While the appropriate degree of regulatory oversight and intervention is the subject of much debate, regulation is accepted as being necessary to aid a properly functioning economy – whether by promoting conduct that meets societal expectations or by passing on the economic costs of those actions that create social harm.
By understanding emerging trends in enforcement, organisations can make informed decisions about whether there is a need to shift resources to those areas of most relevance or interest to regulators.
One feature common to almost all regulated industries in Australia is the steadily increasing complexity of the regulatory environment and consequent soaring compliance costs.
The ability to carefully calibrate and balance cost pressures with appropriate risk appetite remains, for some, something of a dark art. As expected, these costs will exponentially increase when an organisation operates in an industry that is the subject of heightened regulatory oversight. However, by staying in front of regulatory trends and embedding a positive risk culture, many organisations will improve their ability to smooth out peaks in compliance costs and ameliorate the prospects of avoiding enforcement activity.
Below, we identify three emerging trends in regulatory enforcement that apply across a range of sectors, and outline possible steps organisations can take now to minimise the likelihood of being the subject of oversight – and mitigate detriment in the event that enforcement action is taken.
Trend 1 – Direction from the top and close collaboration between regulators
While primary motivations may differ, regulators face many of the same costs pressures of the private sector. However, regulators must also contend with high levels of scrutiny and political and public expectations that those regulators will identify and punish all instances of corporate wrongdoing and misconduct. To achieve this, regulators are required to make strategic decisions about the areas they wish to target and the tools they intend to use to do so.
Leadership within a regulator is critically important for the setting of strategic direction and enforcement priorities. The Australian market is carefully calibrating the impact of a number of recent changes to the leadership of some of Australia’s most visible regulators, and a new Federal Government. These changes make it challenging to extrapolate nuances in the approach that will be adopted, but subtle changes are already being observed.
While it may be too early to see the impact that newly appointed Member of the Australian Prudential Regulation Authority (APRA) Margaret Cole and Chair of the Australian Competition and Consumer Commission (ACCC) Gina Cass-Gottleib will have, Australian Securities and Investments Commission (ASIC) Chair Joe Longo has publicly committed to “enforcing the law using all of [ASIC’s] regulatory tools to litigate and act against misconduct” and has quietly distanced himself from the regulator’s former ‘Why not litigate’ mantra.
ASIC in particular continues to broaden its focus beyond seeking enforcement remedies in respect to ‘traditional’ provisions to include more novel causes of action. This has seen ASIC move from pursuing alleged breaches of the ‘efficiently, honestly and fairly’ obligation, and the prohibitions on misleading or deceptive conduct and unconscionability to taking action in relation to defective systems and inadequate controls. This has been driven by ASIC’s belief that many corporations rely on outdated and bolted-on systems, which have limited functionality to provide oversight or proper record-keeping, and that this makes them particularly prone to cyber-attacks. The industries of most interest to regulators continue to be those where there is an element of customer vulnerability or asymmetric information which can be exploited by sophisticated algorithms able to discretely manipulate data to influence decision-making.
A greater inter-reliance of regulators leading to the sharing of investigative functions – including between ACCC and ASIC – has also allowed resources to be deployed in a more strategic manner. One of the less well-known provisions of the Australian Securities and Investments Commission Act 2001 (Cth) (ASIC Act) for example, is the power under section 102 which permits ASIC to delegate many of its powers to a staff member of the ACCC. Likewise, section 26 of the Competition and Consumer Act 2010 (Cth) (CCA) permits most of the powers of the ACCC to be delegated to ASIC staff members. We anticipate that these powers will be used more frequently over the short to medium-term and expect to see even greater information sharing between the two regulators.
Trend 2 – Greater focus on individual punishment
In the past, the focus of regulatory enforcement action tended to be at the organisational level, with regulators rarely resorting to criminal prosecution of individuals. However, recent initiatives by both the ACCC and ASIC demonstrate a clear push to identify and punish misconduct at an individual level. For example, in what was a highly visible attempt by the ACCC to criminally prosecute the individuals said to be the masterminds of market manipulation, the Commonwealth Director of Public Prosecutions (CDPP) laid criminal cartel charges against three banking and financial services companies and criminal charges against a number of senior executives in June 2018, following an investigation and referral by the ACCC (all proceedings were recently abandoned by the CDPP and ACCC). Equally, ASIC has put enormous effort into increasing the number of banning and disqualification orders it imposes on company directors and senior executives in financial services, who it is asserted are an ongoing threat to investors and consumers. Banning orders of this nature have very serious consequences given they often prevent an individual from working in their chosen profession, sometimes indefinitely.
Individuals who are appointed as directors (including subsidiaries in a corporate group) should keep in mind the potential personal exposure they have. For those officeholders exiting an organisation, it may be helpful to seek details of their insurance position and determine whether an entry into co-operation agreement is necessary. It can often seem obvious with hindsight, but difficulties in accessing relevant corporate information can significantly complicate the defence of enforcement proceedings.
Trend 3 – The rise of non-traditional techniques to signal enforcement priorities
Following public statements from ASIC that it has now closed all remaining issues arising out of the Financial Services Royal Commission, there has unsurprisingly been a notable decrease in the number of new enforcement proceedings and regulatory investigations being commenced by ASIC over the last 12 months.
It was surmised that the recent introduction of the ‘reportable situations’ regime might create a second wave of litigation stemming from the increase in data that ASIC would receive, which it hoped would identify industry trends and provide early alerts of serious misconduct. However, flaws in the design of the regime, inconsistent approaches to reporting and a massive influx of reports has rendered the regime in need of refinement, a point somewhat acknowledged by ASIC in its 10 August 2022 media release, 22-214MR ‘ASIC’s approach to breach reporting: implementation of reportable situations regime’.
ASIC has also recently shown an increased willingness to deploy its administrative powers, such as stop orders and banning orders, to punish misconduct. Remedies of this kind are unusual in the sense that ASIC acts effectively as both investigator and adjudicator. These orders are also not subject to the same judicial oversight that court proceedings would be, nor are the processes bound by strict rules of evidence. However, given the control ASIC exercises over the process, use of these methods will likely continue to increase. It has highlighted the importance of ensuring that examinees are legally represented and that they do not simply accept the propositions put to them by ASIC as an easy way out.
Over the last 12 months, ASIC has also adopted a number of more novel enforcement techniques, outside of the usual traditional regulatory toolkit, aimed at clearly signalling to the market ASIC’s expectations and those areas of most interest to the regulator. Measures include sending an open letter to ASX CEOs reminding them of their obligations to comply with whistleblowing legislation and posting messages on behalf of the regulator in chat rooms warning of possible criminality in respect of ‘pump and dump’ strategies. By tracking these more informal measures, organisations can take proactive steps well in advance of enforcement action.
By understanding emerging trends in enforcement, organisations can make informed decisions about whether there is a need to shift resources to those areas of most relevance or interest to regulators. Acting on clear signalling can also carefully avoid the very expensive task of responding to a regulatory investigation and ensure enforcement action is deemed unnecessary.
 Corporations Act 2001 (Cth), section 912D.
 Corporations Act 2001 (Cth), section 1041H; Australian Securities and Investments Commission Act 2001 (Cth), section 12AD.
 Australian Securities and Investments Commission Act 2001 (Cth), section 12CB; Australian Consumer Law, section 21.
This publication is introductory in nature. Its content is current at the date of publication. It does not constitute legal advice and should not be relied upon as such. You should always obtain legal advice based on your specific circumstances before taking any action relating to matters covered by this publication. Some information may have been obtained from external sources, and we cannot guarantee the accuracy or currency of any such information.