Financial Accountability Regime Bill introduced in Parliament
09 November 2021
On Thursday 29 October, the Financial Sector Reform (Hayne Royal Commission Response No. 3) Bill 2021 (Cth)) (FAR Bill), which will extend the Banking Executive Accountability Regime (BEAR) to all APRA-regulated entities, was introduced into the House of Representatives. A number of changes have been made in response to submissions on the consultation draft FAR Bill that was released on 16 July (Consultation Draft), bringing welcome relief from some of the harsher aspects of the Consultation Draft, and more onerous requirements in other respects.
FAR will be administered by ASIC, as well as APRA, (together, Regulators) and is currently expected to have staggered application, as follows:
- authorised deposit-taking institutions (ADIs): on the later of 1 July 2022 or six months after the commencement of the legislation; and
- superannuation and insurance entities: on the later of 1 July 2023 or 18 months after the commencement of the legislation.
The FAR Bill represents a significant milestone in the implementation of Recommendations 3.9, 4.12, 6.6, 6.7 and 6.8 of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (Royal Commission).
What you need to know
The FAR Bill incorporates the following key changes in response to submissions on the Consultation Draft:
- Obey the law' a key focus: Echoing Commissioner Hayne's "obey the law" norm of conduct, the proposed FAR will impose an obligation on directors and senior executives (referred to as accountable persons under the regime) to take steps to prevent material contraventions of financial services laws. APRA-regulated entities (accountable entities) and accountable persons will also be required to take appropriate action in response to non-compliance, or suspected non-compliance, rather than adopt a set-and-forget attitude.
- Uncertainties remain on the full reach of FAR: Only limited further guidance has been provided on the identification of "significant related entities" of accountable entities, which fall indirectly within the scope of FAR. Separately, the final lists of prescribed responsibilities and positions, which are relevant to determining who will be accountable for what under FAR, have not yet been released.
- More onerous breach reporting obligation: There are potentially a broader set of circumstances in which an accountable entity must report contraventions of FAR to Regulators. The breach reporting obligation is expressed in different terms to that contained in section 912D of the Corporations Act.
- Maximum financial penalties reduced (accountable persons): The maximum civil penalty that may be imposed on an accountable person who is 'knowingly concerned' (among other things) in a contravention of FAR by an accountable entity has been reduced.
- Broad regulatory powers to make directions: Regulators will have broad powers to direct an accountable entity to, for example, make changes to business practices and organisational changes if they have reasonable grounds to believe that a contravention of FAR has or is likely to occur.
- Not all remuneration is subject to deferral: It has been confirmed that the deferral requirements under the proposed FAR do not apply to variable remuneration which relates to other work an accountable person may have performed outside their role as an accountable person.
- ASIC licensees not regulated by APRA: At this stage, FAR will not extend to financial entities which are solely regulated by ASIC.
What you need to do
- ADIs, who are already subject to BEAR, should evolve and mature their accountability frameworks to support compliance with FAR and mitigate potential future exposures under the regime. They should consider which entities within their groups are likely to be 'significant related entities' and therefore indirectly fall within the scope of FAR.
- Insurers and registered superannuation entities should seek advice early on the steps required to implement FAR, noting that core governance, risk management and other arrangements may need to be uplifted before the regime takes effect.
- Directors and senior executives should be briefed on how they could best demonstrate compliance with FAR. D&O insurance policies and deeds of indemnity should be reviewed to ensure they cover FAR exposures to the extent possible.
Background
The Government has achieved a key milestone in the implementation of the Royal Commission's recommendations relating to BEAR, with the introduction of the FAR Bill into the House of Representatives. FAR is one of the most significant reforms to be implemented by the Federal Government in response to the Royal Commission, which has led an overall shakeup of Australia's financial services sector.
The FAR Bill, which will supersede BEAR, incorporates a number of key changes to the Consultation Draft of the legislation released on 16 July 2021. We have summarised the Consultation Draft in a previous Financial Services Update.
What are the key themes and changes?
A summary of the key themes and changes reflected the FAR Bill from the previous Consultation Draft, is set out below:
| TopiC | Comments |
|---|---|
| "Obey the law" a key focus | In the Royal Commission's Final Report, Commissioner Hayne identified six "norms of conduct" which informed his responses to various issues across the financial services industry, and underpinned his recommendation for the simplification of the law. The proposed new obligations relating to compliance in the FAR Bill echo Commissioner Hayne's first norm of conduct, which is simply to "obey the law". There is a particular focus on pro-active compliance in the FAR Bill, bringing into sharper focus the quality and operational effectiveness of compliance arrangements, including core policies and associated procedures, processes, systems and controls. The FAR Bill proposes that accountable persons be required to take steps to prevent material contraventions of specific laws which apply to financial services entities. Accountable entities and accountable persons will also be required to take appropriate action in response to non-compliance, or suspected non-compliance. The compliance obligations in the FAR Bill are significantly improved from those proposed in the Consultation Draft which, in effect, would have required accountable entities and accountable persons to "ensure" compliance. This is particularly relevant to larger and more complex organisations, it is impossible always to guarantee compliance, notwithstanding how prudent the steps taken are to minimise the risk of non-compliance. The reference to significant contraventions ensures that accountable persons do not face unduly serious consequences for involvement in occasional minor or technical contraventions. However, the Explanatory Memorandum to the FAR Bill notes that a large number or repeated occurrence of minor breaches could indicate a systemic issue of non-compliance which could amount to a material contravention. Similarly, taking reasonable steps to prevent a material contravention does not mean an accountable person can operate or set up compliance systems that allow non-material breaches. |
| Significant related entities |
Uncertainties remain on the full reach of FAR. Specifically, only limited further guidance has been provided in the Explanatory Memorandum to the FAR Bill on the identification of entities which are a "significant related entity" of an accountable entity and which will therefore fall indirectly within the scope of FAR. FAR imposes an accountability obligation on an accountable entity to take reasonable steps to ensure that its "significant related entities" (for most entities, its significant subsidiaries) comply with certain obligations under the regime. The Explanatory Memorandum states that the relationship between an accountable entity and another entity will be sufficiently "material and substantial" if the other entity's business activity has the potential, if disrupted, to have a significant impact on the accountable entity or its relevant group's business operations or its ability to manage risks effectively. It remains unclear, for example, whether the reputational impact of a potential anti-money laundering incident in a small, off-shore subsidiary would be sufficiently material to render the subsidiary a "significant related entity" of an accountable entity, such that it would fall within the scope of FAR. |
| Prescribed responsibilities and positions |
Final lists of prescribed responsibilities and positions are yet to be released. These are responsibilities and positions set out in Ministerial rules which, if held by an individual, will result in the individual being an accountable person under FAR. Of particular interest is the proposed prescribed responsibility for management of products end-to-end. In the documents accompanying the Consultation Draft, Treasury indicated that heads of major business divisions or, for smaller entities, CEOs are expected to have the responsibility instead of the person responsible for developing, maintaining and reviewing the product governance framework. Some institutions will face significant practical challenges if the new prescribed responsibility is introduced, including organisational restructure to support responsibility for products, from cradle to grave. There is no mention in the Explanatory Memorandum to the FAR Bill of Recommendation 1.17 of the Royal Commission, which relates to end-to-end product responsibility. |
| Financial penalties (accountable persons) | No financial penalties may be imposed directly on an accountable person in respect of a breach of his or her accountability obligations under FAR. However, it remains possible for a financial penalty to be imposed on an accountable person who is 'knowingly concerned' (among other things) in a contravention of FAR by an accountable entity (now in section 81, FAR Bill). The maximum penalty that may be imposed in such cases has been significantly reduced to the greater of $1.11 million and, if a court can determine, three times the benefit derived and detriment avoided because of the contravention. This is consistent with the maximum penalty that may be imposed for breaches of duties by directors and officers, who are likely also to be accountable persons under FAR. |
| Apportioning remuneration for deferral | Executives who hold accountable person and non-accountable person positions for multiple entities within large groups will be permitted to apportion their remuneration for the purposes of applying the deferral requirement under FAR. The Explanatory Memorandum to the FAR Bill confirms that the variable remuneration requirements do not apply to variable remuneration which relates to other work an accountable person may have performed outside their role as an accountable person. |
| More onerous breach reporting obligation | There are potentially a broader set of circumstances in which an accountable entity must report contraventions of FAR to the Regulators. Breach reports must now be made if the accountable entity "has reasonable grounds to believe" that a failure to comply has occurred, rather than if it "reasonably believes" this to be the case as previously proposed in the Consultation Draft. |
| Public disclosure of information regarding accountable persons | Regulators will be empowered to publish on the internet any information kept in a register of accountable persons. This includes details of their responsibilities, any previous disqualification from being an accountable person and any other information that the Regulators consider appropriate to include in a register that is relevant to the person's registration as an accountable person. It is noted in the Explanatory Memorandum to the FAR Bill that this new power will allow the Regulators to balance the need for confidentiality of sensitive information about financial services businesses with the need for public accountability and transparency. |
| Compliance directions | Regulators will have broad powers to give an accountable entity a direction, including to make changes to business practices and organisational changes, if they have "reasonable grounds to believe" that a contravention of FAR has or is likely to occur. The directions that may be given are wide-ranging, and include directions to make changes to systems, business practices or operations or to make organisational changes. The directions power under FAR may be broader in its reach than, for example, ASIC's existing power to impose license conditions on holders of an Australian financial services licence. The Regulators may also direct accountable entities to reallocate responsibilities as between accountable persons if the Regulators have "reasonable grounds to believe" that the current allocation has given rise to, or is likely to give rise to a prudential risk or a risk of significant and systemic non-compliance. |
| Breach consequences | Non-compliance with FAR may result in consequences under other regimes, including an accountable person being disqualified from holding roles such as that of a director, senior manager or auditor. Breaches of FAR could also lead to revocation of an entity's APRA authorisation or registration. |
| Information about FAR investigations in Regulator annual reports | The Regulators will include information about investigations conducted under FAR in their respective annual reports from the 2022-2023 financial year onwards. In doing so, the Regulators will not be authorised to disclose information about the affairs of a particular person. |
| Relationship with other laws | The Explanatory Memorandum to the FAR Bill states that the obligations imposed on accountable entities are designed to complement and support the obligations under other legislative requirements, such as the general obligations under section 912A of the Corporations Act 2001 (Cth) (Corporations Act) and section 52 of the Superannuation (Industry Supervision) Act 1993. Section 47 of the National Consumer Credit Protection Act is also relevant in this context. FAR will likely overlap significantly with these and other obligations, which are reflected piecemeal in various laws. Adding a new layer of legislation does not assist in what is already a complex regulatory regime. It is a step back from Commissioner Hayne's call for a simplification of the law. |
| Protection for whistle-blowers | Protections for whistle-blowers under Part 9.4AAA of the Corporations Act will be available in relation to FAR. |
| Joint administration by APRA and ASIC | The Regulators will jointly administer FAR upon its implementation, such that ASIC is charged with overseeing those parts of the regime that concern consumer protection and market conduct matters, and APRA charged with overseeing the prudential aspects of the regime. It remains unclear how the Regulators will co-ordinate regulatory investigations and enforcement activity. |
| Scope of FAR | At this stage, FAR will not extend to financial entities which are solely regulated by ASIC. |
Ashurst Risk Advisory Pty Ltd (ABN 74 996 309 133) provide services under the Ashurst Consulting brand. Ashurst Consulting services do not constitute legal services or legal advice, and are not provided by Australian legal practitioners. The laws and regulations which govern the provision of legal services in the relevant jurisdiction do not apply to the provision of non-legal services.
For more information about the Ashurst Group and the services offered, please visit www.ashurst.com.
Liability limited by a scheme approved under Professional Standards Legislation (Ashurst Risk Advisory only).
Authors: Silvana Wood, Partner; Jack Collins, Associate
