into account law reform, insights from case law about the provisions and other relevant issues. The RGs that we intend to update next year, include:

• Regulatory Guide 53 The use of past performance in promotional material
• Regulatory Guide 168 Disclosure: Product Disclosure Statements (and other disclosure obligations)
• Regulatory Guide 181 Licensing: Managing conflicts of interest
• Regulatory Guide 183 Approval of financial services codes of conduct, and
• Regulatory Guide 234 Advertising financial products and services (including credit): Good practice guidance.

The Australian Prudential Regulation Authority (APRA) has published a speech delivered by Chair John Lonsdale this afternoon to the European Australian Business Council in Sydney.

In “Forewarned and forearmed”, Mr Lonsdale spoke about how financial regulators globally, including APRA, are increasing their focus on the potential for geopolitical events to impact the financial and operational soundness of banks, insurers and superannuation funds.

ASIC has been enforcing its expectations in relation to licensees’ treatment of customers experiencing vulnerability. Its communication to superannuation trustees to drive improvements to their death benefit claims handling practices followed its recent filing of civil penalty proceedings against Cbus.

Banking, insurance, and superannuation entities are all encouraged to review the observations in the appendix to the letter, with ASIC Commissioner Simone Constant having reminded ASFA conference delegates that senior executives in the superannuation sector will become accountable persons under FAR from March 2025.

ASIC’s inaugural Digital Assets Liaison Meeting (DALM) took place on 11 September 2024. More than 190 industry representatives attended online and in person at ASIC offices.

The DALM has been established as a regular event to provide the digital assets industry with insights into ASIC’s strategic priorities and key projects, and give opportunity for Q&A.

The Australian Prudential Regulation Authority (APRA) has amended the prudential requirements for superannuation trustees relating to operational risk financial requirements (ORFR) as set out in Prudential Standard SPS 114 Operational Risk Financial Requirement (SPS 114) and related guidance.

The changes aim to strengthen operational resilience by ensuring trustees can better access the financial resources held to meet the ORFR when needed and to maintain an appropriate level of reserving.

The key changes are to:

• clarify the purpose of the ORFR;
• widen the allowable range of uses for the ORFR;
• introduce a clear and direct relationship with Prudential Standard CPS 230 Operational Risk Management (CPS 230); and
• amend the APRA notification requirements to facilitate further use of the ORFR.

Keynote address by ASIC Commissioner Kate O’Rourke at the 34th Annual Credit Law Conference.

Key Points

• Improving consumer outcomes in relation to financial products and services is a priority for ASIC. We will continue to focus on protecting consumers from poor conduct and harm from products in the credit and banking sectors.
• We also remain focused on advancing digital and data safety including addressing technology enabled misconduct like scams – and monitoring the use of artificial intelligence.
• We continue to monitor the regulatory settings (including the responsible lending obligations) and their outcomes. Our findings indicate that consumers continue to be able to access credit overall – and it is increasing.

APRA’s primary purpose is to ensure the safety and stability of the Australian financial system. A stable financial system is essential for a thriving and dynamic economy.

APRA’s mandate in supervising banks is to protect the interests of depositors and to promote financial stability. This objective is critical to the Australian community’s long-term financial well-being – a safe and stable financial system enables households and businesses to confidently borrow, save and invest for the future. We strive to perform our role in keeping with our Statement of Expectations which includes the facilitation of the flow of finance to the economy.

The Australian Prudential Regulation Authority (APRA) has written to all registrable superannuation entity (RSE) licensees outlining its approach for intensifying supervision of fund-level expenditure.

The letter provides RSE licensees with clarity about APRA’s planned activity in this area over the next 12 months, in accordance with APRA’s recently released Corporate Plan.

ASIC’s program of transformation continued in 2023–24, according to the agency’s latest annual report.

ASIC Chair Joe Longo said the report highlighted a range of key regulatory and enforcement outcomes focused on protecting consumers, reducing costs for businesses, and strengthening capabilities.

‘We have made significant progress with the program of transformation work we began three years ago,’ Mr Longo said.

The Federal Court today ruled Latitude Finance Australia and Harvey Norman Holdings Ltd engaged in misleading conduct and made false or misleading representations in relation to a widespread advertising campaign for a 60-month interest free and no deposit payment method.

ASIC was concerned the advertisements masked the fact consumers were required to take out a credit card, such as the Latitude GO Mastercard, to purchase goods. The advertisements were published between January 2020 and August 2021.

ASIC Deputy Chair Sarah Court said, ‘ASIC took this case because we believed many consumers may have been unaware of the financial arrangements they were entering into when they bought everyday products at Harvey Norman stores. In some cases, this may have meant they paid considerably more for purchases than they expected.’