Key themes shaping Australian regulatory enforcement risk in 2024

Overview

The risk landscape

Cyber resilience and response, scams, greenwashing, anti-money laundering and individual accountability dominated regulatory activity in 2023. We also saw a significant increase in the use of parliamentary inquiries into corportate misconduct or failures. We expect these trends to continue in 2024, with regulatory reform likely in a number of these areas. Other areas of expected focus include the use of AI, human rights and supply chain due diligence and environmental protection laws.

Key themes

19855D-Chaptered-Regulatory-Enforcement-2024_ESG_150x150px.png19855D-Chaptered-Regulatory-Enforcement-2024_ESG_150x150px.png

In the ESG space, regulators and enforcement agencies maintained an active regulatory and enforcement agenda against 'greenwashing', with 'bluewashing' emerging as an area of focus. We expect ESG will continue to receive increased enforcement focus in 2024. Other anticipated developments include the publication of draft legislation to establish a Federal Environment Protection Agency (EPA), the operationalisation of the Government's mandatory climate-related financial disclosure regime and proposed legislation to strengthen laws relating to modern slavery and supply chain due diligence. We also anticipate an increasing focus by regulators on nature-based financial disclosures.

Governance and senior management accountability continued as a regulatory and enforcement focus in 2023 with the passing of the Financial Accountability Regime (FAR) in September 2023. Although largely based on the existing BEAR regime, regulated entities will be busy preparing for the FAR's commencement in the banking sector in March 2024 and the superannuation and insurance sectors in March 2025. We expect 2024 will be rounded out by the Australian Securities and Investments Commission's (ASIC) continued focus on investigating and pursuing individuals for governance and directors' duties failures, which was added to its list of enduring priorities in November 2023. AUSTRAC has also indicated that a focus of its enforcement work will be the joinder of individuals in proceedings against reporting entities where that individual is concerned in, or party to, a contravention of a civil penalty provision of the AML/CTF Act. The heightened focus by regulators on risk and compliance failures within regulated entities will further expose both corporations and individuals, thereby encouraging entities to ensure their organisation has adequate systems and processes to meet its regulatory obligations and actively foster a culture of compliance.

Continuing the trend from previous years, we saw an ongoing focus on regulators, government and the general public on information privacy, cyber risk management and data usage. We expect regulators to target enforcement activity as a way of driving industry standards. The use of generative artificial intelligence (AI) entered the mainstream discourse in 2023 and will remain relevant in 2024 given the Government's intention to introduce mandatory safeguards for AI deemed to be of 'higher risk'.

2023 also saw an increased policy and regulatory focus on fraud and scams, driven by growing consumer losses and a range of emerging scam techniques. A number of anti-scam measures have been implemented across the financial services and other industries, including the establishment of a National Anti-Scam Centre and the Scam-Safe Accord by Australian banks, and the Government's consultation with banks, digital communications platforms and telecommunications with respect to a framework for designated sectors to detect, prevent, disrupt and respond to scams.

The key development in the corporate crime regulatory space in 2023 was the introduction of the National Anti-Corruption Commission (NACC), which has far-reaching powers to investigate private companies in connection with serious or systemic public sector corruption. More generally, corporate criminal enforcement remains steady compared to previous years, and we do not expect that to change in 2024.

Enforcement under the anti-money laundering and counter-terrorism financing regime remains active with AUSTRAC using a range of its enforcement powers in 2023. AUSTRAC has foreshadowed increased regulatory activities in relation to digital currency exchanges, payment platforms, bullion, and non-bank lenders and financiers, as well as individual liability (as noted above). The potential implications of a greater focus on individual liability, particularly its intersection with ASIC's focus on enforcement of directors' and officers' duties in the context of AML/CTF failures (or under the BEAR and FAR regimes), remains uncertain. It is likely to have an impact on how AUSTRAC investigates non-compliance and underscores the need for ensuring appropriate AML/CTF governance and oversight.

In 2024, we expect that parliamentary inquiries will continue to be seen by governments as an expedient and effective way to seek accountability for perceived corporate wrongdoing. As of January 2024, there were approximately 120 current Commonwealth parliamentary inquiries covering a range of issues and touching on most sectors of the Australian economy, including telecommunications, aviation, retail, professional services, financial services, resources and media.