Australia

What are the relevant statutes and which government authorities are responsible for investigating and enforcing them?

Legislative framework

In Australia, securities are primarily regulated by the Corporations Act 2001 (Cth) (the Corporations Act). Of note, Chapter 6D regulates fundraising through the issue or sale of securities, and Chapter 7 regulates the title and transfer of securities, financial markets and the provision of financial services (among other things). For example, there are prohibitions on market manipulation,^[2] false trading and market rigging,^[3] making of false or misleading statements,^[4] dishonest conduct,^[5] misleading or deceptive conduct^[6] and insider trading.^[7] Restrictions are also placed on short selling^[8] and a disclosure regime is prescribed.^[9]

The Australian Securities and Investment Commission (ASIC) is an independent statutory corporation set up under the Australian Securities and Investments Commission Act 2001 (Cth) (the ASIC Act). ASIC is responsible for the administration of the Corporations Act.^[10] ASIC’s powers stem from both the ASIC Act and the Corporations Act, and include powers to make legislative instruments.^[11] For example, the ASIC Market Integrity Rules (Securities Markets) 2017 (Cth) deal with the activities and conduct of trading on licensed financial markets, such as the Australian Stock Exchange (ASX). ASIC has also issued a suite of regulatory guidance explaining how it will exercise its powers and interpret the law.^[12]

The ASX Listing Rules govern entities seeking to gain admission to, raise capital and quote securities on the ASX, as well as the issue of new securities and reorganisation of the existing capital structure of entities already listed on the ASX.^[13]

Regulatory framework

ASIC is the key regulator responsible for investigating and enforcing possible breaches of the Corporations Act and corporate offences under the relevant legislation.^[14] It regulates corporations, managed investment schemes, financial services industry participants, people engaged in consumer credit activities and authorised financial markets operating in Australia.

ASIC has broad information-gathering powers and can seek remedies through civil, criminal or administrative action where it considers that a person may have committed an offence under the Corporations Act.^[15] While ASIC has an independent power to prosecute,^[16] substantive criminal prosecutions are generally undertaken by the office of the Commonwealth Director of Public Prosecutions (CDPP).^[17]

Other relevant regulators and government agencies include:

• the ASX: the operator of Australia’s primary exchange of equities, derivatives and fixed interest securities, which is responsible for monitoring and enforcing compliance with the ASX Listing Rules and the ASX Operating Rules;
• the Australian Takeovers Panel: a specialist peer review body, which is the primary forum for resolving disputes about a takeover bid until the bid period has ended;^[18]
• the Australian Competition and Consumer Commission (ACCC): a regulatory commission responsible for enforcing federal competition, fair trading and consumer protection laws;
• the Australian Federal Police (AFP): the law enforcement agency usually responsible for commencing foreign bribery investigations and investigations into cybercrime offences; the AFP may refer potential enforcement matters to the CDPP;
• the Australian Taxation Office: a statutory agency responsible for administering the Australian federal taxation system, superannuation legislation and other associated matters;
• the Office of the Australian Information Commissioner: the independent national regulator for privacy and freedom of information, set up under the Australian Information Commissioner Act 2010 (Cth);
• the Australian Cyber Security Centre (ACSC): an agency that coordinates Australia’s national cybersecurity response.^[19] It refers enforcement matters to the AFP and the Australian Criminal Intelligence Commission;^[20]
• the Australian Transaction Reports and Analysis Centre (AUSTRAC): an agency that regulates and enforces Australia’s anti-money laundering and counter-terrorism financing legislation;^[21] and
• the Australian Prudential Regulation Authority (APRA): the independent statutory authority that supervises banking, insurance and superannuation institutions.

ASIC

Investigative powers

There are three grounds on which ASIC may commence a formal investigation:

• ASIC may investigate ‘where it has reason to suspect’ a contravention of the Corporations Act or the ASIC Act;^[22]
• the Federal Minister may direct ASIC to commence a formal investigation where the Minister considers it is in the public interest;^[23] or
• ASIC may investigate any matter related to a report lodged by a receiver or liquidator to determine whether or not to prosecute a person for an offence against the Corporations Act or the ASIC Act.^[24]

During an investigation, ASIC may conduct compulsory private examinations and require assistance from a person where ASIC ‘on reasonable grounds, suspects or believes’ that person can give information relevant to the investigation.^[25] ASIC may inspect ‘books’^[26] required to be kept under the Corporations Act and compel the production of books relating to the affairs of a body corporate, registered scheme, financial product or financial service.^[27] Where books are produced to ASIC, it may also require a person who produced or compiled those books to explain any matter to which the books relate.^[28]

ASIC can also apply to a magistrate for search warrants where it reasonably suspects a contravention that would be an indictable offence under the Corporations Act or ASIC Act.^[29] Search warrants issued at ASIC’s request are executed by the AFP, with ASIC officers assisting.

ASIC’s exercise of its investigative powers is not limited by the privilege against self-incrimination, but is subject to legal professional privilege.

Approach to enforcement

ASIC has published an information sheet explaining how it selects matters for investigation, the enforcement tools available to it, and how it interacts with people during investigations and enforcement actions.^[30]

ASIC fulfils its enforcement responsibilities through surveillance activities, civil proceedings, administrative remedies and criminal prosecutions.

Surveillance activities

ASIC’s surveillance activities involve gathering and analysing information on a particular entity or entities to test and ensure compliance with the law. Surveillance can be undertaken on companies, partnerships, licensed or unlicensed entities and individuals, and on disclosure documents.^[31] ASIC does not need to suspect a breach of the law to exercise these powers.^[32]

What conduct is most commonly the subject of securities enforcement?

Continuous disclosure

Chapter 6CA of the Corporations Act obliges disclosing entities to disclose price-sensitive information on a continuous basis. ASIC has described the continuous disclosure regime as a cornerstone of maintaining the integrity and confidence of markets.^[33] Allegations of continuous disclosure breaches are frequently the subject of shareholder class action proceedings,^[34] ASIC proceedings^[35] and ASIC-issued infringement notices.^[36]

The maximum criminal penalty for a breach of the continuous disclosure regime is five years’ imprisonment.^[37] The offence is also subject to the civil penalty regime outlined below. A failure to disclose in accordance with listing rules or to other disclosing entities is also subject to ASIC’s infringement notice regime.^[38]

In its 2019–2020 Annual Report, ASIC listed the failure to disclose material negative information to the market (as well as opportunistic and misleading announcements) as a key enforcement priority.^[39] Between 1 January and 30 June 2021, ASIC concluded 20 corporate governance enforcement matters.

However, there appears to have been a recent shift in regulatory focus. Continuous disclosure as a common trigger for shareholder class actions was a key topic of interest in the recent Parliamentary Joint Committee on Corporations and Financial Services inquiry into litigation funding and the regulation of the class action industry.^[40] The Joint Committee considered that shareholder class actions were generally not in the public interest^[41] and modifying the fault element would stem the flow of ‘opportunistic class actions’.^[42]

In May 2020, the federal government, in response to the covid-19 pandemic and the risk posed by unmeritorious class actions, made temporary modifications to the operation of the continuous disclosure laws, which were ultimately made permanent in August 2021.^[43] These modifications limit liability to circumstances where corporations and directors act with ‘knowledge, recklessness or negligence’ as to whether a disclosure would have a material effect on the price or value of an entity’s securities.^[44] The change aligns Australia’s continuous disclosure regime with those of the United States and the United Kingdom.^[45]

Notably, in its updated Corporate Plan 2021–2025, released in August 2021, ASIC did not identify continuous disclosure enforcement as a current regulatory focus. Its current strategic priorities relate to addressing inadequate disclosure in product disclosure statements,^[46] influencing corporations to make nuanced and reliable climate risk disclosures and developing technologies to identify and assess poor market disclosures of listed companies.^[47]

Market manipulation and insider trading

Market surveillance to identify insider trading and market manipulation is another strategic priority for ASIC.^[48] This supervision extends beyond securities markets to include derivative and wholesale markets.

The maximum criminal penalty for dealing in relevant financial products and communicating price-sensitive information is 15 years’ imprisonment.^[49] These offences are also subject to the civil penalty regime described below.

ASIC has specifically identified insider trading and market manipulation in short-term money markets, domestic and cross-currency swap and future markets as a key focus for action.^[50] This strategic objective is reflected in the commencement of proceedings in the Federal Court of Australia by ASIC against a major Australian bank in May 2021 for alleged insider trading, unconscionable conduct and breaches of obligations as an Australian financial services licence holder. The proceedings concern the bank’s role in Australia’s largest interest rate swap transaction executed in one tranche. ASIC alleges that the bank knew, or believed, it would be selected to execute the interest rate swap when it traded in the interest rate derivatives market to affect the price of the swap transaction to the detriment of its clients. ASIC has stated that this action serves as an important reminder that insider trading prohibitions apply equally across financial markets.^[51]

The regulatory focus on serious misconduct harming market confidence has also seen ASIC take steps to expand its capabilities to detect misconduct through the development of enhanced analytics tools for market scanning, to identify patterns indicating potential misconduct.^[52]

ASIC’s immunity policy, which was announced in February 2021, also demonstrates its commitment to dealing with serious market misconduct.^[53]

Foreign bribery

Historical enforcement of foreign bribery offences in Australia

In its periodic assessments of Australia’s implementation of the Organisation for Economic Co-operation and Development (OECD) Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (the Convention), the OECD Working Group on Bribery in International Transactions (the Working Group) has typically found that Australia is lacking in its enforcement of foreign bribery offences.

In 2012, the Working Group was ‘seriously concerned’ that enforcement of foreign bribery offences was ‘extremely low’, with only one case out of 28 referrals over 13 years leading to prosecution.^[54]

In its most recent follow-up report in 2019, the Working Group remained deeply concerned about the lack of ‘meaningful progress’ in Australia’s foreign bribery enforcement, with only two companies and six individuals being convicted of foreign bribery, across two matters, in 20 years.^[55]

The future of foreign bribery enforcement in Australia

Various amendments have been made to the foreign bribery offences in the Criminal Code Act 1995 (Cth) (the Code) in response to recommendations of the Working Group. For example, in 2016, the false accounting offences were inserted.^[56] However, there have been no successful prosecutions under the false accounting offences and various deficiencies in the foreign bribery offences remain, and this may explain Australia’s relatively low enforcement record.^[57]

In December 2017, the Australian government introduced the Crimes Legislation Amendment (Combatting Corporate Crime) Bill 2017 (Cth) (the CLACCC Bill) to amend the foreign bribery offences legislation to remove unnecessary impediments to prosecution, and introduce a new corporate offence for failing to prevent foreign bribery and a deferred prosecution agreement scheme for foreign bribery offences, similar to the scheme successfully implemented in the United Kingdom. At the time of writing, the CLACCC Bill has not been passed.

Australia’s approach to future enforcement of foreign bribery offences largely depends on the passing of the CLACCC Bill, which is expected to result in an increase of successful foreign bribery prosecutions in the coming years.

Anti-money laundering

From December 2017 to February 2019, the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (the Royal Commission) conducted a review into the financial sector in Australia. The aftermath of the Royal Commission has seen increased investigatory and enforcement action by Australia’s financial intelligence agency, AUSTRAC, against three of Australia’s largest banks for non-compliance with anti-money laundering laws.^[58]

In 2018, a major Australian bank was fined A$700 million for anti-money laundering and counter-terrorism financing (AML/CTF) programme failures and for failing to (1) report threshold transactions and make suspicious matter reports in time and (2) conduct ongoing customer due diligence.^[59] In 2020, a second major bank was fined A$1.3 billion, the largest civil penalty in Australian history, which was intended to deter financial institutions from AML/CTF non-compliance.^[60] The bank had admitted breaches relating to International Funds Transfer Instructions, correspondent banking due diligence, its AML/CTF programme and ongoing customer due diligence.^[61] AUSTRAC is also currently conducting an investigation into ‘serious concerns’ about another major bank’s Designated Business Group compliance with the AML/CTF regime.^[62]

In the gambling sector, in 2017, the Federal Court of Australia imposed a A$45 million penalty on a listed wagering company.^[63] The Court held the company had, among other things, failed to maintain a sufficiently compliant AML/CTF programme^[64] and failed to provide suspicious matter reports to AUSTRAC in relation to suspected match-fixing, credit betting and credit card fraud.^[65]

AUSTRAC is currently investigating potential, serious non-compliance with the AML/CTF regime at casinos in major Australian cities.^[66]

As a consequence of the large penalties awarded in these matters, AML enforcement risks are a significant focus for regulated entities in Australia and this trend is unlikely to abate.

AUSTRAC’s regulation of digital currencies

Since 3 April 2018, digital currency exchange (DCE) services have been regulated by AUSTRAC and subject to Australia’s AML/CTF regime.^[67] DCE service providers are subject to registration requirements, which provides AUSTRAC with the power to suspend, cancel or refuse to issue or renew a registration.^[68] However, the AML/CTF regime only applies to DCE services that involve an exchange between digital currencies and money (or gaming chips and tokens or betting instruments); it does not focus on the digital currencies themselves.

The Australian regulatory landscape is continuing to evolve, with AUSTRAC and ASIC publishing various guidance materials for entities involved in digital currency.^[69]

Information sharing will likely lead to more enforcement action

A focus on information sharing between government agencies relevant to financial crime is likely to continue – including beyond Australia’s boundaries. This is reflected in AUSTRAC’s Corporate Plan where Nicole Rose PSM, AUSTRAC’s chief executive officer, stated:^[70]

We are transforming our regulatory capability with a focus on enhancing our collaborative relationships with both government and industry stakeholders. Fintel Alliance^[71] will continue to bridge this gap as we strive to increase the operational tempo. . . . By expanding our international footprint we are connecting with more partner agencies to better respond to money laundering, terrorism financing and other serious crime, through greater sharing of information and capabilities.

Emerging areas for enforcement activity

Financial Accountability Regime

The Financial Accountability Regime (FAR) is expected to be introduced to federal Parliament before the end of 2021. It will supersede the standards of conduct established by the Banking Executive Accountability Regime (BEAR), by strengthening and enhancing executive accountability laws and extending their reach to all APRA-regulated entities (including insurers and registerable superannuation entities).^[72]

Since its enactment in 2018, there has been very limited formal enforcement action by APRA under BEAR. This reflects the relative infancy of the regime, as well as APRA’s predominantly supervisory approach to driving better prudential outcomes.^[73] In contrast, the UK Financial Conduct Authority regularly imposes substantial fines, including on those found to have failed to act with due care, skill and diligence in their role under the Senior Managers and Certification Regime (SMCR). Given that BEAR is modelled on the SMCR, it provides an insight into potential future enforcement trends in Australia.

As recommended by the Royal Commission, ASIC will join APRA in administering FAR. This co-regulation model seeks to ensure that FAR is ‘enforced from both a prudential perspective and a conduct and consumer-outcomes based perspective’.^[74] While details of the proposed division of labour between the two regulators are limited, the clear expectation is that ASIC and APRA will collaborate and coordinate in enforcement efforts.^[75]

Cybersecurity

Cybersecurity enforcement is relatively immature in Australia, with the ACSC’s key areas of concern including protecting national critical infrastructure and essential services systems from cyberattacks and vulnerabilities in the 5G network and internet-of-things devices.^[76] This may provide an indication as to future enforcement focus by the ACSC’s law enforcement partners.

ASIC’s focus on cyber-resilience

ASIC has a current focus on improving the cyber-resilience of Australia’s financial market operators, particularly given the cybersecurity challenges posed by covid-19. Its reported focus is on disrupting and deterring scams such as cyber misconduct and crypto-related scams.^[77] ASIC has also developed a number of resources to assist organisations in improving their cyber-resilience, including good practice guidance and key questions for boards of directors.^[78] A new ASIC working group will undertake these tasks and swift enforcement action will be taken, where appropriate, against wrongdoing.^[79]

It is anticipated that ASIC’s interest in this area may trigger a rise in cybersecurity enforcement action in Australia, including against potential targets of cyberattacks. In August 2020, ASIC commenced Federal Court proceedings against a financial services business for failing to have adequate cybersecurity systems as required under the Corporations Act.^[80]

Given the proliferation of data breaches, disclosure of significant data breaches under the continuous disclosure regime and regulator action for failing to do so is also expected to become more prominent.

What legal issues commonly arise in enforcement investigations?

A number of issues commonly arise in Australian enforcement investigations, including those that concern the breadth of information-gathering powers and when claims for legal professional privilege are invoked.

Information-gathering powers

Australian regulators have broad powers to compel the production of information and documents. ASIC has recently been the subject of widespread criticism due to its aggressive stance and significant legal and corporate costs to comply with burdensome regulatory investigations. Few limits exist to keep these powers in check, but recently there has been a willingness by some corporations to be the subject of an investigation to test the scope of ASIC’s powers.

In general, ASIC’s powers are limited only by the requirement to use them for a ‘proper purpose’ – meaning a purpose consistent with the exercise of the powers conferred – and that the item or document sought is within the ‘possession, custody or control’ of the recipient.^[81]

In 2020, the Federal Court clarified that, unlike a subpoena or discovery in litigation, notices issued by ASIC cannot be objected to on the grounds that they lack sufficient clarity or are unreasonably broad (tantamount to a fishing expedition).^[82]

The Court also clarified that documents to which the recipient had access, albeit outside its direct ‘possession, custody or control’ (such as documents held by its international subsidiaries or documents held by third parties on its behalf), must be produced to the regulator.^[83]

Multi-regulator investigations

Over the past 18 to 24 months there has been a marked increase in cooperation between federal regulators, synchronising their investigations and, subject to statutory limitations,^[84] coordinating the use of their information-gathering powers.

To facilitate this many of Australia’s largest corporate regulators have entered into information-sharing and cooperation agreements. For instance, subject to secrecy and confidentiality obligations, the memorandum of understanding between ASIC and the ACCC permits the establishment of a joint task force to conduct an investigation or litigation.^[85] One peculiar consequence of this approach is that where an individual or entity has received immunity from prosecution from one regulator, the information provided for the immunity application could be shared with other regulators, prompting an entirely new investigation. Organisations need to be acutely aware of such agreements.

Legal professional privilege

In recent times, Australian regulators have increasingly sought to challenge the breadth and scope of claims for legal professional privilege, which have been relied upon to prevent production of documents.

In Australia, the law of legal professional privilege is governed by numerous overlapping federal and state statutes and the common law.^[86] However, similar to other common law jurisdictions, a valid claim for legal professional privilege will often be established where there is a communication made for the dominant purpose of either seeking or providing legal advice (advice privilege) or preparing for actual or anticipated litigation (litigation privilege), provided that the communication is made in confidence and kept confidential. This ‘dominant purpose test’ is similar to that applied in other jurisdictions, including the United Kingdom, Singapore and Hong Kong. The High Court has stated that the term ‘dominant purpose’ in this context and in its ordinary meaning ‘indicates that purpose which was the ruling, prevailing, or most influential purpose’.^[87]

However, there are circumstances where communications will not be protected by legal professional privilege, including communications made for illegal or improper purposes that facilitate the commission of a crime or fraud.^[88]

In the context of regulatory enforcement, communications between a client and external (and frequently internal) lawyers will ordinarily be protected by legal professional privilege, despite the statutory powers afforded to regulatory bodies to demand the production of documents.^[89] In Daniels Corporation International Pty Ltd v. ACCC,^[90] the High Court held that the ACCC was not permitted to require the production of documents subject to legal professional privilege, noting that ‘legal professional privilege is a right that will not be taken to have been abolished by legislative provisions except by express language or clear and unmistakable implication’.^[91]

While recent decisions of Australian courts have continued to emphasise the importance of the doctrine and prevent inroads in a regulatory investigation, lawyers and their clients must ensure that communications in enforcement investigations are kept confidential, to protect privilege and to limit challenges to such claims.^[92]

Further, when parties are required to respond to a compulsory notice issued by ASIC, a claim for legal professional privilege must be identified in a privilege schedule, which includes details about each document, such as the names and positions of all authors and recipients.^[93] The requirement to provide this information provides an opportunity for ASIC (and other regulators) to scrutinise and challenge claims for legal professional privilege.

Immunity

Having regard to the success of various offshore equivalents, the ACCC and ASIC have both established their own immunity policies, which provide for immunity from civil liability and criminal proceedings in relation to serious misconduct in commercial or financial activities.

Under the ACCC’s Cartel Immunity and Cooperation Policy,^[94] corporations and individuals may seek civil and criminal immunity for cartel conduct in contravention of the Competition and Consumer Act 2010 (Cth). However, the immunity policy is only available to the first eligible party to disclose the cartel conduct. By contrast, ASIC’s immunity policy^[95] provides immunity only to individuals for alleged contraventions of the market misconduct provisions of the Corporations Act.^[96] Both polices seek to encourage disclosure about serious commercial misconduct and assistance to regulators in discharging their regulatory functions, with the understanding that individuals will not be prosecuted or penalised for doing so.

Given that ASIC’s policy only came into effect at the beginning of 2021, its effectiveness in helping ASIC to identify and take enforcement action against complex markets and financial services contraventions is yet to be realised.^[97] However, the ACCC’s policy, which has been in place for some years, has been utilised successfully in notable enforcement actions.

Nonetheless, in circumstances where immunity is not available, both ASIC and the ACCC also have cooperation policies, which prescribe the favourable consideration that may be given to an entity for cooperating with enforcement investigations, in subsequent court or administrative proceedings.

Whistleblowers

In past years, whistleblowing legislation failed to play a key role in Australian enforcement investigations, with deficiencies in the previous legislative protections failing to encourage individuals to come forward and report suspected wrongdoing and inhibiting the discovery of corporate misconduct.

To combat this, the private sector whistleblowing regime in Australia recently underwent major reform. From 1 January 2020, public listed companies, large proprietary companies and trustees of registrable superannuation entities incorporated under the Corporations Act were all required to have a compliant whistleblowing policy in place or risk being exposed to penalties.^[98]

Under the Corporations Act, eligible persons afforded whistleblower protection are offered three main legal protections:

• the whistleblower’s identity, or information that is likely to lead to their identity being revealed, is to be kept confidential unless authorised by law;^[99]
• the whistleblower will not be subject to any civil, criminal or administrative liability (including disciplinary action) for making a disclosure;^[100] and
• victimisation against a whistleblower is prohibited.^[101]

As a result of the new regime, it is expected that the number of enforcement investigations in Australia prompted by whistleblower disclosures will increase considerably, particularly in the current period of economic uncertainty arising from the covid-19 pandemic.

What remedies and sanctions are available to government authorities?

ASIC

Civil proceedings

ASIC can bring civil proceedings seeking a wide range of civil remedies, designed to punish individuals (civil financial penalties),^[102] remedy breaches, protect investors and financial consumers,^[103] protect assets or compel compliance with the law^[104] and recover damages or property for persons who have suffered loss.^[105] ASIC may also seek negotiated alternatives to remedies, such as enforceable undertakings,^[106] and issue infringement notices for continuous disclosure obligations.^[107]

Criminal prosecutions

While ASIC has the power to commence a prosecution for alleged offences against the Corporations Act or the ASIC Act,^[108] in practice, the CDPP conducts all substantive prosecutions. Prosecutions can be commenced in the relevant courts of each state and territory.^[109]

Recent changes in the regulatory landscape

Increased powers and penalties

In December 2017, the federal government’s ASIC Enforcement Review Taskforce published 50 recommendations following a review of ASIC’s enforcement regime and suitability of existing regulatory tools.^[110] The recommendations included improvements to ASIC’s information-gathering powers, strengthening of licensing and banning powers, and increased penalties for corporate misconduct.

Since March 2019, serious offences have been punishable by up to 15 years in prison. Maximum civil penalties for individuals and companies have significantly increased and apply to a greater range of misconduct.^[111] The maximum civil penalty for companies is currently the greater of A$11.1 million, three times the benefit obtained and detriment avoided or 10 per cent of annual turnover, capped at A$555 million.^[112]

Legislative reforms have also expanded ASIC’s search warrant powers. Prior to early 2020, material seized and subsequently shared with ASIC could only be used by ASIC for investigating or prosecuting criminal offences.^[113] Seized ‘evidential materials’^[114] may now be made available to ASIC where there is a reasonable suspicion of an indictable offence, and ASIC may use the materials to perform its functions and duties, and exercise its powers, including preventing or investigating a relevant breach.^[115] ASIC was also given broader access to intercepted material for the investigation and prosecution of complex criminal offences.^[116]

New enforcement approach: why not litigate?

In the Royal Commission’s 2018 interim report Commissioner Hayne was critical of ASIC’s enforcement approach, noting ASIC’s starting point in response to misconduct was ‘How can this be resolved by agreement?’, which Commissioner Hayne considered should not be the starting point for a conduct regulator.^[117] In the final report, delivered in February 2019, Commissioner Hayne recommended that ASIC take, as its starting point, the question of whether a court should determine the consequences of a contravention.^[118] That is, when misconduct is identified, ASIC should ask ‘why not litigate?’.^[119] Commissioner Hayne found that the use of negotiation and persuasion without enforcement ‘all too readily leads to the perception that compliance is voluntary’.^[120]

In October 2018, ASIC adopted a ‘why not litigate?’ approach to enforcement, once satisfied that breaches of law are more likely than not to have occurred and pursuing the matter would be in the public interest.^[121] This strategy aims ‘to deter future misconduct and address the community expectation that wrongdoing will be punished and publicly denounced through the courts’, but ‘does not mean that [ASIC] will take every matter to court’.^[122] ASIC also established an Office of Enforcement and a single enforcement strategy to strengthen its enforcement culture and effectiveness.^[123]

Since adopting the ‘why not litigate?’ enforcement strategy, there has been a significant increase in civil proceedings (64 per cent increase in 2020) and criminal proceedings (36 per cent increase) commenced by ASIC and there have been more briefs referred to the CDPP (27 per cent increase).^[124] ASIC also recorded its two largest civil penalty outcomes in 2020.^[125]

Anti-money laundering

Money laundering offences prohibiting dealings with proceeds of crime are found in Part 10.2 of the Code. The penalties are contingent on the amount of money or property involved.

The maximum criminal penalty for an intentional offence involving money or property valued over A$10 million is life imprisonment.^[126] If the offence involves money or property with a value of A$100,000 or less, and it is reasonable to suspect that the money or property is proceeds of indictable crime and the offender cannot prove he or she did not have that reasonable suspicion, the penalty is two years’ imprisonment or 120 penalty units (currently A$26,640), or both.^[127]

Money laundering offences can also be prosecuted under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) for transactions conducted to avoid reporting requirements relating to threshold transactions, where the maximum criminal penalty is five years’ imprisonment or 400 penalty units (currently A$88,800), or both.^[128]

Foreign bribery

Australia became a signatory to the Convention in 1999 and in that year the Convention was implemented by provisions in Division 70 of the Code.

For an individual, the maximum penalty for bribing a foreign public official is 10 years’ imprisonment or a fine (currently up to A$2.22 million), or both.^[129] For a corporate offender, the maximum fine is the greater of:^[130]

• 100,000 penalty units (currently A$22.2 million);
• three times the value of the benefit gained from the conduct (if it can be ascertained); or
• 10 per cent of annual turnover of the corporation and related bodies (if the value of the benefit gained from the conduct cannot be determined).

Additionally, any benefits obtained by foreign bribery can be forfeited to the Australian government under the Proceeds of Crime Act 2002 (Cth).^[131]

False accounting

The false accounting offences in Part 10.9 of the Code (Accounting Records) came into force in March 2016. The offences are: intentional false dealing with accounting documents;^[132] and reckless false dealing with accounting documents.^[133]

These laws are broadly framed to capture false accounting connected with the conferring of illegitimate benefits to foreign public officials, but also false accounting practices connected with illegitimate benefits directed to public officials acting in the course of their duties, or to corporations.

The maximum penalties for a contravention are the same as for foreign bribery offences, but if the conduct occurred recklessly, the penalties are halved.

Cybersecurity

The Code contains a broad suite of ‘computer offences’,^[134] which capture conduct regarding the unauthorised access, modification or impairment of data, with penalties varying depending upon the intention behind the prohibited conduct.

The maximum penalties for some computer offences are: two years’ imprisonment for unauthorised access to, or modification of, restricted data;^[135] and 10 years’ imprisonment for unauthorised impairment of electronic communication.^[136]

Footnotes