Views on the bill
Stakeholder comments focused on two different aspects of the bill. Some
submissions presented views on the underlying governance issues of CPA
Australia and organisations with related corporate structures. Other
submissions were concerned with the practical implication of the provisions of
the bill and the potential unintended consequences that may result from the
bill being implemented as drafted.
Broad concerns about corporate governance
Broad concerns about the governance of professional bodies were raised
by a number of stakeholders. In particular, a lack of transparency in executive
decision making and member involvement in governance were cited as important
issues requiring attention.
CPA Australia's corporate governance shortcomings were prominent given
its importance in the development of the bill. Mr Brett Stevenson, a CPA
Australia member, submitted that:
Major issues and concerns have arisen over the last decade
within my organisation which until early this year have been kept 'hidden' from
the wider membership. These issues strike at some fundamental tenets and issues
for us as a professional organisation and have a significant impact on the
members and their rights.
The issues have been so significant that recently the CEO was
sacked, seven of the 12 directors have resigned including the chairman, an
Independent Review is currently being conducted into the organisation, and ASIC
[Australian Securities and Investments Commission] is currently investigating
various matters at CPA Australia. My, and other members, contention is that
these issues have arisen because the board and senior management at CPA have
held power with an effective gerrymandering of the corporate governance
At the hearing on 2 August, Mr Stevenson elaborated on his concerns
about the actions of CPA Australia's leadership group:
They have moved an AGM to Singapore. They have used standards
to misreport and mislead. They have had minimum disclosure on remuneration.
They have deliberately oppressed members to be able to share these concerns
with each other by dismantling parts of the website. They have basically
misreported on many major issues.
Mr Stevenson outlined the difficulties he encountered in attempting to
communicate with CPA Australia members about these corporate governance
While this is all going on we have been unable to communicate
these matters with the members. We forced CPA to provide us with the members
register (costing us $2300) so we could communicate with them however the email
addresses of members were not provided because they are not required by law to
be kept in the members register even though it is the primary means of
communication with members. Thus our only mode of communication was via
traditional mail which would have cost us in the vicinity of $180,000 to send a
simple letter of explanation of our concerns.
As a result, Mr Stevenson contended that member engagement and
participation in the corporate governance of CPA Australia had been stymied by
concerned members not being able to digitally or electronically communicate
with other members.
Mr Gerald Jaworski, a member of Chartered Accountants Australia New
Zealand (CAANZ), considered that his experiences with the leadership group of that
organisation were similar to those outlined by Mr Stevenson with CPA Australia:
My chief concern is that CAANZ leadership has adopted the CPA
practice of ignoring legitimate and significant issues raised by members.
Instead of upholding values of transparency and full disclosure, members experience
misleading communications, stonewalling and denial. A culture of belligerence
seems to prevail from the board down to senior management.
Mr Jaworksi also noted the difficulties that he has encountered in
communicating with fellow members:
The few fellow CAs who share knowledge of the current
situation find it disturbing. However, without the availability of the email
facility under the proposed new measure, it is practically not feasible to
share such concerns with all fellow CAs who would be interested.
Another member of CAANZ, Mr Con Abbott, raised concerns about corporate
governance more broadly, particularly for professional bodies whereby members
do not directly elect the board of directors—for example, CPA Australia, CAANZ
and the Institute of Public Accountants.
While beyond the scope of this bill inquiry, Mr Abbott suggested that
...consider directing its inquiries to evaluate the governance
of the nation's peak professional bodies, with a particular focus on the
accountability of directors to their memberships.
The committee acknowledges the concerns raised by members in relation to
the corporate governance of professional organisations, particularly where the
actions of boards of directors and executive management are not able to be held
to account by members. In addition, the committee notes the limited role that
members often have in being able to directly influence the election of boards
of directors, and the affect this may have on transparency, accountability and
good governance more broadly.
Given the relatively few submissions received on this issue, it is
unclear how widely held are these concerns. As such, the committee is reluctant
to recommend a broader inquiry into the issues surrounding corporate governance
of professional organisations at this time. That said, if further concerns
about the corporate governance of more professional organisations emerge, a more
comprehensive investigation may be warranted.
Support to modernise communications methods
Beyond concerns about corporate governance, submitters were generally in
agreement that the Corporations Act was developed prior to the widespread use
of digital technologies, and, as a result, does not reflect the changes in the
way the community engages in digital communications technologies and content.
Some submitters supported the general intent of the bill to modernise
communication methods for stakeholder communication. For example, the
Australian Shareholders' Association (ASA):
...are broadly supportive of the introduction of a requirement
that a member's email address is included as information that must be contained
in the register of members...
Similarly, CPA Australia were:
...broadly supportive of the proposals for modernisation of the
However, both the ASA and CPA Australia believed the bill as drafted was
not the best way forward. At the hearing on 2 August, CPA Australia contended
All in all, striking the right balance between privacy
considerations, member rights and wider public policy can be fraught and is
more complex than immediately apparent in a very brief amendment to section
Other stakeholders were supportive of changes to make communications
under the Corporations Act more technology neutral, and advocated for a
holistic approach towards implementation. CAANZ commented that:
Rather than a piecemeal approach to changing aspects of the
Act, consideration should be given to a review to ensure the entire act is
This sentiment was echoed by the Australian Institute of Company
It is our strong view that inadequacies in the Corporations
Act relating to the use of technology must be addressed in a comprehensive and
holistic way, in order to avoid undesirable inconsistencies within the law and
unintended consequences... A holistic approach to technology neutrality would
reduce complexity and confusion.
Computershare also advocated for technological neutrality as:
...ongoing technological innovation means that mandating the
specific form of electronic communication would likely result in
Treasury undertook a consultation process regarding technology
neutrality in distributing meeting notices and material under the Corporations
Act in mid-2016. The submissions and outcomes of this consultation process have
yet to be publicly released.
The committee appreciates that the Corporations Act was originally
drafted at a time when electronic communication methods were not highly
developed. Indeed, the committee is mindful that it is not known what form of
technology is likely to be dominant in the future. For this reason, the
committee supports the notion of technological neutrality in communication
methods and continues to advocate for its incorporation into the Corporations
Act. Given the work that Treasury has already done consulting on this issue,
the committee encourages Treasury to continue this work with a view to proposing
a holistic approach to modernise communication methods throughout the
Views on the bill as drafted
Although the substantive provision in the bill is only five words in
total, stakeholders expressed various perspectives on the practical
implications of the bill and potential unintended consequences.
Support for the bill as drafted was provided by the three individual
members of professional organisations that put in submissions.
Indeed, Mr Brett Stevenson and Mr Gerald Jaworski also offered some practical
suggestions to overcome potential issues with the proposal as drafted.
In addition, Registry Direct provided the following reasons to support
the inclusion of email addresses to the members register:
they provide a means to greatly reduce the cost of communicating
with security holders;
they provide a means to greatly reduce the environmental impact
of printing and posting communications to security holders;
they provide a mechanism to audit what communications have been
sent to security holders (and, consequently, reduce the likelihood of abuse);
they are likely to lead to more informed and engaged security
holders (as the reduced costs are likely to result in more communications being
sent to security holders).
That said, other stakeholders questioned the validity of the assumptions
underlying the rationale of the bill. For example, a number of submissions
disputed the claim that most communications occur by email. Computershare, a
global market leader in transfer agency and share registration, stated that:
Computershare administers approximately 11 million
securityholder accounts in Australia, and despite many of our issuer clients
expending considerable effort to increase their capacity to communicate with
security holders electronically, we hold valid email addresses for
approximately 50 per cent of those accounts.
Similarly, the Governance Institute of Australia provided five examples
of different company types whereby the proportion of email addresses recorded
by companies is around or less than 50 per cent.
AMP noted that despite concerted efforts over ten years to increase shareholder
engagement via electronic means they hold email details for only 34 per cent of
The Governance Institute of Australia highlighted the wide ranging
implications of the proposed change:
Due to the way the amendment is drafted, the proposed change
impacts all companies covered by the Corporations Act, whether they be public
companies limited by guarantee (which captures membership organisations,
charities, sporting associations and registered clubs for example), propriety
companies and public companies (both listed and unlisted).
The proposed change would also impact millions of Australians
holding shares directly in listed and unlisted companies.
Similarly, the Australian Institute of Company Directors observed that:
...changes to the Corporations Act have the potential to create
significant practical and compliance impacts on Australian companies of all
sizes. The intersection of company and governance obligations in the Act make
careful consideration of the flow-on effect of any change vital, including
related provisions, offences and practical business and compliance impacts on
Stakeholders also noted that many shareholders or members of a
corporation may not have an email address, or may not wish to provide an email
address for the purposes of a register of members.
The Australian Shareholders Association commented that:
...there are members who have an email address but would prefer
not to provide it to companies because they do not wish to receive too many
electronic communications or electronic communications at all (and this
preference should be respected).
While acknowledging that companies and registries may already have email
addresses for communications, the Governance Institute of Australia argued
The email address details are stored by the registry against
the shareholder's holding and do not form part of the statutory shareholder
register under section 169. While shareholders may be happy for the registry to
administer their holding by using the email address provided for that purpose,
they may not be happy for their personal email address to be added to a public
register. If required by law to have an email address on the register they may
choose to use a different email address for that purpose.
Mandatory requirement to maintain a
register of members
As noted in chapter 1, sections 168 and 169 of the Corporations Act provide
that a company or registered scheme must set up and maintain a register of
members, and the register must contain the member's name, address and date of
inclusion. Failure to maintain a register in accordance with section 169 is a
strict liability offence and directors could be liable as an accessory under
section 79 for a company's offence.
The Governance Institute of Australia considered that the bill, as
currently drafted, would significantly impact all companies:
The effect of the proposed change will be to create a
mandatory requirement for the register of all companies to contain the email
addresses of its members. The proposed amendment is also in absolute terms—i.e.
there is no carve outs or exceptions and no transitional arrangements.
A number of submitters noted that many of the companies affected by the
proposed change would be in breach of section 169 as soon as it was implemented
and may be unlikely to ever be compliant because of the difficulty in obtaining
and maintaining a register of email addresses.
Some stakeholders also raised concerns about the practical difficulties
of requirements to maintain an email address on a register. For example, AMP
noted that it experiences a bounce back rate of around 2 per cent due to email
addresses no longer being valid or mail boxes being full and rejecting emails.
It was also noted that email addresses often change when people change internet
providers or jobs.
If it were a mandatory requirement on companies to maintain email
addresses on the register, they may be held accountable when email
communications are not transmitted, potentially leading to significant costs in
attempting to remedy a situation where they are not at fault.
In response to concerns about the strict liability issue, Mr Jaworski
suggested that the requirement for mandatory email addresses could be amended
to ensure that it only operated where an email address had been provided to the
In a similar vein, Herbert Smith Freehills considered that the inclusion
of an email address should be optional:
If the section is amended to require the inclusion of email
addresses in the register, that requirement should be subject to the member
first having been asked whether they would prefer all communications to be sent
to them electronically and to be notified that their email address will be
publically available on the register.
The vexed question of who would be responsible for maintaining a
register of members was also raised by stakeholders. Registry Direct contended
that security holders should be required to supply an email address, rather
than security issuers to collect them:
We believe the onus should be on security holders to supply
their email address and update any changes and not the issuer to collect them.
The onus on the issuers should merely be to record what information is supplied
and updated. This is because only the security holder knows their email
The Australian Institute of Company Directors provided a summary of the
implications arising from the mandatory requirement to maintain a register:
The bill impacts across all company types and sizes, and the
strict liability offence for failure to comply makes it particularly important
that practical compliance and the legal impacts of the proposed change are well
Privacy and cyber security concerns
Several stakeholders were concerned about the privacy implications of
registers once a copy had been received. CPA Australia highlighted that:
There are no provisions in the [Corporations] Act that
address how long a copy of the register may be retained, whether a member has
any rights to ask their details not be provided (opt-out), continued use of the
copy of the register and when the copy of the register should be destroyed and
The Governance Institute of Australia outlined its privacy concerns:
We note that the provisions of section 14 of the Privacy Act
(1988) which requires that personal information be store securely to prevent
its loss or misuse is at odds with placing a person's name and email address
on register which can be inspected by anyone who makes are request.
CPA Australia went on to question the obligations on those who access
the register of members:
...as it currently stands, an entity is required by force of
law to disclose personal information of its members, but...the recipient of that
information is under no obligation to either protect the security of the
personal information disclosed to it, or to securely destroy that personal
information once the purpose for which it has been obtained has been fulfilled.
Mr Brett Stevenson rebuked the arguments about privacy:
...most of these concerns expressed in submissions can be just
as easily applied to the current legislated members register with members address
details. The addition of an email address merely provides a more relevant mode
of communication rather than adding to privacy issues.
While noting the protections and safeguards under section 177 of the
Corporations Act, the Governance Institute of Australia raised concerns about
the potential for malicious cyber-attacks to result from the improper use of
email address information on a register of members:
A cyber attack against a company's register could take place
before the relevant company had time to respond or warn its members, causing
reputational damage to the company concerned and enormous disruption to its day
to day operations. Another consequence of spam, phishing or cyber attack is
that it often renders the recipient's email address unusable as the provider
shuts down the account, causing considerable inconvenience to those affected.
AMP also raised concerns about cyber security:
It is unclear what a company's obligations and liabilities
are in these circumstances and what, if any, additional steps should be taken
by companies to mitigate against these risks. We believe that a thorough
examination of these matters is warranted before any changes are made to the
law as contemplated by the Bill.
Indeed, the Australian Institute of Company Directors cited concerns
about the misuse of information from register of members being shared or sold
to third parties with little chance of detection prior to a breach.
To better balance privacy expectations with respect to access to member
information, some stakeholders supported the exploration of alternative
mechanisms for facilitating member communications. For example, the use of
third party distribution bodies may allow for communication through the member
register but reduce the risk of information from the register being misused.
The Australian Institute of Company Directors elaborated of what a
framework for a third party distribution mechanism would likely include:
guidance on the types of distribution entities that would be
appropriate (these might be agreed between the parties, set by the company or
defined in regulatory guidance by ASIC);
guidance on the circumstances where a third party distribution
model might be used (this could be at the election of the company on a case by
the applicant bearing the cost of the third party distribution
(as per the status quo, where applicants would currently bear the cost of
contacting members using the register details);
a requirement for all members to be contacted even where they have
not provided electronic addresses, to avoid disenfranchising members who opt
for hard copy communication (as per the concerns flagged by the Australian
the company being the decision-making body on whether the
application is for a proper purpose, and retaining the right to request an
extension of time for review from ASIC (as per section 173(3) of the
Corporations Act)—that is, no ‘filter’ rights for the third party distribution
body. This could be supported by greater guidance in the regulations or from
ASIC on proper or improper purposes to assist companies in assessing requests;
the third party distribution body being a logistics provider
The Australian Institute of Company Directors considered that:
...this model would provide company members with a greater
degree of comfort in the use of their personal information on Registers and
should not be overly complex to establish.
While the committee acknowledges the intent of the bill to promote
easier and faster member communication, it is adamant that the numerous and
varied unintended consequences raised by stakeholders have the potential to
result in significant and costly burdens on all types of corporate structures.
The committee notes that the bill in its current form does not contain
provisions for members that do not or are not willing to provide an email
address for a register of members, and, as such, the proposed measure would
place an undue burden on companies and issuers beyond what is considered
reasonable. While the optional provision of an email address and transition
provisions may assist companies in this regard, these proposals do not form
part of the bill as drafted.
In addition, privacy concerns and cyber security threats are ever present
and the points raised by stakeholders should be thoroughly considered as part
of a larger consideration of modernising communication methods under the
The committee recommends that the Senate do not pass the bill.
Senator Jane Hume
Navigation: Previous Page | Contents | Next Page