The government is reviewing the powers granted to ASIC to issue infringement notices for breaches of the continuous disclosure provisions. CSA expressed reservations about this regime when it came into being, noting that it grants ASIC considerable power and discretion. CSA is keen to hear from you about your experiences, and whether you think the policy objectives are being achieved. Are companies simply paying the penalty rather than undertake a dispute with the regulator? This does not necessarily mean that the entity has put in better systems or frameworks to deal with continuous disclosure.

1. Given the range of penalties available to ensure the compliance of companies with the continuous disclosure provisions, do you believe that the infringement notice regime is achieving its policy objective of ensuring entities put in place better systems or frameworks to deal with continuous disclosure?

Yes 41%
No 50%
Not sure 9%

Comment

Whilst heavy handed, it's desirable for regulators to have ‘on the spot’ fine systems to reduce the costs of administration. Such systems seem to work for other violations such as speeding.
Looking at the seven or so cases that have been made public — the breaches appear to be obvious. Unfortunately, a disproportionate number of biotechs have been served notices.
No effect on larger companies — may have effect of highlighting the issue for smaller companies.
No, but deterrent effect cannot be underestimated.
Not really. It’s too blunt an instrument and treats continuous disclosure as though no element of judgment is required.
Uncertain if it is the infringement notice regime or just the elevation of continuous disclosure obligations in general which is making most companies think seriously about their continuous disclosure systems. The fact that it is in the media a lot brings home the message.
No. I think most listed companies are aware of their continuous disclosure obligations and have put in place systems to deal with those obligations not because they fear the infringement penalty but because it is the right thing to do. The infringement notice regime attempts to impose, with the benefit of hindsight, a 'black and white' penalty on continuous disclosure value judgments made by companies where the subject matter is rarely black and white. Also there is a view that the system discriminates against smaller companies who do not have the time and money to defend their position. ASIC has shown in the past a reluctance to take on larger companies, like Telstra, who have the resources and determination to defend their position.
No, I think companies are cavalier about paying fines.
Yes, but at too great a cost! This is over-regulation which reduces ability to compete internationally due to compliance costs.
At this time it is difficult to know as there really isn't a way to make an objective overall judgement.
The problem of continuous disclosure arises from the interpretation applied to the rules by the directors, management and their advisers (legal/communications/compliance). Also, given the need to err on the side of caution, directors are playing a safe hand in that they are more frequently leaving the final recommendation as to when, what and how to disclosure information to their legal advisers/compliance advisers and as such would be guided by their advice. IF there is reason for concern then it may be in the quality of advice offered by these advisers – who of course do not bear any of the penalties if the ‘get it wrong’. Also, with the speed and agility of the Internet and corporate email services, the need for speed can best be achieved by using these channels of communication to ensure the efficient dissemination of price-sensitive information and to adhere to the ‘continuous disclosure’ rules. From an enforcement perspective, the monitoring and compliance activities of the ASX need to be passed on to an independent (government) funded body that monitors and arbitrates on such issues — at an arm’s length to the ASX and ASIC.
Most failures to disclose are due to oversight, not a deliberate policy to deceive. Fines do not stop errors occurring.
We have made no adjustments to our policies and frameworks as a result on the introduction of this regime.
Whilst our company has no experience with the penalty notice regime it is certainly apparent from the ASIC press releases that this regime has mainly caught smaller companies, mainly in WA. Whilst some companies may elect to simply pay the penalty this does not avoid the issue of failure of internal controls and potential liability for criminal or civil proceedings and further court orders. The issue of a Notice could be prima facie evidence in a class action by disaffected shareholders. Overall the Notice regime is only a small part of a suite of enforcement actions and remedies available for breaches of continuous disclosure obligations and could be considered to be an effective, immediate and low-cost tool as an alternative to going to court which is expensive and slow to finalise.
Don’t know, it would be interesting to hear from the experts on the topic. A good corporate governance case study.
When you apply this framework practically, it is the members who are paying the fine as investors in the company.
These penalties have often been referred to as a ‘speeding fine’. Smaller companies don't have the resources to object so they just pay the fine.
This is a revenue-raising measure only!
There is a risk that small companies just pay the fine but our corporate governance procedures dictate that the company would institute procedures to ensure compliance. Our Finance & Audit Committee and board would require compliance by the company.
In my experience the fine is not a sufficient disincentive to taking a particular course — even though the directors know it’s wrong at the time but prolonging things buys more time.

2. Do you believe that enforceable undertakings, such as those issued by the ACCC, which ensure a compliance program is implemented, might achieve the policy objective more fruitfully?

Yes 69%
No 24%
Maybe 7%

Comment

Yes, but probably at greater cost to government.
Maybe.
I don't see how you could frame an appropriate enforceable undertaking other than to say you will comply with LR3.1.
A qualified maybe.
Sometimes — usually in the case of a clear-cut failure of compliance systems and processes.
Uncertain.
Yes it will — but we don't need this extra layer of costs and red tape!
ASIC has used EUs for ages, so has plenty of experience in their application.
ACCC is a toothless tiger given its handling of a number of undertakings provided in recent major corporate takeovers. There also appears to be an uneven approach being taken by ACCC in is dealings with business and as such I do not believe that ACCC can be used to achieve policy objectives. An efficient and competent regulator must have the power AND use the power to enforce undertakings as they are originally intended and within original timeframes agreed upon by all parties to the undertakings. So if we apply a rule to continuous disclosure, maybe a better approach would be to enforce the rules through the adoption of specific rules in the corporate governance rules of the business which are voted on by the shareholders/stakeholders and then form an enforceable obligation of the board and management who must be answerable (personally and criminally) for non-disclosure or from any delay in the release of sensitive information to the market. Also, here’s a suggestion, if management are involved in management-based decisions, e.g. management buy-out or a QANTAS style takeover, then the executive also need to consider are they working in the best interests of the shareholders or their own interests when they are significant beneficiaries of any such takeover, ie, to resign (as in Alinta’s case) or stay on board (ie, QANTAS)? In either case the executive have access to information that shareholders do not but are freely able to provide this information to the bidders!
Yes, but would want to see more details.
Yes, if the objective is to maintain an informed market and prevent future breaches. Most companies would welcome assistance to improve their internal awareness and controls.
I say yes probably because I’ve not had an infringement notice!
In the past this appears to have worked quite effectively in ensuring compliance through negotiation.
It could but for our company either penalties or undertakings would ensure compliance.
There would no doubt be ways around these too. I think that companies would prefer this to fines as a ‘tick a box’ approach sounds possible.

3. Are there other alternative mechanisms that could be implemented, that would better achieve the policy objective of keeping the market informed?

Yes 50%
No 36%
Don’t know 14%

Comment

The approach of imposing fines assumes that this is a simple area to police which it is not. Therefore the penalty does not fit the crime. However, I understand that most companies pay up simply to allow themselves to get back to working on the business at hand and cease the time-consuming distraction of dealing with ASIC.
Monitoring by ASX is the best method.
More interactive, hands-on ASX advisers.
The current Listing Rules etc work very well. There’s no evidence of general or systemic failure in the current framework.
Uncertain.
ASIC already has the power to commence civil proceedings against companies for breaches of continuous disclosure provisions. It just doesn't use them.
Requirement to disclose breaches in published accounts.
Self regulation — with ad hoc independent regulator audits and introduction of high personal fines and penalties.
A combination of penalties (reduced) and EUs ,perhaps with an element of 'suspended sentence' pending subsequent review of the working of the specific EU.
As noted above, make the process an obligation on each director and upon executive management to ensure that [there is no avoidance of] all non-disclosure or from any delay in the release of sensitive information to the market.
Ensure that staff running these companies know the rules and have a basic competency.
ASX query process has worked well in the past.
Compulsory and regular training of directors and senior executives on continuous disclosure obligations and developments.
There are always good arguments for the carrot rather than the stick, but I don’t know of alternatives.
ASX imposed penalties, eg, suspension of trading, requirement to note that the company is a defaulter on reporting for the next X years, certification by directors of appropriate systems similar to Sarbanes Oxley requirements in the US.
Internet-based enquiry and lodgement system.
Embody within continuous disclosure regime itself if fall foul of it.
We need more open communication between parties.
Not aware of any better alternative mechanisms.
Increased liability for directors who make the decision about disclosure and more rigour around disclosure committees – perhaps make these part of the ASX guidelines?

4. Do you believe that the speed of response of the regulator is sufficient, if the policy objective of an informed market is the outcome of the infringement notice regime?

Yes 32%
No 52%
Don’t know 16%

Comment

ASIC is far too slow.
Regulator has been way too slow, largely because of the process before an infringement notice can be issued.
No, but I don't know if there are any realistic alternatives — any form of action would take time (if only for natural justice) and the market will already have moved on by then. In addition this area is not a black and white area, with many legitimate shades of grey about which reasonable people may well legitimately arrive at different conclusions. The difference is that principally ASIC takes its view with 20/20 hindsight, a perspective not available to those making the decisions on a daily basis, hence putting those people at a significant disadvantage, despite their best endeavours.
This was meant to be a quick “on-the-spot fine” process. It has been anything but.
No ....it is often too late.
Unless the response is immediate [ a big ask in the circumstances ] it is hard to see the policy objective being achieved in specific, individual entity circumstances because usually 'the horse has bolted' already .However, if the deterrent effect theory is correct, then reasonable response times may achieve the policy objective in a general, overall market sense over time.
The regulator is slow and too bureaucratic – they need to take the role of a bloodhound looking for delays and then making the business accountable for the delays. An alternative is to impose personal fines on recalcitrant directors/executive management – through the issuance of infringement notices which must be paid first then in need challenged in court. This would stop cases also being dragged out for years when the fines are ultimately paid they are low in real dollar terms.
No, however the regulator can only act when they know there has been a breach. They will always be lagging behind, awaiting information or notification. Improve the intelligence and reporting systems and their response will improve.
A regulator will always be slow to respond, they can only respond based on the information available to them. Not sure that more resources is the answer though.
No, in my experience it’s not quick enough to counteract incentive to breach if aim is to buy time.

5. Do you believe ASIC has exercised the infringement notice regime responsibly?

Yes 55%
No 12%
Don’t know 33%

Comment

It’s a poor policy and a flawed procedure that has been implemented better than I had expected (so it depends what you expected...)
I’m not aware of any inappropriate uses of the infringement notice power.
I think many corporates are pleasantly surprised that ASIC has not issued more infringement notices and that notices have generally been issued where there is a strong case against the company.
Hard to know when this administrative — type action is not subject to full external scrutiny or third party review. For instance, deciding as to at what exact point in time a board decision has become final and should be communicated will always be a lot easier after the event for a regulator with no stake involved to make, than it will be for a board trying to balance a number of competing interests /issues to the best of its ability. The difficulty is that without some form of immediate independent oversight we either have to trust ASIC to act responsibly or take back the power entirely. It is interesting to note that at a time when various voices are being raised seeking further oversight and review of decisions by the judiciary, ASIC has been armed to move in the opposite [direction], presumably on the argument /basis that they only apply 'little' penalties under the infringement notices.
No, for the simple reason that it has a poor track record in securing convictions and imposing penalties for breaches. As an example, why did QANTAS executives keep the news of a takeover offer from APA until they knew the offer was real and would be placed before shareholders for their valued consideration — and with the same executives also potentially being beneficiaries of the takeover from both a shareholding and from their future roles under new ownership/board?
Not sure as there appears to have been so few infringements that I am aware of.
Yes, but the system itself is unfair.
Very inflexible.
It could pay ASIC to overhaul their systems to ensure they are only raising infringement notices when absolutely necessary.
Sure but I think the easy options have been taken. They need to make an example out of something or someone big.