Archived Posts Lists

Australian Regulatory Compliance Review
Australian Technology and IP Business
Credit Union and Mutual Law
National Consumer Credit Reform
Personal Property Securities Australia
Longview Business Insights
Australian Private Health Insurers
Wills, Trusts, Super
Mutuals Resource Centre


Commonwealth legislation
Corporate Governance
Not-for-Profit links
Regulator Links

January 23, 2014

Credit Reporting Privacy Code registered

The Credit Reporting Privacy Code (CR Code), a mandatory code that binds credit providers and credit reporting bodies, was registered on the OAIC’s Codes Register on 22 January 2014 and will take effect from 12 March 2014.

Among other things, the new Part IIIA of the Privacy Act and the Privacy Regulations 2013 restricts the types of credit information that may be disclosed to Credit Reporting Bodies (CRBs), the circumstances in which that information may be disclosed by a CRB to Credit Providers (CPs) and affected information recipients and their handling of that disclosed information.

The CR code supplements the new credit reporting laws by further defining the obligations of CRBs, CPs, and affected information recipients. It replaces the Credit Reporting Code of Conduct issued under Section 18A of the Privacy Act 1988 (which will be repealed on 12 March 2014).

The CR code contains both mandatory provisions and a high level summary of the provisions of Part IIIA of the Privacy Act 1988 that provide the context for the CR code obligations.

A breach of a mandatory provision of the CR code is a breach of the Privacy Act and the Information Commissioner can use his enhanced powers under the privacy reforms, including agreeing enforceable undertakings or seeking civil penalties, in relation to any breaches.

The CR code was developed by the Australian Retail Credit Association (ARCA) in consultation with industry and consumer groups.

While the CR code adds to aspects of the credit reporting obligations, the CR code does not encompass all aspects of Part IIIA: compliance with the CR code alone will not achieve full compliance with Part IIIA.

From 12 March 2014, a credit provider must be a member of an EDR scheme recognised under the Privacy Act to be able to participate in the credit reporting system.

Commercial lenders and businesses who are not already in a consumer credit EDR scheme will be required to join an EDR scheme.

Credit providers, as defined in s 6G of the Privacy Act, includes a bank, an entity where a substantial part of its business is provision of credit, a retailer that issues a credit card in connection with sale of goods or supply of services, a supplier which provides credit in relation to sale of goods or supply of services where repayment of credit is deferred for at least 7 days and a lessor who provides credit in connection with hiring, leasing or renting of goods and credit is in force for at least 7 days.

Only credit providers who are licensees under Chapter 3 of the National Consumer Credit Protection Act or prescribed by the Regulations and mortgage insurers will be able to access repayment history information. But all credit providers will be able to access an expanded range of consumer credit information.

Print This Post Print This Post

Posted 23rd January 2014 by David Jacobson in Compliance, Financial Services, Privacy

December 30, 2013

The regulatory schedule for 2014

2014 begins with some uncertainty: in addition to its legislation repealing the carbon tax and the mining tax, the Government has indicated it will be changing FOFA and conducting a Financial System Inquiry. Its charities changes have also been held up in the Senate.

It will also be "cleaning up" announced but unimplemented tax and superannuation changes. The Superannuation Guarantee charge percentage increase from 9.25% to 9.5% scheduled for 1 July 2014 has been postponed. The rate will remain at 9.25% until 30 June 2016.

But some significant changes will definitely commence in 2014, particularly the privacy changes commencing on 12 March.

1 January 2014

Anti-bullying law: anti-bullying legislation comes into effect on 1 January 2014 and will enable victims of workplace bullying to apply directly to the Fair Work Commission for an order that the bullying stop.

Small businesses will be apply to apply for External Dispute Resolution for disputes on loans up to $2 million

Risk management: New APRA standards for ADIs requiring a chief risk officer commence.

The Financial Claims Scheme single customer view commences.

The National Regulatory Scheme for Community Housing will also start in January.

The new statutory definition of charities will commence, notwithstanding the Government's proposed changes to the sector.

Other key dates

Personal Property Securities Act transition ends on 31 January 2014: pre-30 January 2012 securities must be registered on the PPS Register to retain priority.

National Gambling Reforms (including daily ATM limits in gambling venues) commence on 1 February 2014.

The Co-operatives National Law commences in NSW and Victoria on 3 March and later in the year in other States and Territories.

The Privacy Amendment Act commences on 12 March 2014 including changes to credit reporting.

Gender equality: from 1 April 2014 businesses with 100 or more employees will be required to lodge reports each year containing information relating to various gender equality indicators.

Print This Post Print This Post

Posted 30th December 2013 by David Jacobson in Charities, Compliance, Corporations Act, Financial Services, Privacy, Superannuation, Tax, Workplace

December 20, 2013

Privacy Regulations amended: credit reporting provisions

Privacy Regulation 2013 was registered on 17 December 2013. It updates and consolidates the Privacy Regulations with changes made to implement the Privacy Amendment (Enhancing Protection) Act 2012 which commences on 12 March 2014.

The main changes relate to credit reporting as a result of amendments to Part IIIA of the Privacy Act.

Regulation 6 – Consumer credit liability information
This Regulation prescribes the terms or conditions of the consumer credit for the purposes of the definition of consumer credit liability information in paragraph 6(1)(e) of the Act. These are:

(a) how the principal and interest on the consumer credit are to be paid (with the regulation specifying that payments be classified as either principal and interest, principal plus interest with a residual balloon, or interest only);

(b) whether the term of the consumer credit is fixed or revolving;

(c) if the term of the consumer credit is fixed – the length of the term;

(d) whether the individual is a guarantor to another individual is in relation to that particular line of credit of the other individual;

(e) whether the consumer credit is secured or unsecured; and

(f) any variation that may be made to items contained in the above paragraphs (a) to (e).

Regulation 10 – Meaning of credit provider
Regulation 10(2) excludes from the definition of credit provider under subsection 6G(6) of the amended Privacy Act any organisation or small business operators acting in the capacity of a current or prospective landlord in relation to the individual with whom an organisation or small business may be transacting. Any landlord which receives rent in arrears is therefore excluded from the definition of a credit provider.

Regulation 11 – Meaning of credit reporting business
This Regulation excludes from the definition of credit reporting business under subsection 6P(4) of the amended Privacy Act those businesses which provide personal information to a credit provider for the purposes of verifying an individual’s identity or validating other information relating to the individual’s financial position (such as real property assets) provided by an individual to a credit provider.

Regulation 12 – Meaning of repayment history information
This regulation specifies the circumstances in which an individual has not met an obligation to make a monthly payment that is due and payable, pursuant to subsection 6V(2) of the amended Privacy Act. The Regulation provides that where an individual misses any or all repayments due in a month, irrespective of the actual payment cycle for that obligation, then the individual is taken to have missed a payment. The intention of this section is to ensure that there is only one report each month per credit account of an individual’s repayment history information.

Regulation 22 – Transitional
The Regulation provides that information requests that are being processed on or before the commencement date of the Privacy Amendment Act may be processed under the existing Part IIIA of the Privacy Act up to, and including, 31 March 2014.

More about the Privacy Amendment Act

Print This Post Print This Post

Posted 20th December 2013 by David Jacobson in Compliance, Financial Services, National Credit Code, Privacy

November 29, 2013

Co-operatives National Regulations update

The Co-operatives National Regulations have been approved by all jurisdictions.

NSW and Victoria have confirmed their respective CNL laws will commence on Monday 3 March 2014.

The other jurisdictions are continuing to progress the consideration or development of their enabling laws that will introduce the CNL or alternative consistent legislation in their jurisdiction.


Print This Post Print This Post

Posted 29th November 2013 by David Jacobson in Business Planning, Compliance

November 20, 2013

Final stage of draft Australian Privacy Principles Guidelines released

The Office of the Australian Information Commissioner has commenced consultation on the third and final stage of its draft APP guidelines.

It has released draft chapters of the Australian Privacy Principles (APP) Guidelines on APPs 12 and 13 (Chapters 12 and 13):

  • Chapter 12 — APP 12 access to personal information
  • Chapter 13 — APP 13 correction of personal information

The Privacy Act amendments commence on 12 March 2014.

Langes is advising clients on their privacy policies and on the impact on direct marketing, credit reporting and storage of data.

Print This Post Print This Post

Posted 20th November 2013 by David Jacobson in Compliance, Privacy

November 18, 2013

How hard is it to wear two hats?

There are many corporate positions that may be double hatted (depending on the company size): company secretary/general counsel, general counsel/chief compliance officer, CFO/risk officer, internal auditor/compliance officer.

But how practical is it for an employee to wear two hats at once?

The issue is whether the person can effectively carry out both functions.

For example, for ADIs, insurers and superannuation funds, APRA requires that a Chief Risk Officer be independent from business lines, the finance function and other revenue-generating capabilities.

Other positions may require direct access to the board (not just to report to the board) without a conflict of interest.

The issue is whether the double-hatted role will result in serious problems being overlooked or whether the dual roles interact well together.

For lawyers there are issues relating to liability and legal professional privilege:

In Shafron v Australian Securities and Investments Commission [2012] HCA 18 the High Court decided that Mr Shafron's responsibilities with James Hardie as company secretary and general counsel were indivisible and must be viewed as a composite whole.

In Telstra Corporation Limited v Minister for Communications, Information Technology and the Arts (No. 2) [2007] FCA 1445, the Federal Court decided that it must not be assumed that all advice given by a lawyer employed in both legal and management positions in a company has the benefit of legal professional privilege if it cannot be proved they were acting in a legal (rather than a management) capacity when they gave the advice.

It should not be assumed that 2 positions which may appear to "fit" will work together in practice.

Print This Post Print This Post

Posted 18th November 2013 by David Jacobson in Compliance, Corporations Act, Financial Services, Insurance, Risk Management, Superannuation

October 30, 2013

Current regulatory issues for financial services providers

The regulators' panel discussion at Mutuals 2013 (APRA, ASIC and Treasury) raised some points of general relevance to FSP's:

  • There are no terms of reference yet for Joe Hockey's Financial System Inquiry but all will be revealed soon;
  • The new Government has not yet made a final decision on the details of the Financial Stability Fund Deposit Levy (including whether franking credits can be used to pay it);
  • the scope of the new Government's moratorium on regulation: it will not apply to regulations required to meet international obligations or anything already on the agenda or urgent unforeseen circumstances. The moratorium is only on new issues.
  • there are limits on the adequacy of disclosure as a tool for consumer protection. Disclosure should be "multi-layered". When it does not work regulators may step in;
  • ASIC is concerned with the "assymetry" of hybrid investments targeted at retail investors: the promoters treat it as "at risk" equity while investors treat it as debt. This is a particular risk for SMSFs.

Print This Post Print This Post

Posted 30th October 2013 by admin in Compliance, Consumer Law, Corporations Act, Financial Services

September 6, 2013

Banks to change structured product promotional materials

ASIC has announced that investment banks Credit Suisse Investments Services (Australia) Limited and UBS AG (Australia branch) have changed their promotional materials for complex financial products following ASIC concerns that they were potentially misleading.

Boutique structured products investment manager Instreet Investment has also made changes to its materials promoting a product issued by UBS following similar ASIC concerns.

ASIC was concerned that Credit Suisse’s and UBS’ use of the terms ‘contingent capital protection’ and ‘conditional protection’, respectively, in their promotional material for ‘capital at risk’ structured products, was inappropriate as the products could suffer a capital loss in a falling market.

The materials could be downloaded from the companies’ websites, and were also provided to consumers by third party financial advisers.

It is essential that marketing material be checked against financial product terms to ensure that it is not misleading.

Print This Post Print This Post

Posted 6th September 2013 by David Jacobson in Compliance, Financial Services, Marketing

APRA releases final guidance on managing data risk

The Australian Prudential Regulation Authority (APRA) has released Prudential Practice Guide CPG 235 Managing Data Risk (CPG 235) for ADIs, insurers and superannuation funds.

Subject to meeting APRA’s prudential requirements, a regulated entity has the flexibility to manage data risk in a manner that is best suited to achieving its business objectives.

The PPG targets areas where APRA continues to identify weaknesses as part of its ongoing supervisory activities.

Examples of data risk include:
(a) fraud due to theft of data;
(b) business disruption due to data corruption or unavailability;
(c) execution delivery failure due to inaccurate data; and
(d) breach of legal or compliance obligations resulting from disclosure of confidential data.

APRA envisages that data risk management principles could include:
(a) access to data is only granted where required to conduct business processes;
(b) data validation, correction and cleansing occur as close to the point of capture as possible;
(c) automation (where viable) is used as an alternative to manual processes;
(d) timely detection and reporting of data issues to minimise the time in which an issue can impact on the entity;
(e) assessment of data quality to ensure it is acceptable for the intended purpose; and
(f) design of the control environment is based on the assumption that staff do not know what the data risk management policies and procedures are.

In addition, a number of specific security management principles are also relevant.

Print This Post Print This Post

Posted 6th September 2013 by David Jacobson in Compliance, Financial Services, Privacy, Risk Management

What we’ve been working on

At Langes+ we undertake a broad range of work for our financial services sector clients. Here's a snapshot of some of the matters we worked on over the previous month.

The spotlight this month is on some of our insurance litigation matters as well as commercial matters:

• Exploding LPG Gas bottle claim settled. We finalised a favourable settlement, negotiated at a mediation in WA, of a claim for personal injuries and property damage arising from the explosion of an LPG gas bottle. We were acting for a major insurer. Before we were instructed, the insurer had been represented by two other legal firms, the matter had been underway for 6 years, and there had been a previous unsuccessful mediation.

• Gold Bullion claim dismissed. Our client, an insurer, had denied a claim in which its insured claimed that she’d had 75 bars of gold bullion, and other property, stolen from her home. She claimed that she bought the gold using cash income she’d generated by selling virtual items in on-line games. Our client considered the claim to be fraudulent. The matter proceeded to trial this month in SA. On the third day of trial the insured consented to an order dismissing her claim.

• Faulty house claim settled. Our client, an insurer, was one of 5 defendants in an action commenced by homeowners whose home had been so badly affected by subsidence that it needs to be demolished and rebuilt. We represented our client at mediation, and a settlement was reached which our client considered to be very favourable.

• AGM and directors election related advice. We provided advice to a number of mutual ADIs in relation to AGM and director election related issues, and settled draft notices and related documents.

• Governance issues. We met with the Chairman and CEO of a mutual ADI to advise in relation to governance issues including board size, board rotation issues, and the potential appointment of board-appointed directors.

• Advertising of credit products. We advised a number of clients in relation credit advertisement related issues. Our advice covered various topics which included comparative advertising, the calculation and disclosure of comparison rates, and the content of qualifiers.

• Break fees. We assisted a client which was developing a new method of calculating early repayment, prepayment and switch fees on its loan products.

• Template loan documents. We assisted several clients to review and modify their existing forms of loan contracts and other loan related documents, either as part of general reviews or in order to create new loan products.

• Mortgage enforcement. We continue to handle numerous mortgage enforcement matters. We have matters underway in NSW, QLD, VIC, SA, and WA. In one matter there were 8 loans, 5 mortgages properties, and related borrowers one of which was a company which had gone into liquidation.

• Insurance agency agreement. We reviewed a proposed new agency agreement between an ADI client and an insurer.

Print This Post Print This Post

Posted 6th September 2013 by David Jacobson in Compliance, Financial Services, Insurance
Older Posts »