Self-reported breaches netted $65 million in penalties

The Australian Securities and Investments Commission (ASIC) extracted more than $65 million in penalties from financial services licensees who dobbed themselves in via breach reports in 2022-23.

As licensees have settled into dealing with more onerous breach reporting requirements over the past two years, ASIC has revealed to Senate Estimates just how costly particular breaches can be.

It revealed that in 2022-23 four civil penalty actions against 14 defendants had been generated of which nine defendants had been ordered to pay civil penalties totalling $65.6 million, two defendants were the subject of “Adverse Publicity Orders” and proceedings against three defendants were dismissed.

ASIC also detailed two criminal actions one of which resulted in a conviction, nine administration actions which resulted in banning and one infringement notice which resulted in a charge of $13,320.

The infringement related to Diversa Trustees over allegations of greenwashing.

Detailing the civil actions, ASIC noted the five companies associated with AMP Limited being order to pay $14.5 million in penalties for charging fees for no service and CommSec and AUSIEX being penalised $27 million for breaches of the Market Integrity Rules.

It also noted administrative actions against CMH Financial Group, Quantum Funds Management, Gigi Investment Group and Capital Capital Pty Ltd.

NSW Liberal Senator, Andrew Bragg had asked ASIC how many of its recent enforcement actions were the result of firms self-declaring breaches.

More onerous breach reporting arrangements came into force in 2021 and by the second half of 2022, a survey suggested that financial services companies were struggling to cope with the increased workload engendered by the new regime.

ASIC last year announced modifications to the regime to provide at least some relief where there had been no financial loss and by extending the breach reporting time-frame from 30 days to 90 days.