On 17 August 2018, as part of his opening statement to the Parliamentary Joint Committee on Corporations and Financial Services, ASIC's chairman James Shipton, announced plans to embed teams of up to 20 ASIC agents for weeks at a time to sit with bank staff, drop into meetings and trail the CEO, executives and directors to identify misconduct before it arises.

Interestingly, as part of this same speech, he indicated his deputy chair, Peter Kell, was unable to attend as he was appearing as a witness at the Royal Commission into misconduct in the Banking, Superannuation and Financial Services Industry (Royal Commission).

The interim report of the Royal Commission has been released with the Executive Summary raising several pertinent issues that are relevant to this announcement, including:

As the Commission's work has gone on, entities and regulators have increasingly sought to anticipate what will come out, or respond to what has been revealed, with a range of announcements.

and; Should the existing law be administered or enforced differently? Is different enforcement what is needed to have entities apply basic standards of fairness and honesty by obeying the law, not misleading or deceiving, acting fairly, providing services that are fit for purpose, delivering services with reasonable care and skill, and when acting for another, acting in the best interests of that other? The basic ideas are very simple. Should the law be simplified to reflect those ideas better?

Is this novel idea a good one?

Clearly ASIC sees benefits in this approach and it is administering the laws differently.

However, will ASIC learn more about the banks by taking this approach or will it have a "chilling" effect, such that the bank employees in contact with the ASIC staff are more guarded in their communications?

This is a very real question and the impact of embedded staff is one that may not achieve the objective set out at the end of chapter 7 of the interim report:

Doing the 'right thing' has not been rewarded. And even in the more recent past, 'balanced scorecards' and 'conduct gateways' have too often used doing the 'wrong thing' as a disqualifying criterion. But penalising default is not the same as rewarding the right and proper performance of a task. Penalising default encourages hiding mistakes; it does not encourage doing the 'right thing'. It does not encourage the intermediary or the employee to ask, 'Should I, should the bank, do this?'

One could suggest that a regulator looking over the shoulder is not the first place to ask that question, as penalty, rather than reward, is the most likely outcome.

What can we learn?

The recurring themes of cultural issues and effective corporate governance, requiring change across the financial sector are sought to be addressed by this strategy.

These themes are a focus in Shipton's approach that ASIC staff begin "at the top" of the major banks and wealth manager AMP to assess culture, accountability and governance.

Our concern is that our regulators aren't learning from past mistakes. In 2004, the Australian Prudential Regulation Authority (APRA) completed its investigation into the National Australia Bank (NAB) (for irregular foreign currency options trading), which included APRA personnel conducting "on-site risk reviews."

Despite APRA's understanding of the misconduct occurring at NAB arising from their on-site visits, NAB continued to fall into further disrepute, with the Authority later being questioned for its knowledge of NAB's issues for period of approximately two years prior to the 2004 scandal. APRA responded to the Senate's concerns by stating it was working collaboratively with NAB to respond to the known issues at hand.

While APRA celebrated its findings from the on-site reviews and its recommendations later handed down to NAB in a publicly available report, others criticised APRA for acting too slow and too soft on NAB for the actions that resulted in an estimated loss of $360 million. APRA's findings isolated the misconduct to four currency option traders while also naming cultural issues to be at the heart of NAB's failure.

Noting two of the key recommendations handed down from APRA to NAB in 2004 were that:

  1. the misconduct of middle-management fails to attract the attention of higher management, with line management turning a blind eye to known management concerns
  2. Executive Risk Committees were particularly ineffective, missing or dismissing risk information pertinent to the problems that emerged and failing to escalate warnings.

While embedding ASIC staff "at the top" may flow through cultural change, it may be that solely focusing on executives and directors of financial institutions will not provide the change the sector truly requires, for example:

  • reducing the risk of misconduct amongst middle-management and front-line staff who are actively involved in the day-to-day conduct and decision-making
  • instilling cultural change, when it is inherent in the roles of senior-executives to focus on profit-deriving conduct.

The lessons learned in 2004 about information flows suggest that a focus on understanding how to comprehensively approach compliance reporting, and exception reporting, remain problematic, as seen in the comment in the interim report:

The difficulties raised by NAB, and by others, about meeting the Commission's requests suggest that those entities deal with regulatory compliance piecemeal rather than comprehensively. Approaching compliance piecemeal does not readily permit identification of underlying causes. Particular events are too readily seen as isolated departures from an assumed norm caused only by aberrant behaviour of individuals. Deeper causes and connections remain unconsidered and unidentified.

Since the initial announcement, ASIC Commissioner John Price, has made the following statement:

We believe this initiative will change the mindset in the thinking of decision-makers inside financial institutions. Any decision-maker inside a financial institution who interacts more regularly with a senior ASIC officer, will have regulatory issues – the physicality of the regulator, almost – firmly in front of mind.

While it is true regulatory issues will be physically front of mind, the remaining missing piece is the benefit the organisation will gain from this reminder. Unless there is an amnesty or an immunity policy, any engagement with the embedded ASIC regulatory staff may be seen as a fast track to adverse outcomes if the proposed action is not 100 per cent within ASIC's view of "legal" – and nothing is ever black and white.

What next?

The Royal Commission is conducting further hearings this month and is due to submit its final report to the Governor-General by 1 February 2019. At that time, we may have the benefit of further recommendations to influence the implementation of this and other policies to encourage "good" behaviour rather than merely be a more constant reminder of the consequences of "bad" behaviour.

This publication does not deal with every important topic or change in law and is not intended to be relied upon as a substitute for legal or other advice that may be relevant to the reader's specific circumstances. If you have found this publication of interest and would like to know more or wish to obtain legal advice relevant to your circumstances please contact one of the named individuals listed.