Skip to content
Journal

ASIC’s existential threat is an underinvestment in data capability and technology

This article discusses: - The current assessment of ASIC’s enforcement and compliance capabilities following its review by the Senate Standing Committee on Economics. - The regulators’ antiquated and inadequate governance arrangements and the impact this is having on organisational culture and activities. - The need for greater effectiveness and transparency in tackling corporate and financial crime as well as the conduct and accountability of its commissioners. - The risks and opportunities of incorporating AI and Regtech to transform its modus operandi.

By Daniel Popovski, Senior Advisor, Policy and Advocacy – Governance Institute of Australia

Introduction

The Senate Standing Committee on Economics recently published its findings of a review into the Australian Securities and Investment Commission investigation and enforcement powers.[1] The story repeats itself, so to speak, in that recommendations made call for a critical transformation to its compliance and enforcement activities and culture. ASIC continues to buckle under its own weight, with increasing pressure on its existing governance framework to monitor compliance and issue notices and enforcement provisions across an increasing number of regulated entities. It is do or die for the regulator coming under exceeding public scrutiny at a time of increased economic uncertainty. ASIC must act to enhance its use of emerging technologies as it embarks on a ‘digital transformation’ to increase its data analytics capabilities and in doing so carefully consider the risks of doing so by assuring the community of fair and transparent decision-making processes in response to allegations of corporate and financial misconduct.

‘No further action’ taken on 99% of reports of misconduct

ASIC’s remit is one of the widest of any corporate regulator in the world. Since its establishment in 1991, successive governments have expanded ASIC’s remit in response to emerging needs in corporate and financial regulation at a time when the scale and sophistication of Australia’s economic and financial markets have grown considerably.

Each year, ASIC receives thousands of reports of alleged misconduct, including voluntary reports from the public and mandatory reports from industry. However, only a fraction of reports are ever investigated and where ASIC proceeds to take enforcement action, the civil penalties imposed are at odds with the scale of the offending, with few criminal sanctions achieved.

Most statutory reports that insolvency practitioners submit to ASIC go without investigation and are generally followed with automated ‘no further action’ email issued within under a minute of a report being made. The Senate hearing rings the alarm on a particularly concerning trend that has emerged given the number of companies entering administration in recent years. Australians continue to lose billions each year when insolvent companies fail or avoid payment to their creditors.

Over the past three years, ASIC commenced an average of 117 investigations per year, around 1% of misconduct reports received. Investigation and enforcement decisions have become opaque and difficult to scrutinize and fail to response to early warnings of corporate misconduct to achieve strong enforcement outcomes. Evidence to the inquiry demonstrated “lengthy delays, inefficiencies, inadequate transparency mechanisms and failure to follow up information from key individual”.[2]

The report emphasises ongoing concerns and criticisms as to ASIC’s approach and ability to deter future breaches of the law and holding those who break Australia’s corporate laws to account. ASIC has been described as a ‘toothless tiger’ for failing to hold those who break Australia’s corporate laws to account receiving a scathing assessment in the Hayne Royal Commission in years prior. It was found that unlawful conduct in financial services had not been adequately held to account and some 60 recommendations made to improve ASIC’s performance in 2014 had not been acted on.

Governance arrangements no longer fit for purpose

The committee expressed concerns with ASIC’s governance having demonstrated throughout the inquiry the significant gaps in the legislative model for ASIC governance as well as continuing problems in both a practical and personal sense. ASIC’s culture was described as “defensive, inward facing and reactive”, operating with a ‘Swiss cheese’ approach to governance.[3] Overlapping pieces of legislation were described as leaving ASIC vulnerable to poor leadership, notably the absence of any formal method of accountability of commissioner performance or conduct.

ASIC governance has not changed to suit the significantly expanded remit since its inception. An ASIC staff survey commissioned earlier in the year documented concerning results for staff satisfaction within ASIC, with staff reporting low levels of satisfaction, motivation, and high levels of job insecurity and stress. Just under 20 per cent of ASIC employees were satisfied with their role and less than a third intended to stay with the agency. Only 25 per cent of ASIC employees stated that they had clarity regarding their role, with overall organisational level quality rated at just five out of 100.

Lessons learned and next steps: The urgent need for greater transparency and effectiveness

In years ahead, the administration and operational framework of ASIC will become even more challenging, as financial markets grow, innovate and transform creating greater complexity in ASIC’s modus operandi and ability to tackle significant corporate and financial crime.

The growing threat of digitally enabled misconduct will continue to grow in the years ahead. The recommendations made in the report suggest the disbanding of ASIC into separate functions between companies’ regulator and separate financial conduct authority. This would also allow the regulatory authority to investigate reports of alleged misconduct at an appropriate rate, that is adequately transparent and meets the expectations of the community. It was recommended that the regulator develop consistent standards to report data to the public on the handling of reports of alleged misconduct with established service standards delivering clear, detailed and timely information on the tangible actions taken in response to reports of alleged misconduct. A further recommendation was made to enable a searchable public register of civil or criminal outcomes arising from reports of alleged misconduct received and the outcome of the proposed regulatory authorities’ handling of those reports subject to appropriate thresholds based on the approach taken by the US Consumer Financial Protection Bureau.

AI and Regtech: An untapped resource for more effective and efficient regulation

AI possesses immense potential to reshape the process of financial regulation by supporting and enhancing the regulators’ ability to interpret and enforce complex financial regulations. Machine learning algorithms can assist in identifying irregularities or discrepancies in financial transactions triggering non-compliance, fraud or other illicit activities.[4] AI can automate much of the regulatory reporting processes. However, these processes attract several critical risks. A key barrier is the inherent ‘black-box’ of algorithmic decision making creates the risk for unpredictable and potentially detrimental outcomes that could jeopardise the need for transparency and accountability, a fundamental cornerstone of effective regulation. Bias also becomes an issue in automated decision-making systems, that could inadvertently lead to a potentially discriminatory financial environment.

However, this does not necessarily negate the potential effectiveness of AI systems to act as useful input in solving complex regulatory problems. Responsible and ethical AI frameworks for financial regulation could consider AI decision making mechanisms and techniques that embrace, fair, accountable, transparent and explainable (FATE-ful) results. The Principles of FATE in AI models help to tackle the black-box problem and increase the trustworthiness and confidence of outputs and recommendations, particularly where regulatory consequences and penalties are concerned.

AI systems may act as a primary gatekeeper in helping the regulator to sieve through less harmful instances of wrongdoing and effectively triage instances for more stringent enforcement approaches that prioritise litigation for all serious instances of suspected breaches of corporate law, particularly where consumer losses arise, or could have potentially arisen, from such breaches. A focus on digital investment will require ASIC and the Commonwealth to reconsider its budgeting priorities in a way that maximises the effective testing, development and deployment of AI systems to more readily and transparently investigate and take actions to prosecute incidence of wrongdoing and crime under our financial, securities and corporations’ laws.

[1] https://parlinfo.aph.gov.au/parlInfo/download/committees/reportsen/RB000117/toc_pdf/AustralianSecuritiesandInvestmentsCommissioninvestigationandenforcement.pdf

[2] https://parlinfo.aph.gov.au/parlInfo/download/committees/reportsen/RB000117/toc_pdf/AustralianSecuritiesandInvestmentsCommissioninvestigationandenforcement.pdf

[3] https://parlinfo.aph.gov.au/parlInfo/download/committees/reportsen/RB000117/toc_pdf/AustralianSecuritiesandInvestmentsCommissioninvestigationandenforcement.pdf

[4] https://www.economicsobservatory.com/how-will-artificial-intelligence-affect-financial-regulation#:~:text=AI%20also%20raises%20data%20privacy,system’s%20vulnerability%20to%20cyber%20threats.

The Triad of Key Indicators

Next article