ASIC accepts enforceable undertaking from J. P. Morgan regarding failure to comply with disclosure requirements

In this edition:

  • ASIC accepts enforceable undertaking from J. P. Morgan regarding failure to comply with disclosure requirements; and
  • Misleading and deceptive conduct targeted by ASIC.

ASIC accepts enforceable undertaking from J. P. Morgan regarding failure to comply with disclosure requirements

Three J.P. Morgan foreign financial service providers have together proposed an enforceable undertaking (EU) which has been accepted by ASIC. This follows the companies’ admissions that there had been breaches of their disclosure requirements that involved up to 884 wholesale clients. The EU includes obligations to appoint an Independent Expert who will conduct reviews into the systems in place at the J.P. Morgan entities and to make any reasonable changes to their systems to ensure compliance. EUs are not an admission that a company has contravened the relevant legislation (the Corporations Act 2001), but where an alleged breach has occurred, they are an alternative remedy to civil or administrative action by ASIC.

The breaches

The EU relates to the conduct of three entities that are part of the J.P. Morgan group:

  • J.P. Morgan Securities plc (incorporated under the laws of the United Kingdom);
  • J.P. Morgan Securities (Asia Pacific) Ltd (incorporated under the laws of Hong Kong); and
  • J.P. Morgan Securities LLC (incorporated under the laws of the United States).

They will collectively be referred to as “J.P. Morgan” for the purposes of this article.

Financial service providers regulated in an overseas jurisdiction are exempt from the requirement to hold an Australian Financial Services Licence (AFSL) for the provision of financial services to wholesale clients in Australia. However, there are still numerous obligations that such entities must meet, including a disclosure requirement. Regarding this exemption, ASIC Commissioner Cathie Armour said that “it is fundamental to the class order relief granted to foreign financial service providers to disclose to clients that they are exempt from holding an AFSL and that they are regulated by the relevant overseas regulatory authority”.

The three entities all reported breaches of their disclosure requirements between 2005-2008. Each company reported additional breaches in 2014.

The Enforceable Undertaking

As there were previous breaches in every case, ASIC considered that the breaches reported in 2014 demonstrated a ‘material and systemic weakness’ in the controls that were developed by J.P. Morgan to comply with their disclosure requirements. As such, their non-compliance was treated as serious. J.P. Morgan acknowledged that ASIC’s concerns were reasonable and that remedial steps were necessary.

J.P. Morgan proposed an EU that set out remedial steps that would ensure compliance. These included appointing an ASIC-approved Independent Expert, establishing a remediation plan and subsequently undertaking a ‘hindsight review’. ASIC accepted this proposal, acknowledging that J.P. Morgan had been co-operative and had worked constructively with ASIC to address the issues of non-compliance. It is important to highlight the fact that the breaches were all self-reported.

In accepting the EU, ASIC agreed not to commence civil proceedings or take administrative action such as any action to exclude J.P. Morgan from the exemption from holding an AFSL. However, this agreement is contingent on full compliance with the EU.

Role of the Independent Expert

The EU requires J.P. Morgan to appoint an Independent Expert who has the authority to access all documents (subject to legal professional privilege), interview present employees and consult with ASIC. The Independent Expert will conduct two reviews and publish two reports. These must be responded to by J.P. Morgan within one month. J.P. Morgan is required to produce a Remedial Action Plan following each report, which puts into place the recommendations within three months of the creation of the action plan. The two reports will consist of the following:

  • the first report: will deliver any findings related to J.P. Morgan’s policies, procedures, practices, training and monitoring implemented to comply with the disclosure requirement; and
  • the second report: will deliver any findings related to the effectiveness of any remedial actions implemented by J.P. Morgan as part of the First Remedial Action Plan, consider any remaining gaps in internal control measures and deliver any further recommendations.

Lessons for other licensees

This matter demonstrates that even if a breach does not seem to be serious in isolation, repeated violations of the requirements can be treated very seriously by ASIC. J.P. Morgan, after identifying earlier breaches, failed to repair their systems to ensure subsequent violations didn’t occur. When faced with potentially serious consequences, J.P. Morgan self-reported these breaches and worked collaboratively with ASIC to create an enforceable solution that aims to ensure future compliance. Its co-operation and the fact it took steps to bring the breaches to ASIC’s attention led to ASIC agreeing to an EU, as opposed to a fine or other action that could have damaged J.P. Morgan’s ability to continue as a financial service provider.

J.P. Morgan’s EU and other recent breaches involving high profile entities such as Macquarie Equities Limited, are reminders that large companies, irrespective of their extensive global presence, still have the same disclosure and compliance obligations as other Australian financial entities. Although J.P. Morgan’s compliance breaches have resulted in publicity and reputational damage in this case, the burden of complying with the EU is still a better alternative to the other serious penalties which may have been imposed.

 

Misleading and deceptive conduct targeted by ASIC

ASIC has cracked down on financial service providers engaging in misleading and deceptive conduct as part of its broader strategy to protect consumers. Fines of $25,000 and $30,600 and permanent disqualifications have been among the penalties issued in November alone. This is in line with ASIC’s broad strategic aim of narrowing the gap between consumer understanding of how the products operate and the reality of the products’ operation, as discussed in our earlier article on the ASIC Corporate Plan.

What is misleading and deceptive conduct?

Sections 12DA and 12DB of the Australian Securities and Investment Commission Act 2001 (Cth) respectively prohibit misleading and deceptive conduct and false and misleading representations. Section 12BB also prohibits misleading representations with respect to future matters. Financial service providers often provide complex or difficult to understand products to consumers, and so the potential for consumers to be easily misled or confused by deceptive conduct is high.

If ASIC finds that a financial service provider has breached its obligations, ASIC has the power to order a person to pay pecuniary penalties, to remove its licence or to compel them to change their conduct so it ceases to be misleading or deceptive. In addition, ASIC will often make a public statement relating to the actions they have taken.

ASIC’s focus on consumer protections

There have been various recent cases of ASIC administering a penalty related to misleading or deceptive conduct. We will look at one of the most recent cases, involving the $30,600 fine imposed on O.C.M. Online Capital Markets Pty Ltd (OCM).

OCM’s conduct was misleading and deceptive as it led clients to falsely believe that the high-risk and volatile products that it advertised would lead to a consistent and reliable profit. There were three individual instances of misleading conduct in its advertising material, which gave false impressions of the products and only provided disclaimers in fine print that were ineffective in correcting the dominant message created by the headline claims. Each breach led to a fine of $10,200 contained in an infringement notice. It is important to note that payment of an infringement notice is not an admission of a contravention of the ASIC Act consumer protection provisions. ASIC can issue an infringement notice where it has reasonable grounds to believe a person has contravened certain consumer protection laws.

Other ASIC actions have related to deceptive conduct, but did not specifically involve the relevant sections of the ASIC Act or were subject to less harsh consequences. For example, there were three instances of permanent bans issued to service providers who had produced fraudulent documents that were misleading in relation to their client’s financial position. In all of these circumstances, the ban was issued on the grounds that the person was not a fit and proper person or was not of good faith and character.

ASIC also has the option of not issuing a fine, but requiring any misleading or deceptive statement or omission to be rectified. This power was exercised on a number of occasions in November, such as an agreement of six insurers to better highlight the automatic renewal provisions when informing their customers of the different policies available. Other companies were required to remove statements or implications that intended to give the impression that they were authorised to provide financial services when this was not the case.

Avoiding misleading and deceptive conduct

Given the level of attention ASIC is devoting to misleading and deceptive conduct, it is important for service providers to review their advertising materials and other communications to consumers to ensure that they accurately reflect the services and types of products being offered.