In an era of online banks and ASIC Corporate Keys, the management of access to your company's digital platforms, which are often critical to your operations, is an essential element of good governance practices. When not managed appropriately, the consequences can be significant.
What's at risk?
Australian courts have seen a series of recent cases where directors or others with access to ASIC Corporate Keys have 'gone rogue' and manipulated details of the company on the official register of the Australian Securities & Investments Commission.
An ASIC Corporate Key is a unique 8-digit number issued by ASIC and linked to a specific company. The ASIC Corporate Key acts like the PIN for a bank account and allows the holder to update the company's ASIC records.
The problem is that anyone with access to the ASIC Corporate Key is able to change company records online including details of the company's shareholders and directors. This can in turn enable a form of corporate identity theft as third parties are liable to rely on the incorrect information on the official register.