Overview

In the ESG space, regulators maintained an active agenda against greenwashing and bluewashing. From 1 January 2025, certain Australian businesses and financial institutions will be subject to the mandatory climate change-related financial reporting regime. While ASIC has the stated aim of 'supporting' the introduction of the regime, we do not anticipate this will slow down the pace of greenwashing enforcement action in 2025. The energy regulators, including the AER and the ESC, also ramped up their enforcement activities in 2024, which we expect to continue in 2025. During 2024, the Federal Government's response to the review of the Modern Slavery Act 2018 (Cth) (MSA) was released, indicating a strong commitment by the Government to strengthening the MSA.

In 2024 we continued to see heightened scrutiny from regulators, government and the general public on privacy, data governance, cyber risk management and operational resilience. The regulatory landscape is evolving rapidly, with significant reforms to the Privacy Act, the introduction of a suite of new cyber security laws and various enforcement actions by regulators relating to privacy and data incidents. We expect this pace of change to continue in 2025, with further privacy and cyber law reforms anticipated alongside ongoing enforcement activity.

Artificial Intelligence emerged onto the regulatory agenda in 2024, with the introduction by the Federal Government of the Voluntary AI Safety Standard and consultation in relation to the introduction of 'mandatory guardrails' for the use of AI in high-risk settings. More broadly in relation to technology and cyber, during 2024, the first tranche of reforms to the Privacy Act 1998 (Cth) received assent, and there were a range of regulatory and industry developments in the online safety space. While the timeline for the introduction of the 'mandatory guardrails' on the use of AI is not yet clear, during 2025, we expect regulators will look to the Voluntary AI Safety Standard when enforcing existing regulatory regimes in connection with AI harms. Potential focus areas include consumer protection, market risks, competition, privacy (including the misuse of personal and sensitive data, online safety and operational resilience), AI washing, deceptive and unfair practices in relation to AI technology and the issuance of compliance guidance.

Throughout 2024, there were a number of corporate crime legislative developments in bribery, tax and sanctions. They include the introduction of the long-awaited foreign bribery amendments to the Criminal Code, as well as a significant increase in penalties and the time limit to bring proceedings against advisers and firms that promote unlawful tax schemes. Enforcement agencies also maintained an active enforcement agenda during 2024, resulting in some key developments in foreign bribery cases, including to provide clarification on sentencing principles. Key developments to watch out for in 2025 include potential changes to Australia's sections regime and potential legislative reforms to the consulting industry. During 2025, we may also see enforcement activity following the passage of the promoter penalty reforms, the multinational tax reporting regime and foreign bribery amendments.

The most notable development in anti-money laundering regulation in 2024 was the passing of significant reforms to Australia's AML/CTF regime. AUSTRAC also maintained an active enforcement agenda during 2024, which resulted in a number of significant AML/CTF enforcement developments. During 2025, there will be consultation on new AML/CTF rules, which will support the incoming reforms. Certain reforms to the AML/CTF regime will also commence—including AUSTRAC's new information-gathering powers—which have expanded to include a compulsory examination power, as well as amendments to the tipping-off prohibition. We also expect AUSTRAC will take further enforcement action, particularly against reporting entities in the gaming and waging sector. We may see individuals being the subject of investigations and joined to enforcement proceedings.

During 2024, Conduct and culture was a key regulatory focus area, with a spate of allegations against large organisations leading to regulatory investigations and sanctions, including ASIC investigating and pursuing enforcement action against a number of organisations and individuals in relation to their compliance with whistleblowing laws. The AHRC took a collaborative and consultative approach to enforcing the newly introduced positive duty to eliminate sexual harassment and related conduct under the Sex Discrimination Act. All jurisdictions, except Victoria, introduced new duties to control psychosocial risks in the workplace, with health and safety regulators increasing their enforcement action in this space. In 2025, we expect to see some overdue developments in relation to the corporate whistleblower laws, continued enforcement action in relation to psychosocial health and safety, and a focus on sexual harassment and fatigue management in the workplace. The Victorian Government is also considering the introduction of psychosocial health and safety regulations in line with other jurisdictions.

Against the context of an increased cost of living, 2024 saw the continued focus by regulators on protecting consumers, super fund members and insureds. ASIC announced a review of superannuation industry practices and legal compliance for member services (focused on lenders supporting customers experiencing financial hardship), and issued a letter reminding general insurers of their claims-handling obligations, especially in relation to severe weather events. APRA showed a general increased willingness to exercise its enforcement powers, including in respect of conduct eroding members' superannuation balances, and the ACCC remained firmly focused on supermarket pricing practices. In 2025, ASIC's enforcement action will focus on misconduct exploiting superannuation savings, failures by insurers to deal in good faith with customers and member services failures in the superannuation sector. In March 2025, the Financial Accountability Regime commences for insurance and superannuation entities. We may also see developments in the scams prevention space, with the Scams Prevention Framework (SPF) Bill 2024 introduced to Parliament in November 2024. We also expect that investigation and enforcement activity by the ACCC in the supermarket and retail sector will continue.