ASIC commences proceedings against RI Advice

ASIC/RI-Advice/ANZ/IOOF/

21 August 2020
| By Oksana Patron |
image
image image
expand image

The Australian Securities and Investments Commission (ASIC) has announced it has commenced proceedings against RI Advice for alleged failure to have adequate cyber security systems. 

The regulator said the action followed a number of alleged cyber breach incidents at certain authorised representatives (ARs) of RI, including an alleged cyber breach incident at Frontier Financial Group as trustee for The Frontier Trust (Frontier) from December 2017 to May 2018. 

ASIC alleged that Frontier was subject to a “brute force” attack whereby a malicious user successfully gained remote access to Frontier’s server and spent more than 155 hours logged into the server, which contained sensitive client information including identification documents. 

Following this, RI failed to have implemented (including by its ARs) adequate policies, systems and resources which were reasonably appropriate to manage risk in respect of cybersecurity and cyber resilience. 

ASIC is seeking: 

  • Declarations that RI contravened provisions of the Corporations Act, specifically sections 912A(1)(a), (b), (c), (d) and (h) and (5A); 
  • Orders that RI pay a civil penalty in an appropriate amount to be determined by the Court; and 
  • Compliance orders that RI implements systems that are reasonably appropriate to adequately manage risk in respect of cybersecurity and cyber resilience and provide a report from a suitably qualified independent expert confirming that such systems have been implemented. 

RI was, until 1 October 2018, a wholly owned subsidiary of Australia and New Zealand Banking Group Limited. On 1 October 2018, RI became a wholly owned subsidiary of IOOF Holdings Limited (IOOF). 

“The allegations by ASIC are very general but appear to relate to a small number of cyber-attacks of a nature not uncommonly faced by Australian businesses, on a small number of authorised representatives of RI Advice, and in most instances, no client data would appear to have been compromised. Some of ASIC’s complaints relate back to events from 2016,” IOOF said in a statement made to the Australian Securities Exchange (ASX).


The firm also said that RI Advice worked for some time with its ARs and third party experts to improve its cybersecurity and resilience and has indicated to ASIC its willingness to work co-operatively in respect of these matters.

 

Read more about:

AUTHOR

Recommended for you

sub-bgsidebar subscription

Never miss the latest news and developments in wealth management industry

MARKET INSIGHTS

The succession dilemma is more than just a matter of commitments.This isn’t simply about younger vs. older advisers. It’...

1 week 3 days ago

Significant ethical issues there. If a relationship is in the process of breaking down then both parties are likely to b...

1 month ago

It's not licensees not putting them on, it's small businesses (that are licensed) that cannot afford to put them on. The...

1 month 1 week ago

AMP has settled on two court proceedings: one class action which affected superannuation members and a second regarding insurer policies. ...

2 days 21 hours ago

ASIC has released the results of the latest adviser exam, with August’s pass mark improving on the sitting from a year ago. ...

1 week 5 days ago

The inquiry into the collapse of Dixon Advisory and broader wealth management companies by the Senate economics references committee will not be re-adopted. ...

2 weeks 5 days ago

TOP PERFORMING FUNDS

ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Powered by MOMENTUM MEDIA
moneymanagement logo