AFSL cyber security failures on ASIC’s radar in 2025
ASIC has unveiled a slew of new enforcement priorities for the year ahead where it intends to direct expertise and resources, including a closer watch on licensees falling short on cyber security protections.
In a statement on 14 November, ASIC explained the only enforcement priority targeted towards licensees is one regarding “licensee failures to have adequate cyber security protections”.
Last month, ASIC chair Joe Longo told AFSLs that cyber protection should be “top of mind” as they manage their businesses, noting that while firms and directors are all facing challenges, cyber security should not fall to the wayside.
“Most firms will be victims of some attack and they need to be able to respond to that. I would remind directors that they have to take these issues seriously. They are under legal obligations to manage this risk and put in place systems and processes,” Longo said in an appearance before the standing committee on economics.
The regulator’s 2023 Cyber Pulse Survey, which included almost 700 participants including 120 financial advisers, previously found over half (58 per cent) of respondents had limited or no capability to adequately protect confidential information. A third (33 per cent) did not have a cyber incident response plan.
Earlier this year, ASIC also highlighted the case of RI Advice, which was found by the Federal Court in May 2022 to have breached its licence obligations to act efficiently and fairly when it failed to have adequate risk management systems to manage its cyber security risks.
Elsewhere, ASIC will be looking into greenwashing and misleading conduct involving ESG claims; strengthening investigation and prosecution of insider trading; and licensee failures to have adequate cyber security protections, along with nine other new enforcement priorities.
These sit alongside its “enduring priorities” that include targeting market misconduct and systemic compliance failures by large financial institutions, and transgressions risking consumer harm, among others.
According to ASIC, the last year has seen its new investigations increase by 25 per cent on the previous year, along with a rise in new civil proceedings (23 per cent).
However, ASIC deputy chair Sarah Court maintained numbers “only tell one part of the story”.
“Numbers don’t capture the full impact of the enforcement actions filed including the resulting compliance and deterrence we achieve, particularly in relation to consumer and investor protections and changing industry behaviour,” she said.
AUTHOR
Rhea Nath
Recommended for you
Marking off its first year of operation, Perth-based advice firm Leeuwin Wealth is now looking to strengthen its position in the WA market, targeting organic growth and a strong regional presence.
Financial services software firm Iress has unveiled a new business efficiency program with the aim of permanently lifting its profit margin as the business enters a leaner, growth-focused phase.
AUSIEX has revealed the top traded stocks for October, noting significant jumps in advised investor trading, while ETFs also reported higher activity.
The Financial Advice Association Australia has implored advisers to reevaluate their exposure to AML/CTF obligations ahead of new reforms that will expand their compliance requirements significantly.
