ASX-listed entities need to be vigilant and adaptable in response to regime changes 10 min read
With increasing scrutiny and a dynamic legislative environment, the continuous disclosure regulation of ASX-listed entities in Australia is evolving. Recent developments mandate a heightened level of vigilance and adaptability by companies, as the standards for entity disclosures have been significantly raised.
The potential civil or criminal liabilities associated with non-compliance further underscore the need for proactive action, especially in relation to cyber and climate-related matters. Therefore, it is incumbent upon ASX-listed entities not only to review but also enhance their governance processes where necessary.
In this Insight, we explain recent developments regarding continuous disclosure, and how ASX-listed entities can equip themselves to navigate this shifting landscape effectively.
Jump to
- Key takeaways
- Changes to the continuous disclosure regime
- Changes recommended by the Lewis Report
- Potential changes to ASX guidance in implementing the Fifth Edition
- Interaction between climate reporting and continuous disclosure obligations
- New guidance on disclosures relating to cyber incidents
- Next steps
Key takeaways
- There are several major impending changes to continuous disclosure laws and regulations, occurring at a time when disclosure concerning key issues like cyber incidents and sustainability goals is itself in a state of flux.
- Inadvertent breaches of continuous disclosure laws may be back on the table as a target for ASIC enforcement – but not for shareholder class actions.
- As a result of these developments, listed companies should consider their policies and procedures regarding the way information flows through their organisations and, ultimately, to their shareholders and the broader market.
Changes to the continuous disclosure regime
ASX-listed entities' continuous disclosure obligations are set out in the Corporations Act 2001 (Cth) and the ASX Listing Rules. Listing Rule 3.1 requires listed entities immediately1 to notify the ASX of any information that a reasonable person would expect to have a material effect on the price or value of its securities once it becomes aware of that information (subject to certain exceptions, including where the information is insufficiently certain, or generated for internal management purposes). A company failing to comply with these disclosure requirements is an offence, and can lead to civil or criminal liability for it and its officers. This includes, but is not limited to, shareholder class actions and ASIC infringement notices, as well as the company potentially having its trading suspended or it ultimately being delisted by the ASX.
There are a number of potential changes to this continuous disclosure regime in the pipeline.
Changes recommended by the Lewis Report
In 2021, the Corporations Act was amended to increase the standard of proof required to pursue an entity for a breach of its continuous disclosure obligations. This introduced a heightened standard – that the entity or its people needed to have acted 'knowingly, recklessly or negligently' (ie that there be a fault element) in order to be found to have breached the law (the 2021 Reforms). These changes were initially introduced in May 2020, early in the onset of the COVID-19 pandemic, to encourage listed entities to continue to disclose information, and provide guidance to the market in the context of pandemic-related uncertainty. The changes were then made permanent in August 2021, with the Federal Government stating that they were intended to more closely align Australia's disclosure position with that in the UK and US, and mitigate increased class action risk.
Federal Treasury recently reviewed the 2021 Reforms (as required by the legislative amendments that introduced them) and, in a report tabled to Parliament in early May (the Lewis Report), recommended that they be partly reversed.
Treasury proposes that the 'fault element' be:
- retained in civil compensation proceedings (including shareholder class actions); and
- dropped from ASIC civil penalty cases (eg where ASIC pursues a company for a fine or an infringement notice).
Treasury reported that the 2021 Reforms 'have had, and are likely to continue to have, a negative impact' on ASIC enforcement of continuous disclosure but 'little (if any) impact' on meritorious continuous disclosure class actions, subject to a caveat that the two-year review period (since the 2021 Reforms were enacted) has not been long enough for it to draw meaningful conclusions. However, when the 2021 Reforms were made permanent, Treasury did note that it had identified 'an increase in the number of material announcements to the market' as a result of the initial temporary changes from May 2020.
There is no guarantee if, or when, the Government will accept Treasury's recommendation to partly reverse the 2021 Reforms, but there is good reason to expect this will be seriously considered, given the criticism of the current Government (in opposition at the time the laws were implemented) that the changes favoured 'big business'. There is no guidance available to date on when to expect the Government's response to the Lewis Report, but we expect that if it does intend to act on the recommendations, it will need to pass legislation to amend the Corporations Act.
If Treasury's proposal is implemented by lawmakers, the practical outcome would be that good faith inadvertent breaches of continuous disclosure law may once again be caught by ASIC civil penalty cases involving breaches of continuous disclosure laws – although without substantively increasing the risk of shareholder class actions (unless the 'fault' element is not retained in civil compensation proceedings, contrary to the Report's recommendation). In short, in our view, there will be less room for making mistakes, and a higher risk of unintentional or good faith breaches of the continuous disclosure obligation being penalised.
Potential changes to ASX guidance in implementing the Fifth Edition
The Fifth Edition of the ASX Corporate Governance Principles and Recommendations remains under consultation and includes a number of changes to the ASX Corporate Governance Council's guidance on continuous disclosure. The proposed changes between the Fourth and Fifth Editions are generally minor and go to practical matters – eg emphasising that omissions can also amount to a breach of a company's continuous disclosure obligations and that fulsome verification of statements released to the market is important – and do not go to the application of the underlying Listing Rules or law.
However, if Recommendation 5.1 of the Fifth Edition is implemented in its current proposed form, it will strip out the previous explicit guidance on the content of a company's continuous disclosure policy. This guidance in the Fourth Edition is repeated and referenced in ASX's current Guidance Note 8 (GN 8). If the guidance is removed in the Fifth Edition, we expect that GN 8 will need to be updated too, to address the discrepancy. Regardless of how this inconsistency is resolved, and whether or not new or amended guidance is introduced, it is likely to result in companies needing to review their continuous disclosure policies and practices, and take steps (substantive or otherwise) to ensure compliance.
Interaction between climate reporting and continuous disclosure obligations
Entities are beginning preparations for Australia's new mandatory climate-related financial disclosure regime, with the first cohort of reporting entities to start reporting for annual reporting periods commencing on or after 1 January 2025, as further discussed here. The new climate reporting regime will substantially expand the nature and increase the quantity of climate-related financial information that must be sourced, verified, approved and disclosed by reporting entities – in an environment where shareholders, regulators and other stakeholders are increasingly scrutinising such disclosures.
Listed entities will need to be mindful of the interaction between their climate reporting obligations and continuous disclosure obligations. For example, if a climate-related risk is disclosed in an entity's annual sustainability report, and there is then a material change in the likelihood of that climate-related risk eventuating and that information could have a material effect on the price or value of the entity's securities, it will need to consider its continuous disclosure obligations and whether it needs to update the market regarding its earlier sustainability report disclosure.
In practical terms, companies will need to have appropriate policies, procedures and infrastructure in place to capture and disclose climate-related risks and opportunities effectively and consistently. ASIC has made clear that it expects companies to put in place systems, processes and governance practices to meet the new climate reporting requirements.
New guidance on disclosures relating to cyber incidents
Cyber risk is an increasing and significant risk for listed entities, with price and reputational consequences likely (but not always arising) from major cyber incidents. In May, the ASX updated GN 8 to introduce worked examples to help illustrate when, in the context of a cyber incident, relevant information would, or would not, be expected to be disclosed to the ASX. This follows several prominent cyber incidents that affected ASX listed entities, including Medibank currently defending the first Australian shareholder class action proceedings to challenge the adequacy of a company’s cyber risk disclosures. As we highlighted in a separate, detailed update on these developments, we expect that determining whether a cyber incident has a 'material effect' and, therefore, warrants disclosure will continue to evolve, and require the evaluation of a broad range of both qualitative and quantitative factors.
Listed companies need to be vigilant in relation to their cyber incident disclosure obligations, with an increasing body of guidance (and heighted expectations) around such disclosure.
This vigilance includes timely and accurate reporting of material data breaches, as failure to do so can result in penalties and meaningful damage to a company’s reputation. This reporting may also be necessary early on in the incident having occurred – in particular, the ASX has indicated that these disclosure obligations can arise even where investigations are ongoing, if the materiality threshold has been reached.
Next steps
We recommend that listed entities, in taking stock of the recent changes to continuous disclosure regulation and preparing for what is to come:
- proactively review and enhance governance policies, to ensure that they are compliant with changing laws, and that they remain appropriate for the company, and are understood by and embedded in the broader business;
- ensure future climate disclosures in their sustainability report are consistent with disclosures made elsewhere, and consider the interaction between those disclosures and their continuous disclosure obligations;
- review their cyber incident response documentation, to assess any internal trigger points for ASX disclosure, against the new worked example in GN 8; and
- ensure internal processes to monitor and escalate issues are equipped to capture all relevant information that may be disclosable, especially where it is qualitative or hasn't previously been disclosable.
Footnotes
-
ASX Guidance Note 8 clarifies that, in this context, 'immediately' means 'promptly and without delay', rather than 'instantaneously'. Accordingly, relevant information should be reported to the ASX as quickly as possible in the circumstances, while ensuring there is no unnecessary delay or deferral.
Explore further
INSIGHT
Continuous disclosure for listed companies – key points from recent developments
16 Jul 2024