facebook Twitter LinkedIn RSS
The past week has been a very busy one for ASIC Chairman Greg Medcraft, who has given three speeches outlining ASIC’s strategy and priorities. The speeches were given at a Bloomberg event, to the Parliamentary Joint Committee on Corporations and Financial Services and most recently, to the National Press Club of Australia.
His three speeches shows where ASIC will be focusing its attention as we move into the new year.
Boards must be alive to the risk of cyber attack
Giving the Bloomberg Address, Sydney, Mr Medcraft named cyber security as a key risk of the digital age, facing all organisations.
A systemic risk
Mr Medcraft described cyber crime as a ‘systemic risk’, which has caught the attention of global policy makers.
An incident of cyber attack can affect:
- the integrity and efficiency of global markets;
- the protection of investors; and
- ultimately, trust and confidence in the financial system.
All of the above occurred earlier this year when, as reported by Forbes, a cyber attack on JP Morgan Chase in America, reportedly compromised the personal information of 76 million households and seven million small businesses.
Mr Medcraft advocates ‘cyber resilience through risk management’ to combat the threat of a cyber attack. Echoing views he has expressed in previous speeches about the importance of directors as ‘gatekeepers’ of the financial system, Mr Medcraft stated that ‘boards should also be alive to the risk of a cyber attack as part of their risk-oversight role’.
Developing a privacy program and training and educating staff on its principles and the risks presented by a breach of cyber security, are key steps in developing an efficient risk management system.
The Office of the Australian Information Commissioner has also released a consultation paper ‘Revised Guide to Information Security – ‘Reasonable Steps’ to protect personal information‘ which provides organisations with useful ways of ensuring information security, in accordance with their Australian Privacy Principles obligations, including in relation to ICT security.
Don’t forget the human side
Mr Medcraft also identified the crucial role that boards play in being aware of the risks posed by cyber breaches.
Why ASIC matters
In his speech to the National Press Club, Mr Medcraft posed a question which many commentators and critics have raised in 2014. That is, ‘who is the corporate watchdog, what does it do and why do Australians care?’
Mr Medcraft answered his question with the following interesting, but not groundbreaking, observations:
- Australians should care about ASIC because it touches their lives in one way or another through superannuation, credit, small business or through understanding finance and money at any age;
- ASIC’s focus is on being proactive and forward-looking in response to rapid change and the opportunity it brings;
- as part of responding to current challenges ASIC supports the introduction of:
- a ‘user pays’ funding model;
- harsher penalties for white collar crime which ‘amplify the fear and suppress the greed’;
- having the national exam for financial advisers to build trust and confidence and ‘assure all Australians’; and
- a consistent language around identifying, evaluating and communicating the relative level of an organisation’s cyber resilience.
This final speech might be his last for 2015. In closing, Mr Medcraft stated that the main reason ASIC matters is that ‘nearly all Australians have skin in the game’ through compulsory superannuation. While this is correct, it may not be enough to mollify all of ASIC’s critics. ASIC’s multifaceted nature, and varying roles as registrar, investigator, policy maker and enforcer in many different industries lead many to wonder whether such a monolithic body can fulfil all those goals.
Financial advisers should be tested like pilots
And for our financial services clients, just in case you think you haven’t had enough attention this year, ASIC has proposed some more changes for the industry. The below information will give you some food for thought before digesting the Financial System Inquiry (Murray) Report, due to be released on Sunday.
The day after Treasury’s release of the Exposure Draft for an Enhanced Register for Financial Advisers, Mr Medcraft, appeared before the Parliamentary Joint Committee on Corporations and Financial Services. Mr Medcraft’s opening statement described his passion for lifting the standards of the financial services industry in Australia and his support for introducing a national exam for financial advisers to realise this aim.
Mr Medcraft stated that:
- ASIC wants a co-regulatory model where the industry sets competency levels for advisers and then ASIC oversees the exam testing those competencies;
- the exam should be modularised to take account of the different skills different types of advisers have; and
- the exam should have a compulsory basic skills module with ethics as a cornerstone of it.
The current RG 146 Diploma of Financial Planning qualification for financial planners has been condemned as being susceptible to cheating and too easy to obtain. Although the idea of an exam is a step in the right direction, previous attempts at setting competency standards have been somewhat farcical.
Mr Medcraft concluded his short speech by saying that ASIC wants a system like the one used by the Civil Aviation Safety Authority (CASA) to train pilots. CASA sits and controls exams in accordance with a CASA framework.
ASIC might be hoping that its exam will weed out rogue planners from the financial services industry – if it’s ever introduced.
Compliance with Current and Future Child Protection Laws – Embedding a Child Protection Culture. How can this be achieved?