Who will guard the guards?

Those questioning the Australian Securities and Investments Commission’s (ASIC’s) ability to hold those it regulates to account for wrongdoing have been growing stronger in recent years, especially in the wake of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry.

The regulator's own data suggests that these concerns are warranted.

Are these cries justified?

For the amount of complaints ASIC receives, there is a woefully low rate of conversion to tangible justice.

The regulator’s FY17 Annual Report says that in that financial year, the regulator finalised 9,011 misconduct reports. Sounds pretty efficient from that.

However, just 15 per cent of these were “resolved”. And resolution by ASIC doesn’t exactly set a high bar in terms of consequences for the wrongdoer – according to the report, “the number of matters resolved can involve referral to an external dispute resolution (EDR) scheme, ASIC issuing a warning letter to the party that it may be in breach of the Corporations Act, ASIC providing assistance to the reporter in the form of guidance about how best to resolve the matter themselves, or ASIC taking action to achieve compliance”.

That’s right – “resolved” may just mean that the complainant got advice on how to work out the issue that they wanted help with, alone.

Twenty-five per cent were referred for action by ASIC, which means the regulator would take the matter into account when deciding whether to commence a formal investigation against someone.

The regulator found that there was no breach or offence committed in a further four per cent of misconduct reports, that it had no jurisdiction in 10 per cent, and then analysed and assessed a whopping 46 per cent of reports for no further action.

The reasons for such assessments were not really made clear. The report just said that “this may be due to insufficient evidence or another reason, such as another agency or law enforcement body or third party (eg. a liquidator) already taking action or being better placed to appropriately deal with the underlying issues”.

So, these were issues that were within ASIC’s jurisdiction, but they did not pursue themselves. While not all these complaints would have been cases of actual or egregious misconduct, they were presumably largely still issues that consumers were hurt enough by to report, and that ASIC thought relevant enough for them to have jurisdiction.

Surely at least a portion of them were worthy of more detailed investigation and even action.

Chart one shows a more detailed breakdown of exactly how the regulator responded to these complaints.

Chart 1: Misconduct reports in 17FY by outcome

Source: ASIC 2106-17 Annual Report

Of course, getting any of the above results first depends on consumers working out how to make a complaint to ASIC, which is difficult and potentially off-putting in itself.

While there is a link on the website on how to make a complaint, it sends you into a maze of further links and YouTube videos which you then have to hunt through for information.

The same problems arise, ironically, when trying to find out how to make a complain about ASIC to ASIC.

This issue was flagged by the Commonwealth Ombudsman’s submission to the 2013 parliamentary inquiry into ASIC’s performance and still doesn’t seem to have been addressed.

What about the big cases?

Could, perhaps, ASIC be dropping the ball on its commitment to small misconduct situations because it has bigger fish to fry? Well, recent cases suggest that even if the regulator should be looking at bigger fish, they’re often not.

Take the recent prosecution brought by the Commonwealth Director of Public Prosecutions (CDPP) against ANZ, Deutsche Bank, Citigroup, and a number of the banks’ senior executives following a two-year investigation by the Australian Competition and Consumer Commission (ACCC). The charges related to alleged cartel conduct regarding trading in ANZ shares following an institutional share placement by the bank in August 2015.

ASIC is also investigating the same placement to determine whether an announcement by ANZ should have stated that the joint lead managers took up 0.91 per cent of the total shares on issue at the time.

So, in the time the ACCC has pulled together an entire cartel prosecution – notoriously one of the most difficult and time-consuming criminal acts to prove – to the level that the CDPP is willing to bring the relevant charges, ASIC has not even fully investigated if an announcement relating to share purchases was properly made two years ago.

Speaking to The Sydney Morning Herald in 2013, former ACCC chair, Allan Fels, said that the image of ASIC was that of a “far-less proactive enforcer” than the ACCC and that “over the years, there has been less than total full-blooded commitment to applying the law vigorously” by the regulator.

Considering the above, it’s easy to see why, biases aside, he felt warranted in saying this.

Similar criticisms could be, and were, levelled against the regulator a few years ago regarding investigations into bribery and corruption allegations at Leighton Holdings.

The Australian Federal Police (AFP) had been investigating the company for two years and the media had covered the allegations comprehensively before ASIC even entered a memorandum of understanding with the AFP.

Victims of Financial Fraud (VOFF) has also accused ASIC of being lenient on the big end of town in cases like this. It says the recent $700 million fining of the Commonwealth Bank is proof.

While it’s a huge fine by the regulator’s standards, nobody was banned and it follows the bank admitting to breaching anti-money laundering and counter-terrorism laws.

In this, VOFF also alleges that the regulator is uneven in its pursuit of justice. And when you consider its response to the Trio Capital scandal – when one adviser was held accountable when really the problem had much deeper and far-spread instigators – perhaps they are right.

“Whether crime gangs are deporting ill-gotten gains through our banks or whether they are taking them out via offshore hedge funds, as with the Trio fraud, two things remain the same – ASIC is nowhere to be seen and there’s disparity in how justice is handed out,” the group claims.

Again, figures from ASIC itself also suggest that the level of justice following full-blown investigations is limited compared to the harm caused.

According to ASIC’s Report 568: ASIC Enforcement Outcomes July to December 2017, in the second half of last year it made 82 banning and disqualification orders, issued 34 infringement notices and 12 enforceable undertakings were agreed upon.

In financial terms, over that period $1.7 million in infringement notices, $94.4 million in compensation and remediation for investors and consumers and $49.5 million in community benefit fund payments was paid.

Seventeen people were charged in criminal proceedings, with 235 criminal charges being laid. There were also 232 people charged in summary prosecutions for strict liability offences.

It’s worth noting that the regulator has been criticised in the past for its reliance on enforceable undertakings, which are often seen as a substitute for more tangible legal action.

ASIC’s record when these bigger cases are brought before higher-level courts isn’t amazing either.

Just this April, the Victorian Court of Appeal dismissed ASIC’s appeal regarding Peter Geary, a former officer of the Australian Wheat Board, bringing an end to court proceedings that started in 2015.

In the late 2000s, ASIC fought a legal battle with Andrew Forrest and Fortescue Metals Group that danced in and out of court for years until the High Court finally ruled against the regulator in 2012.

ASIC’s near-decade long fight with One.Tel executives, in which it alleged One.Tel’s founder and finance director misled the board, ended similarly badly for it. The Commission didn’t just lose, but also copped legal costs just shy of $14 million.

The regulator has had some big court wins too – against Select Vaccines in 2010, for example, and John Hartman, then of Orion Asset Management, the same year – but they are not as common as the frequent findings of misconduct in the industry suggest they should be.

Do they just need more money?

Arguably, there is a financial aspect to ASIC’s underperformance in securing outcomes.

As with any public institution, their funding is limited to what can be made palatable in a Federal Budget, and with debt reduction being the flavour of the decade, this is often difficult.

It is also has limitations placed upon its permissible spending on, for example, barristers, that the private entitites it investigates do not.

It’s worth noting though, that the last few budgets have generally treated ASIC well. As governments from both sides of the aisle sought to put out fires from financial services scandals, the regulator saw a jump in its powers and responsibilities. Unsurprisingly, this was usually accompanied by increased funding.

Furthermore, when ASIC’s capabilities were assessed by an expert panel in 2015, the Government ended up committing another $127 million over four years to the regulator to help it meet the demands made of it.

Under the Government’s intended user-pays model for ASIC, costs could also be more adequately covered by those utilising its services going forward.

In short, the regulator really can’t rely on limited funding as an excuse for a poor conversion rate of complaints or investigations to tangible outcomes. This is especially when other enforcement bodies in the financial services space – the ACCC and CDPP, for example – have wrought results with similar constraints.

Follow the leader

Who is directing ASIC throughout all this? After all, they should have a role to play in the approach the Commission takes to enforcement.

You don’t have to go far in the industry to hear allegations that much of this is former chairs’, who VOFF alleges are “political appointments”, fault.

Its most recent past chair, Greg Medcraft and his deputy, Peter Kell, have been accused, again by VOFF, of leading the regulator down a path where accountability wasn’t prioritised.

“Medcraft fostered and encouraged lawlessness right across the banking and financial services sector to the detriment of unsuspecting customers across the country,” VOFF said.

“Criminal and civil corporate misbehaviour flourished undetected for nearly a decade at a massive cost to ordinary Australians” under Medcraft’s watch.

Their sticking point is, of course, the Trio fraud. They allege that it was not only able to continue for as long as it did because Medcraft and ASIC did not pursue it or take appropriate measures to prevent it, but also that they did not then pursue those responsible adequately.

The above is just about ASIC’s enforcement abilities – the regulator has many responsibilities, and I am not passing comment on how its chairs met and meet all of them.

Regulating the regulator

The regulator has been surprisingly safe from Government scrutiny, with only the occasional inquiry or expert panel looking into its performance (and usually with a light touch).

To be blunt, Canberra seems to have an overblown sense of ASIC’s ability, at least compared to the average Joe. Despite the frequent and ever-louder calls for regulators such as ASIC and the Australian Prudential Regulation Authority (APRA) to also be made answerable to the Royal Commission, the powers that be have been very silent in responding to these calls.

On one level, ASIC has clearly been helpful to the Royal Commission. The level of information the excellent counsels assisting the Commissioner pulled together in such a short time suggests a generous level of assistance was provided by the regulator.

On another though, the Government genuinely seems to think that ASIC is just better at its job than the above statistics suggest. Otherwise, surely they would be questioning its effectiveness more.

Scott Morrison’s statement two years ago, when trying to convince the public that a Royal Commission into banking and financial services was unnecessary, that “there is nothing that ASIC can’t do that a royal commission can do” proves this.

Beyond the obvious and understandable limitations ASIC faces – while it has the power to hold public hearings and release wide-ranging reports, for example, it rarely does so – there is one stark difference in what the two can do.

The Royal Commission looks set to garner results. The fall of various high flyers at AMP and the dismantling of Dover Financial means that, by some measures, it already has.

As the above analysis proves, this is far more than ASIC seems able to do.