Good morning everyone. Thank you for the opportunity to speak to you today about emerging threats and harms at Risk Australia Conference.
Today, I will be touching on three things:
- How we identify Threats and Harms at ASIC
- Emerging threats and harms we have identified, and
- How we are addressing these Threats and Harms through our strategic priorities.
The Financial Services Royal Commission clearly highlighted the substantial harms that misconduct in the financial sector has inflicted on everyday Australians.
The Royal Commission also held in no uncertain terms, that the primary responsibility for the misconduct and harms caused, lies with the entities concerned, and their boards and management.
Of course, ASIC recognises its responsibility to identify threats that have the potential to inflict harm and proactively work towards preventing or mitigating those threats.
ASIC’s vision is for a fair, strong and efficient financial system for all Australians. This means a financial system that is not harmful to consumers and investors, and not harmful to the economy.
Our role as a regulator is to encourage behaviours (including through enforcement) that will drive good consumer and investor outcomes. This is why we focus on what we call threats and harms, rather than ‘risks’.
Our focus is externally on the financial system and the harms that are being caused to individuals and the system itself. At ASIC, we identify harms and potential harms and the threats and underlying behaviours that cause those harms. Risk management focuses on defining thresholds of acceptable risks, whereas harm reduction focuses on addressing or eliminating harms.
Once we identify threats and harms, we use our regulatory toolkit to address them, and hold people to account for wrong-doing.
Harms can relate to consumers, such as monetary losses and negative psychological impacts that stem from those losses. They can also relate to the financial system as a whole, such as damage to market integrity and confidence, or to competition within the financial system. These harms can restrict economic growth which can in-turn limit business expansion, new business creation and job creation.
Essentially, harms are likely to result when basic principles of conduct are not followed. The Royal Commission outlined six norms of conduct for the financial industry:
- obey the law;
- do not mislead or deceive;
- act fairly;
- provide services that are fit for purpose;
- deliver services with reasonable care and skill; and
- when acting for another person, act in their best interests.
Building corporate cultures which support these norms, will go a long way in preventing future harms from misconduct.
Harm Reduction Approach at ASIC
As part of ASIC’s strategic change program, we have developed a Threat, Harm and Behaviour Framework, which enables us to identify, analyse and measure the threats and harms manifesting in the industries that we regulate, with consistent language and methodology.
We draw on extensive data from a detailed environmental scan, as well breach reporting data and published reports. Our review and prioritisation of threats and harms is systematic and involves extensive internal consultation, draws on external experts, and involves the Commission itself.
To give you an idea of the scale of this process, it almost spans the full year, kicking off in August, and culminating in completion of final business plans in June the following year.
In addition to this annual planning process, our Emerging Threats and Harms Committee, also steers ‘deep dive’ analysis of specific threats and harms throughout the year, and seeks to look ‘over the horizon’ to identify threats as they begin to manifest.
Threats and Harms
Through this process we have identified five key drivers of harm to focus on, which I will now outline, along with some of the specific threats associated with them.
Firstly, poor design and inappropriate sale of investment and protection products
Consumers can suffer harm when they pay for a product that:
- They don’t need; or
- That is inappropriate for their needs or, even worse, does not provide a worthwhile service at all.
Harms will likely eventuate when the design, sale and distribution of products maximise benefits to product issuers and distributors, with little concern for the needs of the consumer. For example, consumer focussed retail Over-the-Counter – or ‘OTC’ – products such as CFDs, are very high risk and can produce significant losses for consumers, to whom they may be mis-sold.
ASIC is also concerned about inappropriate exposure of consumers to crypto-assets. Harms can manifest across fund raising, secondary trading or through OTC derivatives trading linked to crypto-assets. Initial Coin Offerings, a form of fundraising using crypto-assets, are sometimes aggressively targeted to retail investors that have traditionally found it difficult to participate in initial public offerings.
In terms of insurance, we are concerned with products that are delivering poor outcomes, such as consumer credit insurance.
We highlighted in a recent report that with consumer credit insurance sold with credit cards, consumers were paid out only 11 cents in claims for every one dollar paid in premiums. For all types of consumer credit insurance, this only increased to 19 cents in claims paid.
Conflicted business models in investment management can also result in consumers being offered products that are aligned to interests of the relevant group, despite other products in the market performing better. Conflicts of interest can also be found in the recommendation and provision of managed discretionary accounts.
In terms of superannuation, product examples include self-managed super funds being established, when they may not be in the best interests of the client, given the cost of management of the fund, portfolio concentration risk, loss of protections, or size of investment.
Superannuation balances can also be eroded by excessive product and advice related fees. Compounding factors include the high number of Australians disengaged from their super, vulnerabilities associated with low financial literacy, and fees incurred from multiple accounts.
Secondly, inappropriate sale of credit products to consumers
Household debt has increased, and consumers who take on significant debt, could be vulnerable to weakening economic conditions which could impact on unemployment and or property values. We are conscious of threats to the global economy and the potential for shocks to be transmitted through financial markets.
We are also keen to stress that responsible lending is an established legal obligation. Lenders are expected to lend responsibly across the cycle. We do not believe that these obligations have caused weakness in home lending.
Technology is also enabling products such as payday loans, personal loans and credit cards to be sold quickly with low levels of ‘friction’ which may increase the incidence of consumers being sold products that do not meet their needs.
Thirdly, poor conduct in financial markets
ASIC remains concerned about the misuse of information in our financial markets. We have observed elevated suspicious trading in sectors such as mining, particularly around mergers and acquisitions. Conflicts of interest related to use of external experts to influence the decision-making of retail investors around transactions is also of concern.
OTC markets are also an area of focus for ASIC, with an emphasis on the potential for system outages and market disruption that can result from inadequate investment in internal systems and controls.
Distributed ledger technology, or DLT, has the potential to cause disruption, to facilitate efficiencies for the market, and for new services to be provided in areas such as clearing and settlement. Here in Australia, ASX is replacing its CHESS system with a platform based on a DLT private permissioned ledger.
We also want to address threats to fixed income, currency and commodities markets that may cause harms to the real economy and consumers, including by reviewing large transactions, monitoring the determination of the new bank bill swap rate (BBSW) and conducting onsite reviews. We plan to publish two reports, outlining findings and providing key messages, on foreign exchange markets and debt capital raising in the coming year.
On domestic benchmarks, while ASIC is confident that BBSW will remain a significant benchmark, recent work has been conducted to strengthen its robustness and provide fallback provisions to minimise potential future disruptions. ASX was licensed by ASIC as an Australian Benchmark Administrator in June 2019 to ensure reliability, market integrity, and investor confidence in BBSW. ASIC welcomes the European Commission’s decision on recognising the legal and supervisory framework of significant benchmarks in Australia. This decision will allow benchmarks that have been declared as significant by ASIC to be used in the EU without the need to be separately licensed in the EU.
On international benchmarks, ASIC, with the support of APRA and the RBA, has issued letters to several major Australian financial institutions regarding their preparations for the end of LIBOR (the London Interbank Offered Rate). This is to better understand how they are preparing to transition away from LIBOR to alternative benchmarks.
For ASIC, our challenge is always to enable innovative development to make our markets better, while addressing threats and harms that can arise from technological change. So we also are very active in exploring RegTech applications that can improve, and cut the cost of, compliance.
Fourth, poor governance
Deficiencies in corporate governance were well documented in the Royal Commission. Entrenched practices around poor board oversight and inappropriate remuneration structures provide a recipe for continued systemic misconduct, which can lead to consumer losses and, in turn, erode firms’ own shareholder value, and cause substantial reputational damage.
We are committed to taking action where directors and officers act in their own best interests, not those the company, or otherwise fail in their duties.
Governance of non-financial risk is becoming increasingly important, particularly conduct risk, technology governance and operational risk management.
Finally, data is becoming an increasingly valuable commodity and controls are needed around its collection, storage, access and use. Organisations need to have adequate systems, controls and individual accountabilities to guard against these threats.
ASIC’s Strategic Priorities
Having explained elements of the threat – or risk – environment we find ourselves in, I will now move to setting out our response to this, in the form of our strategic priorities, which form part of our Corporate Plan, which will be released at the end of the month.
ASIC has developed seven of these. They are:
- Effective and efficient enforcement action,
- Addressing the Royal Commission’s recommendations and referrals,
- Establishing ASIC as conduct regulator for superannuation,
- Addressing harms in insurance,
- Improving governance and accountability,
- Protecting vulnerable consumers, and
- Addressing poor financial advice outcomes.
Firstly, Enforcement Action
ASIC’s enhanced enforcement and supervisory approach has been reinforced and accelerated by the recommendations of the Royal Commission and ASIC’s existing change agenda.
We are particularly focussed on cases with a high deterrence value and those involving egregious conduct, especially those impacting vulnerable consumers, which were mentioned in several of the threats earlier.
Enforcement, including Court action, is a key regulatory tool for changing behaviours and can help reduce many of the harms that I have mentioned. Our new ‘why not litigate’ discipline addresses the community expectation that unlawful conduct should be brought to account and publicly denounced by the courts.
We are also creating an Office of Enforcement, which will actas a central decision-making body.
From February 2018 to June this year, there has been:
- a 21% increase in the number of ASIC enforcement investigations;
- a 74% increase in enforcement investigations involving large financial institutions; and
- a 166% increase in wealth management investigations.
However, as we have made clear, our ‘why not litigate’ approach does not mean ‘litigate first’ or ‘litigate everything’.
Rather, it is about ASIC asking three questions.
First, is there sufficient evidence of misconduct?
Second, is it in the public interest for us to act?
Third, why not litigate? That is, why not take Court-based action in respect of the misconduct?
We will continue to use all of our regulatory tools, sometimes in combination, to ensure we get the best outcomes.
Secondly, we are implementing the Royal Commission recommendations and referrals
ASIC fully supports the Royal Commission’s recommendations and has advocated many of the reforms arsing from the Royal Commission for some time.
The Product Intervention Power granted to ASIC will strengthen ASIC’s consumer protection toolkit and better enable ASIC to prevent or mitigate significant harms to consumers. We have released a consultation paper and are engaging several organisations for input on how we can apply this power in practice.
We recently consulted on applying this power to a specific short-term credit product, which would be our first use of the power.
The Design and Distribution Obligationsregime for financial services firms will bring accountability for issuers and distributors to design, market and distribute financial and credit products that meet consumer needs.
These vital reforms will greatly help ASIC in preventing the threats and harms that I mentioned stemming from poor product design.
We are also prioritising the Royal Commission’s enforcement referrals and key case studies for action, in particular enforcement action.
Third, delivering as the conduct regulator for superannuation
Superannuation consumers are susceptible to the threats of poor product design and substandard governance and risk management. As part of our broadening regulatory ambit, ASIC is committed to delivering in its emerging role as the primary conduct regulator of superannuation. In particular, we will:
- take decisive regulatory and enforcement action to deter misconduct;
- undertake the necessary supervision and surveillance of superannuation trustees, including more frequent on-site visits to ensure trustees act in the best interests of consumers;
- increase our consumer testing and shadow shopping;
- further our understanding of causes for consumer disengagement in superannuation; and
- work very closely with APRA to achieve good outcomes effectively and efficiently.
Fourth, addressing harms in insurance
ASIC supports the implementation ofinsurance law reforms, particularly surrounding unfair contract terms and issues in claims handling.
We are continuing our reviews into specific insurance areas, such as Consumer Credit Insurance, Total and Permanent Disability insurance, Travel Insurance and Fraud Investigation Practices.
We are also prepared to take enforcement and other regulatory action against insurance mis-selling and reviewing product features and practices that raise concerns. In terms of Consumer Credit Insurance, we have required lenders to remediate over 300,000 affected consumers with over $100m in remediation payments.
Fifth, improving governance and accountability
In conjunction with our enforcement priority, ASIC is prioritising action against individuals for governance failures in financial institutions and superannuation trustees that result in consumer harm through poor governance and risk management.
We are also ready to support the proposed conduct accountability regime when legislated, to hold senior office holders and managers accountable for poor conduct in the financial sector.
We are well advanced in our Close and Continuous Monitoring program that places ASIC staff onsite in major financial institutions to closely monitor their governance and compliance with laws. Between October 2018 to June this year our staff were onsite for a total of 119 days, we also had meetings with 425 banking staff at all levels, and reviewed thousands of documents.
Our Corporate Governance Taskforce has also commenced work reviewing the corporate governance practices of 21 large listed companies. Key areas of work include examining governance processes and practices around the oversight of non-financial risk; and practices regarding payment of variable remuneration to key management personnel.
In addition, we are looking at more targeted governance issues in particular industry sectors. For example, we are enhancing our oversight of market infrastructure providers and intermediaries in wholesale over-the-counter markets to complement our approach to supervision of securities and futures markets.
Themes covered by our onsite reviews include culture and conduct risk programs and training, corporate governance, compliance arrangements, pre-trade and post-trade controls, and client disclosure arrangements.
Sixth, protecting vulnerable consumers
I have referred to the high potential for harm to vulnerable consumers several times this morning. ASIC will take regulatory action to help ensure consumers in financial hardship are treated fairly and that financial services providers act responsibly and with accountability.
We will be engaging with industry on the application of fairness within the sectors, products and services we regulate and the consumer outcomes we strive to achieve.
We are also using behavioral insights to better understand what drives certain behaviors and how to influence them for the better.
Seventh, improving financial advice outcomes
ASIC is focused on enhancing the professionalism of financial advisers, to address misconduct and consumer harm in the sector. Examples of projects in this area include:
- approving and monitoring code compliance schemes
- reviewing minimum training and education requirements
- enhancing the Financial Adviser Register.
We are also consumer testing more appropriate labels and descriptors for general advice.
In closing, in an ever-changing world, new threats and harms will continually emerge. ASIC is and will always remain vigilant in identifying and managing these.
However, as our experience and the Royal Commission findings show, many threats and harms are driven by old and long-standing problems. Poor culture, a lack of accountability and insufficient concern for consumer and investor outcomes often drive harms in the sectors we regulate.
As such, embedding appropriate norms of conduct at all levels of your organisations is your best defence against misconduct that can cause harm to your clients, the wider market and ultimately, your own firm.
Finally, I reiterate the need for all of us to contribute to a financial system that is fair, strong and efficient.
Thank you – I look forward to your questions.