Latest Products

Fine for not Breach reporting in a timely manner

Friday 21 January 2022

Last September  the Australian Securities and Investments Commission (ASIC) Commissioner Karen Chester
said that the update to the breach reporting guidance was to improve quality and timeliness of breach reporting. 

“ASIC analysis in 2018 revealed it took more than 4 years (on average) for large financial institutions to identify incidents that proved to be significant breaches. Today’s remediation tally reveals how much consumer harm these delays caused, and ultimately at great cost to those firms.”

This year Statewide Superannuation is facing a $4 million fine for not only misleading communication but also failing to report the breach to the regulator in the legally allotted time for breach reporting.

In their public statement about the penalties the regulator said that this would be the first civil penalty under the 2019 regime.

The securities regulator alleged that the period of the 2017 and 2020 the super fund indicated to ‘at least’ 7,000 of its members that the insurance in their super was no longer valid.

ASIC Deputy chair Sarah Court said in an official statement, “When it discovered these issues, Statewide failed to report them to ASIC in a timely manner. Breach reporting is integral to board oversight and risk management by licensees.

Court added that financial services have strict obligation to report contraventions of the law.
In official statement from Statewide Super they indicated that they self-reported the breach in March of last year and that the ‘error’ was only related to insurance.

The breach was related to change in administration in 2016 which aimed at protection inactive members with a  balance less $4000.

“The insurance administration error related primarily to the implementation of this change in the administration system. As a result, some members were given incorrect information regarding insurance and were wrongly charged insurance premiums.”

The court gave the superfund three mandates:

  • undertake a remediation program to identify the members who were overcharged and remediate them in full,
  • reach an agreement with ASIC about engaging an independent expert to review and report on the implementation and effectiveness of that remediation program, and
  • publish an adverse publicity notice on its website and mobile app.