So, now that we are into the ‘season proper’ of 2016, what regulatory changes will financial services businesses see in this New Year? Here, imac legal & compliance wades through upcoming and proposed changes. You’ll no doubt be familiar with a number of the changes but there’s also a number of less well-known developments on the horizon.
The upcoming changes include:
Australian Consumer Law – Privacy – Lifting Professional Standards for Advisers – FOFA – LIF – FSI – ASIC review of remediation and record keeping – Accountants’ Limited Licensing – Super Governance – Crowd-sourced Equity Funding.
Australian Consumer Law – Unfair Contracts provisions to apply to financial services SMEs
New changes that extend the Australian Consumer Law to small-to-medium-sized-enterprises (SMEs) will be a double-edged sword for many financial services businesses. But suffice to say, at imac legal we think this has the potential to be a real sleeper issue for financial services businesses.
What contracts are covered?
The ‘unfair contract’ provisions of the Australian Consumer Law will apply to standard form contracts where at least one party is a ‘small business’ (i.e. less than 20 people, including casual employees employed on a regular and systematic basis). This covers the majority of financial services businesses). A ‘standard form’ contract is one that has been prepared by one party to the contract and where the other party has little or no opportunity to negotiate the terms – that is, it is offered on a ‘take it or leave it’ basis.
The Australian Consumer Laws will cover contracts for the supply of goods or services and the sale or grant of an interest in land where the upfront price is no more than $300,000, or $1M if the contract is for more than 12 months.
What types of terms may be unfair?
The law sets out a number of examples of terms that may be unfair, including:
- terms that enable one party (but not another) to avoid or limit obligations under the contract;
- terms that would cause financial or other detriment to a consumer (i.e. your small business) if it were to be applied or relied on;
- where one party but not another may terminate the contract;
- where one party but not another may be penalised for breaching or terminating the contract;
- terms that would cause a significant imbalance in the parties’ rights and obligations under the contract;
- terms that are not reasonably necessary to protect the legitimate interests of the party that would benefit from its inclusion;
- terms that allow only one party to vary the terms of the contract.
There are numerous other examples of terms that may be unfair and therefore run foul of the law. For financial services businesses some standard form contracts can include: AR agreements; distribution agreements with product manufacturers; transfer agreements; outsourcing agreements; adviser registration forms; miscellaneous service agreements; retail leases; client terms of engagement, and more.
At imac legal we have seen numerous examples of these types of agreements that include terms that could be caught by the unfair contract provisions. For example, we have seen very lopsided client transfer agreements; distribution agreements that place all manner of liability on an adviser/licensee and none on the product issuer; adviser product registration forms that include extensive and one-sided indemnities; AR agreements that include unreasonable provisions.
If a provision is found to be unfair, the term will be void. Also, a judge can make whatever order the court deems appropriate.
If you are subject to any of these agreements, it is worthwhile using the law to your advantage to ‘even up the scales’ and re-negotiating terms where they may be unfair. On the other hand, if you are the provider of one or more of these standard form contracts, of course you need to review them to ensure they do not contain terms that could be construed as unfair. While the changes to the unfair contracts provisions do not come into effect until 12 November 2016, it is important to be aware of your rights and to review and amend your agreements if they contain any unlawful provisions before the new laws come into effect. ASIC has released information sheet INFO 210 on the topic if you want to have a read.
Privacy – the bar is being raised
It seems privacy laws may be a matter of ‘careful what you wish for’. For years, there has been commentary about how the Privacy Commissioner (as they were then called) and Privacy Office were toothless tigers. People lamented the fact that privacy laws were lagging behind rapid technology changes.
Some of those laments have already been addressed in privacy law changes over the last year and a bit and much more wide sweeping change is being touted. Suddenly, privacy will have everyone’s attention again.
For example, did you know that the Office of the Australian Information Commissioner (i.e. Privacy Commissioner) now has powers to:
- accept an enforceable undertaking
- bring proceedings to enforce an enforceable undertaking
- make a determination
- bring proceedings to enforce a determination
- report to the Minister in certain circumstances
- seek injunctions
- apply to the court for a civil penalty order
where there has been a breach of privacy laws?
The Privacy Commissioner has also recently awarded monetary damages for non-economic loss in two decisions as a result of breaches of the Privacy Act. In HS and AMP Life Ltd  AICmr 81 (17 December 2015) the Privacy Commissioner concluded that AMP Life had breached the Privacy Act by obtaining copies of the insured’s husband’s tax returns when the policy only covered the wife and the husband was not notified that AMP had accessed the records. AMP Life was also found not to have taken reasonable steps to securely destroy or permanently de-identify the tax information.
In the second decision, in HW and Freelancer International Pty Limited  AICmr 86, the Privacy Commissioner awarded $20,000 (including $5,000 for aggravated damages) when a company unnecessarily collected the complainant’s IP address information and collected his personal information unfairly and/or in an unreasonably intrusive way by freezing a user account until photographic identification was provided. (Note: it has been reported that Freelancer will appeal this decision.)
But perhaps the biggest game-changer in privacy law will be the proposed mandatory data breach reporting proposed in the Government’s latest discussion paper and Exposure Draft of the Privacy Amendment (Notification of Serious Data Breaches) Bill 2015.
This Bill, if it becomes law, will have significant impacts on many businesses. It will require those bound by the Privacy Act to notify ‘serious data breaches’ to affected individuals and the Privacy Commissioner, as compared with ‘voluntary’ data breach notification scheme requirements currently. A ‘serious data breach’ is one that creates a ‘real risk of serious harm’ to the affected individual. Critically, ‘harm’ is defined so that it includes harm to reputation, economic harm and financial harm as well as non-economic harm such as physical, psychological and emotional harm.
Businesses that fail to comply with the new provisions will risk enforcement action including potential civil penalties for serious or repeated infringements. The proposed legislation is open for public comment until 4 March 2016. Suddenly, it seems privacy may in fact have a full set of teeth!
Lifting Professional Standards for Advisers
As another step in the long and winding road to making the financial advising industry a profession, the Government released exposure draft legislation to raise education, training and ethical standards. Under the proposed legislation:
- New financial advisers will require a degree, undertake a professional year and pass an exam.
- The Government will recognise an independent industry-established standard setting body, operational from 1 July 2016, that will develop and set education standards, professional year requirements, continuing professional development requirements and develop a comprehensive code of ethics for financial advisers.
- Existing advisers will be provided a transition process and will be required to complete an appropriate degree equivalent (or have a recognised transition pathway determined by the independent standard setting body) and pass an exam.
- All advisers both new and existing will be required to undertake continuing professional development (CPD) and be party to a code of ethics.
- The new education and training requirement will be effective from 1 July 2017, with the code of ethics requirements coming into force from 1 July 2019.
Unfortunately, the proposed legislation was short on some vital details and provided difficulties in other respects. To summarise, the main issues with the proposed legislation are:
- it is not clear what degrees will or will not be accepted as an ‘appropriate’ qualification;
- the bridging course requirements are not clear for existing advisers;
- the timing proposed in the legislation for advisers to meet the new standard appear to be problematic and extremely difficult to meet;
- the proposed Code of Ethics may create overlap, confusion and/or conflict with existing association codes;
- there are also question marks around what the new Code of Ethics requirements will mean for PI insurance and for external dispute resolution.
A surprise announcement at the end of November on changes to the FOFA rules caught everyone by, well, surprise! After languishing through political machinations the Assistant Treasurer announced that several changes had passed through the Senate.
The changes include: removing the Palmer United Party-agreed changes; re-introducing the ‘catch all’ requirement in the best interests obligations; allowing 60 days instead of the previous 30 days to send FDSs and opt-in renewal notices; clarifying wording regarding conflicted remuneration so that it is clear that ‘causing or authorising’ such benefits can be caught by the provisions; relaxing conflicted remuneration rules so that more training and education benefits will be allowed; and miscellaneous minor changes. The changes are expected to come into effect in the first half of 2016. For a more detailed analysis of the FOFA changes, see imac legal’s blog post here.
The government has pressed ahead with proposed changes to the Life Insurance Framework. In short, limits will be placed on the amount of commissions that can be paid on establishment and renewal of life insurance policies; commissions will be able to be clawed back within the first two years of a policy; a code of conduct will be introduced for life insurers; insurance Approved Product Lists will need to be broadened.
If you want to see more details, including analysis and commentary on some of the practical considerations for your business coming out of these changes, see our blog post here. Note that after that blog post was published, Treasury released Exposure Draft legislation. It is expected that the legislation will be introduced to parliament in the first half of 2016 and come into effect on 1 July 2016.
Unfortunately, in imac legal’s view, the Exposure Draft legislation contained a drafting anomaly whereby it could be construed that payments other than commissions could count towards the fee caps. See, for example, this piece in the Financial Observer where imac legal was interviewed on the issue. We hope this will be sorted by the time the final form of the Bill is released.
2016 also promises other as-yet unspecified change in the following areas:
Financial System Inquiry: the government announced in 2015 that it intends introducing all but one of the recommendations from the Murray inquiry. While some of the recommendations are included in the changes above, 2016 should see more of those changes come to fruition. To see our summary of the changes, please see our blog here.
ASIC Guidance on review & remediation programs and record keeping. While not law, ASIC guidance should always be reviewed when financial services businesses assess their legal obligations and ways to implement them. ASIC has released a Consultation Paper CP 247 proposing significant changes to review and remediation programs. The same paper also updates record-keeping requirements. Comments are open until 26 February 2016, with the new regulatory guidance to be released soon thereafter.
While there is some useful guidance for AFS and Australian Credit licensees, unfortunately we think ASIC is overstepping the mark with some of its guidance on review and remediation. For example, we think it is wrong for ASIC to suggest that AFS licensees should trade away any external dispute resolution monetary limits when conducting remediation (see this article in Money Management where imac legal talks about this issue).
The record-keeping requirements in CP 247 are less controversial. In addition to the current requirement to ensure client records are retained for the statutory period, ASIC proposes to amend Class Order CO 14/923 (meaning the changes will have the force of law) so that licensees must also have access to the records. This has been a problem in the past where advisers have moved on from a licensee and the licensee has had difficulty accessing the records. The proposed guidance is a significant improvement from draconian provisions that were originally canvassed requiring licensees to physically keep copies of all client records as distinct from merely having access to them.
Accountants’ AFS Licensing. The long-awaited ‘limited AFSLs’ legislation comes into effect on 1 July 2016 so that accountants will no longer be able to rely on the exemption that allows them to provide advice and other financial services re SMSFs without being an AR or AFS Licensee. To date though, there has been an extremely low take-up of the new limited licences. There will either be a huge rush of limited AFSL applications in the last weeks leading up to 1 July or accountants will instead opt out of providing SMSF services directly or instead become fully authorised. imac legal is of the view that the limited licensing rules are seriously flawed, making it either very expensive to comply or ensuring widespread non-compliance. We will provide an update on this topic soon.
Super governance. While the proposed rules requiring public superannuation funds to have a minimum of one third independent directors on their board may have been scuttled, governance changes for super are still afoot. APRA has written to RSE licensees indicating proposed changes regarding: governance frameworks; processes for appointing, nominating and removing directors; director tenure; and board size.
Crowd-sourced Equity Funding. In late December the government released draft regulations that provide additional details on the proposed new crowd-sourced funding Bill introduced earlier that month. In short, the new rules make it easier for small businesses to access capital while also introducing consumer protections. The new rules are expected to be a boon for fintech startups.
Several other changes have been proposed for financial services but have yet to come to fruition. The biggest ticket item among these is ASIC’s review of the cost structures for AFS licensees. Among proposed changes are: increased AFSL application fees, increased ongoing AFSL-related fees and a ‘user pays’ fee model. We will continue to monitor developments.
In any case, so much for 2016 being a long-awaited year of consolidation after years of regulatory change and fatigue for financial services businesses. There will certainly be no letup in the rate of change in the short term. Financial services businesses will need to be constantly learning and evolving to stay ahead of the game.
FREE OFFER: If you would like to receive updates like this straight to your mailbox, simply sign up on our blog page at imaclegal.com.au/news/ REMEMBER: IT’S FREE. NO STRINGS ATTACHED.