Sustainability
Climate-related Financial Disclosure
On 9 September 2024, the climate-related financial disclosure legislation was passed by the Parliament and set to commence in January 2025. The legislation mandates the disclosure of climate-related financial information within Australia’s corporate disclosure framework, including details on reporting entities, assurance requirements, and enforcement. Entities subject to mandatory disclosure are categorised into three groups based on their scope and values of assets and revenues. Reporting obligations for Group 1 will begin on 1 January 2025, with Group 2 and 3 set to begin in July 2026 and 2027, respectively.
Greenwashing
ASIC continues action on misleading claims
ASIC has taken significant action against greenwashing misconduct, with 47 regulatory interventions made up to June 2024, including Federal Court proceedings and over $123,000 in infringement notice payments. ASIC’s interventions focused on addressing misleading claims in sustainable finance-related products and services, aiming to protect investors and consumers by ensuring accurate and reliable information. The interventions targeted issues such as insufficient disclosure, inconsistencies in investments, and sustainability-related claims without reasonable grounds. ASIC emphasised the importance of accurate disclosures and data quality in sustainability-related information to maintain market integrity and investor confidence.
ASIC won first greenwashing case against Vanguard
ASIC won first greenwashing case against Vanguard Investments Australia Ltd (Vanguard) on the ground of greenwashing misrepresentations. The Federal Court, in its March 2024 judgement, ruled that Vanguard has engaged in conducts that conveyed false impression to the public attempting to appear more environmentally friendly. The Court held Vanguard in breach of relevant sections of the Australian Securities and Investments Commission Act 2001 (ASIC Act).
Active Super’s Misleading ESG Claims
The Federal Court found that Active Super has made misleading claims regarding its environmental, social, and governance (ESG) credentials. Active Super marketed that it avoided investments posing risks to the environment and community, such as gambling, coal mining, and oil tar sands. However, the Court discovered that, between 2021 and 2023, Active Super had invested in these various securities which were eliminated or restricted by ESG investment screens. Regarding Active Super’s investments in tobacco packaging companies, the Court found that Active Super’s representations were not misleading but upheld ASIC’s claim regarding other misrepresented investments.
Risk
Property Rights in Digital Assets & Cryptocurrency
Australian Court on Cryptocurrency Capable of Being Property
There has been a long debate as to whether cryptocurrency assets are capable of being ‘property’ within the meaning of s9 of the Corporations Act. In a recent Federal Court decision – ASIC v NGS (No3) [2024], Justice Collier held that ‘property’ in the Corporations Act encompasses cryptocurrency assets, at least for the purposes of interlocutory application. This decision marks a step towards cryptocurrency being recognised as property in Australian courts.
UK Bill to Preserve Property Rights in Digital Assets
The UK has introduced the Property (Digital Assets etc) Bill to formally recognise digital assets as a form of personal property, addressing issues related to their classification under common law. Digital assets do not fit neatly into the traditional categorisation of personal property – they are not subject to “ownership” in the sense “choses in possession” are, nor are they things that a court could enforce rights in relation to as “choses in action” typically are. The Bill aims to clarify that digital assets can be considered personal property, seeking to align legal treatment with existing practices in insolvency and regulatory contexts. The enactment of this Bill is likely to influence other common law jurisdictions’ position on similar issues.
ATO’s Class Ruling re Digital Surge
The ATO has issued a Class Ruling on the tax implications for creditors involved in the insolvency of Digital Surge. The ATO clarified that there are no income tax consequences for creditors upon the appointment of administrators of Digital Surge, the execution of a Deed of Company Arrangement (DOCA), or the settlement of the Creditors’ Trust. However, the ATO found that capital gains tax (CGT) events occur when the DOCA is terminated and when payments are made from the Creditors’ Trust. The Ruling ensured tax neutrality by confirming that no capital gain or loss occurs when a creditor’s claim is substituted with an equivalent right under the Creditors’ Trust. This provides certainty and avoids additional tax burdens for creditors during the insolvency process.
Australia’s Response to Quantum Tech
In August 2024, quantum computers were added to Australia’s Defence and Strategic Goods List due to their increasing strategic significance. The AUKUS partnership among Australia, the US, and the UK, along with recent investments and the establishment of Quantum Australia, highlight the growing global focus on quantum technology. Despite this, Australia faces challenges in coordinating its quantum tech efforts, and there are calls for a national accord to create a unified approach involving government, industry, and academia. Such an accord could help address uncertainties and ensure Australia’s competitive position in the rapidly evolving quantum field.
AML/CTF
US: New AML/CTF Requirements
The US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has introduced a final rule of anti-money laundering and countering the financing of terrorism (AML/CFT) requirements for certain investment advisers, effective January 1, 2026. This rule extends existing AML/CFT obligations to certain SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs), aiming to address illicit finance threats and enhance national security by targeting risks associated with foreign actors. Advisers covered by the rule must implement risk-based AML/CFT programs, file Suspicious Activity Reports (SARs), and adhere to new recordkeeping requirements. Although the rule does not yet mandate customer identification programs, future regulations may impose additional compliance burdens.
Australia: New AML/ CTF Bill introduced into Parliament
The Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024 was introduced into Parliament on 11 September 2024, aiming to align Australia’s AML/CTF framework with international standards. Main objectives include addressing high-risk professions, simplifying the regulatory regime, and updating it for modern business practices. Key reforms are set to take effect from 31 March 2026, which include expanding coverage to high-risk gatekeeper professions, implementing more rigorous risk assessment requirements, and extending regulations to virtual assets and value transfer services. Entities are advised to review and adjust their AML/CTF programs, risk assessments, and governance structures to comply with the forthcoming changes, while also preparing for potential interpretational challenges.
Compliance
Safe and Responsible AI
In September 2024, the Department of Industry, Science and Resources released a Voluntary AI Safety Standard and initiated a consultation on proposed AI mandatory regulations for AI in high-risk settings. Both the voluntary and proposed mandatory regimes feature 10 similar guardrails but differ significantly in enforcement. The mandatory guardrails will require conformity assessments (e.g., audits and assurances), while the voluntary ones focus on broad stakeholder engagement. The consultation seeks input on the mandatory guardrails, the definition of “high-risk,” and the legislative approach for these guardrails. Consultations closes 4 October 2024.
Statement on Clearview AI
The Office of the Australian Information Commissioner (OAIC) issued a determination against Clearview AI for breaching the Privacy Act by collecting facial images without consent. Despite media reports suggesting continued non-compliance, Privacy Commissioner Carly Kind decided against further action, emphasising the need for entities using artificial intelligence to comply with privacy regulations.
This statement highlighted potential concerns in Australian privacy laws, drawing attention to the Australian privacy law reforms and debates as to whether special laws for facial recognition tools are required.
Australia’s 2023-2030 Cyber Security Strategy – Recent Updates:
Cyber and Critical Infrastructure:
A new Cyber Security Bill has been brought in the Parliament in August 2024. This bill aims to address ransom reporting, set new security standards for IoT devices, regulates cyber agency information use, and establish a Cyber Incident Review Board.Concurrently, a bill to amend critical infrastructure laws is expected, which aims to regulate critical data storage, enhance consequence management, streamline critical information sharing, and transfer telecommunications obligations to the Security of Critical Infrastructure Act.
See article from Ashurst for article on this coming Cyber Security bill and critical infrastructure reforms.
Privacy Reforms:
The Australian Government has outlined a blueprint for significant privacy reform in response to the Privacy Act Review Report, aiming to enhance digital safety and cyber resilience. The reforms will require organisations to improve transparency, traceability, and risk management in their data practices. Key changes include increased regulatory flexibility, stronger enforcement measures, new individual rights, and a focus on automated decision-making, all of which will necessitate organisations to adapt their governance frameworks, risk assessments, data management practices, and response to data breaches to comply with the evolving privacy landscape.
Trust Exchange Digital ID Act:
The Government introduced Trust Exchange (TEx) in August 2024 to enhance identity resilience for digital wallet users (such as myGov wallet). TEx allows secure verification of identity without sharing sensitive documents. Availability of TEx is expected in early 2025.
The new Digital ID Act 2024 is set to commence 1 December 2024 with its aim to expand the Australian Government Digital Identity System. The legislation includes provisions for private sector participation, data standards, accreditation rules, and penalties for non-compliance. The rollout will occur in phases, with a focus on accessibility, privacy, and cybersecurity.
ASIC Update: Role of Compliance Professionals and Focus Areas
In his speech at the Australian Compliance Institute Annual Conference, ASIC Chair Joe Longo emphasised the evolving role of compliance professionals in the boardroom, highlighting their crucial role in fostering a culture of integrity, ethics, and trust. He stressed that while written policies and technology are essential, true compliance requires a commitment to aligning practices with ethical standards. Longo also discussed the increasing complexity of regulatory expectations, including new climate reporting requirements, greenwashing work, and the need for effective oversight of AI technology. He concluded by urging compliance professionals to remain curious, alert, and proactive in addressing these challenges to support their organisations effectively.
