ASIC continues to refine breach reporting regime
The Australian Securities and Investments Commission (ASIC) is continuing to undertake consultations to improve the operation of the breach reporting regime following its introduction 18 months ago.
The regulator released an updated regulatory guide last week in response to operational issues that have emerged since the start of the regime in October 1, 2021, and says work on other matters raised by industry is ongoing.
“Our focus is to improve consistency and quality of reporting practices by licensees and reduce regulatory burden where we can,” Executive Director (Acting) Financial Services & Wealth Suneeta Sidhu said.
Revised Regulatory Guide 78 clarifies when licensees may group multiple situations in one report, provides new guidance on information to include when describing a situation, and includes ASIC expectations when reported breach updates are provided.
“The improved guidance will support industry to meet their obligations, and support the regime to meet its policy objectives for ASIC, industry and consumers,” Ms Sidhu said.
The regulator is also making minor updates to the form for lodging reportable situations that’s accessed via a portal, with the changes to take effect from May 5.
ASIC says it’s aware of other issues raised around the operation of the regime, it’s work on those matters is ongoing and it expects to undertake “further consultation with a range of stakeholders”.
The first public report based on information provided under the reportable situations requirements was released last October, with the document providing high-level insights into trends.
ASIC has flagged an intention to report at a “more granular level” starting from next year, but will consult further ahead of any changes.