As the Royal Commission into Misconduct in Banking, Superannuation and Financial Services Industry continues, there is one clear message for the sector: scrutiny is intensifying.

    SMEs in focus

    The third round of the Royal Commission into Misconduct in the Banking, Superannuation and Finance Industry hearings (21 May– 1 June 2018) focused on the dynamics between banks and small and medium enterprises. The hearings covered a range of topics of relevance to SMEs, including responsible lending to small businesses, the extension of unfair contract terms legislation to small business contracts and current legal and regulatory regimes, as well as self-regulation under the Code of Banking Practice. Case studies were from the ANZ, Bank of Queensland, Suncorp, Westpac, CBA/Bankwest and NAB. ASIC and the Australian Banking Association were questioned on aspects of the Code of Banking Practice.

    CBA’s chief risk officer, David Cohen was the most senior executive to give evidence. Counsel assisting the Royal Commission questioned Cohen, among others, on CBA’s controversial inspection of Bankwest’s loan books (known as Project Magellan) after its takeover in 2008.

    The Royal Commission’s probe was borne of customer complaints about the bank’s conduct toward small business owners post acquisition. Counsel assisting Michael Hodge QC submitted Project Magellan seemed prudent in light of “valid concerns about Bankwest’s approach to credit writing.”

    “It is not open, we submit, on the evidence and on the documents available, to find that Project Magellan was intended to be — or was intended to be part of — a process of deliberately defaulting loans against Bankwest customers,” said Hodge. However, he said it was open for Commissioner Kenneth Hayne “to conclude that the conduct of CBA in relation to each of the four witnesses involved errors of communication and transparency, which are below community standards and expectations”.

    A case study of a $288,000 defaulted loan, which breached Bank of Queensland policy — and, Hodge submitted, the Code of Banking Practice — saw its general manager of performance product governance under pressure on the witness stand. Douglas Snell conceded BoQ’s failure to acknowledge maladministration was “neither fair nor reasonable” to the customer.

    Further, Counsel assisting said Snell had admitted significant flaws in BoQ’s “owner manager” branch structure where his evidence showed low levels of compliance in 2012 and that its remuneration model (involving the use of trail commissions) didn’t align with the 2017 review recommendations of Australian Public Service Commissioner Stephen Sedgwick AO.

    Commissioner Kenneth Hayne AC QC noted “informing principles” he proposed might sit behind compliance in financial services:

    • Don’t mislead or deceive
    • Be fair (don’t act unconscionably)
    • Ensure a product is fit for purpose
    • Exercise due skill and care
    • Lend responsibly.

    Line of enforcement

    The record of the Australian Securities and Investments Commission (ASIC) was a hot topic when chair James Shipton and commissioners Peter Kell, John Price and Cathie Armour appeared before the Senate Economics Legislation Committee on May 30. ASIC was quizzed on its enforcement record and whether it had adequate internal capability to hold the financial services sector to account. Asked whether ASIC had done its job properly, would a Royal Commission have been necessary, Shipton argued he did not think it was as simple as one agency or another doing that. But he did have one observation.

    “I will make — and make it explicit now — is that [after] 25 years away, coming back to Australia, I am really confronted by the failure of financial services firms and some people in finance to take the levels of professionalism and customer focus that are needed to heart.”

    Asked whether he had looked internally and asked, “What could we have done better? Have the people that I’ve got working for me done the best they can?” Shipton replied: “I have looked, and my job is to look at where we are today and where we are going in the future… Right now, three months on the job, what I’ve prioritised is, firstly, diagnosing the challenge and, secondly, thinking about and strategising what tools and what approaches we can use to respond.

    “What I’ve been prioritising in the last three months and will continue in the years ahead is to apply that strategic framework and that strategic mindset. Only by that strategic mindset and the adoption of the right tools and the right circumstances and, importantly, the industry living up to their first-line responsibilities, both what is expected by the community and under the legislation, will we get through into a better place.”

    Armour and Kell argued that ASIC had also been advocating for changes to the penalty regime in 2016 along with the financial system inquiry — and there was a year-long project conducted in 2017 reviewing its enforcement powers, which reported to government at the end of 2017. Asked how long the shortcomings were in existence, ASIC acknowledged the laws had not been reviewed since 1993.


    ASIC is reviewing breach reporting practices for 12 different banking entities and in relation to Australian Financial Services licensees, said it had seen a 39.1 per cent increase in breach reports related to AFS licensees and registered entities of managed investment schemes. Evidence provided at Senate Estimates (based on a quantitative analysis of data from 12 banking groups, including the four majors, between 2014–2016) showed the average time frame from an event occurring to it being identified internally for investigation was 1552 days — just over four years — with a median of 1094. The average time frame from the start of an internal investigation of a matter to lodging a breach report was 123 days — a median of 58 days. One in four significant breaches took longer than 145 days to report to ASIC.

    The institutions in question had commenced a change to their systems to address a compliance issue within an average of 18 days of an investigation concluding. Customer remediation often took a lot longer, averaging 217 days.

    The volume of self reporting has increased by 30 per cent over the past two years — 423 for 2018 compared to 304 for April 2017. Similarly, in relation to general reports of misconduct from the wider public in the same period, there has been an 18 per cent increase.

    ASIC has made significant recommendations, which the federal government has adopted in principle. “One of the problems, until, now has been that the test for when something has to be reported is extremely subjective. The intention is to make that an objective test ... to be reported within 30 days. Even if the investigation is not complete, it must be reported within 30 days,” said ASIC’s Greg Kirk.

    ASIC deputy chair Peter Kell said, “They’re unfortunately based on very real poor experiences. That’s why we’ve been arguing for reforms. It is too easy for firms to arrange their systems in such a way that reports don’t come in for quite a long time.”


    Increased civil and criminal penalties for corporate and financial misconduct, announced by the federal government in April, will help boost the enforcement powers of ASIC and bring Australia closer to international jurisdictions. The stronger penalties will mean that courts can impose civil penalties to the maximum of the greater of $1.05m for individuals (up from $200,000) and $10.5m for corporations (up from $1m), or three times the benefit gained or loss avoided, or 10 per cent of the annual turnover (for corporations).

    Under the new regime, stronger criminal penalties will mean that individuals could face jail time of up to 10 years or a maximum fine of $945,000 or three times the benefits gained. Companies will be at risk of up to $9.45m in fines — up to a maximum $210m — three times the benefits, or have their annual turnover stripped by 10 per cent. The AICD has supported the proposal for increased corporate penalties.

    Changes to ASIC’s powers have also been flagged, including:

    Expanding the ability to ban individuals from performing any role in a financial services company where they are found to be unfit, improper, or incompetent

    Strengthening the power to refuse, revoke or cancel financial services and credit licences

    Boosting investigatory tools and prosecution of serious offences with stronger search warrant powers and access to telecommunications intercept material.

    ASIC will also be able to seek additional remedies to strip wrongdoers of profits illegally obtained, or losses avoided from contraventions resulting in civil penalty proceedings.

    The print version of this article mistakenly attributed the words ‘Translating complex regulatory requirements into readily grasped ideas may be a theme that the Commission returns to in its work’ to Commissioner Hayne. This was an error. We sincerely apologise for this oversight.


    To read ASIC chair James Shipton's speech from the Australian Council of Superannuation Investors conference in May, click here.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.