Update on the breach reporting regime


The breach reporting regime is scheduled to commence on 1 October 2021, after the Financial Sector Reform (Hayne Royal Commission Response) Bill 2020 was passed in December 2020.

To support the breach reporting rules in Schedule 11 of the Financial Sector Reform (Hayne Royal Commission Response) Act 2020, the breach reporting regulations was registered on 5 August 2021. These breach reporting regulations amend the Corporations Regulations 2001, the National Consumer Credit Protection Regulations 2010, the Corporations (Fees) Regulations 2001 and the National Consumer Credit Protection (Fees) Regulations 2010 to:

  • prescribe civil penalty provisions that are not taken to be significant (and therefore may not be reportable) under the relevant breach reporting regime if those provisions are contravened;
  • ensure certain breach reporting offences and civil penalty provisions are subject to an infringement notice; and
  • make minor and technical amendments, including updating references to the Corporations Act.

In response to feedback received from stakeholders on the breach reporting regulations, the Government intends to make a number of technical amendments to achieve the intended operation of these reforms:

  • An amendment to the regulation making power in paragraph 912D(4)(b) in the Corporations Act 2001 (Corporations Act) and paragraph 50A(4)(b)of the National Consumer Credit Protection Act 2009 (Credit Act) to allow the Government to prescribe particular aspects of a civil penalty provision that are not taken to be significant under the breach reporting regime. Currently the regulation making power requires that whole civil penalty provisions be prescribed under the regulations. This has limited which provisions can be prescribed as there are examples where significant breaches and minor breaches all attach to a single civil penalty provision. This amendment will provide greater flexibility to prescribe further breaches of minor and technical provisions under these breach reporting regulations.
  • An amendment to the Credit Act to limit the reporting of breaches under other laws related to credit activities. The list of other laws proposed for breach reporting under the Credit Act are:
    • Banking Act 1959;
    • Corporations Act 2001;
    • Financial Sector (Collection of Data) Act 2001;
    • Financial Sector (Shareholdings) Act 1998;
    • Financial Sector (Transfers of Business) Act 1999.

    Breaches of other laws related to credit activities not listed above typically have their own reporting requirements to other regulators. This amendment to the Credit Act will also align with the approach taken under the Corporations Act to limit financial services law breaches to the laws listed in Corporations Regulations 2001 - REG 7.6.02A.

The Government is seeking to make these technical law changes through the minor and technical amendment process at the earliest opportunity and Treasury will consult on these technical amendments in due course.

Ahead of these amendments being legislated, the Australian Securities and Investments Commission (ASIC) will consider providing temporary relief that gives effect to the Government’s policy intention in the interim period before the legislative changes are made. ASIC has already provided administrative relief through the ASIC Corporations and Credit (Breach Reporting-Reportable Situations) Instrument 2021/716 to exclude non-compliance with standards set out in the ASIC Corporations, Credit and Superannuation (Internal Dispute Resolution) Instrument 2020/98 from the categories of situations deemed to be ‘significant’ breaches of core obligations about which licensees are to be required to lodge breach reports.

ASIC, following a targeted consultation, will consider providing temporary breach reporting relief for breaches under section 50A(1) ofthe Credit Act for any other Commonwealth legislation that covers conduct relating to credit activities. This interim relief would be provided in light of the Government’s intention to make an amendment to the Credit Act to limit the breaches that are required to be reported under the breach reporting regime as outlined above.

Enquiries can be directed to Breach.Reporting@treasury.gov.au