The Australian Securities and Investments Commission (ASIC) has released new guidance detailing its expectations around business communications. Modeled on approaches taken by American regulators and enforcement agencies, this guidance signals the regulator’s intention to raise compliance standards in Australia. MirrorWeb’s Harriet Christie breaks down the details and what it means for the Aussie finserv sector.
The Australian Securities and Investments Commission (ASIC) has released new guidance detailing its expectations around business communications. Modeled on approaches taken by American regulators and enforcement agencies, this guidance signals the regulator’s intention to raise compliance standards in Australia. MirrorWeb’s Harriet Christie breaks down the details and what it means for the Aussie finserv sector.
The global reckoning around business communications can be neatly summarized as a consequence of three interlinked factors; the Covid-19 pandemic, a surge in remote working and the proliferation of and reliance on business communications technology.
One prominent trend in 2024 is an increased level of transparency from regulators on exactly what they expect from financial organizations with regard to regulated business communications. This clarity is welcome in the U.S., where off-channel communications have resulted in over $3 billion of penalties since an investigation into use of ephemeral messaging apps began in December 2021. Individual firms have been fined up to $200 million, and senior professionals have been held accountable and fired.
With its updated guidance, ASIC appears to have adopted the same direct, unambiguous approach, explicitly applauding the work of the SEC and Commodity Futures Trading Commission, American agencies that have both issued millions in fines this year alone.
“The risks arising from the widespread use of personal devices and unapproved communication channels were also highlighted by the recent actions taken by the U.S. Securities and Exchange Commission and Commodity Futures Trading Commission,” ASIC said in a statement about its updated guidance. “These regulators reached record-breaking settlements with dozens of financial institutions for failures to maintain and preserve electronic communications.”
In Australia the same types of regulations largely apply, though they have different names. Rather than the Marketing Rule or FINRA Rule 2210, firms must comply with the Corporations Act 2001 and ASIC’s market integrity rules. The requirements are slightly different; for example, they are vaguer and more open to interpretation than the aforementioned U.S. regulations. However, both directly stress the importance of supervising representatives and having the appropriate policies and procedures in place to prevent and promptly detect misconduct and poor behavior.
This language nods to another recent trend in Western regulation: The ASIC is not just focused on preventing insider trading or fraud but also “other behaviour that may be prohibited under … a market intermediary’s internal policies.”’ This alludes to non-financial misconduct, and under this approach, a failure to maintain communications around a breach of internal policy — an HR scandal, for example — will attract regulatory scrutiny.
International Comms Surveillance Compliance Efforts Ramping Up
FINRA, SEC stepping up enforcement
Read moreDetailsBack to B-ASICs
ASIC’s updated guidance for firms is fundamental, seeking at first to define what constitutes a business communication: “We consider business communications to include any written, voice or electronic communications used by market intermediaries and their representatives to carry on their financial services business.”
This is immediately compelling, with voice communications like conversations and voice notes being called out as a requirement. This is stricter than what we have seen from the SEC and CFTC thus far, which have been more focused on text interactions.
Other points of emphasis and guidance include:
- Supervising representatives
- Managing risks from unmonitored business communications
- Supervisory arrangements to monitor business communications
- Reviewing the effectiveness of supervisory arrangements for business communications
ASIC’s updated guidance reflects the seriousness with which the regulator intends to approach business communications, as does the presence of case study scenarios to help guide firms. One, for example, covers how to handle a “bring your own device” scenario.
“Bankers, dealers and market participants have important roles as gatekeepers to Australia’s financial markets and stewards of market integrity,” ASIC Commissioner Simone Constant said in the news release. “With almost every working or retired Australian having a share in Australian markets, market integrity is a duty owed to every Australian.”
What’s next for Australian firms?
It is undoubtedly a period of overhaul for Australian firms in the financial sector, and one which ASIC is pressing on with urgently. While this adaptation may appear daunting, a compliance precedent has already been set in the United States around off-channel communications. The fact that ASIC is explicitly celebrating U.S. settlements and regulatory progress suggests that we can probably expect a comparable level of enforcement, as the conduct being addressed is ultimately very similar.
This means that as well as monitoring the platforms they permit, Australian firms will need to actively look for unauthorized communications from unsanctioned channels (WhatsApp, iMessage for example). This shift has recently occurred in the United States and was delineated in FINRA’s 2024 regulatory oversight report, where heightened surveillance was promoted in a similar manner to the recent ASIC communications.
Harriet Christie is chief operating officer at MirrorWeb. She graduated from the University of Sheffield in 2010, with a B.A. in management accounting, entrepreneurship, business law, BSR, HR. She entered the tourism space, starting as an accounts executive at LateRooms.com, and earning the title of global accounts manager within three years. She occupied this role for a further five years as the business continued to evolve and flourish, before taking up her role as a key account manager with MirrorWeb, a data-archiving solution based in Manchester. Harriet was appointed operations director in 2020. Since then, she has helped oversee the evolution of the MirrorWeb product and service offering, as well as the business' impressive growth since her taking on the role. 
