Most business people, if asked to comment on the state of the
EU, would provide their views on the problems facing the European
economies. For those in the Australian financial services industry
the question may prompt a very different answer. For example,
"Our EU is costing us a fortune, we've had experts and
consultants trawling through our business for the last 12
months" or "The training never seems to stop; I wish we
could get it over and done with and get back to business".
The financial impact of an enforceable undertaking, or EU, can
be significant and may lead to cash flow difficulties for the
affected business or person. Sometimes
the Pingee agrees to pay compensation, but even in the absence
of this, the professional fees and business interruption can be
All EUs are public documents, because the transparency of
ASIC's dealings is important, and can be easily accessed
through ASIC's website. Typically, ASIC also issues a media
release informing the community of the EU and this can have
However, there is also a positive side to EUs. Typically, the
matters that raise ASIC's concerns are breaches of what we like
to refer to as 'the ten commandments'. Not THE ten
commandments, of course, but the general obligations of Licensees
set out in section 912A of the Corporations Act. These are the
obligations to have things like: a risk management framework, a
process of managing conflicts of interest, a program for the
training of staff and appropriate procedures to monitor and
supervise them, a good complaints handling and dispute resolution
system, and adequate technological, human and financial
The way to look at these obligations is as a series of business
systems, rather than as isolated regulatory obligations. One of the
policy objectives of the Corporations Act is to have an efficient
and healthy financial services sector. The ten commandments should
be seen as a 'how to' for running a successful financial
services business. If each of the systems is working and the
information flowing from the systems is informing the other
systems, the outcome will be a well run business.
For example, if the risk management framework is being properly
used it will assist the business to understand the environment in
which it is conducting its business. The environment will include
its internal environment, which will force it to look at things
like its mission, its values and its service and/or product
offering. It will also include its external environment, requiring
it to inform itself of the economy, upcoming changes in
legislation, what its competitors are doing, what the politicians
and the regulators are doing, what is on offer with changes in
technology, and so on. The business can then identify the risks,
which include the risk of missing out on opportunities, and to
evaluate and treat them. In this way its scarce resources are
allocated efficiently and the somewhat competing objectives in the
obligation to conduct its business "efficiently, honestly and
fairly" can be managed.
Some of the actions put in place to treat particular risks will
include training. Information gathered during training can inform
risk assessment. Complaints provide valuable intelligence for the
business and assist in identifying client needs and ways to better
meet them. That information will inform risk assessments and also
the training programs.
The failure to report breaches is a common concern leading to
EUs. The breach reporting obligation is a form of industry self
regulation. The regulatory regime is complex and it is difficult to
know all of the obligations and to keep up with changes. It is even
more difficult particularly for large licensees with geographically
spread workforces to ensure that all of their representatives
comply with all of the laws all of the time. I would go so far as
to say that it is impossible or, to put it another way, everybody
A failure to report breaches may therefore be more of an
indication that the Licensee does not have a functioning system for
identifying, considering and reporting breaches than that there
have not been any breaches. It may also be indicative of a culture
which seeks to hide breaches rather than to deal with them.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In the years following the global financial crisis of 2008 many Australian investors lost their life savings as financial products failed and the Australian Stock Exchange shed over 3,000 points.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).