Archive News

Latest Products

Latest News

Home >> News >> AISC Review on Breach Reporting

AISC Review on Breach Reporting

Friday 28 October 2022
 


The Australian Securities and Investments Commission (ASIC) has done a review of its regulated entities and their compliance with the breach reporting laws that took effect just over a year ago. 

Commissioner Karen Chester said at the release of RG 78 last year, “The new reporting obligations address long-held concerns on the quality and timeliness of breach reporting. ASIC analysis in 2018 revealed it took more than 4 years (on average) for large financial institutions to identify incidents that proved to be significant breaches. Today's remediation tally reveals how much consumer harm these delays caused, and ultimately at great cost to those firms."

 A year on,  for the period 1 October 2021 to 30 June 2022, the regulator has found that only six per cent of licensees reported in the first nine months of the regime,  12 per cent of the almost 2000 reports is estimated to take more than one year,  55 per cent of the reports found that staff negligence is the root cause of the beach. 

ASIC Commissioner Sean Hughes said in a formal statement at the release of Report 740 Insights from the reportable situations regime: October 2021 to June 2022, “As part of its 2022-23 priorities, ASIC is focussing on improving the operation of the reportable situation’s regime. We will continue to work with stakeholders to address issues that have arisen from the implementation of the regime, including by providing additional guidance where needed. Greater alignment of reporting practices by licensees will facilitate the publication of more comparative data at the licensee level in coming years.”

0 Comments

Copyright © 2004 - 2023  GRC Institute Inc. All rights reserved.

 

ABN: 42 862 119 377
RTO # 91640

 

In no event will GRCI be held liable in any way for any direct, indirect, special or consequential damages from the use of this site, or any other hyperlinked website. Such possible damages include, without limitation, any lost profits, business interruption, loss of programs or other data on your computer.