Chapter 4

Chapter 4

Regulatory theories and their application to ASIC

4.1        The previous chapter outlined ASIC's extensive functions. However, all regulators face a multitude of challenges. They can be tasked with a long list of responsibilities that involve an enormous regulated population and a staggering amount of activity. The expectations about what the regulator is supposed to achieve may not be clear or they may not match the community's expectations. They may have a role as an arbitrator that works with entities to seek efficient outcomes, while also being required to investigate and prosecute entities for contraventions of the law.  They can be criticised for being inflexible and burdening business when times are good, and criticised for not having acted when a crisis occurs.

4.2        Regulators need to make decisions about how to use their limited resources to address conflicting priorities. Many regulated entities will have significantly greater resources at their disposal than those available to the regulator. For many reasons a regulator may consider that it does not have all the powers necessary for it to perform its role, or that its powers have not kept pace with emerging developments. Many of the good outcomes they achieve are not made public or are not newsworthy. They can be criticised for losing cases while also being criticised for not pursuing certain matters.

4.3        Various theories of regulation consider the challenges that regulators in general face and propose techniques that regulators can adopt to carry out their functions. This chapter introduces and examines some of the sets of principles on which regulation can be based, such as response regulation and risk-based regulation.[1] The theories discussed are not mutually exclusive options; elements of each may be relied on by policymakers or by ASIC. Specific regulatory ideas that are relevant to the financial services sector are outlined at the end of the chapter.

Fundamentals of regulation

4.4        Regulation is generally considered in response to a market failure. The 1997 review of the financial system chaired by Mr Stan Wallis (the Wallis Inquiry) observed that regulation can be categorised into the following three broad purposes. These purposes, in order of decreasing frequency, are to:

4.5        The development and implementation of regulation that achieves its stated aims is a difficult challenge and one that is not limited to corporate or financial regulation. Professor Julia Black, a researcher at the London School of Economics who has written extensively on regulatory regimes, concluded that 'paradoxes abound' in regulation, with policymakers and regulators often achieving the opposite outcome to that intended:

This is so regardless of the regulatory techniques adopted. For example regulation to reduce risks can inadvertently lead to greater risks, for example safety regulation can create moral hazard, increasing risk-taking activity. Clean-ups can lead to greater environmental harm. Regulation to enhance disclosure can inhibit it. Warnings or bans on activities can produce the very conditions that they are designed to prevent: warnings about dangerous sports can make them more attractive to risk‑seekers; conversely warnings that a particular bank is likely to fail can create a run on the bank, so precipitating its failure.[3]

4.6        Policymakers and regulators also have to consider the likely response of the regulated entities to any regulation imposed and the regulator that administers it. In this regard, a 2007 consultation paper on sanctions for breaches of corporate law identified two alternative views on the starting point of a regulatory regime: the 'deterrence' model and the 'accommodative' model. These models reflect the opposite ways in which the behaviour of individuals and corporations can be considered. Proponents of the deterrence model argue that individuals and corporations are motivated entirely by profit-seeking and will comply with rules only when confronted with suitably severe penalties. The accommodative model takes the view that the entities are 'ordinarily inclined to comply with the law, partly because of belief in the rule of law, and partly as a matter of long-term self-interest', and that as a result regulatory compliance is more likely to be achieved through persuasion and cooperation.[4] However, the consultation paper observed that a regulatory system based solely on the deterrence or accommodative model 'is not desirable', as major disadvantages arise if one model is adopted exclusively:

It has been shown that a predominantly punitive policy fosters resistance to regulation and may produce a culture that facilitates the sharing of knowledge about methods of legal resistance and counter attack. It has been suggested that laws that promote a 'tick the box' approach to compliance may have the effect of weakening the ethical sinews of society by absolving participants of any responsibility for choosing to act in a manner that is right. An unintended consequence of a regulatory system designed to ensure that people cannot choose to do what is wrong is that they can no longer choose to do what is right. They no longer choose at all, they merely comply. Another concern is that if regulators adopt a purely punitive method of regulating, whereby they assume that individuals are solely self‑interested and motivated by financial gain, this may be perceived as unreasonable and will dissipate the will of well-intentioned individuals to comply. In addition to the negative psychological effect of an undue focus on deterrence, punishment is often time consuming and expensive.

Adopting a purely accommodative model of regulation, which assumes all individuals are honest, would be naïve. This regulatory style fails to recognise that there are individuals who may not be honest and who will take advantage of being presumed to be so. There are a number of recent examples of conduct by corporate actors in Australia that confirm that some people will intentionally breach rules to secure an economic benefit.[5]

4.7        When considering regulation, it is clear that there is also a choice about the type of rules to enact. For example, regulation can be drafted starting from either a rules‑based or a principles-based approach. Rules-based regulation is generally characterised by specific provisions and detailed rules, whereas principles-based regulation 'involves formulating rules which are broad, general and purposive and which may or may not be elaborated in further rules or guidance, for example, "you shall act with integrity" or "firms shall act in the best interests of their clients"'.[6]

4.8        In his evidence to the committee, Professor Justin O'Brien explained that the United States of America (US) has predominately taken a rules-based approach to financial regulation, while the United Kingdom (UK) has adopted a principles-based style. However, the choice between rules-based and principles-based regulation is generally not one at the expense of the other; for example, Professor Black noted that despite the UK's financial services regulations being designed using a principles-based approach, the rulebook of its regulator still comprises several thousand pages.[7]

4.9        Both rules-based and principles-based approaches also present challenges to the regulator. A rules-based approach can result in the rules being 'transacted around'.[8] In addition, the managing director of the UK's Financial Conduct Authority has observed that historically, systems based on whether particular sets of rules were followed to the letter can create 'a cottage industry out of compliance' but 'did not necessary lead to good outcomes'.[9] A principles-based approach also presents challenges:

The problems with the principles based approach is sometimes they lack the granularity to be enforceable and as [Hector Sants at the Financial Services Authority] put it very succinctly, he firmly believed in the value of principles based regulation but it does not work with people with no principles...[10]

Responsive regulation

4.10      One regulatory theory that has contributed to corporate law in Australia is 'responsive regulation' (also known as 'strategic regulation theory').[11] This approach to regulation influenced the introduction in 1993 of the civil penalty regime for contraventions of the statutory duties of company directors and other officers.[12] The theory was articulated and expanded on by Ian Ayres and John Braithwaite.[13] Responsive regulation 'recognises that it is not possible for any regulatory agency to detect and enforce every contravention of the law it administers and provides insights into how regulatory compliance can be achieved effectively'.[14] It is essentially a convergence of the 'deterrence' and 'accommodative' models of regulation; responsive regulation focuses not on 'whether to punish or persuade, but when to punish and when to persuade'.[15] As Aakash Desai and Ian Ramsay note, to achieve maximum regulatory compliance the theory promotes 'responsive' or 'strategic' supervision by regulators. Methods for promoting voluntary compliance, such as persuasion and education, are made more effective as a result of the credible sanctions of escalating severity available to the regulator that it can threaten to utilise or pursue. This structure of sanctions is generally referred to as the 'enforcement pyramid' or 'compliance pyramid'; the shape is intended to reflect the theoretical less frequent use of the most severe sanctions, which form the apex of the pyramid, compared to the persuasion-focused methods of resolution that form the pyramid's base.[16]

4.11      Responsiveness can also be defined as 'the ability of a regulator to respond purposively and effectively to the particular context of regulation, and persuade the regulated firm to do so too'.[17] To achieve this, the theory of responsive regulation requires that a combination of punishment and persuasion exists that is premised on 'minimal sufficiency' and the projection of 'regulatory invincibility'. Professor Dimity Kingsford Smith explains these two principles and how they operate according to responsive regulation theory:

[Minimal sufficiency] involves signalling to the organization that the regulator will use the least intrusive strategy first (such as asking for a defect to be fixed), and only escalate to more formal enforcement if minimally sufficient strategies do not work. At the same time, in order to make the threat of escalation credible, the regulator has to keep in the background the threat of serious enforcement action: prosecution, civil penalty sanctions, and license cancellation. Clearly it is easiest to convey an intention to intervene minimally if the regulator has powers and resources to do so—inspection is an ideal setting for this. Clearly too, it is easiest to project invincibility and to keep the threat in the background if the regulator has powers and resources for enforcement, and enjoys formal enforcement successes. It is in signalling its intention to move between these poles that the regulator shapes a responsive regulatory relationship.[18]

4.12      The sanctions made available to ASIC in legislation, and the enforcement policy developed and published by ASIC, reflect many aspects of responsive regulation.[19] ASIC's enforcement pyramid includes: punitive action (prison sentences, criminal or civil monetary penalties), protective action (such as disqualifying orders), preservative action (such as court injunctions), corrective action (such as corrective advertising), compensation action and negotiated resolution (such as an enforceable undertaking). ASIC can also issue infringement notices for certain alleged contraventions, however, in the event that the recipient elects not to pay, this would likely need to be followed by court proceedings seeking a civil penalty.[20] The application of the enforcement pyramid to ASIC is discussed in Chapter 17.

4.13      While the responsive regulation model highlights the need to resort to severe punishments in some circumstances, in the context of Australia's corporate law it has been argued that this 'must be balanced against the potential for severe penalties to have a "freezing effect" on responsible risk taking and commercial decision making'.[21]

Risk‑based regulation

4.14      A regulatory structure based on strategic regulation theory may be complemented by a 'risk‑based' regulatory approach. Recognising that not all contraventions can be detected and addressed, risk-based regulation seeks to inform the decisions that a regulator takes when determining its priorities and allocating its resources. According to risk-based regulation, a regulator would deploy its inspection and enforcement resources in accordance with an assessment of the potential risk that particular regulated entities or individuals pose to the regulator's aims.[22] Julia Black and Robert Baldwin explain that risk-based regulatory frameworks 'focus on risks not rules', as regulators 'are usually overburdened by rules' and cannot enforce every rule at all times. A risk‑based framework acknowledges the selections about enforcement that regulators have always implicitly made and provides a framework of analysis for making those selections.[23]

4.15      After examining various government regulators across jurisdictions, including financial services regulators, Baldwin and Black consider that the frameworks adopted have the following five core elements in common:

First, they require a determination by the organization of its objectives—of the risks 'to what' that it is concerned to control. Secondly, they require a determination of the regulator's own risk appetite—what type of risks is it prepared to tolerate and at what level...Thirdly, risk-based frameworks involve an assessment of the hazard or adverse event and the likelihood of it occurring...Fourthly, regulators assign scores and/or ranks to firms or activities on the basis of these assessments...Fifthly, risk-based frameworks provide a means of linking the organization and supervisory, inspection, and often enforcement resources to the risk scores assigned to individual firms or system-wide issues.[24]

4.16      However, Baldwin and Black have also identified that risk-based approaches can present certain challenges, as they may result in an inclination for regulators to:

Formalising the role of non-state bodies: strategies of co‑regulation and enrolment

4.17      The possible regulatory strategies available to policymakers and regulators can be considered as a spectrum. At one end, representing the form of regulation with the most involvement by the government, is command-and-control regulation. At the other end of the spectrum is no regulation (or self-regulation if no regulation was considered to be an unviable option). Where the state and regulated entities start to interact more closely is when strategies such as co-regulation are considered. Under a co-regulation strategy, the regulated entities develop and administer the regulatory arrangements, which are underpinned by legislation set by the government.[26]

4.18      Another theory of regulation that has some application to ASIC's work is a strategy based on enrolment. This approach relies on others who are 'enrolled' to support the regulator. These entities are 'gatekeepers', described by Julia Black as those who are 'not directly the subject of regulation, but who have a strategic position over those who are'.[27] In Australia's financial system, directors, company officers, auditors and insolvency practitioners are some examples of gatekeepers. These groups have professional bodies that can promote better practices through standards, education, training and advocacy. The standards or rules adopted by these other bodies can also be enrolled by regulators or policymakers.[28] ASIC frequently highlights the important role that gatekeepers perform.[29]

4.19      A strategy based on enrolment can encounter problems. Julia Black argued that gatekeepers were not necessarily reliable and may not perform the role that regulators assume.[30] In its examination of the collapse of Trio Capital, the Parliamentary Joint Committee on Corporations and Financial Services (PJCCFS) also highlighted expectations gaps between the role of gatekeepers and investors' expectations of that role. The PJCCFS formed the view that the current system of gatekeepers did not work in relation to Trio Capital and that '[t]here is no reason to believe that this system will be any more successful in detecting fraud in the future'.[31] Julia Black concluded that enrolment is a 'potentially useful' strategy of regulation, however:

...whether the strategy is successful depends on the motivation, regulatory capacity, and most importantly, the broader market context, culture and incentives of those being relied upon to act as gatekeepers. Unless these are aligned with the goals of the regulatory regime, regulators will find that their reliance is dangerously misplaced.[32]

Effectiveness of the regulatory regime and ASIC's regulatory approach

4.20      Responsive regulation and risk-based approaches to regulation have influenced the development of Australia's corporations law and the approach taken by ASIC. The following paragraphs outline general observations about the extent it is considered that these theories apply to ASIC. Issues considered by regulatory theory have been contemplated when particular aspects of ASIC's work were examined in detail, however, to avoid repetition the discussion of regulatory theory is generally confined to this chapter.

ASIC's responsiveness and ability to conduct surveillance

4.21      Professor Dimity Kingsford Smith has described ASIC's after‑the‑loss approach to enforcement as: 'waiting for complaints, investigating a minute proportion of them, and prosecuting even fewer'.[33] Dr Vicky Comino has suggested that 'ASIC has generally behaved in a reactive rather than a proactive fashion' and that the 'discovery of corporate breaches is often almost accidental'.[34]

4.22      A former enforcement adviser at ASIC agreed that regulation cannot eliminate all misconduct, but argued ASIC could still be more vigilant at after-the-loss enforcement. Transnational crime was an issue he particularly highlighted:

Things happen, but that does not mean that you put hands in the air and not chase people overseas. If people steal from mums and dads in Australia, we should pursue those individuals to the end of the earth and tell them, and the world, that if you come here you cannot steal from our mums and dads, who have worked hard all their lives.[35]

4.23      In September 2012, ASIC published figures on the number of staff allocated to each of its stakeholder teams, the number of regulated entities they oversee and, for the first time, the number of years it would theoretically take to conduct surveillance on every entity. An updated set of these figures is reproduced in Table 4.1.

Table 4.1: ASIC’s surveillance coverage of regulated populations in 2012–13

ASIC team


Key industry statistics and ASIC's surveillance coverage

Financial advisers


3,394 AFS licensees authorised to provide personal advice:

-  Top 20—0.8 years on average

-  Next 30—1.8 years on average

-  Remaining 3,344—primarily reactive surveillances

1,395 AFS licensees authorised to provide general advice—reactive surveillances only

Two ASIC-approved external dispute resolution schemes—every year

Investment banks


26 investment banks—once a year

250 hedge fund investment managers/REs—11.3 years on average

43 retail OTC derivative providers—every year

Seven credit rating agencies—every year

Investment managers and superannuation


483 active responsible entities

-  Top 25—70% of funds under management—every two years

-  Nine identified as most at risk of noncompliance—every year

-  91 responsible entities in sectors where risks have been identified or where ASIC has concerns—varies from year to year

-  Remaining 358—primarily reactive surveillances

200 super fund trustees

-  Five identified as most at risk of noncompliance—every year

-  Remaining 195—primarily reactive surveillances

20 major custodians—2.9 years on average

Deposit-takers, credit and insurers


173 authorised deposit-taking institutions (ADIs)

-  Big four ADIs—every year

-  Remaining 169—13 years on average

141 insurers—seven years on average

641 licensed non-cash payment facility providers—primarily reactive surveillances

13 trustee companies—seven years on average

5,688 non-ADI credit licensees (lenders and intermediaries) with 28,201 credit representatives—37 years on average

Corporations (including emerging mining and resources companies)


21,690 public companies, including 1,983 listed entities (excludes foreign companies)

-  All control transactions for listed entities

-  A significant proportion of prospectuses

-  A small sample of entities in areas of emerging risk—every year

-  Remaining entities—reactive surveillances only

Financial reporting and audit


86 audit firms:

-  the big four audit 95% of listed entities by market capitalisation—1.5 years on average

-  the next eight audit 4% of listed entities by market capitalisation—2.5 years on average

-  the remaining 74 audit 1% of listed entities by market capitalisation—10.3 years on average

Financial reports of 1,983 listed entities (excludes foreign companies) and 26,000 unlisted entities:

-  top 500 listed entities – three years on average

-  remaining 1,500 listed entities (excludes foreign companies)—12 years on average

-  300 unlisted entities with larger numbers of users—90 years on average supplemented by reactive surveillances

Insolvency practitioners


685 registered liquidators—3.6 years on average

Financial market infrastructure


18 authorised financial markets—every year

Six licensed clearing and settlement facilities—every year

Market and participant supervision


Monitoring of the ASX, Chi-X, NSX and ASX24 markets—every day

136 market participants—3.3 years on average

800 securities dealers:

-  100 larger entities (clients and volumes)—four years on average

-  700 smaller entities—reactive surveillances and targeted reviews of high risk entities

Source: ASIC, Annual Report 2012–13, pp. 16–17.

Notes: The figures on ASIC's surveillance coverage indicate the number of years it would theoretically take to cover the entire regulated population through high intensity surveillances, based on the number of surveillances ASIC conducted in the 2012–13 financial year. ASIC noted that, in practice, its risk-based approach to surveillance means that 'some portion of the population would be touched multiple times while others would not be touched at all'. Figures on staff numbers are on a full-time equivalent basis.

4.24      The figures on the number of years it would theoretically take ASIC to conduct high intensity surveillance on the entire regulated population indicate that relationships between the regulator and many regulated entities could be underdeveloped. When its surveillance coverage figures were first released, the chairman of ASIC, Mr Greg Medcraft, outlined how the level of surveillance depends on ASIC's resources. In particular, with the resources it has, ASIC undertakes a risk‑based approach to surveillance that relies on financial system gatekeepers:

I guess the warning we have to Australians is frankly what we have is a system that is based on self-execution and relies on people to do the right thing. It is so important—I will not emphasise this more—that it is up to the gatekeepers to do the right thing. The amount of surveillance we do is based on the resources we have. We try and do risk based surveillance, so we target the largest licensees, and for those where we have complaints we go reactive. But in terms of proactive surveillance with the resources we have, ...It is really important that this surveillance coverage that we have released publicly for the first time is explaining to Australians that ASIC is not a prudential regulator, not a conduct and surveillance regulator...We are not resourced to be looking at everybody, and that is a very important message. That is why education is really important. Australians are proactive in getting educated and understanding what they should be doing.[36]

4.25      In a 2011 journal article that responded to the 2009–10 surveillance statistics, Professor Kingsford Smith observed that the figures reveal 'in very brutal terms of resources and enforcement policy, there is at present no realistic prospect of developing anything approaching a regular surveillance or inspection program'. Although alternative responsive strategies could be considered, 'as things stand it is difficult to see how there could be sufficient contact between the financial services firms and the regulators for responsive regulation to be a success at the low end of the regulatory register'.[37] With the aim of suggesting ways that financial regulation could be encouraged to be more relational which, in her view, would result in more effective regulation, Professor Kingsford Smith questioned the current application of responsive regulation theory to financial markets. She argued that responsive regulation has been successful 'in regulatory contexts where physical inspection of workplaces, mines, nursing homes, and so on is undertaken', but it has been less successful in environments, such as the financial services sector, that have:

...large populations of regulatees and insufficient resources for visits, inspections, or other regular checks, and where detection of non-compliance is difficult. Here the regulatory circumstances do not provide the bridge for contact between the regulator and the firm, which allows a relationship to develop which can support responsive action.[38]

4.26      Despite this, Professor Kingsford Smith maintained that inspections in the financial sector could still be an effective regulatory technique as they 'remind the regulated entity that the regulator is paying attention to what they do, or fail to do':

It provides a location for practical, responsive remedial action. In a situation where inspection is not a possibility but where the regulator has noticed a trend in a particular type of infringement, a letter to all the regulated actors doing the same type of business, pointing out the trend and asking for details of their compliance, alerts the regulated to the fact the regulator is watching. It projects, even at the lower end, an appearance of capacity in detection that may be greater than the reality. Depending upon the responses received and reviewed, further action in the regulatory relationship could be pursued: slating some firms for surveillance, reviewing relevant firm disclosure documents, or checking the firm's complaints register.[39]

ASIC's ability to change behaviour

4.27      An element of effective regulation is how the regulatory environment and the regulator's actions and reputation influence the behaviour of regulated entities. The chief executive officer of CPA Australia, Mr Alex Malley, questioned whether ASIC has exhibited the culture it needs to act in the public interest and argued that ASIC had failed to show appropriate leadership.[40] According to Mr Malley:

Leadership can be benchmarked against principles of proactivity, capacity to positively influence and ability to take stakeholders and the community along a journey. Over a long period of observation, with many considered public statements made by us, it is our informed view that ASIC has failed to exhibit these characteristics. In fact it displays the opposite. It is reactive, it is defensive, it is contradictory and it is insecure in its own ability to provide solutions.[41]

4.28      Some witnesses were asked whether ASIC should 'became an agency of fear', where significant punishments would be promptly imposed when particular contraventions occurred. In his response, Mr Malley expressed support for the overall enforcement pyramid approach of escalating penalties and sanctions, although he reiterated that there was greater scope for ASIC to show leadership and influence behaviour within this framework:

...I think what people should understand is that there is a process that allows them to perform within a marketplace and have the comfort that the regulator is willing to work with them to improve the way things work. I think it has to have a very, very severe punishment mechanism, but it also should be not the starting point of the dialogue of the regulator of the market. There should be a very clear message that, should one go past a point, there is no doubt that there will be a significant punishment. So I believe in that but, from all of my business experience, the only way to lead any organisation, whether it be a regulator, a government or a business, is to lead by positive influence and by seeking to have the very best outcomes and behaviours.[42]

4.29      Mr Lee White, the chief executive officer of the Institute of Chartered Accountants Australia (ICAA), expressed a similar view. Mr White stated that:

...the best regulatory outcomes are achieved through effective communication and the ability to persuade...The second elements is that we need to be very careful around culture. If the culture gets too dominated by, 'We have all these powers and can exercise them when rightfully so,' it is very hard to turn off the mindset that I can now collaborate or work with the people. It becomes such a dominant force in how people are approached.[43]

4.30      Many academics recognise that the ethical culture and perception of risk within corporations are key factors in regulatory compliance, with the effective enforcement of corporate law beginning within the corporation itself.[44] Dr Comino points to HIH Insurance and the action taken by the Australian Competition and Consumer Commission (ACCC) against Visy as examples where the culture inside organisations can be unreceptive to compliance.[45] Professor Kingsford Smith has suggested that ASIC cannot act effectively as 'a benign big gun' and, therefore, it cannot simultaneously project power and use 'minimal sufficiency' techniques as suggested by responsive regulation. To support her argument, Professor Kingsford Smith noted that while ASIC's powers are great on paper 'it has a track record of prosecuting small, rather than large, firms'.[46] Professor Kingsford Smith also argued that while the reputation of financial services regulators generally, including ASIC, have suffered as a result of the global financial crisis, ASIC has 'contributed to its own lowered regard': using its enforcement powers in a series of high profile cases which it has lost resoundingly, and at very great public expense. So in implementation of its high-level enforcement powers, ASIC has had mixed success, and this diminishes its ability to project itself as invincible.[47]

4.31      CPA Australia also argued that perceptions about ASIC's effectiveness impact its ability to regulate:

Being regular front-page news on questions of your performance rather than your outcome leaves ASIC in a difficult position to influence better behaviours of others. No-one wins in this circumstance.[48]

4.32      Others consider there are wide-spread and established 'dysfunctional elements in Australian business culture' that ASIC is unable to counter because of its structure and culture:

ASIC, as with its institutional predecessors, was born with a regulatory emphasis on enhancing disclosure and transparency in the financial marketplace, and has acquired a dominant culture that underpins that emphasis. ASIC has yet to acquire a culture commensurate with the cowboy frontier environment that it is expected to regulate.[49]

4.33      How regulated entities respond to enquiries from or action taken by the regulator is also significant. The potential for ASIC to have an adversarial relationship with regulated entities is readily apparent. For example, Baldwin and Black, in describing the theory of 'really responsive risk‑based regulation',[50] provided the following observation about risk-based regulators relationship with the entities they regulate:

[Risk-based] regulators need considerable information from firms to sustain their oversight. They may, however, have to use formal enforcement actions, such as fines, to change the behaviour of many firms. In such circumstances, responding to noncompliance with a deterrence approach may cut across the ability to detect that noncompliance in the first place. Firms know that any information they give to the regulator may potentially be used against them in an enforcement action, and this can have a chilling effect on their cooperation with that regulator. A good, albeit anecdotal, example is the contrast in enforcement approaches of the two Australian financial regulators, APRA and [ASIC]...APRA has a model of intensive supervision for its high-risk financial institutions, but this does not involve using formal enforcement actions. ASIC, on the other hand, has moved to a much more deterrence-based approach. The consequence for their respective monitoring functions was noted recently by an Australian lawyer, who quipped, "When APRA asks for information, firms give it to them; when ASIC asks, they call their lawyers" (Note on file with author).[51]

Reflection and self-assessment by ASIC

4.34      A further element of really responsive risk-based regulation is whether the regulator assesses their successes and failures and then modifies their approach accordingly.[52] It is considered that:

Really responsive risk-based regulators will be performance sensitive: they will be capable of measuring whether the enforcement tools and strategies in current use are proving successful in achieving desired objectives. Such regulators will also operate systems that allow them to justify their performance to the public and other interested parties. They will also be able to adjust their strategies in order to improve on the levels of performance that they have assessed.[53]

4.35      ASIC's actions in response to the misconduct within CFPL, a key reason for the referral of this inquiry, are examined in detail in Chapters 8 to 11. Nevertheless, at this point it is useful to note that during Senate Estimates in June 2013 ASIC focused on the outcome achieved in the CFPL matter, which the deputy chairman eagerly outlined. ASIC was less forthright when asked about the investigation and the whistleblower.[54] ASIC's first submission to this inquiry was more reflective and acknowledged inadequate aspects of how it handled the investigation.[55] ASIC also advised that it has considered all of the submissions received by the committee 'in an effort to learn as much as we can from them and also to enable ASIC to do a better job'.[56] ASIC's main submission also outlined the actions it has taken to improve how it deals with whistleblowers.[57]

The philosophy underpinning Australia's financial services regulation regime

4.36      The final section of this chapter focuses on one specific and high-profile aspect of ASIC's work: its role as a financial services regulator. The bulk of submissions received by the committee relate to this function. This section provides some background information on the principles that have guided policymakers to date, such as those outlined by the 1997 Wallis Inquiry. However, it should be noted that the latest review of the financial system that is currently underway, the Financial System Inquiry chaired by Mr David Murray AO, has been tasked with refreshing the philosophy that underpins Australia's financial system.[58]

Efficient markets theory

4.37      The current approach to regulating Australia's financial services industry largely stems from the 1981 report of the Committee of Inquiry into the Australian Financial System (the Campbell Inquiry) and the Wallis Inquiry of 1997. Both of these inquiries were guided by 'efficient markets theory', that is, a belief that 'markets operate most efficiently when there is a minimum of regulatory intervention'.[59] The Wallis Inquiry maintained the fundamental view that investors have the responsibility to make good decisions.[60] It also observed that 'all markets, financial and non‑financial, face potential problems associated with the conduct of market participants, anti-competitive behaviour and incomplete information'.[61] Nevertheless, the Wallis Inquiry concluded that although the objectives of conduct and disclosure regulation in the financial system are similar to those that apply to non‑financial markets, specialised regulation for the financial services sector is necessary: ensure that market participants act with integrity and that consumers are protected. The financial system warrants specialised regulation due to the complexity of financial products, the adverse consequences of breaching financial promises and the need for low-cost means to resolve disputes.[62]

4.38      On consumer protection, the Wallis Inquiry observed that information asymmetry can arise between consumers and providers of financial products as 'consumers lack (and cannot efficiently obtain) the knowledge, experience or judgment required to make informed decisions...a situation where further disclosure, no matter how high quality or comprehensive, cannot overcome market failure'.[63] Others have noted that there is 'also a view that consumers need protection from themselves, due to their vulnerability to making poor financial decisions, their susceptibility to certain sales messages when framed in a particular way, and their underestimation of their own lack of financial understanding'.[64]

4.39      The Wallis Inquiry also distinguished between investments and the consumption of other goods and services. It argued that as investments are not based on consumption but rather the sharing of risk (and the reward for bearing that risk), there should be an appropriate balance between investor protection and market efficiency.[65] Although the Wallis Inquiry envisaged a role for regulation in the financial system beyond that applied to markets generally, as the financial system fundamentally engages in risk it did not support the elimination of risk by regulation:

If regulation is pursued to the point of ensuring that promises are kept under all circumstances, the burden of honour is effectively shifted from the promisor to the regulator. All promisors would become equally risky (or risk free) in the eyes of the investing public. Regulation at this intensity removes the natural spectrum of risk that is fundamental to financial markets. If it were extended widely, the community would be collectively underwriting all financial risks through the tax system, and markets would cease to work efficiently...Primary responsibility should remain with those who make financial promises. It would be inequitable for the government to underwrite some financial promises but not other promises made by participants in the broader economy.[66]

4.40      ASIC noted that this philosophy is not only reflected in Australia's financial system, but applies to financial regulators in foreign jurisdictions as well:

...the settings established by the parliament for our financial system are such that no financial regulator can prevent all risk of losses from occurring. Our system is designed this way because removing the risk of loss would substantially reduce economic growth, individual choice and return to investors. Preventing all risk of loss from poor products, misconduct or criminal activity would involve highly expensive and intrusive regulatory intervention. For financial regulators like us—[securities] regulators around the world—the systems are similarly designed to ours. While the risk of loss can never be entirely removed from the financial markets, we work hard to enforce the law and to deal with misconduct that puts investors at risk. We also work hard to help consumers and investors make appropriate choices in their dealing with financial services providers.[67]

Developments since the Wallis Inquiry

4.41      Seventeen years have passed since the Wallis Inquiry finalised its report. As this chapter has noted, a new Financial System Inquiry is currently underway which has been tasked with refreshing the philosophy that underpins Australia's financial system. However, in considering ASIC's performance, it is useful to note some of the developments since 1997 that have led to some of the assumptions that informed the Wallis Inquiry being questioned or departed from.

The growth in superannuation

4.42      Australians are increasingly becoming involved in the financial markets as a result of the superannuation system which, because of its compulsory nature, is considered to be 'the most significant exception' to efficient markets theory in Australia's financial system.[68] This exposure has been reinforced by the increase in the superannuation guarantee over the past two decades and the significant increase in the number of SMSFs. More recent government inquiries and reforms to superannuation have diverged from certain principles expressed in the Wallis Inquiry report.[69]

The global financial crisis

4.43         The global financial crisis that began in 2007 and intensified as a result of numerous events in 2008 has, in particular, caused some of the assumptions about how financial markets function to be questioned. For example, in 2009 the then ASIC chairman Mr Tony D'Aloisio noted that efficient markets theory emphasises the importance of disclosure. It also assumes that investors (both retail and institutional) have 'the tools to understand what disclosure means'. To illustrate how the global financial crisis revealed that this was not always the case, Mr D'Aloisio noted that at the institutional level there was widespread disclosure on credit default swaps and collateralised debt obligations, however, 'that disclosure did not translate into an understanding of the risks associated with those products'.[70] In her submission, Professor Kingsford Smith argued that there should be some thought given to how the variety of different investors are treated. As an example, she noted the complex products offered to local councils as sophisticated investors, when in reality they were 'very unfamiliar with the products being offered'.[71] Various other informed observers have also commented on regulatory issues that the crisis revealed.[72]

4.44      In its main submission to this inquiry, ASIC noted that since the global financial crisis, regulators internationally 'are looking for a broader toolkit to address market problems, moving beyond traditional conduct and disclosure regulation to design regulatory interventions that address the types of problems investors and financial consumers often experience in financial markets'. ASIC noted the recent restructure of financial services regulators in the UK, and in particular the new temporary product intervention powers given to the Financial Conduct Authority.[73]

Implications of the current financial services regulatory system for ASIC

4.45      The promotion of market integrity and consumer protection is generally undertaken through conduct and disclosure regulation, although certain reforms enacted in the past five years, such as the national credit regime (which will be examined in the following chapters) have diverged from this approach.[74] This has clear implications for the role of ASIC. In its main submission, ASIC presented the following argument:

Consistent with the underlying philosophy of the financial services regulatory regime, ASIC's role is not to control the types of products that are available in financial markets, to prevent investments from failing, or to place checks on investors' investment decisions.

We understand that, where investors suffer losses, a natural tendency is to question why this has happened, and ask why ASIC has not prevented the losses from occurring. Nevertheless, ASIC's performance should be assessed in terms of how we fulfil our role in the financial services regulatory system, and not against the benchmark of whether we have been able to prevent all losses suffered by investors

...ASIC can, and does, try to minimise the risk of losses occurring. We try to help investors and financial consumers to use financial markets successfully through our work on financial literacy. We set standards for the conduct of industry participants by enforcing compliance with the law. We focus on preventing losses arising out of bad advice, addressing conflicts of interest that could lead to poor outcomes for investors, and detecting and addressing instances of outright fraud and other misconduct.[75]

4.46      The case studies on lending practices and financial advice contained in the following chapters of this report highlight the real implications that the regulatory framework can have for consumers. The committee uses these case studies to start its examination of how ASIC has fulfilled its role in the financial services regulatory system. The committee assesses ASIC's performance against its own stated objectives: of trying to minimise the risk of loss occurring; of helping consumers to use financial markets successfully through improved financial literacy; and by setting and enforcing industry standards.

Navigation: Previous Page | Contents | Next Page