Compliance: Theory and Practice in the Financial Services Industry

9. Miscellaneous Compliance Issues

Inhouse Home Compliance Course Visit the Library

IMPORTANT NOTE: These slides have been provided primarily for the use and benefit of students taking the "Compliance: Theory and Practice in the Financial Services Industry" course at Sydney University Law School. They are a summary only of the subject matter covered and are not intended to be, nor should they be relied upon as, a substitute for legal or other professional advice. In particular, it should be noted that the slides are not always verbatim quotes from the underlying source material and that material may have been abridged or paraphrased for presentational purposes. There also may have been legislative, regulatory or other developments since these slides were last updated that are not incorporated.

These slides are made available without the assumption of a duty of care by Inhouse Legal Solutions Pty Limited ("ILS") or the officers, employees or agents of ILS who were involved in their preparation and without any representation or warranty as to accuracy or completeness. Your use of these slides is subject to the terms and conditions set out on our Legal Notices page.

These slides were created with Microsoft FrontPage 2002 and are best viewed with Internet Explorer 6.0+.


Outline

   Client Money/Property
     Money Other Than Loans
     Loans
     Other Property
     Reporting Obligations
     Subscription Money
   Privacy
   Fiduciary Duties
   Conflicts of Interest
   Confidentiality
   Telephone Taping
   When Things Go Wrong
     Escalation Procedures
     Control Logs
     Investigations
     HR Issues
     Self-Reporting Obligations

 


Client Money/Property
Money Other Than Loans

CA s981A – Definition of Client Money
Client money = money paid to a financial services licensee:
•     in connection with a financial service that has been provided, or that will or may be provided, to the client or a financial product held by a client; and
•     the money is paid by the client, by a person acting on behalf of the client or to the licensee in the licensee’s capacity as a person acting on behalf of the client,
but does not include money to the extent that it is:
•     paid by way of remuneration payable to the licensee or is money that the licensee is entitled to deduct remuneration from;
•     paid:
  •     to reimburse the licensee for payments made to acquire, or acquire an increased interest in, a financial product; or
  •     to discharge a liability incurred by the licensee in respect of the acquisition of a financial product or an increased interest in a financial product, or to indemnify the licensee in respect of such a liability;
•     paid to acquire, or acquire an increased interest in, a financial product from the licensee, whether by way of issue or sale by the licensee;
•     paid to a licensed trustee company in connection with traditional trustee company services provided by the licensee;
•     loan money (see below); or
•     paid to the licensee in order for it to be deposited to the credit of a deposit product held by the person or another person with the licensee.

Note: money paid to acquire, or acquire an increased interest in, a financial product from the licensee is covered by CA s1017E (see below).

We will look at specific ASX and ASX 24 client money requirements in lecture 11E and lecture 12C respectively.

CA s981B - Obligation to Pay Client Money Into Trust Account
The licensee must ensure that client money is paid, on the day it is received by the licensee or on the next business day, into an account that satisfies these requirements:
(a)   the account is with an Australian ADI or of a kind prescribed by regulations for these purposes and is designated as an account for the purposes of s981B;
(b)   the only money paid into the account is:
  (i)   client money (which may be money paid by, on behalf or, or for the benefit of, several different clients);
  (ii)   interest on the amount from time to time standing to the credit of the account;
  (iii)   interest, or other similar payments, on an investment made in accordance with regulations referred to in s981C, or the proceeds of the realisation of such an investment; or
  (iv)   other money permitted to be paid into the account by the regulations;
(c)   any additional requirements imposed by the regulations for these purposes; and
(d)   any additional requirements imposed by the licensee’s licence conditions.

Under CR r 7.8.01(2), accounts with approved foreign banks (as defined in CR r1.0.02(1)) and cash management trusts are prescribed.

The licensee may maintain a single account or 2 or more accounts for the purposes of this section (s981B(2)).

CR r7.8.01(5) requires the account to be designated and operated as a trust account and the funds in it (other than moneys paid to the financial services licensee under the financial services licensee’s obligation to call margins from clients under the Market Integrity Rules or the rules of a licensed market or licensed clearing and settlement facility) to be held on trust for the persons entitled to them. CR r7.8.01(8) however allows licensees who are required to call margins under the Market Integrity Rules or the operating rules of a licensed market or licensed clearing and settlement facility to operate the account as a client segregated account instead of a trust account.

The Regulations permit the following amounts to be paid into a s981B account:

> "Make good" amounts under r7.8.02(3)(a)(iv) (r7.8.01(3));

> Moneys received by an insurance broker from an insured for an insurance premium or from an insurer for payment to the insured (r7.8.01(4));

> Moneys required by the Market Integrity Rules or the operating rules of a licensed financial market to be paid into a s981B account (r7.8.01(4A));

> Moneys received for issuance of financial products under s1017E (r7.8.01(7));

> "Mixed money" (r7.8.01(11)(a)); and

> "Unidentified money" (r7.8.01(11)(b)).

Where mixed money or unidentified money is paid into a s981B account, the licensee has to identify any amount that is non-s981B money and remove it from the account as soon as practicable (r7.8.01(12) and (13)). In the case of mixed money, the non-s981B component must be removed within a maximum period of 1 month (r7.8.01(12)).

CR r7.8.02(1) – Permitted Withdrawals From s981B Accounts
A payment may be made out of a s981B account:
•     to, or in accordance with the written direction of, a person entitled to the money;
•     to defray brokerage and other proper charges;
•     to the financial services licensee of money to which the financial services licensee is entitled;
•     of moneys due to an insurer in connection with a contract of insurance;
•     that is otherwise authorised by law;
•     to the financial services licensee of money to which the financial services licensee is entitled pursuant to the Market Integrity Rules or the operating rules of a licensed financial market.

 

CR r7.8.02(1A) – Notifications Where Money Paid to Another Licensee
If a financial services licensee (the paying licensee) withdraws money from a s981B account at the direction of the client and pays it to another financial services licensee (the receiving licensee):
(a)   the paying licensee must ensure that the receiving licensee is notified, at the same time as the payment is made or as soon as practicable, that the money has been withdrawn from a s981B account of the paying licensee and should be paid into a s981B account of the receiving licensee; and
(b)   not later than the day after the receiving licensee receives the payment, the receiving licensee must pay the money into a s981B account of the receiving licensee.

 

CA s981D - Money Related to Derivatives
If client money relates to a dealing in derivatives, the money concerned may also be used for the purpose of meeting obligations incurred by the licensee in connection with margining, guaranteeing, securing, transferring, adjusting or settling dealings in derivatives by the licensee (including dealings on behalf of people other than the client).

Note that there are major flaws in this provision that seriously weaken the client money regime in the Corporations Act, stemming from the way in which the FSR reforms in 2002 extended provisions that previously only applied to market traded futures contracts to all derivatives, including OTC derivatives. These flaws are explained in section  '3C(i) - The inappropriate extension of former futures laws to OTC derivatives and other financial products - Client segregated accounts and margins' of Lewis, "A Decade On - Reforming the Financial Services Law Reforms". Treasury is consulting on law reforms in this area (see http://www.treasury.gov.au/ConsultationsandReviews/Consultations/2016/Client-money-reforms).

See generally ASIC Regulatory Guide 212 - Client money relating to dealing in OTC derivatives.

CR r7.8.02(2) – Permissible Investments
The following kinds of investment may be made in relation to a s981B account:
(a)   investment in any manner in which trustees are for the time being authorised by law to invest trust funds;
(b)   investment on deposit with an eligible money market dealer;
(c)   investment on deposit at interest with an Australian ADI;
(d)   the acquisition of cash management trust interests;
(e)   investment in a security issued or guaranteed by the Commonwealth or a State or Territory;
(f)   investment on deposit with a licensed CS facility.

Also permitted are investments made in accordance with a specific direction of the client (r7.8.02(5)).

Note that with recent changes to trustee legislation, under (a) you can basically invest in anything provided you exercise appropriate care, diligence and skill (we look at this in lecture 10)!!

CR r7.8.02(3) – Requirement for Written Agreement
A financial services licensee must not invest an amount in a way permitted by r7.8.02(2) unless:
(a)   the financial services licensee has obtained the client's written agreement to the following matters:
  (i)   the making of the investment;
  (ii)   how earnings on the investment are to be dealt with (including whether or not the earnings are to be shared, and whether or not the earnings are to be paid into the account);
  (iii)   how the realisation of the investment is to be dealt with (including whether or not the capital invested, and the proceeds of the investment, are to be deposited into the account);
  (iv)   how any losses made on the investment are to be dealt with (including the circumstances in which the financial services licensee is required to pay an amount equal to the difference between the amount invested and the amount received, into the account or otherwise);
  (v)   the fee (if any) that the financial services licensee proposes to charge for the investment; and
(b)   the money is money to which the client is entitled.

This requirement does not apply to money to which r7.8.01(4) applies, ie money received from insureds for insurance premiums or from insurers under insurance policies (r7.8.02(4)).

Interest or other earnings on any investment must be dealt with as provided in the written agreement (r7.8.02(8)).

CR r7.8.02(7) - Interest on Accounts
If money is held in a s981B account:
(a)   the financial services licensee is entitled to the interest on the account; and
(b)   the interest on the account is not required to be paid into the account;
only if the financial services licensee discloses to the client that the financial services licensee is keeping the interest (if any) earned on the account.

This does not apply to interest earned on money held by an insurance broker for an insured once the insurer has accepted the risk under the policy. At that point, the money is held on trust for the insurer rather than the insured and the broker becomes entitled to any interest earned on the money (CR r7.8.05(4)).

Protection of Client Money
•     Unless otherwise provided in the Regulations, client money that is paid to the licensee:
  •     by the client;
  •     by a person acting on behalf of the client; or
  •     in the licensee’s capacity as a person acting on behalf of the client;
  is taken to be held in trust by the licensee for the benefit of the client (s981H).
•     Client money is not capable of being attached or taken in execution or of being made subject to a set-off, charge or charging order or to any process of a similar nature except at the suit of a person who is otherwise entitled to the money (s981E).

Return to Outline


Client Money/Property
Loans

CA s982A – Definition of Loan
Loan = money paid to a financial services licensee by way of a loan from a client in connection with activities authorised by the licensee’s licence, but does not include money paid to the licensee:
(a)   in order for it to be deposited to the credit of a deposit product held by the person or another person with the licensee; or
(b)   on condition that it is to be repaid to the person by the licensee, as a debt, pursuant to the terms of a debenture or other financial product issued by the licensee.

 

CA s982B - Obligation to Pay Money Into an Account
The licensee must ensure that loan money is paid, on the day it is received by the licensee or on the next business day, into an account that satisfies these requirements:
(a)   the account is with an Australian ADI or of a kind prescribed by regulations for these purposes and is designated as an account for the purposes of s982B; and
(b)   the only money paid into the account is:
  (i)   loan money (which may be money lent by several different persons); or
  (ii)   interest on the amount from time to time standing to the credit of the account.

The licensee may maintain a single account or 2 or more accounts for the purposes of this section (s982B(2)).

CA s982C - Client Statement Setting Out Terms of Loan
The licensee must, in accordance with the regulations, give the client a statement setting out:
(a)   the terms and conditions on which the loan is made and accepted; and
(b)   the purpose for which, and the manner in which, the licensee is to use the money,
and must not take money out of the account before the client has given the licensee a written acknowledgment that the client has received the statement.

CR r7.8.06 prescribes the contents of the statement for the purposes of this section. It requires the financial services licensee to give the client a disclosure document that contains, as far as practicable, the matters required for Division 2 of Part 7.9 of the Act (ie effectively the same content requirements as a Product Disclosure Statement for a financial product).

CA s982D - Permitted Use of Loan
The licensee must only use the money:
(a)   for the purpose, and in the manner, set out in the statement given under s982C; or
(b)   for another purpose, or in another manner, agreed on in writing by the licensee and the client after the licensee gave the client the statement.

Return to Outline


Client Money/Property
Other Property

CA s984A – Definition of Client Property
Client property = property other than money (eg share certificates) given to a financial services licensee:
(a)   in connection with a financial service that has been provided, or that will or may be provided, to the client or a financial product held by the client; and
(b)   by the client, by a person acting on behalf of the client or for the benefit of the client;
where the licensee is accountable for the property.

 

CA s984B - How Client Property to be Dealt With
The licensee must ensure that client property is only dealt with in accordance with:
(a)   the requirements (if any) specified in regulations made for these purposes; and
(b)   subject to those requirements:
  (i)   the terms and conditions on which the property was given to the licensee; and
  (ii)   any subsequent instructions given by the client.
Where derivatives are involved, the property concerned may also be used for the purpose of meeting obligations incurred by the licensee in connection with margining, guaranteeing, securing, transferring, adjusting or settling dealings in derivatives by the licensee (including dealings on behalf of people other than the client).

 

CR r7.8.07 - How Client Property to be Dealt With
•     The financial services licensee must hold the property on trust for the benefit of the person who is entitled to it (r7.8.07(2)).
•     If the client requests the financial services licensee, in writing, to deposit the property in safe custody (i) with an ADI, (ii) with a financial services licensee that provides a custodial or depositary service under s766E, or (iii) in the place where the property was deposited with, or received by, the licensee:
  •     the licensee must so deposit the property; or
  •     if the licensee does not comply with the request for any reason, the licensee must notify the client, as soon as practicable, of the failure to comply with the request (r7.8.07(3)-(5)).
•     In the case of securities or managed investment products issued or made available by a body corporate, if the client requests that the body corporate register the property in the name of a nominee controlled by the financial services licensee, the financial services licensee must arrange for the body corporate to register the securities or managed investment products in that way (r7.8.07(6)).
•     Otherwise, if the property is not registered in the client's name by the body corporate that issued or made available the securities or managed investment products underlying the property, the financial services licensee must arrange to have the property registered in the client's name (r7.8.07(7)).
•     A financial services licensee must not deposit property as security for a loan or advance to the financial services licensee unless:
  •     the client owes the financial services licensee an amount in connection with a transaction entered into by the financial services licensee on the client's behalf;
  •     the financial services licensee gives the client a written notice that identifies the property and states that the dealer proposes to deposit it as security for a loan or advance to the financial services licensee; and
  •     the amount, or total of the amounts, that the client owes on the day of the deposit is at least the amount of the loan or advance (r7.8.07(8)).
•     Where it is permitted to so deposit property under r7.8.07(8), the financial services licensee must, not later than 1 business day after the amount, or total of the amounts, that the client owes on the day of the deposit are repaid, withdraw the property from that deposit and if, at the end of 3 months after the day of that deposit, or at the end of any subsequent interval of 3 months, the property has not been withdrawn from that deposit, the financial services licensee must give the client written notice of that fact (r7.8.07(9)).

Return to Outline


Client Money/Property
Reporting Obligations

•     S986A enables regulations to be made that impose additional general reporting requirements on licensees in relation to client funds, loan money or other property and s986B likewise dealing with reporting in relation to dealings in derivatives by financial services licensees on behalf of other people.
•     Regs were originally made requiring quarterly reports in respect of outstanding client money, loans or other property (former CR r7.8.09) and, to the extent that the operating rules of a licensed derivatives market did not impose their own reporting requirements, monthly statements from licensees who dealt in derivatives for clients setting out details of funds in and out, open derivative positions and outstanding deposit or margin calls (former CR r7.8.10).
•     The Regs were repealed before they took effect.

Treasury said in the Explanatory Statement for the regulations deleting the earlier regulations that: "These two regulations have been deleted. Consultation with key stakeholders has revealed that these regulations impose significant compliance burdens on industry with no corresponding consumer protection benefit."

Return to Outline


Client Money/Property
Subscription Money

CA s1017E(2) – Money Paid for Issue of Financial Products
Money paid by a client (retail or otherwise) to a product provider to acquire, or acquire an increased interest in, a financial product must either be used immediately to issue or transfer the relevant product or must be paid, on the day it is received by the product provider or on the next business day, into an account that satisfies these requirements:
(a)   the account is with an Australian ADI or of a kind prescribed by the regulations for these purposes and is designated as an account for the purposes of s1017E;
(b)   any money may be paid into the account, provided that:
  (i)   money to which this section applies; and
  (ii)   interest on the amount from time to time standing to the credit of the account;
  is identified and held in accordance with s1017E [note: modified by CR r7.9.08(4)]; and
(c)   any additional requirements imposed by the regulations for these purposes.

For these purposes, "product provider" means an issuer of financial products, or a seller of financial products in relation to which the seller has prepared a Product Disclosure Statement.

Money paid to a financial services licensee for the issue or transfer of a financial product is not client money (s981A(2)(c)) but is subjected to a similar regime as client money under s1017E.

Money caught by s1017E is taken to be held in trust by the product provider for the benefit of the person who paid the money unless otherwise provided in the Regulations (ss1017E(2A) and (2C)).

For the purposes of (a) above, accounts with certain foreign banks, cash management trusts and statutory funds of life companies are prescribed (CR r 7.9.08(1)).

The product provider may maintain a single account or 2 or more accounts for the purposes of this section (s1017E(5)).

CR r7.9.08(2) requires the account to be designated and operated as a trust account and the funds in it to be held on trust for the persons entitled to them.

Money May Instead be Paid Into a s981B Account
Money received under s1017E is money which may be paid into:
(a)   an account to which s981B relates; or
(b)   an insurance broking account maintained under section 26 of the Insurance (Agents and Brokers) Act 1984 (r7.8.01(6)).
If money received under s1017E is paid into an account under r7.8.01(6), Part 7.8 of the Act applies to the money (rr7.8.01(7) and 7.9.08(3)).

Note that the reference to section 26 of the Insurance (Agents and Brokers) Act 1984 is historical - that Act was repealed and replaced by the FSR reforms to the Corporations Act in 2002.

CA s1017E(3) – Permitted Withdrawals From s1017E Account
Money must only be taken out of a s1017E account if:
(a)   it is taken out for the purpose of return to the person by whom it was paid;
(b)   the product is issued or transferred to, or in accordance with the instructions of, that person; or
(c/d)   it is taken out for a purpose or in a situation specified by regulations made for these purposes.

 

CR r7.9.08A – Interest on Account
Part 7.9 of the Act applies as if s1017E of the Act were modified by adding after s1017E(2C):
"(2D)   In relation to money to which this section applies:
  (a)   the product provider is entitled to the interest on the account; and
  (b)   the interest on the account is not required to be paid into the account;
  only if the product provider discloses to the person who paid the money that the product provider is keeping the interest (if any) earned on the account."

If you are going to keep interest earned on client subscription moneys (and generally you will want to as you will not want to be accounting for small amounts of interest to clients), it is important to include this disclosure in your PDS.

CA s1017E(4) – Time to Act
The product provider must:
(a)   return the money;
(b)   issue or transfer the product to, or in accordance with the instructions of, the person who paid the money; or
(c)   if the money is taken out for a purpose or in a situation specified by the regulations, do any action required by those regulations after taking out that money;
either:
(d)   before the end of one month starting on the day on which the money was received; or
(e)   if it is not reasonably practicable to do so before the end of that month - by the end of such longer period as is reasonable in the circumstances.

In Basis Capital Funds Management Ltd v BT Portfolio Services Ltd [2008] NSWSC 766, Austin J held that (e) above should be interpreted as meaning that it is not reasonably practicable to issue the product and also not reasonably practicable to return the money to the client. This might apply, for example, if the client could not be identified or located within the month, for then the product provider could neither issue the product nor refund the money to the client (this example was given in the Revised Explanatory Memorandum to the Financial Services Reform Bill, at para 14.149).

Return to Outline


Privacy

Privacy Act – Overview
•     An "APP entity" must comply with:
  •     the Australian Privacy Principles (APPs) (s15); and
  •     any registered APP Code that applies to the entity (s26A).
•     APPs apply to the collection, use and disclosure of personal information and have particular rules regarding the collection, use and disclosure of sensitive information.
•     Also regulates:
  •     credit reporting information — including credit reporting bodies, credit providers (which includes energy and water utilities and telecommunication providers) and certain other third parties;
  •     tax file numbers under the Privacy (Tax File Number) Rules;
  •     personal information contained on the Personal Property Securities Register;
  •     old conviction information under the Commonwealth Spent Convictions Scheme; and
  •     ehealth record information under the Personally Controlled Electronic Health Records Act 2012 and Individual Healthcare Identifiers under the Healthcare Identifiers Act 2010.

The APPs are set out in schedule 1 of the Privacy Act 1988 (Cth).

PA s6(1) defines "APP entity" to mean an agency or organisation. "Agency" is defined to mean: (a) a Minister; (b) a Department; (c) a body (whether incorporated or not), or a tribunal, established or appointed for a public purpose by or under a Commonwealth enactment, not being an incorporated company, society or association or an organisation that is registered under the Fair Work (Registered Organisations) Act 2009 or a branch of such an organisation; (d) a body established or appointed by the Governor‑General, or by a Minister, otherwise than by or under a Commonwealth enactment; (e) a person holding or performing the duties of an office established by or under, or an appointment made under, a Commonwealth enactment, other than a person who, by virtue of holding that office, is the Secretary of a Department; (f) a person holding or performing the duties of an appointment, being an appointment made by the Governor‑General, or by a Minister, otherwise than under a Commonwealth enactment; (g) a federal court; (h) the Australian Federal Police; (ha) a Norfolk Island agency; (j) the nominated AGHS company; (k) an eligible hearing service provider; or (l) the service operator under the Healthcare Identifiers Act 2010. "Organisation" is defined to have the meaning given by section 6C.

The net effect of these provisions is that Australian and Norfolk Island Government agencies and all businesses and not-for-profit organisations with an annual turnover greater than $3 million have responsibilities under the Privacy Act, unless they fall within one of the exceptions mentioned below. As well, some small business operators (organisations with a turnover of $3 million or less) are covered by the Privacy Act including private sector health service providers (including child care centres, private schools and private tertiary educational institutions), businesses that sell or purchase personal information, credit reporting bodies, contracted service providers for a Commonwealth contract, employee associations registered or recognised under the Fair Work (Registered Organisations) Act 2009, businesses that have opted-in to the Privacy Act and businesses prescribed by the Regulations.

The Privacy Act does not cover most State and Northern Territory Government agencies, ACT Government agencies handling health information or health records, individuals acting in their own capacity, universities (other than private and ACT universities and the Australian National University), public schools (except ACT public schools), small business operators (unless an exception applies - see above), media organisations acting in the course of journalism if the organisation is publicly committed to observing published privacy standards, and registered political parties and political representatives.

To explain the reference above to registered APP Codes, Part IIIB of the Privacy Act allows an APP entity, a group of APP entities, a body or association representing one or more APP entities, or the Information Commissioner, to develop an APP code. These Codes must set out how one or more of the APPs are to be applied or complied with. They may also impose additional requirements to those imposed by the APPs. If the Commissioner includes an APP code on the Codes Register, an APP entity bound by the code must not breach it. A breach of a registered APP code is an interference with the privacy of an individual.

Note also the Privacy and Personal Information Protection Act 1998 (NSW) which established the Office of the Privacy Commissioner in New South Wales. The jurisdiction of the Act is generally limited to the public sector. However, the NSW Privacy Commissioner can also investigate and conciliate privacy breaches by organisations and individuals who are not public sector agencies.

PA s6 - Definition of Personal and Sensitive Information
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
Sensitive information means:
(a)  information or an opinion about an individual's:
      •    racial or ethnic origin;
      •    political opinions;
      •    membership of a political association;
      •    religious beliefs or affiliations;
      •    philosophical beliefs;
      •    membership of a professional or trade association;
      •    membership of a trade union;
      •    sexual preferences or practices; or
      •    criminal record;
      that is also personal information;
(b)  health information about an individual;
(c)  genetic information about an individual that is not otherwise health information;.
(d)  biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
(e)  biometric templates.

 

APP 1 - Open and Transparent Management of Personal Information
1.1   The object of this principle is to ensure that APP entities manage personal information in an open and transparent way.
1.2   An APP entity must take such steps as are reasonable in the circumstances to implement practices, procedures and systems relating to the entity’s functions or activities that:
  (a)   will ensure that the entity complies with the Australian Privacy Principles and a registered APP code (if any) that binds the entity; and
  (b)   will enable the entity to deal with inquiries or complaints from individuals about the entity’s compliance with the Australian Privacy Principles or such a code.
1.3   An APP entity must have a clearly expressed and up‑to‑date policy (the APP privacy policy) about the management of personal information by the entity.
1.4   Without limiting s1.3, the APP privacy policy of the APP entity must contain the following information:
  (a)   the kinds of personal information that the entity collects and holds;
  (b)   how the entity collects and holds personal information;
  (c)   the purposes for which the entity collects, holds, uses and discloses personal information;
  (d)   how an individual may access personal information about the individual that is held by the entity and seek the correction of such information;
  (e)   how an individual may complain about a breach of the Australian Privacy Principles, or a registered APP code (if any) that binds the entity, and how the entity will deal with such a complaint;
  (f)   whether the entity is likely to disclose personal information to overseas recipients;
  (g)   if the entity is likely to disclose personal information to overseas recipients—the countries in which such recipients are likely to be located if it is practicable to specify those countries in the policy.
1.5   An APP entity must take such steps as are reasonable in the circumstances to make its APP privacy policy available:
  (a)   free of charge; and
  (b)   in such form as is appropriate.
1.6   If a person or body requests a copy of the APP privacy policy of an APP entity in a particular form, the entity must take such steps as are reasonable in the circumstances to give the person or body a copy in that form.

 

APP 2 - Anonymity and Pseudonymity
2.1   Individuals must have the option of not identifying themselves, or of using a pseudonym, when dealing with an APP entity in relation to a particular matter.
2.2   S2.1 does not apply if, in relation to that matter:
  (a)   the APP entity is required or authorised by or under an Australian law, or a court/tribunal order, to deal with individuals who have identified themselves; or
  (b)   it is impracticable for the APP entity to deal with individuals who have not identified themselves or who have used a pseudonym.

 

APP 3 - Collection of Solicited Personal Information
3.1   If an APP entity is an agency, the entity must not collect personal information (other than sensitive information) unless the information is reasonably necessary for, or directly related to, one or more of the entity’s functions or activities.
3.2   If an APP entity is an organisation, the entity must not collect personal information (other than sensitive information) unless the information is reasonably necessary for one or more of the entity’s functions or activities.
3.3   An APP entity must not collect sensitive information about an individual unless:
  (a)   the individual consents to the collection of the information and:
    (i)   if the entity is an agency—the information is reasonably necessary for, or directly related to, one or more of the entity’s functions or activities; or
    (ii)   if the entity is an organisation—the information is reasonably necessary for one or more of the entity’s functions or activities; or
  (b)   s3.4 applies in relation to the information.
3.4   This subclause applies in relation to sensitive information about an individual if:
  (a)   the collection of the information is required or authorised by or under an Australian law or a court/tribunal order;
  (b)   a permitted general situation exists in relation to the collection of the information by the APP entity;
  (c)   the APP entity is an organisation and a permitted health situation exists in relation to the collection of the information by the entity;
  (d)   the APP entity is an enforcement body and the entity reasonably believes that:
    (i)   if the entity is the Immigration Department—the collection of the information is reasonably necessary for, or directly related to, one or more enforcement related activities conducted by, or on behalf of, the entity; or
    (ii)   otherwise—the collection of the information is reasonably necessary for, or directly related to, one or more of the entity’s functions or activities; or
  (e)   the APP entity is a non‑profit organisation and both of the following apply:
    (i)   the information relates to the activities of the organisation; and
    (ii)   the information relates solely to the members of the organisation, or to individuals who have regular contact with the organisation in connection with its activities.
3.5   An APP entity must collect personal information only by lawful and fair means.
3.6   An APP entity must collect personal information about an individual only from the individual unless:
  (a)   if the entity is an agency:
    (i)   the individual consents to the collection of the information from someone other than the individual; or
    (ii)   the entity is required or authorised by or under an Australian law, or a court/tribunal order, to collect the information from someone other than the individual; or
  (b)   it is unreasonable or impracticable to do so.
3.7   This principle applies to the collection of personal information that is solicited by an APP entity.

In relation to s3.3(b) above, PA s16A sets out 7 "permitted general situations" in relation to the collection, use or disclosure of personal information. The first two also apply to the use of government related identifiers.

The first five "permitted general situations" apply to all APP entities: (1) it is unreasonable or impracticable to obtain the individual’s consent to the collection, use or disclosure and the entity reasonably believes that the collection, use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety; (2) the entity has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the entity’s functions or activities has been, is being or may be engaged in and the entity reasonably believes that the collection, use or disclosure is necessary in order for the entity to take appropriate action in relation to the matter; (3) the entity reasonably believes that the collection, use or disclosure is reasonably necessary to assist any APP entity, body or person to locate a person who has been reported as missing and the collection, use or disclosure complies with the rules made under s16A(2); (4) the collection, use or disclosure is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim; (5) the collection, use or disclosure is reasonably necessary for the purposes of a confidential alternative dispute resolution process.

The sixth "permitted general situation" applies to an agency that reasonably believes that the collection, use or disclosure is necessary for the agency's diplomatic or consular functions or activities.

The seventh "permitted general situation" applies to the defence force: the entity reasonably believes that the collection, use or disclosure is necessary for any of the following occurring outside Australia and the external Territories: (a) war or warlike operations; (b) peacekeeping or peace enforcement; and (c) civil aid, humanitarian assistance, medical or civil emergency or disaster relief.

APP 4 - Dealing with Unsolicited Personal Information
4.1   If:
  (a)   an APP entity receives personal information; and
  (b)   the entity did not solicit the information;
  the entity must, within a reasonable period after receiving the information, determine whether or not the entity could have collected the information under APP 3 if the entity had solicited the information.
4.2   The APP entity may use or disclose the personal information for the purposes of making the determination under s4.1.
4.3   If:
  (a)   the APP entity determines that the entity could not have collected the personal information; and
  (b)   the information is not contained in a Commonwealth record;
  the entity must, as soon as practicable but only if it is lawful and reasonable to do so, destroy the information or ensure that the information is de‑identified.
4.4   If s4.3 does not apply in relation to the personal information, APPs 5 to 13 apply in relation to the information as if the entity had collected the information under APP 3.

In relation to s4.3(b), "Commonwealth record" has the same meaning as in the Archives Act 1983 (PA s6(1)).

APP 5 - Notification of the Collection of Personal Information
5.1   At or before the time or, if that is not practicable, as soon as practicable after, an APP entity collects personal information about an individual, the entity must take such steps (if any) as are reasonable in the circumstances:
  (a)   to notify the individual of such matters referred to in s5.2 as are reasonable in the circumstances;
  (b)   to otherwise ensure that the individual is aware of any such matters.
5.2   The matters for the purposes of s5.1 are as follows:
  (a)   the identity and contact details of the APP entity;
  (b)   if:
    (i)   the APP entity collects the personal information from someone other than the individual; or
    (ii)   the individual may not be aware that the APP entity has collected the personal information;
    the fact that the entity so collects, or has collected, the information and the circumstances of that collection;
  (c)   if the collection of the personal information is required or authorised by or under an Australian law or a court/tribunal order—the fact that the collection is so required or authorised (including the name of the Australian law, or details of the court/tribunal order, that requires or authorises the collection);
  (d)   the purposes for which the APP entity collects the personal information;
  (e)   the main consequences (if any) for the individual if all or some of the personal information is not collected by the APP entity;
  (f)   any other APP entity, body or person, or the types of any other APP entities, bodies or persons, to which the APP entity usually discloses personal information of the kind collected by the entity;
  (g)   that the APP privacy policy of the APP entity contains information about how the individual may access the personal information about the individual that is held by the entity and seek the correction of such information;
  (h)   that the APP privacy policy of the APP entity contains information about how the individual may complain about a breach of the Australian Privacy Principles, or a registered APP code (if any) that binds the entity, and how the entity will deal with such a complaint;
  (i)   whether the APP entity is likely to disclose the personal information to overseas recipients;
  (j)   if the APP entity is likely to disclose the personal information to overseas recipients—the countries in which such recipients are likely to be located if it is practicable to specify those countries in the notification or to otherwise make the individual aware of them.

 

APP 6 - Use or Disclosure of Personal Information
6.1   If an APP entity holds personal information about an individual that was collected for a particular purpose (the primary purpose), the entity must not use or disclose the information for another purpose (the secondary purpose) unless:
  (a)   the individual has consented to the use or disclosure of the information; or
  (b)   s6.2 or 6.3 applies in relation to the use or disclosure of the information.
6.2   This subclause applies in relation to the use or disclosure of personal information about an individual if:
  (a)   the individual would reasonably expect the APP entity to use or disclose the information for the secondary purpose and the secondary purpose is:
    (i)   if the information is sensitive information—directly related to the primary purpose; or
    (ii)   if the information is not sensitive information—related to the primary purpose;
  (b)   the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order;
  (c)   a permitted general situation exists in relation to the use or disclosure of the information by the APP entity;
  (d)   the APP entity is an organisation and a permitted health situation exists in relation to the use or disclosure of the information by the entity; or
  (e)   the APP entity reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
6.3   This subclause applies in relation to the disclosure of personal information about an individual by an APP entity that is an agency if:
  (a)   the agency is not an enforcement body;
  (b)   the information is biometric information or biometric templates;
  (c)   the recipient of the information is an enforcement body; and
  (d)   the disclosure is conducted in accordance with the guidelines made by the Commissioner for the purposes of this paragraph.
6.4   If:
  (a)   the APP entity is an organisation; and
  (b)   s16B(2) applied in relation to the collection of the personal information by the entity;
  the entity must take such steps as are reasonable in the circumstances to ensure that the information is de‑identified before the entity discloses it in accordance with s6.1 or 6.2.
6.5   If an APP entity uses or discloses personal information in accordance with paragraph 6.2(e), the entity must make a written note of the use or disclosure.
6.6   If:
  (a)   an APP entity is a body corporate; and
  (b)   the entity collects personal information from a related body corporate;
  this principle applies as if the entity's primary purpose for the collection of the information were the primary purpose for which the related body corporate collected the information.
6.7   This principle does not apply to the use or disclosure by an organisation of:
  (a)   personal information for the purpose of direct marketing; or
  (b)   government related identifiers.

 

APP 7 - Direct Marketing
7.1   If an organisation holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing.
7.2   Despite s7.1, an organisation may use or disclose personal information (other than sensitive information) about an individual for the purpose of direct marketing if:
  (a)   the organisation collected the information from the individual;
  (b)   the individual would reasonably expect the organisation to use or disclose the information for that purpose;
  (c)   the organisation provides a simple means by which the individual may easily request not to receive direct marketing communications from the organisation; and
  (d)   the individual has not made such a request to the organisation.
7.3   Despite s7.1, an organisation may use or disclose personal information (other than sensitive information) about an individual for the purpose of direct marketing if:
  (a)   the organisation collected the information from:
    (i)   the individual and the individual would not reasonably expect the organisation to use or disclose the information for that purpose; or
    (ii)   someone other than the individual;
  (b)   either:
    (i)   the individual has consented to the use or disclosure of the information for that purpose; or
    (ii)   it is impracticable to obtain that consent;
  (c)   the organisation provides a simple means by which the individual may easily request not to receive direct marketing communications from the organisation;
  (d)   in each direct marketing communication with the individual:
    (i)   the organisation includes a prominent statement that the individual may make such a request; or
    (ii)   the organisation otherwise draws the individual's attention to the fact that the individual may make such a request; and
  (e)   the individual has not made such a request to the organisation.
7.4   Despite s7.1, an organisation may use or disclose sensitive information about an individual for the purpose of direct marketing if the individual has consented to the use or disclosure of the information for that purpose.
7.5   Despite s7.1, an organisation may use or disclose personal information for the purpose of direct marketing if:
  (a)   the organisation is a contracted service provider for a Commonwealth contract;
  (b)   the organisation collected the information for the purpose of meeting (directly or indirectly) an obligation under the contract; and
  (c)   the use or disclosure is necessary to meet (directly or indirectly) such an obligation.
7.6   If an organisation (the first organisation) uses or discloses personal information about an individual:
  (a)   for the purpose of direct marketing by the first organisation; or
  (b)   for the purpose of facilitating direct marketing by other organisations;
  the individual may:
  (c)   if paragraph (a) applies—request not to receive direct marketing communications from the first organisation;
  (d)   if paragraph (b) applies—request the organisation not to use or disclose the information for the purpose referred to in that paragraph; and
  (e)   request the first organisation to provide its source of the information.
7.7   If an individual makes a request under s7.6, the first organisation must not charge the individual for the making of, or to give effect to, the request and:
  (a)   if the request is of a kind referred to in paragraph 7.6(c) or (d)—the first organisation must give effect to the request within a reasonable period after the request is made; and
  (b)   if the request is of a kind referred to in paragraph 7.6(e)—the organisation must, within a reasonable period after the request is made, notify the individual of its source unless it is impracticable or unreasonable to do so.
7.8   This principle does not apply to the extent that any of the following apply:
  (a)   the Do Not Call Register Act 2006;
  (b)   the Spam Act 2003; or
  (c)   any other Act of the Commonwealth, or a Norfolk Island enactment, prescribed by the regulations.

 

APP 8 - Cross‑border Disclosure of Personal Information
8.1   Before an APP entity discloses personal information about an individual to a person (the overseas recipient):
  (a)   who is not in Australia or an external Territory; and
  (b)   who is not the entity or the individual;
  the entity must take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles (other than APP 1) in relation to the information.
8.2   S8.1 does not apply to the disclosure of personal information about an individual by an APP entity to the overseas recipient if:
  (a)   the entity reasonably believes that:
    (i)   the recipient of the information is subject to a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles protect the information; and
    (ii)   there are mechanisms that the individual can access to take action to enforce that protection of the law or binding scheme;
  (b)   both of the following apply:
    (i)   the entity expressly informs the individual that if he or she consents to the disclosure of the information, s8.1 will not apply to the disclosure; and
    (ii)   after being so informed, the individual consents to the disclosure;
  (c)   the disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order;
  (d)   a permitted general situation (other than the situation referred to in item 4 or 5 of the table in s16A(1)) exists in relation to the disclosure of the information by the APP entity;
  (e)   the entity is an agency and the disclosure of the information is required or authorised by or under an international agreement relating to information sharing to which Australia is a party; or
  (f)   the entity is an agency and both of the following apply:
    (i)   the entity reasonably believes that the disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body; and
    (ii)   the recipient is a body that performs functions, or exercises powers, that are similar to those performed or exercised by an enforcement body.

 

APP 9 - Adoption, Use or Disclosure of Government Related Identifiers
9.1   An organisation must not adopt a government related identifier of an individual as its own identifier of the individual unless:
  (a)   the adoption of the government related identifier is required or authorised by or under an Australian law or a court/tribunal order; or
  (b)   s9.3 applies in relation to the adoption.
9.2   An organisation must not use or disclose a government related identifier of an individual unless:
  (a)   the use or disclosure of the identifier is reasonably necessary for the organisation to verify the identity of the individual for the purposes of the organisation’s activities or functions;
  (b)   the use or disclosure of the identifier is reasonably necessary for the organisation to fulfil its obligations to an agency or a State or Territory authority;
  (c)   the use or disclosure of the identifier is required or authorised by or under an Australian law or a court/tribunal order;
  (d)   a permitted general situation (other than the situation referred to in item 4 or 5 of the table in s16A(1)) exists in relation to the use or disclosure of the identifier;
  (e)   the organisation reasonably believes that the use or disclosure of the identifier is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
  (f)   s9.3 applies in relation to the use or disclosure.
9.3   This subclause applies in relation to the adoption, use or disclosure by an organisation of a government related identifier of an individual if:
  (a)   the identifier is prescribed by the regulations;
  (b)   the organisation is prescribed by the regulations, or is included in a class of organisations prescribed by the regulations; and
  (c)   the adoption, use or disclosure occurs in the circumstances prescribed by the regulations.

 

APP 10 - Quality of Personal Information
10.1   An APP entity must take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that the entity collects is accurate, up‑to‑date and complete.
10.2   An APP entity must take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that the entity uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up‑to‑date, complete and relevant.

 

APP 11 - Security of Personal Information
11.1   If an APP entity holds personal information, the entity must take such steps as are reasonable in the circumstances to protect the information:
  (a)   from misuse, interference and loss; and
  (b)   from unauthorised access, modification or disclosure.
11.2   If:
  (a)   an APP entity holds personal information about an individual;
  (b)   the entity no longer needs the information for any purpose for which the information may be used or disclosed by the entity under this Schedule;
  (c)   the information is not contained in a Commonwealth record; and
  (d)   the entity is not required by or under an Australian law, or a court/tribunal order, to retain the information;
  the entity must take such steps as are reasonable in the circumstances to destroy the information or to ensure that the information is de‑identified.

 

APP 12 - Access to Personal Information
12.1   If an APP entity holds personal information about an individual, the entity must, on request by the individual, give the individual access to the information.
12.2   If:
  (a)   the APP entity is an agency; and
  (b)   the entity is required or authorised to refuse to give the individual access to the personal information by or under:
    (i)   the Freedom of Information Act; or
    (ii)   any other Act of the Commonwealth, or a Norfolk Island enactment, that provides for access by persons to documents;
  then, despite s12.1, the entity is not required to give access to the extent that the entity is required or authorised to refuse to give access.
12.3   If the APP entity is an organisation then, despite s12.1, the entity is not required to give the individual access to the personal information to the extent that:
  (a)   the entity reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
  (b)   giving access would have an unreasonable impact on the privacy of other individuals;
  (c)   the request for access is frivolous or vexatious;
  (d)   the information relates to existing or anticipated legal proceedings between the entity and the individual, and would not be accessible by the process of discovery in those proceedings;
  (e)   giving access would reveal the intentions of the entity in relation to negotiations with the individual in such a way as to prejudice those negotiations;
  (f)   giving access would be unlawful;
  (g)   denying access is required or authorised by or under an Australian law or a court/tribunal order;
  (h)   both of the following apply:
    (i)   the entity has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the entity’s functions or activities has been, is being or may be engaged in; and
    (ii)   giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
  (i)   giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
  (j)   giving access would reveal evaluative information generated within the entity in connection with a commercially sensitive decision‑making process.
12.4   The APP entity must:
  (a)   respond to the request for access to the personal information:
    (i)   if the entity is an agency—within 30 days after the request is made; or
    (ii)   if the entity is an organisation—within a reasonable period after the request is made; and
  (b)   give access to the information in the manner requested by the individual, if it is reasonable and practicable to do so.
12.5   If the APP entity refuses:
  (a)   to give access to the personal information because of s12.2 or 12.3; or
  (b)   to give access in the manner requested by the individual;
  the entity must take such steps (if any) as are reasonable in the circumstances to give access in a way that meets the needs of the entity and the individual.
12.6   Without limiting s12.5, access may be given through the use of a mutually agreed intermediary.
12.7   If the APP entity is an agency, the entity must not charge the individual for the making of the request or for giving access to the personal information.
12.8   If:
  (a)   the APP entity is an organisation; and
  (b)   the entity charges the individual for giving access to the personal information;
  the charge must not be excessive and must not apply to the making of the request.
12.9   If the APP entity refuses to give access to the personal information because of s12.2 or 12.3, or to give access in the manner requested by the individual, the entity must give the individual a written notice that sets out:
  (a)   the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so;
  (b)   the mechanisms available to complain about the refusal; and
  (c)   any other matter prescribed by the regulations.
12.10  If the APP entity refuses to give access to the personal information because of paragraph 12.3(j), the reasons for the refusal may include an explanation for the commercially sensitive decision.

 

APP 13 - Correction of Personal Information
13.1   If:
  (a)   an APP entity holds personal information about an individual; and
  (b)   either:
    (i)   the entity is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out‑of‑date, incomplete, irrelevant or misleading; or
    (ii)   the individual requests the entity to correct the information;
  the entity must take such steps (if any) as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up‑to‑date, complete, relevant and not misleading.
13.2   If:
  (a)   the APP entity corrects personal information about an individual that the entity previously disclosed to another APP entity; and
  (b)   the individual requests the entity to notify the other APP entity of the correction;
  the entity must take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
13.3   If the APP entity refuses to correct the personal information as requested by the individual, the entity must give the individual a written notice that sets out:
  (a)   the reasons for the refusal except to the extent that it would be unreasonable to do so;
  (b)   the mechanisms available to complain about the refusal; and
  (c)   any other matter prescribed by the regulations.
13.4   If:
  (a)   the APP entity refuses to correct the personal information as requested by the individual; and
  (b)   the individual requests the entity to associate with the information a statement that the information is inaccurate, out‑of‑date, incomplete, irrelevant or misleading;
  the entity must take such steps as are reasonable in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.
13.5   If a request is made under s13.1 or 13.4, the APP entity:
  (a)   must respond to the request:
    (i)   if the entity is an agency—within 30 days after the request is made; or
    (ii)   if the entity is an organisation—within a reasonable period after the request is made; and
  (b)   must not charge the individual for the making of the request, for correcting the personal information or for associating the statement with the personal information (as the case may be).

 

Important Exemptions
•     Acts or practices relating to a current or former employment relationship between the employer and the individual and an employee record held by the organisation and relating to the individual (s7B(3)).
•     The collection of personal information (other than sensitive information) about the individual by a body corporate from a related body corporate and the disclosure of personal information (other than sensitive information) about the individual by a body corporate to a related body corporate (s13B).
•     An act or practice of an organisation done or engaged in outside Australia and an external Territory that is required by an applicable law of a foreign country (s13D).

Note that s7B(3) does not apply to prospective employees and therefore information received about prospective recruits who do not become employees is subject to the Act.

PA s13B lets related bodies corporate share personal information. However, in using or holding the information, they must comply with the APPs and any registered APP code that binds them (s13E).

Under s13B(1A), the exemption allowing the collection of personal information from a related body corporate does not apply to the collection by a body corporate of personal information from: (a) a related body corporate that is not an "organisation"; (b) a related body corporate whose disclosure of the information to the body corporate is an exempt act or exempt practice for the purposes of s7(1)(ee); or (c) a related body corporate whose disclosure of the information to the body corporate is not an interference with privacy because of section 13D (overseas act required by foreign law).

Powers of the Information Commissioner
The Information Commissioner has the power to:
•     receive privacy related complaints (s36);
•     conduct investigations into complaints and on the Commissioner’s own initiative into an act or practice that may be a breach of privacy (s40);
•     seek an injunction to stop conduct that does or would breach the Privacy Act (s98); and
•     make formal determinations in relation to complaints, including:
  •     prohibiting an organisation from continuing or repeating conduct that has breached the Act;
  •     directing an organisation to perform any reasonable course of conduct to redress loss or damage suffered by the complainant; and
  •     directing the organisation to pay a specified amount to the complainant by way of compensation (s52).

 

Footnote: No Corporate Right to Privacy
Per the High Court in Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd [2001] HCA 63: even though Australian law may be moving towards recognising a tort of invasion of privacy, the right to privacy does not attach to corporations.
Cp Schering Chemicals Ltd v Falkman Ltd [1982] 1 QB 1, below: corporate privacy may be protected by other means eg an action for breach of confidence.
Cp Grosse v Purvis [2003] QDC 151: Australian common law now recognises the right for an individual to recover damages for mental, psychological or emotional harm for wilful invasion of privacy.

Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd involved animal rights activists trespassing upon land to make a clandestine film of slaughterhouse activities and then giving it to the ABC to broadcast. It was held that the owner of the slaughterhouse had no right at law to restrain the ABC from publishing the film. The High Court said that even though Australian law may be moving towards recognising a tort of invasion of privacy, the right to privacy does not attach to corporations. Corporations may only protect their privacy through more traditional legal means, such as through an action for infringement of intellectual property rights or for breach of confidence.

In Grosse v Purvis, a case involving stalking, the Queensland Supreme Court picked up this invitation from the High Court and held for the first time in Australia that there is a civil action for damages in tort based on the actionable right of an individual person to privacy. The court said that the essential elements of the cause of action were: (a) a willed act by the defendant; (b) which intrudes upon the privacy or seclusion of the plaintiff; (c) in a manner which would be considered highly offensive to a reasonable person of ordinary sensibilities; and (d) which causes the plaintiff detriment in the form of mental psychological or emotional harm or distress or which prevents or hinders the plaintiff from doing an act which s/he is lawfully entitled to do.

Return to Outline


Fiduciary Duties

Fiduciary Relationships
The following relationships have been held to be have fiduciary aspects:
•     Responsible entity and managed investment scheme: Gill v Eagle Star Nominees Ltd, Unreported SC NSW, BC9302122, 22 September 1993;
•     Investment adviser (a fortiori investment manager) and client: Daly v Sydney Stock Exchange Ltd (1986) 160 CLR 370 (esp at p385)
•     Stockbroker and client: Daly v Sydney Stock Exchange Ltd, supra
•     Futures broker and client: Option Investments (Aust) Pty Ltd v Martin [1981] VR 138
•     Insurance broker and client: Anglo-African Merchants Ltd v Bayley [1970] 1 QB 311
•     Corporate adviser and client: Aequitus v AEFC (2001) 19 ACLC 1,006 and ASIC v Citigroup Global Markets Australia Pty Limited (No. 4) [2007] FCA 963
•     Banker and customer (on advisory, as distinct from lending, matters): Commonwealth Bank v Smith (1991) 102 ALR 453

Per Brennan J in Daly v Sydney Stock Exchange Ltd (1986) 160 CLR 370, 385:

     

"Whenever a stockbroker or other person who holds himself out as having expertise in advising on investments is approached for advice on investments and undertakes to give it, in giving that advice the adviser stands in a fiduciary relationship to the person whom he advises. The adviser cannot assume a position where his self-interest might conflict with the honest and impartial giving of advice ...

     

The duty of an investment adviser who is approached by a client for advice and undertakes to give it and who proposes to offer the client an investment in which the adviser has a financial interest, is a heavy one. His duty is to furnish the client with all the relevant knowledge which the adviser possesses, concealing nothing that might reasonably be regarded as relevant to the making of the investment decision including the identity of the buyer or seller of the investment when that identity is relevant, to give the best advice which the adviser could give if he did not have but a third party did have a financial interest in the investment to be offered, to reveal fully the adviser’s financial interest, and to obtain for the client the best terms which the client would obtain from a third party if the adviser were to exercise due diligence on behalf of his client in such a transaction ..."

The facts of Aequitus v AEFC were outlined in the materials dealing with bribery of fiduciaries in lecture 7.

In Commonwealth Bank v Smith, a customer approached the bank for a loan to buy hotels. The bank manager put them onto a hotel which was owned by another customer of the bank who coincidentally happened to be in overdraft at the time. He suggested to them that this would be a good purchase, but did not disclose that the bank held a valuation on the property significantly less than the purchase price being asked by the vendors. He discouraged them from approaching an accountant or hotel broker and encouraged them to use the same solicitors as the vendors were using. The bank manager disclosed the fact that he had a conflict and that he would not be able to disclose confidential information about the vendors but that was all. The purchase was not a good purchase and the customer sued alleging breach of fiduciary duty, misleading and deceptive conduct and negligent misstatement. The full Federal Court said (at p476):

     

"It is not a novel proposition that where a bank gives to a customer advice upon financial affairs, then in addition to any contractual rights the customer may have … the relationship between the parties may be such as to found either or both a common law duty of care and a fiduciary duty…

     

In many cases, and the present is one of them, the bank as financier will have a manifest personal interest of its own in the matter. The question then becomes one of ascertaining when, given the apparent commercial self interest of the bank, the bank also may be taken to have assumed a fiduciary responsibility towards the customer in question. …

      A bank may be expected to act in its own interests in ensuring the security of its position as lender to its customer but it may have created in the customer the expectation that nevertheless it will advise in the customer’s interests as to the wisdom of a proposed investment. This may be the case where the customer may fairly take it that to a significant extent his interest is consistent with that of the bank in financing the customer for a prudent business venture. In such a way the bank may become a fiduciary and occupy the position of what Brennan J has called 'an investment adviser': Daly v Sydney Stock Exchange …"

 

Fiduciary Duties of Agents Generally
Per Bowstead and Reynolds on Agency (17th Edition 2001), Articles 45 - 50:
•     An agent owes to his principal fiduciary duties (duties of loyalty).
•     An agent may not put himself in a position or enter into a transaction in which his personal interest, or his duty to another principal, may conflict with his duty to his principal, unless the principal, with full knowledge of all the material circumstances and of the nature and extent of the agent’s interest, consents.
•     Where an agent enters into any contract or transaction with his principal, or his principal's representative in interest, he must act with perfect good faith, and make full disclosure of all the material circumstances, and of everything known to him respecting the subject-matter of the contract or transaction which would be likely to influence the conduct of the principal or his representative.
•     Where any question arises as to the validity of any such contract or transaction, or of any gift made by a principal to his agent, the burden of proving that no advantage was taken by the agent of his position, or of the confidence reposed in him, and that the transaction was entered into in perfect good faith and after full disclosure, lies upon the agent.
•     An agent may not, without the informed consent of his principal, use his principal’s property, or confidential information acquired during the course of the agency, to acquire a benefit (ie a secret profit).
•     An agent may not [KL - without the informed consent of his principal,] use his position to acquire for himself a benefit (ie a secret profit) from a third party. He must account to his principal for any benefit so obtained.
•     Where an agent receives or arranges to receive any money or property by way of bribe or secret commission in the course of his agency from a person who deals or seeks to deal with his principal, he is liable to his principal jointly and severally with that person:
  •     in restitution for the amount of the bribe or commission;
  •     in tort, for any loss suffered by the principal from entering into the transaction in respect of which the bribe or secret commission was given or promised;
  and the bribe, if it was paid, is held on constructive trust for the principal.

 

Scope of Fiduciary Duties
•     Fiduciary duties should be distinguished from contractual duties and duties of care: Aequitus v AEFC (2001) 19 ACLC 1,006, esp at pp1,058-9.
•     Not all aspects of a relationship are fiduciary in nature: Option Investments (Aust) Pty Ltd v Martin [1981] VR 138 (affirmed on appeal [1982] VR 464).
•     Fiduciary duties may be modified by an express or implied contractual term or market custom: ASIC v Citigroup Global Markets Australia Pty Limited (No. 4) [2007] FCA 963; Kelly v Cooper [1993] AC 205; Jones v Canavan [1972] 2 NSWLR 236.
•     Courts however tend to take a very strict and moralistic view of fiduciary responsibilities: see eg Bonds & Securities Trading Pty Ltd v Glomex Mines NL [1971] 1 NSWLR 879, esp at pp890-3.

Aequitus v AEFC, above, includes a useful summary of the difference between fiduciary duties and contractual/tortious duties. In that case, the plaintiff's claim against the financial adviser was based around the dicta of Brennan J in Daly v Sydney Stock Exchange Ltd (1986) 160 CLR 370, 385 quoted above. The court said (at p1,058-9):

     

"It will be seen that the pleading closely tracks Brennan J’s remarks. Analytically, the pleading asserts positive duties of two kinds: duties to disclose various sorts of information … and duties to act in the best interests of another in the provision of advice …. The pleading does not expressly articulate the negative fiduciary duties of avoiding positions of conflict between interest and duty or between duties, and avoiding any unauthorised profit.

     

The defendants submit that none of the positive duties alleged in the pleading is properly to be described as a fiduciary duty. The only fiduciary duties, they say, are the negative duties, and these are not pleaded. Disclosure of information, leading to informed consent, may absolve a fiduciary from what would otherwise have been a breach of duty, but (the defendants submit) there is no fiduciary duty of disclosure as such.

     

The defendants’ point is not merely pedantic. If the positive duties are not fiduciary duties, their true source may be in contract or tort. As we shall see, the measure of recovery at common law differs from the measure of recovery for breach of fiduciary duty in equity.

     

It may seem surprising that a pleading based closely on Brennan J's considered words should be challenged as misconceiving the nature of fiduciary duties. But judicial thinking about the content of fiduciary duties has changed significantly over the last decade, especially in cases where the fiduciary and the principal are in a contractual relationship, or where the fiduciary owes the principal a duty of care. … In Australia, after acknowledging the co-existence of contractual and fiduciary rights in Hospital Products Ltd v US Surgical Corporation, the High Court has decided to confine the fiduciary component of the overall relationship to a number of specific duties: Breen v Williams …. The question in that case was whether a patient had the right to demand access to her medical records. In [a Canadian case], the Supreme Court of Canada had held that a patient was entitled to access to medical records partly because the doctor-patient relationship is fiduciary. The High Court rejected that reasoning.

     

In the High Court's view, the essential fiduciary obligations were to avoid conflicts between interest and duty or between duty and duty, and profits arising out of the fiduciary office, in the absence of fully informed consent. Obligations to act in the interests of another, or to act prudently, are not fiduciary obligations. According to Dawson and Toohey JJ (at 93), what the law extracts from a fiduciary relationship is loyalty, often of an uncompromising kind, but no more than that. Gaudron and McHugh JJ (at 113) held that a fiduciary is obliged not to obtain any unauthorised benefit from the relationship and not to be in a position of conflict, but "the law of this country does not otherwise impose positive legal duties on the fiduciary to act in the interests of the person to whom the duty is owed". Gummow J (at 137) said that the special position of the trustee does not provide a proper foundation for "the imposition upon fiduciaries in general of a quasi-tortious duty to act solely in the best interests of their principals". Fiduciary obligations often arise in cases where one person is under an obligation to act in the interests of another, but that does not mean that the obligation to act in the interests of another is a fiduciary obligation.

     

… The reasoning in Breen v Williams is quite a distance away from Brennan J's dictum in Daly v Sydney Stock Exchange, and yet Daly v Sydney Stock Exchange was cited by Gummow J (at 134) without any hint of disapproval. It would be possible to reconcile the cases by orienting each case to its facts, on the basis that the doctor-patient relationship is less comprehensively fiduciary than the financial adviser-client relationship. But that distinction would not give effect to the conceptual analysis which found favour with five of the six judges who decided Breen v Williams. The logic of their analysis is that most of the observations of Brennan J do not relate to the fiduciary character of the adviser's position.

     

In my opinion, in light of the reasoning in Breen v Williams, Brennan J's dictum should be taken to refer, for the most part, to the contractual aspects of the adviser-client relationship. The duty to provide "best advice" and to disclose knowledge and information arise out of the adviser's "undertaking", and are therefore implied terms of the contractual retainer. And disclosure may also relieve the adviser from the fundamental fiduciary duty not to "assume a position where his self-interest might conflict with the honest and impartial giving of advice"."

In Option Investments (Aust) Pty Ltd v Martin, a futures broker brought an action against a client for the shortfall after the client had defaulted in margin payments and the broker had closed out the position at a loss. The client resisted the claim, arguing negligence and breach of fiduciary duty, because the broker had waited for 4 months to close out the position and, as a result of further falls in the market, the client had a much greater shortfall to make good. Lush J, affirmed on appeal, gave judgment for the broker and dismissed the client’s counterclaim. He held that while a futures broker who closes out a position is under a duty to sell in good faith, since he has the power for the protection of his own interest, he is entitled to select the time of sale unless otherwise contractually bound or ordered by his client. At p142:

     

"A broker’s duty is to execute the orders which his client gives him. He is under no duty to give advice, though if he does he must of course do so honestly and with appropriate skill and ability. He is under no duty, and has no general authority, to initiate transactions, for instance, the sale of securities held, without his client’s instructions. The relationship has fiduciary aspects relating to moneys and securities held by the broker, but otherwise the broker’s duty is to execute orders."

[Although see Berndale Securities Limited v How Trading Pty Ltd [2010] VSC 216, holding that a broker who closes out a client's positions upon a default is in a similar position to a mortgagee in possession and is therefore under a duty to sell in good faith and must have regard to the client's interests in making the sale.]

In Kelly v Cooper [1993] AC 205, an estate agent acted for the plaintiffs and another seller of adjoining prime beachfront properties in Bermuda. A wealthy American agreed to buy the neighbouring property and then made an offer for the plaintiffs' property. The agent did not disclose the fact that the buyer had purchased the adjoining property. The plaintiffs sued for breach of fiduciary duty arguing that had they been informed that the buyer had purchased the neighbouring property, they would have held out for a better price. The claim was rejected by the Privy Council. Lord Browne-Wilkinson, delivering the judgment of the Council, said (at p214):

     

"It cannot be sensibly suggested that an estate agent is contractually bound to disclose to any one of his principals information which is confidential to another of his principals. The position as to confidentiality is even clearer in the case of stockbrokers who cannot be contractually bound to disclose to their private clients inside information disclosed to the brokers in confidence by a company for which they also act. Accordingly in such cases there must be an implied term of the contract with such an agent that he is entitled to act for other principals ... and to keep confidential the information obtained from each of his principals."

In Jones v Canavan, a client instructed his broker to buy 200 shares in T as soon as the market opened. The broker also held a sell order for 400 shares in T at $60 per share. The market opened at $60 and so the broker crossed 200 of the 400 in favour of the buying client. The share price of T fluctuated widely over the day and fell significantly afterwards. The client sought to resist paying for the shares on the basis of the common law rule that an agent cannot act for 2 competing principals without the informed consent of both principals. Judgment was given in favour of the broker. The evidence established a market custom of marrying buy and sell orders and that custom was sufficiently notorious and certain to be implied into the contract between the broker and client and to be enforceable. The court found that the custom was reasonable because of the way in which the price was fixed for "crossing" buy and sell orders under market rules and it did not result in a conflict of duty.

To address the type of conflicts that arose in Jones v Canavan, it is generally a good idea for brokers to include in their client agreements a provision along the following lines:

      "You acknowledge and agree that:
      (a)   we may enter into transactions (including market crossings) on your behalf where we are also acting for another client on the other side of the transaction;
      (b)   we may enter into transactions (including market crossings) with you as principal or on behalf of another person where, because of their connection with us, we are taken under the ASX Market Integrity Rules to be acting as principal;
      (c)   your orders may match opposite orders in a trading platform in respect of which we are acting for another client or acting, or taken under the ASX Market Integrity Rules to be acting, as principal, effectively resulting in a market crossing; and

     

(d)  

in all such cases, we are entitled to charge you (and where we are acting for another client on the other side of the transaction, that other client) our normal fees, commissions and expenses in connection with the transaction."

This clause also addresses the requirements of ASX MIR 3.2.2, 3.2.4 and 5.1.8(1)(b), which we looked at in lecture 4.

In Bonds & Securities Trading Pty Ltd v Glomex Mines NL [1971] 1 NSWLR 879, at pages 890-93, Street J, in notably colourful language, roundly criticised the practice of stockbrokers acting as underwriters (a role His Honour said was more befitting a merchant bank or financier) and trading on principal account because of the inherent conflicts involved. He said:

     

"I have thus far stated without comment the factual position disclosed by the evidence given in this suit, and made findings upon the rights of the parties arising out of that factual position. Lest it be thought that failure to comment should be taken to convey an acceptance by this Court of the disturbing business practices and low standards of commercial morality disclosed in this case, I feel bound to deprecate in express terms the manner in which the firm of John T. Martin & Co. conducted its affairs. That firm has now been suspended by the Stock Exchange of Melbourne Ltd. due apparently to having made financial default. Its deficiencies in observance of proper and honourable dealing as a broker might well have passed unnoticed had it not committed the cardinal sin of running out of money. It is not surprising to find Macleay's fraud and the misapplication of the plaintiff's money occurring in an office where questionable standards appear to have been the order of the day.

     

The occupation of sharebroking demands high standards of integrity. In carrying on his occupation a sharebroker acts, not for himself, but for his client. His remuneration is his brokerage, or commission. Clients, themselves, seek and act on his advice and permit him to handle their money and their shares. Those clients are entitled to expect from a broker not only competence, but also integrity and absence of conflicting personal interests. His position is one of trust and responsibility. By the recognition and pursuit of the high traditions of their occupation, brokers have aspired to the status of an honourable profession. The price they must pay for this status is that they forswear all compromise of their integrity, and that they repudiate the creation of personal interests which could bring them into conflict with their duty to their clients.

     

The courts have always looked askance upon situations in which a man occupying a position of trust engages in activities involving a potentiality of serving interests other than those which his position requires him to serve. It is, of course, far from the truth to suggest that, where a conflict arises between duty and self-interest, the latter will always, or even more frequently than not, prevail. But such a situation is fraught with the risk that human frailty will prove unequal to the resolution of the moral issues involved in the conflict. I quote again the words of Lord Cairns in Parker v. McKenna: "Now, the rule of this Court as I understand it, as to agents, is not a technical or arbitrary rule. It is a rule founded upon the highest and truest principles of morality. No man can in this Court, acting as an agent, be allowed to put himself into a position in which his interest and his duty will be in conflict."

     

In this case the firm of John T. Martin & Co. knowingly employed in senior positions in its Sydney office two out of four directors of a public company listed on the Sydney, Melbourne and Perth Stock Exchanges [Glomex Mines NL]: Pitts, the chairman of directors, and at the same time the underwriting, administration and personnel manager of the firm; and Handley, a director of the company, and at the same time an investment adviser of the firm. It is invidious that a broker should thus place himself or allow a senior employee to be thus placed in such a position of conflict. No doubt in many cases they can. But in point of moral commercial principle this is a compromise of the requisite highest standard.

     

Compounding this duality of interests is the disturbing fact that John T. Martin & Co. in December 1970 underwrote the public floatation of Glomex Mines NL … There is already some disquiet associated with a broker stepping outside his role and fulfilling underwriting functions such as are more becoming to a financier or merchant banker. The matter of concern in a broker acting as underwriter is the risk of loss to himself if the underwritten issue is not filled. The presence of this risk involves at least the prospect of tainting any advice he may tender to his clients in connection with the underwritten shares. … In the present case the multiplicity of interests affecting John T. Martin & Co., Pitts and Handley in this underwriting venture do not need elaboration. It must have been difficult indeed for a client of the firm to have obtained honest and disinterested advice in connection with this floatation.

     

There remains yet another aspect of concern in the circumstances disclosed in the present case. I had occasion in Hewson v. Sydney Stock Exchange Ltd. to draw attention to the vice inherent in members of the Stock Exchange trading in shares on their own account. Their duty is to act for their clients, not to enter the market themselves and trade in competition with them. The morally unhealthy practice of sharebrokers being also share traders is seen to have been blatantly carried on in the present facts. There is in evidence a resolution passed at a board meeting of Glomex Mines NL authorising Handley to take control of $100,000 "for investment through the Stock Exchange by way of trading in public securities and options", and, with an even more impudent repudiation of the moral fetters precluding share trading by brokers, authorising Handley or Martin to nominate two employees of John T. Martin & Co. for handling the investment, by way of trading, of a further sum of $100,000. Pursuant to this resolution some hundreds of trading transactions were effected on behalf of Glomex Mines NL through the office of John T. Martin & Co. in the five months following the passing of this resolution and ending with the suspension of the firm of brokers. It is disturbing that the firm should have countenanced and, indeed, aided, a senior employee in its office pursuing these relatively large scale and numerous transactions in the interests not of the clients of the firm but of the company of which Pitts and Handley were directors. Whichever way one seeks to rationalise or justify this course of conduct (for example, by postulating that the company was a client of the brokers), one is confronted with an unacceptable situation of conflict of interest.

     

The loss suffered by the unfortunate plaintiff in the present suit was due in part to John T. Martin & Co. having been acting in the dual capacity of broker for both buyer and seller. One wonders how the broker could get the best price for both buyer and seller so as to justify an entitlement to charge full commission to both … Although there is no suggestion that the plaintiff would not have been content to proceed with the transaction had it been forewarned of the dual role the firm was filling, where a broker does take upon himself this dual role then it is even more necessary for care to be exercised to avoid any possibility of prejudice to a client by reason of this dual capacity. The ambiguity of Handley's position in relation to the custody of the scrip is, at the least, distasteful."

The conflicts to which Street J referred often arise in the context of underwritten offers and placements, where the broker/underwriter has a clear conflict between their duty as underwriter to get the offer/placement away at the best (highest) price for the offeror/placee, their duty to broking clients to purchase shares at the best (lowest) price for them and their personal interest in ensuring there is no underwriting shortfall for which they may be liable. One such example involved Goldman Sachs JBWere and its role as a joint lead manager in the book build allocation of quoted securities of Just Group Limited. ASX publicly released a copy of a management letter it issued to Goldman Sachs JBWere in relation to the matter in January 2005, which contains some useful guidance on the proper conduct of book builds for offers and placements. A copy of the management letter can be viewed at: https://www.asxonline.com/intradoc-cgi/groups/participant_services/documents/communications/asx014784.pdf.

While Kelly v Cooper (supra) is helpful, I would not recommend that a financial services organisation leave these matters to implication but instead include an express contractual term in any advisory engagement expressly negativing a duty to disclose information obtained from other clients. I would suggest a clause along the following lines:

     

"It is possible that we have obligations not to disclose, or it would otherwise be inappropriate for us to disclose, information which may be relevant to our advisory role that we have obtained in other circumstances, for example while acting for another client. To avoid any conflict, you agree that we are excluded from any duty to disclose to you, or to provide advice based on, any such information."

This clause should be supplemented by the one suggested below dealing with Chinese walls.

Similarly, I would recommend that brokers include in their client agreements a provision along the following lines:

     

"It is possible that we have obligations not to disclose, or it would otherwise be inappropriate for us to disclose, information which may be relevant to a transaction on your account that we have obtained in other circumstances, for example while acting for another client. To avoid any conflict, you agree that we are excluded from any duty to disclose to you any such information or to have regard to any such information when effecting a transaction on your account."

Again, this clause should be supplemented by the one suggested below dealing with Chinese walls.

 

Remedies for Breach of Fiduciary Duty
A beach of fiduciary duty exposes the fiduciary to:
•     injunctive or declaratory orders in relation to the breach;
•     the imposition of a constructive trust or an order to account for profits made by the fiduciary;
•     equitable compensation for loss suffered by the principal;
•     rescission of contracts or transactions entered into in breach of duty;
•     termination of retainer; and
•     loss of rights to commission or other remuneration.

Return to Outline


Conflicts of Interest

CA s912A - Conflicts of Interest
A financial services licensee must: ...
(aa)   have in place adequate arrangements for the management of conflicts of interest that may arise wholly, or partially, in relation to activities undertaken by the licensee or a representative of the licensee in the provision of financial services as part of the financial services business of the licensee or the representative ...
See generally ASIC Regulatory Guide 181 Licensing: Managing conflicts of interest.

CA s912(1)(aa) was introduced by schedule 10 of the Corporate Law Economic Reform Program (Audit Reform and Corporate Disclosure) Act 2004 in response to the issues highlighted by the Spitzer enquiry into, and subsequent regulatory action against, US research analysts in 2001-3 (see below). The explanatory memorandum for the Bill that introduced that Act said (at 5.593-6):

    

"International experience with conflicts of interest - particularly that of the United States ... in 2002 with respect to analysts - led the Australian Government to consider its own regulatory framework for managing conflicts of interest.

    

In August 2003 ASIC completed its Research Report into Analyst Independence. The Report concluded that while ASIC did not identify any actual contraventions of the Corporations Act 2001, there was in its view, an unacceptable level of reliance, in some entities, on staff integrity to avoid and manage conflicts of interest. This, together with international experience, confirms a general unease in Australia about analyst independence and the management of conflicts of interest when providing financial services.

    

Under the current regulatory regime financial services licensees are required to ensure that financial services covered by their licence are provided 'efficiently, honestly, and fairly'. While industry has widely accepted that this would include managing conflicts of interest, the duty was not express in its application to conflicts of interest.

    

It was considered that any new provision should not be limited in application to analysts, but should also provide for financial services licensees more generally, as the potential for conflicts of interest to arise are not limited in application."

The explanatory memorandum for the Bill explained the reference to "wholly or partially" in s912(aa) thus (at 5.599 -5.600):

    

"There are three main types of conflicts of interest:

    

•    

conflicts within the financial services business (Category 1);

    

 

- examples are conflicts within one area of the financial services business, such as dealing on behalf of various clients, or across different areas of the business, such as between publishing research in a client newsletter and market making;

    

•    

conflicts between something within the financial services business and something outside the financial services business (Category 2);

 

 

- examples are where outside factors give rise to conflicts within the financial services business, such as a conflict of interest between the financial services licensee lending (as principal) to a particular enterprise and the financial services licensee underwriting a public offer for the same enterprise. Alternatively, a conflict may arise where the objectivity of research is compromised by the analyst's personal interests or relationships;

 

•    

conflicts outside the financial services business (Category 3);

 

 

- where a factor outside the financial services business gives rise to a conflict with another factor outside the same financial services business. Examples include where those conflicts might arise between two non-financial services businesses of a merchant bank (for example; corporate lending and dealing on the bank's own behalf). Such conflicts are unrelated to the financial services business.

 

The purpose of proposed paragraph 912A(1)(aa) is to specifically require licensees to have adequate arrangements for managing Category 1 and Category 2 conflicts of interest. Licensees will not be obliged under the Corporations Act to manage Category 3 conflicts of interest, which occur wholly outside their financial services business. They may have other obligations to manage such conflicts."

In ASIC v Citigroup Global Markets Australia Pty Limited (No. 4) [2007] FCA 963, it was alleged that Citigroup infringed s912A(1)(aa) by failing to have appropriate arrangements in place to deal with the conflict that arose when one of its proprietary traders purchased a significant number of Patrick shares at a time when its corporate advisory team was advising Toll in relation to a takeover bid for Patrick. The court found in favour of Citigroup, holding in effect that the alleged conflict was a category 3 conflict and therefore fell outside of s912A(1)(aa). Proprietary trading (dealing in shares on one's own account) is not a financial service (CA s766C(3)) and the type of advice being given by Citigroup's corporate advisory team was an exempt service under CR r7.1.29(3)(c).

 

What is a Conflict of Interest?
•     Per ASIC: "conflicts of interest are circumstances where some or all of the interests of people (clients) to whom a licensee (or its representative) provides financial services are inconsistent with, or diverge from, some or all of the interests of the licensee or its representatives. This includes actual, apparent and potential conflicts of interest." [ASIC Regulatory Guide 181.15]
•     Should also extend to conflicts between one's duty to two different principals (ie where some or all of the interests of one client to whom a licensee provides financial services are inconsistent with, or diverge from, some or all of the interests of another client to whom a licensee provides financial services)!

The concept of a conflict of interest comes to us from the law applicable to fiduciaries. This begs the question whether it is necessary for there to be a fiduciary relationship between the licensee and the client for a conflict to exist. In ASIC v Citigroup Global Markets Australia Pty Limited (No. 4), supra, counsel for ASIC made a critical and fatal concession (at para 26):

    

"ASIC does not concede that, as a matter of statutory construction, s912A(1)(aa) applies only where a licensee and its client are in a fiduciary relationship. However, Mr Walker SC, for ASIC, did concede that for the purposes of the present case, ASIC's contention that Citigroup contravened s912A(1)(aa) depends upon the success of ASIC's submission that the parties were in a fiduciary relationship."

The court found that this submission failed at the outset because the letter of engagement under which Toll retained Citigroup as its adviser specifically excluded the existence of a fiduciary relationship.

There was nothing in the explanatory memorandum for the Corporate Law Economic Reform Program (Audit Reform and Corporate Disclosure) Bill to suggest that the existence of a fiduciary duty is a pre-requisite to the application of s912A(1)(aa). Indeed, a number of the examples of conflicts cited in explanatory memorandum involve roles that would not generally be regarded as fiduciary (eg market making, proprietary trading, corporate lending and query also publication of equities research (as distinct from the giving of specific investment advice)). Further, even where a licensee is in a fiduciary relationship (eg as agent acting for a principal), the duties that are in conflict are often contractual or tortious duties rather than fiduciary duties (eg the duty of a broker acting for both a buyer and a seller to get the best price for each client).

It is submitted that the overwhelmingly better view is that the existence of a fiduciary relationship is not a sine qua non to the existence of a conflict or to the application of s912A(1)(aa). However, measures taken to minimise potential liability as a fiduciary for conflicts - such as obtaining a fully informed consent from the client after making appropriate disclosure of the conflict or contracting out of the existence of a fiduciary relationship - are examples of mechanisms that can be used to manage conflicts in accordance with that section.

 

How do You Manage a Conflict of Interest?
•     Managing a conflict does not mean eliminating it completely: see ASIC v Citigroup Global Markets Australia Pty Limited (No. 4) [2007] FCA 963.
•     Per ASIC: "The three mechanisms that licensees would generally use to manage conflicts of interest are:
  •  controlling conflicts of interest;
  •  avoiding conflicts of interest; and
  •  disclosing conflicts of interest." [ASIC Regulatory Guide 181.20]
•     Robust information barriers [ie Chinese walls] may help a licensee manage their conflicts of interest. They may allow a licensee to insulate one group of staff from the information or other circumstances that give rise to a particular conflict, so that the group is not affected by that conflict. To be effective, such barriers must actually prevent information being passed to the relevant group of staff. [ASIC Regulatory Guide 181.36]
•     Chinese walls must be institutionalised and not transitory: see Bolkiah v KPMG [1999] 2 AC 222.

In ASIC v Citigroup Global Markets Australia Pty Limited (No. 4), even though the court found that s912A(1)(aa) was not applicable, it went on to deal with whether Citigroup's arrangements for dealing with conflicts were adequate for the purposes of that section. The court said (at para 442-6):

    

"ASIC's case was that without Toll's explicit permission to engage in proprietary trading in Patrick shares, Citigroup had no arrangements, "still less adequate ones", for dealing with conflicts which may arise from the purchase of Patrick shares.

    

The essence of ASIC's case therefore was that "adequate management" required the elimination of unauthorised conflicts by obtaining express consent. I reject that submission because it seems to me to be inconsistent with the plain meaning of s912A(1)(aa).

    

First, the subsection uses the words "management of conflicts of interest". I do not see that "management" requires elimination of a possible conflict, although of course it would be open to a licensee to take that further step if it chooses to do so.

    

Second, the phrase "management of conflicts of interest" assumes that there will be potential conflicts which must be managed by adequate arrangements rather than totally eliminated.

    

Thus, in my view, whether particular arrangements are adequate is to be determined as a question of fact."

The court found that Citigroup's arrangements were adequate for the purposes of s912A(1)(aa) and, in particular, that they met the tests laid down by Lord Millett in Bolkiah (see below).

In Bolkiah v KPMG, the House of Lords had to consider whether, and if so in what circumstances, a firm of accountants which had provided litigation support services to a former client and in consequence had in its possession information which was confidential to him, could undertake work for another client with an adverse interest. Delivering the judgment of the House, Lord Millet said:

    

"Chinese Walls are widely used by financial institutions in the City of London and elsewhere. They are the favoured technique for managing the conflicts of interest which arise when financial business is carried on by a conglomerate. The Core Conduct of Business Rules published by the Financial Services Authority recognise the effectiveness of Chinese Walls as a means of restricting the movement of information between different departments of the same organisation. They contemplate the existence of established organisational arrangements which preclude the passing of information in the possession of one part of the business to other parts of the business. In their Consultation Paper on Fiduciary Duties and Regulatory Rules the Law Commission (1992) (Law. Com. No. 124) describe Chinese Walls as normally involving some combination of the following organisational arrangements:

     (i)    the physical separation of the various departments in order to insulate them from each other - this often extends to such matters of detail as dining arrangements;
     (ii)   an educational programme, normally recurring, to emphasis the importance of not improperly or inadvertently divulging confidential information;
     (iii)  strict and carefully defined procedures for dealing with a situation where it is felt that the wall should be crossed and the maintaining of proper records where this occurs;
     (iv)  monitoring by compliance officers of the effectiveness of the wall;

    

(v)  

disciplinary sanctions where there has been a breach of the wall.

    

KPMG insist that, like other large firms of accountants, they are accustomed to maintaining client confidentiality not just within the firm but also within a particular team. They stress that it is common for a large firm of accountants to provide a comprehensive range of professional services including audit, corporate finance advice, corporate tax advice and management consultancy to clients with competing commercial interests. Such firms are very experienced in the erection and operation of information barriers to protect the confidential information of each client, and staff are constantly instructed in the importance of respecting client confidentiality. This is, KPMG assert, part of the professional culture in which staff work and becomes second nature to them. Forensic projects are treated as exceptionally confidential and are usually given code names. In the present case KPMG engaged different people, different servers, and ensured that the work was done in a secure office in a different building. KPMG maintain that these arrangements satisfy the most stringent test, and that there is no risk that information obtained by KPMG in the course of Project Lucy has or will become available to anyone engaged on Project Gemma.

    

I am not persuaded that this is so. Even in the financial services industry, good practice requires there to be established institutional arrangements designed to prevent the flow of information between separate departments. Where effective arrangements are in place, they produce a modern equivalent of the circumstances which prevailed in Rakusen's case [1912] 1 Ch. 831. The Chinese Walls which feature in the present case, however, were established ad hoc and were erected within a single department. When the number of personnel involved is taken into account, together with the fact that the teams engaged on Project Lucy and Project Gemma each had a rotating membership, involving far more personnel than were working on the project at any one time, so that individuals may have joined from and returned to other projects, the difficulty of enforcing confidentiality or preventing the unwitting disclosure of information is very great. It is one thing, for example, to separate the insolvency, audit, taxation and forensic departments from one another and erect Chinese Walls between them. Such departments often work from different offices and there may be relatively little movement of personnel between them. But it is quite another to attempt to place an information barrier between members all of whom are drawn from the same department and have been accustomed to work with each other. I would expect this to be particularly difficult where the department concerned is engaged in the provision of litigation support services, and there is evidence to confirm this. Forensic accountancy is said to be an area in which new and unusual problems frequently arise and partners and managers are accustomed to share information and expertise. Furthermore, there is evidence that physical segregation is not necessarily adequate, especially where it is erected within a single department.

     In my opinion an effective Chinese Wall needs to be an established part of the organisational structure of the firm, not created ad hoc and dependent on the acceptance of evidence sworn for the purpose by members of staff engaged on the relevant work."

 

Consequences of Breaching s912A(1)(aa)
Exposes the licensee to:
•     suspension or cancellation of licence (s915C(1)(a));
•     imposition of additional licence conditions (s914A(1));
•     a banning order prohibiting a person from providing any financial services or specified financial services (s920A(1)(b));
•     criminal penalties - 5 penalty units for an individual and 25 penalty units for a body corporate (ss1311(5) and 1312);
•     injunctions (s1324);
•     potential common law liability if the contravening conduct involves a breach of fiduciary duty, duty of care or an express or implied term of the licensee's contract with the client;
•     possibly, common law liability for breach of statutory duty.

There have been some interesting high profile examples over the years of financial services organisations incurring significant liabilities for failing to properly manage or disclose conflicts of interest.

In 2001-3, there was the Spitzer action against research analysts, resulting in aggregate penalties of $1.5b being imposed on major Wall street investment firms (see below).

In August 2003, the US Securities and Exchange Commission charged Deutsche Asset Management, Inc. (DeAM), the investment advisory unit of Deutsche Bank AG, for failing to disclose a material conflict of interest in its voting of client proxies for the 2002 merger between Hewlett-Packard Company (HP) and Compaq Computer Corporation. The SEC found that, unbeknownst to DeAM's advisory clients, Deutsche Bank's investment banking division was working for HP on the merger and had intervened in DeAM's proxy voting process on behalf of HP. This created a material conflict of interest for DeAM, which had a fiduciary duty to act solely in the best interests of its advisory clients. It further found that DeAM violated this duty by voting the proxies on the HP stock owned by its advisory clients, without first disclosing the conflict. The SEC made an order censuring DeAM, directing it to cease and desist from further violations, and imposing a civil penalty of US$750,000. DeAM consented to the issuance of the order without admitting or denying its findings. For details, see: http://www.sec.gov/news/press/2003-100.htm.

In September 2004, NY Attorney General Eliot Spitzer announced a $450 million settlement with two prominent US mutual fund management companies, Invesco Funds Group and AIM Advisors, to resolve charges that the companies permitted illegal market timing trades (short-term investing in mutual fund shares and/or the exploitation of pricing inefficiencies in mutual fund share pricing) and late trades (obtaining a given day's mutual fund share price for orders to buy, sell or exchange shares that were placed after the close of the market on that day) in shares in their funds.

In October 2004, NY Attorney General Eliot Spitzer announced that he was suing the leading US insurance brokerage firm, Marsh & McLennan, alleging that it steered unsuspecting clients to insurers with whom it had lucrative payoff agreements and that the firm solicited rigged bids for insurance contracts (see the Marsh Litigation Press Release and Marsh Complaint). The accompanying civil complaint alleged that for years Marsh received special payments from insurance companies that were above and beyond normal sales commissions. These payments, known as "contingent commissions", were characterized as compensation for "market services" but were, in fact, rewards for the business that Marsh and its independent brokers steered and allocated to the insurance companies. The complaint also alleged that Marsh occasionally solicited fake bids to deceive its customers into thinking that true competition had taken place for their insurance business. The complaint culminated in a settlement agreement under which Marsh & McLennan agreed to pay US$850 million in restitution to its policyholders, to adopt a new business model designed to avoid conflicts of interest and to issue a public statement apologising for "unlawful" and "shameful" conduct.

In July 2010, the SEC announced that Goldman Sachs had agreed to pay $550 million - at that point, the largest ever penalty assessed by the SEC against an individual financial services firm - and to reform its business practices to settle SEC charges that it had misled investors in relation to a synthetic collateralized debt obligation (CDO) involving sub-prime residential mortgage-backed securities. The CDO had been marketed and sold to wholesale investors just as the US housing market was starting to collapse in the lead up to the GFC. The SEC charged that Goldman Sachs had misrepresented in the marketing materials that the underlying investment portfolio had been "selected" by a particular firm when in fact the hedge fund Paulson & Co. Inc. had played a significant role in the portfolio selection process and it was conflicted in doing so because it had taken a short position against the CDO. These latter facts were not disclosed in the marketing materials (see http://www.sec.gov/news/press/2010/2010-123.htm).

In a similar action in June 2011, the SEC announced that JP Morgan had agreed to pay $153.6 million and reimburse harmed investors in full to settle SEC charges that it misled investors in a complex mortgage securities transaction just as the housing market was starting to plummet. The SEC alleged that JP Morgan structured and marketed a synthetic CDO without informing investors that a hedge fund helped select the assets in the CDO portfolio and had a short position in more than half of those assets. As a result, the hedge fund was poised to benefit if the CDO assets it was selecting for the portfolio defaulted (see http://www.sec.gov/news/press/2011/2011-131.htm).

In 2015, the US SEC extracted a settlement of $267m from two JP Morgan wealth management subsidiaries, and the US CFTC a settlement of $40m from JPMorgan Chase Bank, to settle charges that they failed to disclose conflicts of interest to their wealth management clients. The conflicts included preferring to invest client moneys in JP Morgan-managed mutual funds and hedge funds, or in certain third-party-managed hedge funds that shared management or performance fees (called retrocessions) with JP Morgan, without disclosing the obvious conflicts involved. They were also investing some client moneys in a more expensive share class of proprietary mutual funds that earned higher fees for JP Morgan. In announcing the settlement, the SEC commented that: "[f]irms have an obligation to communicate all conflicts so a client can fairly judge the investment advice they are receiving" and that "[c]lients are entitled to know whether their adviser has competing interests that might cause it to render self-interested investment advice" (see https://www.sec.gov/news/pressrelease/2015-283.html).

ASIC Regulatory Guide 79 - Research Analyst Conflicts

Research report providers should take reasonable steps to ensure that conflicts of interest:

•    

do not compromise the integrity of the advice they give in their research reports;

•    

do not result in the licensee breaching its duty to act efficiently, honestly and fairly; and

•     are adequately disclosed. [RG79.118]

Click here for a copy of ASIC Regulatory Guide 79 Research report providers: Improving the quality of investment research.

This topic skyrocketed into international prominence in 2001-2 during a year long enquiry by Eliot Spitzer, the New York Attorney General, into conflicts between the investment banking and research divisions at Merrill Lynch. The enquiry found that analysts at Merrill Lynch helped recruit new investment banking clients and skewed stock ratings, giving favourable coverage to preferred clients. This was graphically revealed by internal e-mail communications obtained during the investigation, which showed analysts privately disparaging companies while publicly recommending their stocks. For example, one analyst made highly derogatory remarks about the management of an internet company and called the company's stock "a piece of junk", yet gave the company, a major investment banking client, the firm's highest stock rating.

During the latter stages of the enquiry, Spitzer applied for and was granted a court order under section 354 of the NY General Business Law requiring Merrill Lynch to make disclosures to investors about its relationship with investment banking clients and provide more context for its stock ratings (for those interested, the affidavit in support of the application makes fascinating reading!). Thereafter an agreement was entered into with Merrill Lynch settling the allegations against it. Under the settlement, Merrill Lynch agreed to:
•    sever the link between analysts' compensation and their involvement in winning investment banking business;
•    prohibit investment banking input into analysts’ compensation;
•    create a new investment review committee responsible for approving all research recommendations with strict standards and independence from investment banking and the analysts themselves;
•    establish a monitor to ensure compliance with the agreement;
•    upon discontinuation of research coverage of a company, issue a report disclosing the termination of coverage and the rationale for such termination and  notify investors that the last rating should no longer be relied upon;
•    disclose in Merrill Lynch’s research reports whether it had received or was entitled to receive any compensation from a covered company over the past 12 months;
•    pay a US$100 million penalty; and

•   

issue a statement of contrition for failing to address conflicts of interest.

You can view a summary of the settlement agreement in the Merrill Settlement Press Release.

This led to a broader investigation into conflicts of interest between the investment banking and research divisions of major US broker-dealers under the joint auspices of the SEC, NYSE, NASD and various State attorney generals. The investigation was the subject of a settlement agreed by 10 of the firms being investigated and announced in April 2003. You can view a copy of the settlement announcement at: http://www.sec.gov/news/press/2003-54.htm. The settlement required:
•    the firms to physically separate their research and investment banking departments to prevent the flow of information between the two groups;
•    the firms' senior management to determine the research department's budget without input from investment banking and without regard to specific revenues derived from investment banking;
•    research analysts' compensation not to be based, directly or indirectly, on investment banking revenues or input from investment banking personnel, and investment bankers to have no role in evaluating analysts' job performance;
•    research management to make all company-specific decisions to terminate coverage, and investment bankers to have no role in company-specific coverage decisions;
•    research analysts to be prohibited from participating in efforts to solicit investment banking business, including pitches and roadshows, and during the offering period for an investment banking transaction, research analysts not to participate in roadshows or other efforts to market the transaction; and
•   

the firms to create and enforce firewalls restricting interaction between investment banking and research except in specifically designated circumstances.

Under the settlement, the 10 firms agreed to pay a total of $875 million in penalties and disgorgement (this included Merrill Lynch's previous payment of $100 million in connection with its prior settlement). Half of the $775 million paid by the firms other than Merrill Lynch was paid in resolution of actions brought by the SEC, NYSE and NASD, and was put into a fund to benefit customers of the firms. The remainder of the funds was paid to the States. In addition, the firms made payments totalling $432.5 million to fund independent research and $80 million to fund and promote investor education. The individual penalties included some of the highest ever imposed in civil enforcement actions under US securities laws and were made up as follows:

NAME OF FIRM PENALTY
(US$ millions)
DISGORGEMENT
(US$ millions)
INDEPENDENT RESEARCH
(US$ millions)
INVESTOR EDUCATION
(US$ millions)
TOTAL
(US$ millions)
Bear Stearns 25 25 25 5 80
Credit Suisse First Boston 75 75 50 0 200
Goldman Sachs 25 25 50 10 110
J.P. Morgan Chase 25 25 25 5 80
Lehman Brothers 25 25 25 5 80
Merrill Lynch** 100* 0

75

25 200
Morgan Stanley 25 25 75 0 125
Piper Jaffray 12.5 12.5 7.5 0 32.5
Salomon Smith Barney 150 150 75 25 400
UBS Warburg 25 25 25 5 80
TOTAL: 487.5 387.5 432.5 80 1,387.5

**  Payment made in prior settlement of research analyst conflicts.

Deutsche Bank Securities was initially part of this settlement, agreeing to pay a total of $80 million, but subsequently withdrew. A year later, it finally agreed to a settlement of $87.5 million ($25 million in disgorgement, $25 million as a penalty for various conflicts of interest, $25 million to fund independent research, $5 million to fund and promote investor education, and the extra $7.5 million for failing to promptly produce all e-mails and thereby delaying the SEC's investigation by over a year). At the same time, Thomas Weisel Partners also agreed to a settlement of $12.5 million ($5 million in disgorgement, $5 million as a penalty for various conflicts of interest, and $2.5 million to fund independent research). See http://www.sec.gov/news/press/2004-120.htm. Hence the total penalties extracted as a result of the investigation were close to $1.5 billion.

[As a follow-on matter, in August 2010, FINRA censured and fined Morgan Stanley a further $800,000 for failing to make the public disclosures required by FINRA's rules governing research analyst conflicts of interest and for failing to comply with a key provision of the 2003 research analyst settlement by failing to disclose the availability of independent research in customer account statements (see http://www.finra.org/Newsroom/NewsReleases/2010/P121785). The particular matters not properly disclosed included analysts' personal holdings of shares in companies they were covering and the firm's investment banking, lead manager/underwriter and market maker relationships with those companies.]

The SIA/SDIA Best Practice Guidelines for Research Integrity (see below) were developed by the Securities Institute and the Securities & Derivatives Industry Association and published in November 2001 "to assist analysts and their firms in managing potential conflicts of interest which may influence research reports and investment recommendations", although I suspect their acceptance here by the broking industry had as much to do with trying to pre-empt ASIC from conducting a Spitzer-like enquiry in Australia as it had with adopting global best practice. In this regard, the Australian market has had its own examples of inadequate separation between investment bankers and research analysts – see, for example, R v Hannes [2000] NSWCCA 503, at paragraphs 300 - 304.

In a similar vein, the ASX released for comment in October 2002 (revised February 2003) a draft Guidance Note on recommended practices relating to independence of research, disclosure of conflicts of interest and dealing before release of research recommendations. That draft was subsequently withdrawn following the publication by ASIC in October 2003 of a policy proposal paper on the topic.

ASIC did conduct a review of the standards of conduct and supervision of research analysts in Australia in 2003, limited to a sample selection of entities over a short period of time. The review concluded that Australia was unlikely to have experienced the extent and seriousness of misconduct that occurred in the US, although it did identify a number of compliance issues that required further improvement, particularly relating to the independence of research analysts and the processes for managing conflicts of interest when they are identified. In addition, it found that the industry guidelines developed by the SDIA and SIA had "not been adopted as closely as intended and that there is still significant room for conflicts of interest to occur and to remain unmanaged". See ASIC Report 24 – Research analyst independence (August 2003).

ASIC subsequently issued a draft policy proposal paper entitled Licensing: Managing conflicts of interest in October 2003, and followed that up in August 2004 with the release of ASIC Regulatory Guide 181 - Licensing: Managing conflicts of interest, providing guidance on the conflicts management obligation in CA s912A(1)(aa). This was supplemented in November 2004 by ASIC Regulatory Guide 79 - Research report providers: Improving the quality of investment research, discussed below, which was further updated in December 2012.

 

ASIC RG 79 - Measures to Control and Avoid Conflicts of Interest
Research report providers should address the following issues when developing and implementing their arrangements for controlling and avoiding conflicts of interest:
•     conflicts management arrangements should be documented;
•     there should be a person or separate unit responsible for monitoring compliance with the research report provider’s conflicts management arrangements;
•     research report providers should have a policy on how and when non-research services are provided to an issuer for whom the research report provider also produces research;
•     research staff should be physically separate from, and not supervised by, any staff who are performing an investment banking, corporate advisory, consulting or dealing function or are involved in product design or development;
•     decisions about the remuneration of research staff should be made by staff not directly connected with another business unit;
•     to maintain the quality and integrity of reports, research reports should be reviewed and approved by an experienced supervisor (or by a group of peers) before they are distributed to clients;
•     research report providers should have a detailed policy on communications within and outside the licensee, including ensuring that research reports are not communicated outside the research report provider before they are broadly distributed;
•     research report providers should have a policy on trading restrictions;
•     where research is commissioned, who commissioned and paid for the research should be clearly and prominently disclosed, preferably on the front or covering page of the report;
•     research reports should be based on 'reasonable grounds', with each research report reflecting the views of the research staff who wrote or approved it; and
•     offers or threats of favourable or unfavourable research must not be used to solicit benefits or other business, and research must not be used to unfairly or artificially increase trading volumes [see RG79 tables 3 and 4].

Para 139 of RG 79 states that research report providers should generally maintain a separate organisational unit (eg part of their compliance area) that is responsible for ensuring that conflicts management arrangements are implemented, monitored, reviewed and updated. This unit should be separate from the business units where the potential conflicts are likely to arise.

Illustrating the point, in September 2005, ASIC imposed a special licence condition on stockbroking firm BBY Ltd requiring it to review conflicts management following the publication of positive research on a client to whom it was giving corporate advice at the time. ASIC found that BBY did not follow its own procedures for the approval of research reports, nor was it able to demonstrate that it had monitored compliance with those procedures. Further, BBY did not maintain a robust Chinese wall arrangement, nor was it able to demonstrate that it had monitored the effectiveness of its Chinese walls. See ASIC Media Release 05-288.

In November 2014, FINRA fined Citigroup Global Markets $15 million for failing to adequately supervise communications between its equity research analysts and its clients and Citigroup sales and trading staff, and for permitting one of its analysts to participate indirectly in two road shows promoting IPOs to investors. FINRA found that from January 2005 to February 2014, Citigroup failed to meet its supervisory obligations regarding the potential selective dissemination of non-public research to clients and sales and trading staff. During this period, Citigroup issued approximately 100 internal warnings concerning communications by equity research analysts. However, when Citigroup detected violations involving selective dissemination and client communications, there were lengthy delays before the firm disciplined the research analysts and the disciplinary measures lacked the severity necessary to deter repeat violations of Citigroup policies. One example of Citigroup's failure to supervise certain communications by its equity research analysts involved "idea dinners" hosted by Citigroup equity research analysts that were also attended by some of Citigroup's institutional clients and sales and trading personnel. At these dinners, Citigroup research analysts discussed stock picks, which, in some instances, were inconsistent with the analysts' published research. Despite the risk of improper communications at these events, Citigroup did not adequately monitor analyst communications or provide analysts with adequate guidance concerning the boundaries of permissible communications. In another example, FINRA found that an analyst employed by a Citigroup affiliate in Taiwan selectively disseminated research information concerning Apple Inc. to certain clients, which was then selectively disseminated to additional clients by a Citigroup equity sales employee. See FINRA News Release dated 24 November 2014.

In February 2016, the SEC fined a Deutsche Bank Securities analyst US$100,000 and suspended him from the securities industry for a year for

Paragraphs 130-133 of RG 79 state that research report providers who provide non-research services to a product issuer (eg as adviser or underwriter to a public offering) have a potential conflict of interest and need to consider appropriate measures to manage those conflicts, including: (a) ensuring that research on the product issuer is not published while non-research services are being provided and for a short period afterwards (ie a 'quiet period'); and/or (b) fully disclosing in relevant research reports the nature of any non-research services provided to a product issuer (see below).

One of the issues not addressed in RG 79 is the issue of selective distribution of research. Occasionally, you will come across a situation where a research analyst wants to distribute copies of research to certain favoured clients (usually large wholesale clients) in advance of it being distributed more widely. This is usually done to curry favour with those clients and to give them an opportunity to trade on the research ahead of other clients. This conduct raises particular issues as to whether it is consistent with the licensee's duty to act "efficiently, honestly and fairly" (CA s912A(1)(a)). If the research does happen to have price-sensitive information that is not generally available, selective distribution of the research can also breach the tipping prohibition in CA s1043A(2).

ASIC RG 79 - Disclosing Conflicts of Interest
Research report providers should disclose conflicts of interests to all clients, including generally disclosing:
•     any material interests they have in financial products that are the subject of the report;
•     any benefits they are likely to receive from the report;
•     their relationship (if any) to the product issuer, including any other services they provide to the product issuer;
•     any help they were given by the product issuer;
•     the date the research report was written and who took responsibility for it; and
•     the reasons behind the opinions and recommendations in the research report. [RG79.158]

On disclosure of personal interests, RG 79.161 recommends that research report providers should disclose in or with each research report whether they (or any associated persons) have, or are likely in the future to have, a material interest in financial products that are the subject of the report. ASIC says that disclosure will generally need to cover both the existence and extent of the interest. For example, the disclosures should cover: (a) beneficial interests in and derivatives relating to the financial product; (b) likely allocations as part of a public offering; and (c) significant interests that the research report provider (or its staff) may have in the product issuer.

RG 79.162 states that it is important that conflicts of interest disclosures are specific and clear. ASIC says that it would be inadequate simply to make a generic statement that the research report provider may from time to time have interests in those financial products that are the subject of research. It would also be inappropriate for these disclosures to be hidden in small print or otherwise obscured.

RG 79.164 suggests that if the research report provider or an associated person provides (or has in the previous 12 months provided) underwriting, sub-underwriting, market-making, broker/sponsor, directorship, expert opinion, investment banking, corporate advisory or dealing services to the product issuer, that should be disclosed in the research report.

SIA/SDIA Best Practice Guidelines for Research Integrity
•     Firms offering research and other corporate or trading services should have in place well-defined Chinese walls and appropriate compliance procedures to prevent the dissemination of information which may compromise the integrity of research or investment recommendations.
•     Firms should have policies and procedures in place to avoid potential conflicts of interest where analysts trade in the companies they cover:
  •     analysts should not trade a security while they are preparing research on it or for a reasonable period after issuing research on it;
  •     analysts should not be allowed to trade in a manner inconsistent with their recommendations.
•     Where an analyst’s firm offers both research and other corporate or trading services, it should provide separate and distinct reporting structures to ensure that the integrity of research and investment recommendations is not compromised.
•     Analysts should report directly to the Head of Research and should not submit research reports or investment recommendations to the firm’s other corporate or trading units for approval.
•     Draft research reports may be distributed to companies which are the subject of the research, only for the purpose of verifying facts and only if the investment recommendation has been removed.

Click here for a copy of the SIA/SDIA Best Practice Guidelines for Research Integrity.

Examples of Potential "Conflicts" for Class Discussion
•     XZY's corporate advisory area receives a defence mandate from ABC, which is under-performing the market and expecting one of its competitors to launch a cash takeover bid for it at a premium to its existing share price of $2.50. XYZ's research area is about to publish research on ABC saying they expect it to continue significantly under-performing the market for some time and putting an indicative valuation on its shares of $2.
•     XZY's research area has a 'buy' recommendation on DEF and, based on that research, XYZ's stockbroking arm is recommending to its clients that they buy DEF shares. XYZ's underwriting area is approached by DEF management to underwrite a large issue of shares at a significant discount to market because it is in serious financial difficulty.
•     Did Citigroup's trading in Patricks shares on principal account give rise to a conflict vis-a-vis its role advising Toll on a takeover of Patricks?

The first example is loosely based on the facts in R v Hannes [2000] NSWCCA 503.

A not-dissimilar example occurred in 2015, when two UBS equities analysts released a research report on the sale of NSW's electricity transmission and distribution assets with the headline "Bad for the Budget - Good for the State". UBS was advising the government on the sale. The report's conclusions were highly embarrassing to the NSW Liberal government and to UBS. The premier's office called UBS to express its disappointment. Just moments after the report was sent, a "recall" message was sent out to the distribution list advising the release was a mistake. Within hours of the report being distributed, UBS sent out an addendum incorporating an altered version of the report that stripped some of the negative findings and included the government's own, more upbeat findings about the consequences of privatisation. The report noted the addendum had been sent out after "clients" pointed out deficiencies in the original report. The recall and addendum caused a political embarrassment for the NSW premier in the middle of the March 2015 election campaign and led to allegations of political tampering with the research report. The NSW premier, the UBS analysts and the UBS Australian CEO had to front a parliamentary inquiry to answer questions on the issue in May 2015.

ASIC was concerned that UBS Securities' control framework for its research function was not adequate for an investment bank of UBS's size and complexity and undertook an investigation. Ultimately, ASIC decided not to take further action, noting that UBS had acknowledged its concerns and, in response, had undertaken the following remedial steps to improve its control framework for its research function:

•  

the appointment of additional supervisory roles in UBS Securities' Research department including a dedicated Head of Research, a Deputy Head of Research and a Research Product Manager, all of whom are physically segregated from other UBS divisions;

•  

the appointment of an additional Supervisory Analyst resource  for Australia and the appointment of an additional compliance resource to increase UBS Securities' compliance coverage of research;

•  

the establishment of a Research Executive Committee comprising Head of Research, Deputy Head of Research, Research Product Manager and Research Business Manager with responsibility for overseeing the production process for investment research and the research pipeline;

•  

ensuring that all relevant UBS group staff undertake training focused on information barriers as part of the broader UBS compliance training programme;

•  

the publication of guidance to and additional training of research analysts on identifying and handling sensitive information received from issuers;

•  

a requirement that all research analysts certify when submitting draft research for approval by UBS Securities' Investment Review Committee (IRC) whether they are in possession of any information that could be considered material and not public;

•  

the implementation of procedures for logging and reporting by research analysts of issuer initiated interactions and monitoring of compliance with these procedures;

•  

the implementation of policies prohibiting email and chat communications between the Research department and persons external to the Research department that contain research analyst opinions, analysis, views and colour that differ from published research, and increased monitoring of Research department electronic communications; and

•  

the provision of training to IRC members on the risks of selective disclosure of sensitive information by issuers informing material changes to research price targets, ratings and views.

Additionally, UBS Securities appointed an independent expert to review the implementation of the remedial measures outlined above and to certify to ASIC on a quarterly basis for the first 12 months and then on a six monthly basis for the following 2 years that the measures had been implemented and maintained. See ASIC Media Release 15/405MR.

The second example is on all fours with the facts in Slade v Shearson Hammill & Co, which we looked at in lecture 3.

In ASIC v Citigroup Global Markets Australia Pty Limited (No. 4), the court went to great lengths to expound its finding that none of the 5 conflicts alleged by ASIC was in fact a meaningful conflict (see paragraphs 369-420). In my view, the court took an unnecessarily narrow and legalistic view of what constitutes a conflict. Most market participants would, I think, regard Citigroup's proprietary trading in that case as being in clear conflict with the interests of Toll. The fact that Citigroup itself took steps to stop the trading when it became known is ample evidence of that. I think this aspect of the decision has to be seriously questioned. It would have been much better, in my view, if the court had left the analysis of what constitutes a conflict to another day and rested its decision on the fact that the conflicts in question were "category 3" conflicts outside the reach of s912A(1)(aa) and/or that Citigroup had appropriate arrangements for managing those conflicts for the purposes of s912A(1)(aa).

My strong recommendation to financial services organisations would be not to rely on a court taking as sanguine a view of conflicts in future cases and to bolster their positions contractually by including in corporate advisory mandates a provision along the following lines:

    

"The XYZ group carries on a range of businesses, including providing stockbroking, futures broking, market making, banking, corporate advisory, investment advisory, investment management and custodial services to clients, as well as sales and trading activities on their own account. It is possible that the various members of the XYZ group which provide these services or engage in these activities may:

    

(a)  

hold long or short positions in securities of companies involved in the transaction;

    

(b)  

effect transactions in those securities for their own account or for the account of their clients; and/or

    

(c)  

be advising on, or otherwise involved in, a transaction that could materially affect the price or value of those securities.

    

The XYZ group maintains "Chinese walls" to manage the potential conflicts of interest that might arise from its various activities and to safeguard confidential information. It is critical to us and to all of our clients that these Chinese walls are effective. Accordingly, you agree that:

    

(a)  

we will provide advisory services to you in relation to the transaction solely on the basis of the information that is known to, and able to be disclosed by, the particular personnel involved in the transaction;

    

(b)  

we are not obliged to disclose to you any information that is not known to, or not able to be disclosed by, the personnel involved in the transaction because of the maintenance of these Chinese walls or to have regard to any such information when advising you in relation to the transaction; and

    

(c)  

in certain extraordinary circumstances, the personnel involved in the transaction may have to withdraw from their involvement and they may be unable to disclose the reason for this."

This clause should be supplemented by the one suggested above dealing with confidentiality obligations.

Similarly, I would recommend that brokers include in their client agreements a provision along the following lines:

    

"The XYZ group carries on a range of businesses, including providing stockbroking, futures broking, market making, banking, corporate advisory, investment advisory, investment management and custodial services to clients, as well as sales and trading activities on their own account. It is possible that the various members of the XYZ group which provide these services or engage in these activities may:

    

(a)  

hold long or short positions in financial products that you hold or are interested in;

    

(b)  

effect transactions in those financial products for their own account or for the account of their clients; and/or

    

(c)  

be advising on, or otherwise involved in, a transaction that could materially affect the price or value of those financial products.

    

The XYZ group maintains "Chinese walls" to manage the potential conflicts of interest that might arise from its various activities and to safeguard confidential information. It is critical to us and to all of our clients that these Chinese walls are effective. Accordingly, you agree that:

    

(a)  

we will provide services to you from time to time under these [Terms of Business] solely on the basis of the information that is known to, and able to be disclosed by, the particular personnel involved in any transaction on your account;

    

(b)  

we are not obliged to disclose to you any information that is not known to, or not able to be disclosed by, the personnel involved in any transaction on your account because of the maintenance of these Chinese walls or to have regard to any such information when effecting a transaction on your account; and

    

(c)  

in certain extraordinary circumstances, the personnel who normally handle your affairs may be precluded from acting on your behalf, either generally or in relation to particular financial products, and they may be unable to disclose the reason for this."

Again, this clause should be supplemented by the one suggested above dealing with confidentiality obligations.

Return to Outline


Confidentiality

Contractual Duties of Confidentiality
Contractual duties of confidentiality can arise:
•     expressly (eg through the execution of a confidentiality deed or a confidentiality clause in an engagement letter); or
•     impliedly (as they do in the case of banker-client relationships and other client relationships: see eg Parry-Jones v Law Society [1969] 1 Ch 1, 7 per Denning MR).

Per Lord Denning MR, at p7:

      "We all know that, as between solicitor and client, there are two privileges. The first is the privilege relating to legal proceedings, commonly called legal professional privilege. A solicitor must not produce or disclose in any legal proceedings any of the communications between himself and his client without the client’s consent. The second privilege arises out of the confidence subsisting between solicitor and client similar to the confidence which applies between doctor and patient, banker and customer, accountant and client, and the like. The law implies a term into the contract whereby a professional man is to keep his client’s affairs secret and not to disclose them to anyone without just cause …"

 

Equitable Duties of Confidentiality
A person who receives information of a confidential nature in circumstances of confidence cannot make unauthorised use of that information. Equity will restrain a threatened abuse and otherwise will hold the confidee accountable for any profits acquired by such improper use. It may also award equitable compensation for any loss suffered by the confider. The duty of confidentiality may arise in equity independent of any contractual relationship between the parties, for example, through a special relationship between the parties or because of the circumstances surrounding the receipt of the information (see eg Schering Chemicals Ltd v Falkman Ltd [1982] 1 QB 1).
See also Mannesmann AG v Goldman Sachs International (1999) Unreported HC 04861.

In Schering Chemicals v Falkman Ltd, the plaintiff manufactured a pregnancy testing drug called Primodos which was alleged to cause birth defects. They hired a training company to train their staff to answer adverse criticism. One of the instructors employed by the company collaborated with Thames Television in producing a documentary on the drug, having first sought and been denied consent by the plaintiff to do so. The plaintiff brought an action to restrain the broadcasting of the programme and an injunction was granted at first instance. There were 2 court actions by children who had suffered birth defects allegedly through the use by their mothers of the drug pending at the time. The Court of Appeal (Lord Denning dissenting) upheld the injunction. It reaffirmed that the communication, in a commercial context, of information which at the time was regarded by the giver and recipient as confidential imposed on the recipient, where the information had a material connection with the commercial interests of the party confiding the information, a fiduciary obligation to maintain the confidence placed in him, whether or not the information was available from other sources. Although there was no direct contractual relation between them, the trainer placed himself under a duty of confidence to the plaintiff by accepting paid employment for the course and receiving in confidence information detrimental to the interests of the company. As Thames knew, before the film was made, of the circumstances in which the trainer acquired the information, they could not take advantage of his breach of duty. Lord Denning agreed that the information was obtained in confidence but held that the court, in the exercise of its discretion, should not have granted the injunction because of the strong public interest in exposing the drug.

In Mannesmann AG v Goldman Sachs International, Mannesmann, a former client of Goldman Sachs, applied for an interim injunction without notice to restrain Goldman Sachs from acting for Vodaphone in its takeover bid for Mannesmann, alleging that Goldman Sachs had given an undertaking that it would not act against Mannesmann in a hostile takeover and that it had acquired confidential information about Mannesmann from its prior roles. An interim order was made. Mannesmann then applied to extend the injunction on notice. The allegation about the undertaking was withdrawn, it being accepted that Goldman Sachs had in fact given no such undertaking. The judge refused the application and discharged the interim order, holding that Mannesmann had failed to identify any confidential information acquired by Goldman Sachs that required protection and that, in any event, the information put before the court was now in the public domain as Mannesmann had not used confidential exhibits to its affidavits and had failed to request that the court sit in private. The judge also said that the placing of false information before the court to secure the original order was to be deplored.

While the client in Mannesmann ultimately lost their case, the case does illustrate the dangers for corporate advisory firms in "playing both sides of the field" and how they can expose themselves to actions for breach of confidentiality and conflicts.

Bankers Duty of Confidentiality
•     Tournier v National Provincial and Union Bank of England [1924] 1 KB 461:
  "It is an implied term of the contract between a banker and his customer that the banker will not divulge to a third person without the consent of the customer, express or implied, either the state of the customer’s account, or any of his transactions with the bank, or any information relating to the customer acquired through the keeping of his account unless the banker is compelled to do so by law, or the circumstances give rise to a public duty of disclosure, or the protection of the banker’s own interests require it."
•     The duty probably also extends to merchant banks: Winterton Constructions Pty Ltd v Hambros Australia Ltd [1993] ATPR 41-205, at p40,888
•     For a rare example of public interest disclosure, see: Libyan Arab Foreign Bank v Bankers Trust Co [1989] QB 728
•     Credit references should therefore only be given where the customer has expressly or impliedly consented: Brown & Co v Bank of NSW [1971] WAR 201

In Tournier's case, T was a customer of the National Provincial and Union Bank. He had run up an overdraft of 9l.8s.6d. and, when pressed for payment, had agreed to pay off the overdraft at 1l per week. He made only 3 payments. Shortly thereafter he obtained 3 months’ employment as a travelling salesman. The bank received for clearance a cheque for £45 in his favour from another customer of the same branch, which he had not deposited but instead had endorsed over to a bookmaker. The bank manager took umbrage at that and telephoned his employer trying to track down his current address. In the course of the conversation, the bank manager mentioned that T was indebted to the bank but had not been responding to its letters. He also mentioned that T must be getting money from somewhere and referred to the cheque in favour of the bookmaker. The employer decided not to renew T’s contract of employment after the 3 months had expired. T alleged it was because the bank manager had created the impression with his employer that he was a gambler and did not honour his debts. He sued the bank for slander and for breach of confidence. It was held that the bank had breach its implied duty of confidentiality and was liable to T in damages.

In Winterton Constructions Pty Ltd v Hambros Australia Ltd, a builder brought a TPA s52 action against Hambros, when it withdrew finance for a construction project with the effect that the developer was no longer able to pay the builder. The builder tried to argue that as someone who stood to benefit from the completion of the building, Hambros had a duty to the builder to inform the builder if it intended to stop credit. The claim was rejected. In the course of his decision, Hill J stated (at p40,888):

     

"… Hambros is not a banker in the ordinary sense of the word. Hambros is what is commonly referred to as a merchant bank. However, there is much to be said for the view that a merchant bank has likewise a contractual duty of confidence to its clients, that duty being an implied term in the relationship between them. …[And then later] Even in the case of a financier not being a bank, a borrower is entitled to expect (even if it not an implied term of the contractual arrangement) that his financier will keep confidential matters concerning the borrower’s financial affairs."

In Libyan Arab Foreign Bank v Bankers Trust Co, shortly before the US President signed a decree in 1986 freezing all Libyan assets held with US institutions, a senior executive of Bankers Trust rang the Federal Reserve Board and told them that "the Libyans" were taking their money out of the various accounts they had with BT. The Libyan Bank sued alleging a breach of confidentiality. The court was prepared to reach a tentative conclusion that the disclosure was justified by a higher public duty and that, in any event, the breach of confidence had not resulted in any loss to the customer as it had no effect on the timing of the Presidential decree.

In Brown & Co v Bank of NSW, the plaintiff sued, amongst others, a bank which had given a favourable credit reference about one of its customer companies to the plaintiff's bank. The plaintiff had agreed to sell wool to the company on deferred payment and suffered loss when the company went into receivership within a few weeks of the reference having been issued. The reference had been stamped: "This opinion is confidential and for your private use and without responsibility on the part of this bank or its officers". That disclaimer was held to be sufficient to defeat any claim in negligence. However, in this case, the reference had been given with knowledge of its falsity or with reckless disregard of the truth and so a claim for fraudulent misrepresentation was upheld. Virtue SPJ had this to say (at p213):

     

"There is, of course, a conflict of duties which can arise in cases of this kind. On the one hand, there is the duty of a banker to maintain secrecy regarding a customer's affairs; on the other, there is the duty owed to a person to whom he supplies information or an opinion as to a client's affairs or credit, at least to give an honest opinion, or where a duty of care arises to give a report that observes that duty. It is suggested in Paget on Banking …, in reliance on Tournier v National Provincial & Union Bank of England Ltd … that a bank should not answer an inquiry of this description even from another bank without the consent of its client. Certainly the bank is not bound to give any opinion whether with its customer's consent or not.

      But if an answer is given the person giving it on the bank's behalf cannot allow his loyalty to his customer and his regard for the customer's interest, or the bank's own interests in maintaining a profitable relationship, to interfere with the duties which the law imposes on him in making his answer."

 

Code of Banking Practice
22 We acknowledge that, in addition to our duties under the Privacy Act 1988, we have a general duty of confidentiality towards you, except in the following circumstances:
(i)   where disclosure is compelled by law;
(ii)   where there is a duty to the public to disclose;
(iii)   where our interests require disclosure; or
(iv)   where disclosure is made with your express or implied consent.

Click here for a copy of the Code of Banking Practice.

Customer Owned Banking Code of Practice
(23.1) We will comply with the Privacy Act 1988 and the National Privacy Principles ..., including with respect to credit reporting and the collection, storage, use and disclosure of your personal and financial information.
(23.2) We will treat your personal and financial information as private and confidential. We will not disclose that information to any other organisation unless:
•     we are required to by law (for example, under anti-money laundering laws)
•     there is a duty to the public to disclose the information
•     our interests require disclosure (for example, to prevent fraud)
•     you ask us to disclose the information, or
•     we have your permission to do so.

Click here for a copy of the Customer Owned Banking Code of Practice.

CR r7.8.18(5) – Confidentiality of Client Instructions
A financial services licensee (licensee 1), or a director, partner, officer or employee of a financial services licensee, must not disclose to any other financial services licensee, or to a person engaged or employed in the business of licensee 1 or any other financial services licensee, instructions of a client to deal in a class of financial products, except:
(a)  to the extent necessary to execute the instructions; or
(b)  as required by this Act or any other law.

CR r7.8.18(1) provides that r7.8.18 applies in relation to all instructions received by a financial services licensee to deal in financial products through licensed markets, except to the extent that the market integrity rules, or the operating rules of a licensed market in relation to which the financial services licensee is a participant, otherwise provide.

CR r7.8.18(5) arguably applies to trading on the ASX as it is not otherwise covered by the ASX Market Integrity Rules or Operating Rules. ASX 24 MIR 3.1.7 (see below) prohibits ASX 24 trading participants from disclosing any information about orders unless otherwise permitted or required under the Market Integrity Rules or the law and that is probably sufficient to displace r7.8.18(5) from operating in relation to transactions on the ASX 24 market. However, both r7.8.18(5) and ASX 24 MIR 3.1.7 are unnecessarily wide. For example, on their face, they would seem to prevent a trader responding to a request from his/her own Compliance or Legal Department for information about a client trade.

In 2015, ASIC announced that it had accepted enforceable undertakings from Bell Potter Securities Limited and one of its Sydney institutional stockbrokers, and also from Regal Funds Management Pty Ltd and its chief investment officer (CIO), for misusing client confidential information. The broker sent an email to the CIO based on information he had obtained from an institutional client about its possible intention of selling shares in Ten Network Holdings Ltd (TEN). He did so without the client's knowledge or consent. After receiving the email from the broker, the CIO sold approximately 4 million TEN shares at $0.28 per share through a broker unrelated to Bell Potter. After this transaction, the price of TEN began to fall through trading unrelated to Regal or Bell Potter. A short time later, the CIO and the broker negotiated a crossing under which Regal bought 10 million TEN shares from the broker's client at $0.26 per share. In a 7 minute period, Regal realised an approximate gross profit of $80,000 on the 4 million TEN it had short-sold. ASIC found that the CIO, by virtue of his position and experience, knew, or ought reasonably to have known, that the information he received was, or may have been, confidential and that its dissemination to him may have been contrary to the interests of the broker's client and that, in the circumstances, the CIO was obliged to avoid using the information and, in particular, to refrain from selling TEN shares. The undertakings required the broker to undertake various training and compliance measures and Bell Potter to implement various compliance measures in relation to the broker, including the recording of telephone calls made to and from his business phone and conducting reviews of client trades executed by him. They also required Regal to implement training and compliance measures, including the appointment of an independent compliance expert to review its policies and procedures and for the review of trades conducted by the CIO and other Regal staff. Under the undertakings, the broker and the CIO each also agreed to make a "voluntary" contribution of $80,000 (representing the approximate profits realised on the CIO's short-sale of TEN shares on behalf of Regal's funds) to Financial Literacy Australia Limited to advance financial literacy in Australia. See ASIC Media Release 15-406MR.

ASX 24 MIR 3.1.7 - Duty Not to Disclose Order Information
(1)   Subject to Rules 3.3.1(1)(b) (pre-negotiated business orders) and 3.4.1(c) (authorised disclosure of block trade orders), a market participant must not disclose any information about orders or expressions of interest unless where otherwise permitted or required under these Rules or the law or exempted under (2) below.
(2)   No market participant may disclose to another party information (including expressions of interest) which is not generally available, or should not reasonably be considered to be generally available, to market participants. Only details of orders and expressions of interest that have been disclosed on the trading platform may be disclosed to clients.

The disclosure of information about a client’s order, where the order has been entered into the trading platform, but not at a level that is visible to other market participants is disclosure of information which is not generally available, nor reasonably considered to be generally available (MIR 3.1.7(3)).

For these purposes, an "order" is an instruction to deal or trade on behalf of a client or an intention to deal or trade by a party dealing proprietary business (MIR 3.1.7(4)).

Breach of MIR 3.1.7 attracts a maximum penalty of $1,000,000.

Return to Outline


Telephone Taping

Telecommunications (Interception and Access) Act s7(1) – Interceptions Illegal
A person shall not:
(a)   intercept;
(b)   authorize, suffer or permit another person to intercept; or
(c)   do any act or thing that will enable him or her or another person to intercept;
a communication passing over a telecommunications system.

Click here for a copy of the Telecommunications (Interception and Access) Act 1979 (Cth).

TIAA s63(1) – Use of Information Obtained by Interceptions Illegal
A person shall not:
(a)   communicate to another person, make use of, or make a record of; or
(b)   give in evidence in a proceeding;
… information obtained by intercepting a communication in contravention of s7(1).

 

TIAA s6(1) – Meaning of Interception
Interception of a communication passing over a telecommunications system consists of listening to or recording, by any means, such a communication in its passage over that telecommunications system without the knowledge of the person making the communication.
See R v Evans & Doyle [1999] VSC 486

This definition has been read down by the courts so that it only applies where the interception is committed by a third party who is not party to the communication. In R v Evans & Doyle, the defendants challenged on voir dire the use of taped conversations between the broker (Doyle) and his client (Evans) in an insider trading prosecution. It was held that the tape recordings were admissible. The mischief that s6(1) was directed to was the interception by third parties of a communication or conversation happening over the phone lines. The Act did not stop the parties to the conversation from recording the conversation. In response to a submission from defendant’s counsel that the broker's employer (JB Were) was a third party to the conversation between Evans and Doyle, the court said that the tapes were recordings by the employer of conversations that one of its employees had had in the course of his employment. JB Were could only act through its servants and agents. JB Were was to be regarded as a party to the conversation and therefore any recording by it of the conversation was not an interception.

The court also found that, in any event, the client knew that his phone conversation was being recorded and that also prevented the recording from being an interception for the purposes of the TIAA. The court said:

     

"The pip tone generator forming part of the recording equipment installed at Weres and by which its operation recorded the telephone conversations, … was, by its design and by its operation, such that when a telephone conversation to or from an attached extension was being recorded, a pip or beep was transmitted to the line at each end, that is to the line of the person speaking and listening at the recording end and also at the other end. …

     

I am satisfied to the necessary degree that the bips or tone pips were transmitted to [the client’s] end of the line during the conversation, they were present to be heard, and were heard, and by reason of his previous knowledge of the presence of the meaning of such beeps I am satisfied that he knew that his telephone conversations with [the broker] were being recorded at the relevant time."

It is a good idea, however, if you are going to tape client conversations that you include a warning of that fact in your client agreement and an express consent by the client to the use of the tape recordings.

 

TIAA - Consequences of Breach
•     Criminal offence – punishable by 6 months jail if convicted summarily or by 2 years jail if convicted on indictment (s105).
•     Neither the intercepted material nor a record of it is admissible in evidence in a proceeding except in the limited circumstances permitted by the TIAA (s77).
•     A court may on the application of an aggrieved person grant the aggrieved person remedial relief in respect of the interception by making such orders against the defendant as the court considers appropriate, including (without limitation):
  •     an order declaring the interception or communication to have been unlawful;
  •     an order that the defendant pay to the aggrieved person such damages (including punitive damages) as the court considers appropriate;
  •     an order in the nature of an injunction (including a mandatory injunction);
  •     an order that the defendant pay to the aggrieved person an amount not exceeding the amount that, in the opinion of the court, represents the total gross income derived by the defendant as a result of the interception or communication, as the case requires (s107A).

 

Surveillance Devices Act 2007 (NSW) s7(1) – Illegal to Use Covert Listening Devices
A person must not knowingly install, use or cause to be used or maintain a listening device:
(a)   to overhear, record, monitor or listen to a private conversation to which the person is not a party, or
(b)   to record a private conversation to which the person is a party.

Click here for a copy of the Surveillance Devices Act 2007 (NSW).

The SDA has similar restrictions on optical surveillance devices, tracking devices and data surveillance devices.

Some doubts have been expressed as to the constitutionality of the SDA, in so far as it purports to cover equipment that is used to listen in to or record private telephone conversations. Those doubts turn upon whether a court will find that the TIAA was intended by Federal Parliament to "cover the field" so far as interception of telephone communications is concerned, with the result that the TIAA prevails over the SDA under s109 of the Constitution in relation to any  listening devices used to listen in to or record telephone conversations.

SDA s7(3) – Exception for Recordings by a Party
S7(1)(b) does not apply to the use of a listening device by a party to a private conversation if:
(a)   all of the principal parties to the conversation consent, expressly or impliedly, to the listening device being so used, or
(b)   a principal party to the conversation consents to the listening device being so used and the recording of the conversation:
  (i)   is reasonably necessary for the protection of the lawful interests of that principal party, or
  (ii)   is not made for the purpose of communicating or publishing the conversation, or a report of the conversation, to persons who are not parties to the conversation.

Tape recording of broker lines probably falls within (b)(i) above and, if the usual pips are sounded during the recording, there is a respectable argument that there is implied consent by the client to the recording for the purposes of (a) above (see the passage in R v Evans & Doyle quoted above).

It is a good idea, however, if you are going to tape client conversations that you include a warning of that fact in your client agreement and an express consent by the client to the fact and use of the tape recordings. That will put you expressly within (a) above.

SDA s4 - Definitions
Listening device means any device capable of being used to overhear, record, monitor or listen to a conversation or words spoken to or by any person in conversation.
Party, in relation to a private conversation, means a person by or to whom words are spoken in the due course of the conversation, or a person who, with the consent, express or implied, of any of the persons by or to whom words are spoken in the course of the conversation, records, monitors or listens to those words.
Principal party, in relation to a private conversation, means a person by or to whom words are spoken in the course of the conversation.
Private conversation means any words spoken by one person to another person or to other persons in circumstances that may reasonably be taken to indicate that any of those persons desires the words to be listened to only:
(a)   by themselves, or
(b)   by themselves and by some other person who has the consent, express or implied, of all of those persons to do so.
Report of a conversation includes a report of the substance, meaning or purport of the conversation.

The definition of "listening device" specifically excludes a hearing aid or similar device used by a person with impaired hearing to overcome the impairment and permit that person to hear only sounds ordinarily audible to the human ear. The definition of "private conversation" excludes a conversation made in any circumstances in which the parties to it ought reasonably to expect that it might be overheard by someone else.

SDA s11 - Prohibition on Communication or Publication of Private Conversations
(1)   A person must not publish, or communicate to any other person, a private conversation, or a report of a private conversation ..., that has come to the person's knowledge as a direct or indirect result of the use of a listening device ... in contravention of this Part.
(2)   S11(1) does not apply:
  (a)   if the communication or publication is made:
    (i)   to a party to the private conversation,
    (ii)   with the consent, express or implied, of all the principal parties to the private conversation, …

 

SDA s12 - Possession of Record of Private Conversation
(1)   A person must not possess a record of a private conversation ... knowing that it has been obtained, directly or indirectly, by the use of a listening device ... in contravention of this Part.
(2)   S12(1) does not apply where the record is in the possession of the person: ...
  (b)   with the consent, express or implied, of all of the principal parties to the private conversation ..., or
  (c)   as a consequence of a communication or publication of that record to that person in circumstances that do not constitute a contravention of this Part.

 

SDA - Consequences of Breach
•     Criminal offence – punishable in the case of an individual by a fine of 100 penalty units and/or 5 years jail, and in the case of a corporation by a fine of 500 penalty units.
•     Orders for forfeiture of listening device or records of private conversations (s58).

 

SDA s57(1) - Offences by Corporations
If a corporation contravenes, whether by act or omission, any provision of this Act or the regulations, each person who is a director of the corporation or who is concerned in the management of the corporation is taken to have contravened the same provision if the person knowingly authorised or permitted the contravention.

 

ASX MIR 4.1.10(1) - Mandatory Recording of Telephone Lines (Futures)
A market participant must record, by tape, telephone lines or other electronic device, all telephone conversations with clients in relation to its dealings in futures market transactions including, without limitation, conversations relating to the receipt, transaction and confirmation of orders.

The market participant must retain these records for at least 3 months (MIR 4.1.10(2)).

Breach of MIR 4.1.10(1) attracts a maximum penalty of $100,000.

ASX MIR 3.1.6(1) requires an ASX market participant who enters into futures market contracts on behalf of a client to have entered into a written client agreement containing the minimum terms set out in that rule before entering into such contracts. Para (m) of that rule requires an acknowledgment by the client that the participant may record telephone conversations between the client and the participant and that if there is a dispute between the client and the participant, the client has the right to listen to any recording of those conversations.

ASX 24 MIR 2.2.7(1) – Mandatory Recording of Telephone Lines
(a)   Each market participant dealing with clients must record, via telephone lines and/or other electronic device, at its own expense, all conversations with clients and other parties relating to client instructions.
(b)   Each market participant must ensure that internal desks transmit all orders to the futures desks in such a way that instructions are recorded via a telephone line or other electronic device.
(c)   Should circumstances arise where a client has placed instructions in a manner where there is no electronic or other record, the market participant must ensure that the client’s instructions are recorded in some manner.

For these purposes, "client" includes a related body corporate of the participant or a division of the participant which is separate from the participant’s futures division (MIR 2.2.7(1)(g)).

These recordings and records must be retained for a minimum 3 month period (MIR 2.2.7(1)(d)).

Breach of MIR 2.2.7(1) attracts a maximum penalty of $100,000.

ASX 24 MIR 2.2.5(1) requires an ASX 24 market participant, before commencing to trade for a client, to have in force a duly signed client agreement containing the minimum terms set out in that rule. Para (c) of that rule requires an acknowledgment by the client that the client’s telephone conversations with the participant can be recorded by the participant. The client is to be given the right to listen to any recording in the event of a dispute or anticipated dispute.

ASX Business Rules Guidance Note 7/96
Tape recording of telephone advice, while considered a matter of best practice, "is not a mandatory requirement of ASX or the ASIC and it is up to each Participating Organisation to assess the costs/benefits and risk/reward of the various options."
"The length of time that tapes are retained is up to each Participating Organisation and will depend on the recording system used and the ability to retrieve information. It is however suggested that, consistent with the requirement to retain records of orders received, … tapes should be kept for a minimum of 2 years."

Note that since this Guidance Note was issued the period for which order records are required to be kept under the ASX Market Rules has been lengthened to 7 years, as has the period for which records of "further advice" are required to be kept under the Corporations Act (see s946B(1) and r7.7.09).

The ASX has been somewhat schizophrenic on the question of telephone taping. Contrary to the statements above in Guidance Note 7/96, in its Trading Best Self Assessment questionnaire, the ASX strongly suggested that telephone taping was an essential part of a proper compliance regime and that telephones should be taped and the tapes regularly reviewed on a sample basis.

Return to Outline


When Things Go Wrong
Escalation Procedures

Every financial services organisation should have clear published procedures, tailored for that organisation, for escalation of actual or suspected compliance breaches and other control breakdowns. By way of example, in a larger organisation, those procedures might involve:
•     If an employee becomes aware of any actual or suspected compliance breach, they should immediately notify their manager.
•     If the manager agrees that there has or may have been a compliance breach, they should immediately notify Legal and/or Compliance to determine what further action needs to be taken (if in doubt as to whether there has been a breach, they should consult Legal and/or Compliance).
•     Unless the matter is relatively trivial, the CLO/Head of Compliance should be notified forthwith.
•     The CLO/Head of Compliance should determine who else needs to be notified, based on the nature and severity of the breach (eg CEO, CFO, Head of Internal Audit, Head of HR, Board of Directors).

Escalation procedures have to be tailored to the organisation. In a smaller organisation, you might only have one lawyer or compliance officer. These procedures should marry in to escalation procedures for other control breaches.

Return to Outline


When Things Go Wrong
Control Logs

Every financial services organisation should have clear published procedures, tailored for that organisation, for logging and tracking progress in correcting actual or suspected compliance breaches and other control breakdowns. By way of example, in a larger organisation, those procedures might involve:
•     Completion of an incident report for each actual or suspected compliance breach.
•     Maintenance of a running log for open incidents showing who is responsible for investigating and correcting the incident and progress to date.
•     Regular review of that running log by a committee of management and control personnel.
To the extent practicable, the procedures should try to take advantage of and preserve legal professional privilege.

Some managers have been known to resist the keeping of such logs and other written records as they say they are a "road map" for regulators and make it easier for them to identify breaches in the event of an audit by a regulator. However, if such records are not kept, how can management satisfy itself, and demonstrate to regulators that it is attempting to satisfy itself, that compliance issues are being identified and rectified? How can it identify, and demonstrate to regulators that it is attempting to identify, trends or systemic issues that may be of concern?

Return to Outline


When Things Go Wrong
Investigations

Preliminary Steps
•     Secure all physical and electronic evidence (eg files, emails, voice tapes, order/trading records, customer records, market data, security system access records, video tapes etc). Consider whether you ought to recover files from back-up tapes and impound computers for attempted recovery of deleted information on hard drives.
•     Consider with relevant manager and HR whether employee(s) suspected of misconduct should be sent on paid leave while the matter is investigated (if so, suspend their security pass and alert relevant staff of the situation).
•     Consider legal professional privilege and whether independent outside counsel should conduct the investigation.
•     If not, consider composition of investigation team. Likely stakeholders will include Compliance, Legal, HR, Internal Audit and Management. Should not include anyone who works directly with employees under investigation or their immediate supervisors.

The first issue that needs to be considered, of course, is whether a formal investigation is required. Not all compliance breaches require a formal investigation. If the facts are known and the employee has admitted wrong doing, most times you can skip the investigation and just move straight to the consideration of disciplinary action. Note that you should always, as a matter of good HR practice, create a record of what the employee did and what disciplinary action was taken to go in their staff file, even where there is no formal investigation. That may take the form of a file note by HR or Compliance or, alternatively and preferably, a memo signed by the employee recording the facts and the disciplinary action taken, usually with an acknowledgment by the employee that further compliance breaches on their part will result in more severe disciplinary action, up to and including termination of employment.

Re the second last bullet point - use of outside counsel is a good idea if the results of the  investigation are going to be presented to a regulator eg to try to avoid a prosecution or in mitigation of penalties. Inhouse counsel may be perceived to have a conflict of interest and to lack independence and that may call into question the veracity of the investigation. Use of outside counsel also assists preservation of legal professional privilege. See generally Matthews, "Internal Corporate Investigations" 45 Ohio State Law Journal 655.

Preparation for the Interview
•     Thoroughly review physical (documentary and electronic) evidence before conducting formal interviews. Identify any "smoking guns" or other evidence that requires an explanation.
•     Have transcripts made of pertinent sections of any voice tapes.
•     Make sure you fully understand applicable law and policy.
•     Good practice to prepare a script in advance with written questions and spaces to write answers.
•     To avoid being "verballed" and to facilitate note taking, have at least 2 interviewers attend a staff interview. Arrange in advance who is to be the principal note taker.

 

Proceedings at the Interview
•     All interviewed staff should be told up-front of the reason for the interview, the subject matter to be discussed, the procedure to be followed and warned that:
  •     their answers must be truthful and complete – lying or concealing material information could have serious consequences and lead to disciplinary action against the staff member, up to and including termination;
  •     the interview is to remain confidential vis-à-vis other staff members – gossip could compromise the investigation and/or lead to allegations of defamation or victimisation – and that a breach of confidentiality could also lead to disciplinary action; and
  •     if the investigation uncovers a breach of law, there may be an obligation to report that to relevant authorities.
•     Generally, it is a good idea to establish the facts first before alleging any wrongdoing.
•     Start with easy questions first – their name, what they do, who they work with, who they report to etc. – before moving on to the immediate facts in issue. Then ask questions to elicit the employee’s version of the facts, if necessary showing them relevant documents and asking them to comment.
•     Once you have established what they did, ask them why they did it.
•     If it is apparent that the employee has acted in breach of law, duty, policy etc, ask them if they knew that what they were doing was a breach.
•     Repeat or get the employee to repeat important comments or suspected lies (eg "let me get this clear, what you are saying is …").

 

After the Interview
•     Prepare a written record of the interview (including warnings given at the start of the interview). This should be agreed by all interviewers before being shown to the interviewee for confirmation.
•     If the interviewee agrees that it is an accurate reflection of what was said at the interview, ask them to sign the record to confirm that fact and that the answers they gave were truthful. If they refuse, you can’t compel them but make a note that they were asked to sign and refused to do so.
•     If employee wants to make material changes to their answers, it may be appropriate to reconvene the interview panel.
•     Once you have completed all of your investigations, prepare a draft finding of facts for discussion with the relevant manager(s) and HR.

 

Consideration of Disciplinary Action
•     If the relevant manager(s) and HR are happy that all factual issues have been properly addressed, consideration should then be given to what disciplinary action is appropriate (eg formal warning, counselling, compulsory training, enhanced supervision, loss of or reduction in discretionary bonus, loss of prospective promotion, demotion, dismissal with notice, summary dismissal).
•     Consideration should be given to whether there are any procedural requirements or other obligations that need to be satisfied before disciplinary action can be instituted under:
  •    any applicable statute;
  •    any applicable award, certified agreement or enterprise agreement;
  •    the employee’s service contract (if any); or
  •    the common law.

Note that under Australian law and practice, fixed monetary penalties, reductions in salary and suspension without pay are unlikely to be available as disciplinary remedies. Generally that would be a breach of applicable awards/agreements/contracts. Demoting an employee is also risky as that can amount to constructive dismissal. Loss or reduction of discretionary bonus should be acceptable provided the employer has included compliance/ethics among the factors considered in the award of bonus – which they should!

Give Employee Opportunity to Respond
•     Have the relevant manager(s) and HR present the draft finding of facts and discuss proposed disciplinary action with the employee and ask them if they have anything to say in response.
•     Make sure the employee is given adequate time to consider the allegations and respond.
•     After they have given their response, if necessary, re-consider the draft finding of facts and proposed disciplinary action.
•     Finalise finding of facts, adding a statement of the disciplinary action proposed to be taken.
•     File statement on employee’s HR file and implement proposed disciplinary action.

Return to Outline


When Things Go Wrong
HR Issues

A Word of Warning
•     This is a highly litigious area and a legal minefield!
•     Punitive disciplinary action can bring to the fore issues about procedural fairness, constructive dismissal, discrimination etc.
•     Consider whether you need to seek advice from a HR lawyer.
•     Assume everything that you say and write will be called into evidence.
•     Be mindful of reporting obligations and defamation issues.

 

Fair Work Act 2009 (Cth) - Notice of Termination
Generally, an employer must not terminate an employee's employment unless the employee has been given written notice of termination (s117(1)) and:
(a)   the employee has been given the required period of notice or received payment in lieu of notice (s117(2)); or
(b)   the employee is guilty of "serious misconduct" (s123(1)(b)).

Click here for a copy of the Fair Work Act 2009 (Cth).

Most awards, agreements and service contracts will usually contain a similar term. In the absence of a contract, the common law will imply an equivalent term, with periods of notice often substantially longer than those typically provided for in statute or written service contracts (sometimes 6 to 12 months or even longer), especially for senior employees and employees with long periods of service.

For the purposes of (c) above, "serious misconduct" is defined in r1.07 of the Fair Work Regulations. It includes: (a) wilful or deliberate behaviour by an employee that is inconsistent with the continuation of the contract of employment; (b) conduct that causes imminent and serious risk to the health or safety of a person or the reputation, viability or profitability of the employer's business; (c) the employee, in the course of the employee's employment, engaging in theft, fraud or assault; (d) the employee being intoxicated at work to the point where his or her faculties are so impaired that the employee is unfit to be entrusted with the employee's duty or with any duty that the employee may be called upon to perform; or (e) the employee refusing to carry out a lawful and reasonable instruction that is consistent with the employee's contract of employment. Paragraphs (c), (d) and (e) don’t apply if the employee is able to show that, in the circumstances, the conduct engaged in by the employee was not conduct that made employment in the period of notice unreasonable.

Fair Work Act s387 – Harsh, Unjust or Unreasonable Terminations
In considering whether it is satisfied that a dismissal was harsh, unjust or unreasonable, FWC must take into account:
(a)   whether there was a valid reason for the dismissal related to the person’s capacity or conduct (including its effect on the safety and welfare of other employees);
(b)   whether the person was notified of that reason;
(c)   whether the person was given an opportunity to respond to any reason related to the capacity or conduct of the person;
(d)   any unreasonable refusal by the employer to allow the person to have a support person present to assist at any discussions relating to dismissal;
(e)   if the dismissal related to unsatisfactory performance by the person - whether the person had been warned about that unsatisfactory performance before the dismissal;
(f)   the degree to which the size of the employer's enterprise would be likely to impact on the procedures followed in effecting the dismissal;
(g)   the degree to which the absence of dedicated human resource management specialists or expertise in the enterprise would be likely to impact on the procedures followed in effecting the dismissal; and
(h)   any other matters that FWC considers relevant.

Employees who are covered by the Fair Work Act may apply to Fair Work Australia for relief against an unfair dismissal, defined (in essence) to mean a dismissal that is harsh, unjust or unreasonable and not a case of genuine redundancy (s385). To qualify, the employee must have completed a minimum employment period of 12 months if employed in a "small business", or 6 months otherwise (ss382(a) and 383), and must be covered by a modern award or enterprise agreement or earn less than the "high income threshold" (s382(b)). The high income threshold for 2009-10 is $108,300 and for subsequent years is indexed for movements in the average weekly ordinary time earnings published by the Australian Statistician (FWR r2.13).

FWA s387 outlines the factors Fair Work Australia is required to consider in being satisfied that a dismissal is "harsh, unjust or unreasonable" and provides something of a roadmap for employers to ensure they apply procedural fairness when terminating employees.

Note the significance afforded under industrial law to the giving of warnings. Whenever you have conduct that falls short of grounds for dismissal, it is prudent to give a formal warning which is recorded on the employee’s file so that if there is a repeat offence, you have evidence of the earlier warning and a basis for dismissal.

Selected Cases
•    Gooley v Westpac (1995) 129 ALR 628
•    Ramage v Challenge Bank [1995] IRCA 455
•    Santos Limited v Smith [1992] SAIR 218
•    Robin v Worley ABB (2002) 51 AILR 4-560

In Gooley v Westpac, the applicant, a senior employee in Westpac’s corporate advisory area, sent a legal summary on limited partnerships and details of some limited partnership financing structures the bank had been involved in that were "in trouble" and were good candidates for restructure to an outside party with whom the employee had a prior involvement and who was active in property investment. Westpac summarily dismissed him for serious misconduct, namely, passing on confidential information concerning the Bank's relationship with clients and breaching a declaration of secrecy he had signed and the Westpac Code of Conduct. The employee applied to the Industrial Relations Court for damages for breach of award on the basis that his dismissal was harsh, unjust and unreasonable (this was before the remuneration cap for claims in this jurisdiction was introduced). The Court said that it was not convinced that the information was in fact confidential, or that its release would have or had harmed the bank. The employee’s motive in sending the material was in pursuit of the bank’s interests (trying to find a purchaser for the properties in question). Accordingly, his misconduct was not "serious" and therefore his dismissal was harsh, unjust and unreasonable.

In Ramage v Challenge Bank, Ramage was an employee working in the loan approval section of Challenge Bank. He had been looking for a property to purchase. He found a property he was interested in and used Challenge Bank resources to obtain a property search. That search revealed that the property was financed by, and subject to a mortgage in favour of, Challenge Bank. He pulled the client’s file and obtained a copy of a valuation report on the property which valued it at somewhat less than the purchase price being asked for by the vendors. He mentioned that in passing to the estate agent handling the sale who passed the comment on to his client, the vendors. They wrote a letter of complaint to Challenge Bank. Ramage was summoned to a meeting with his boss and with HR, told that this was a serious matter and given until the following morning to provide a response. He wrote out his version of what had happened. The following morning he attended another meeting with the same people and gave them his statement. He was asked some further questions and then asked to leave the room. After an interlude, he was invited back and told that the bank had no alternative - either it had to sack him or he could resign voluntarily. He chose to resign. Subsequently, he sought to be reinstated on the basis that he had been constructively dismissed and that this was harsh, unjust or unreasonable.

The Court, after noting the references to an obligation not to mis-use information in Ramage's written employment contract and a clause in the Challenge Bank Credit Manual about the confidentiality of customer information, stated:

    

"I do not accept the arguments put forward on behalf of the applicant. Mr Ramage clearly acted improperly when he went to the vendors' confidential file to look at the valuation. Mr Ramage had no business going to that file. He did it purely for his own purposes. The information he gained from the valuation on the client file could have been used by Mr Ramage as a bargaining tool in his dealings on the property. The banking industry is very sensitive and its employees, particularly those in professional positions, have a duty to behave responsibly. I find that there was a valid reason for the termination and that the termination was not harsh, unjust or unreasonable. Accordingly, the application must be dismissed."

In Santos Limited v Smith, Smith was employed as a petroleum geologist by Santos. He was dismissed for purchasing Santos share options while allegedly in possession of price sensitive information about an oil discovery. Before the purchase he had discussed it openly in his workplace. He made no secret of the transaction. The transaction came to the attention of senior management some two days later. The worker admitted the transaction to the Manager of the Petroleum Division, explaining that he believed he had not done anything wrong and that he was unaware of any prohibition on the ownership or trading of Santos shares or options by its employees. The worker was asked to resign but declined. He was subsequently suspended from his employment while a full investigation was carried out. As a result of this, he was dismissed.

At first instance, the Industrial Relations Commissioner found that Santos had failed to establish any breach of confidentiality on the part of the respondent by showing that any information he had held was inaccessible to the public. Nor had it established that he had ever held confidential information or made any unauthorised use of such information. It also found that the dismissal of the respondent was harsh and unjust and ordered re-employment in his former position and the payment of remuneration for the lost period of employment. An appeal against that decision was dismissed. The court noted the following factors in favour of the respondent:
>   First, he never made any secret of the fact among fellow employees that he was intending to buy and/or trade in Santos securities.
>   Second, he never received any directive from his employer that he was not to buy and/or trade in Santos securities.
>   Third, he was a relatively young and inexperienced employee, and had not previously been accused of any wrong doing.

>  

Fourth, the scale of the transaction was a relatively small one. He made only $1,200 profit on his investment.

The Commissioner was not satisfied that the respondent had committed an act of gross misconduct and thereby breached his contract of employment. The basis for the dismissal therefore disappeared and, in those circumstances, the Commissioner concluded that the dismissal was harsh and unjust.

Robin v Worley ABB demonstrates the importance of an employer complying with their own policies and procedures. Mr Robin was sacked by Worley because he refused a drug and alcohol test. On appeal to the full bench of the Australian Industrial Relations Commission, Mr Robin argued his dismissal was harsh and unreasonable because Worley failed to comply with its own policy. The policy provided that:
>   an individual shall be deemed to be under the influence of alcohol if he or she exceeds a blood alcohol level of .05%; and
>  

where a person refuses to participate in, or cooperate fully with, an alcohol or drug test, the person will be counselled and encouraged to participate. If the person continues to refuse without legitimate cause, they will be deemed unfit for work and the incident will be treated as returning a positive result.

When Mr Robin was asked to submit to the test, his supervisor told him in error that a zero reading was required to pass the test. The AIRC decided:
>   both Mr Robin and Worley were equally obliged to comply with the policy;
>   the obligation on Worley to counsel Mr Robin if he refused to participate in a test included an obligation to provide correct information about the test;
>   Worley provided Mr Robin with incorrect information when it told him he must have a zero reading; and
>  

because Worley acted inconsistently with its contractual obligations in relation to the test, the dismissal was harsh and unreasonable.

Implicit in the decision is that Mr Robin may not have refused the test if he had been provided with correct information about the required standard. Importantly, the AIRC accepted that an employer is entitled to require an employee to submit to a test at a workplace with inherent safety risks. If Worley did not have a drug and alcohol policy and simply relied on Mr Robin’s implied contractual duty to obey lawful and reasonable directions, the dismissal may not have been harsh and unreasonable. However, because Worley committed to a policy which gave rise to specific additional obligations on its part, its failure to follow those requirements made the dismissal harsh and unreasonable.

 

Some Practical Lessons
•     It is good practice to include a term in each employment contract, reinforced in corporate policy, that compliance breaches may result in disciplinary action up to and including termination.
•     It is also good practice to have annual compliance sign-offs with a similar statement to reinforce the importance of compliance and the penalties for non-compliance.
•     In a dismissal situation, you need to consider carefully the grounds for dismissal and make sure that you have a proper factual basis for dismissal.
•     Sometimes it is more prudent and cost-effective in the long run to terminate with notice and a pay-out than to terminate summarily, even if you think you have grounds for summary dismissal.
•     If you make a pay-out, include as a condition the employee executing a deed of release.

Deeds of release are not always a complete defence but they can be helpful: compare Roseman (No 2) v United Bonded Fabrics Pty Limited [2000] NSWADT 152 (deed of release held to be a complete bar to claim for discrimination) and Le Good v Stork Electrical Pty Limited (1999) 45 AILR 4-047 (deed of release set aside for duress).

Return to Outline


When Things Go Wrong
Self-Reporting Obligations

CA s912D(1) - Obligation of Licensee to Notify ASIC of Breaches
If:
(a)   a financial services licensee breaches, or is likely to breach:
  (i)   any of the obligations under s912A or 912B, other than the obligation under s912A(1)(c);
  (ii)   the obligation under s912A(1)(c), so far as it relates to provisions of this Act or the ASIC Act referred to in paragraphs (a), (b) and (c) of the definition of financial services law in s761A;
  (iii)   in relation to financial services, other than traditional trustee company services provided by a licensed trustee company - the obligation under s912A(1)(c), so far as it relates to Commonwealth legislation that is covered by paragraph (d) of that definition and that is specified in regulations made for these purposes; or
  (iv)   in relation to traditional trustee company services provided by a licensed trustee company - the obligation under paragraph 912A(1)(c), so far as it relates to Commonwealth, State or Territory legislation, or a rule of common law or equity, that is covered by paragraph (d) or (e) of that definition; and
(b)   the breach, or likely breach, is significant, having regard to the following:
  (i)   the number or frequency of similar previous breaches;
  (ii)   the impact of the breach or likely breach on the licensee's ability to provide the financial services covered by the licence;
  (iii)   the extent to which the breach or likely breach indicates that the licensee's arrangements to ensure compliance with those obligations is inadequate;
  (iv)   the actual or potential financial loss to clients of the licensee, or the licensee itself, arising from the breach or likely breach;
  (v)   any other matters prescribed by regulations made for the purposes of this paragraph;
the licensee must give a written report on the matter to ASIC as soon as practicable, and in any case within 10 business days, after becoming aware of the breach or likely breach.

CA s912D(1A) provides that for these purposes, a financial services licensee is likely to breach an obligation if, and only if, the person is no longer able to comply with the obligation.

The provisions of the CA and ASICA referred to in paragraphs (a), (b) and (c) of the definition of "financial services law" in s761, as mentioned in s912D(1)(a)(ii), are: (a) CA chapters 5C, 5D, 6, 6A, 6B, 6C, 6D or 7; (b) a provision of CA Chapter 9 as it applies in relation to those other Chapters; and (c) Division 2 of Part 2 of the ASIC Act.

The relevant pieces of Commonwealth legislation referred to in s912D(a)(iii) are: Australian National Registry of Emission Units 2011, Banking Act 1959, Carbon Credits (Carbon Farming Initiative) Act 2011, Clean Energy Act 2011, Financial Sector (Collection of Data) Act 2001, Financial Sector (Shareholdings) Act 1998, Financial Sector (Transfers of Business) Act 1999, Insurance Acquisitions and Takeovers Act 1991, Insurance Act 1973, Insurance Contracts Act 1984, Life Insurance Act 1995, Retirement Savings Accounts Act 1997, Superannuation Industry (Supervision) Act 1993 and Superannuation (Resolution of Complaints) Act 1993 (CR r7.6.02A).

Failure to comply with CA s912D(1) is an offence punishable by a fine of 50 penalty units and/or imprisonment for 1 year for individuals and a fine of 250 penalty units for bodies corporate. Those who aid, abet, counsel or procure the offence are liable to the same penalty.

ASIC has taken enforcement action in relation to breaches of s912D. In May 2007, Top Quartile Management Ltd was convicted and fined $10,000 in the Melbourne Magistrates Court after pleading guilty to 6 charges of failing to report to ASIC breaches of the Corporations Act that occurred between August 2004 and August 2005 (see ASIC Media Release 07-136).

See generally ASIC Regulatory Guide 78 - Breach reporting by AFS licensees.

CA s601FC(1)(l) – Obligation of Responsible Entity to Report Breaches
In exercising its powers and carrying out its duties, the responsible entity of a registered scheme must … report to ASIC any breach of the Corporations Act that:
(i)   relates to the scheme; and
(ii)   has had, or is likely to have, a materially adverse effect on the interests of members;
as soon as practicable after it becomes aware of the breach …

This provision is supplemented by CA s601JC(1), which requires an MIS compliance committee to report to the responsible entity any breach of the Act involving the scheme or of the scheme's constitution of which it becomes aware or that it suspects, and to report to ASIC if the committee is of the view that the responsible entity has not taken, or does not propose to take, appropriate action to deal with a matter so reported.

ASX Rules
•     A market participant must immediately notify ASIC of any notification to its insurer of any claim, potential claim or circumstance that might give rise to a claim under the professional indemnity insurance policy it is required to maintain under MIR 2.2.1 (MIR 2.2.4).
•     If:
  (a)   a market participant commences legal proceedings against, or has legal proceedings commenced against it by, another market participant, a clearing participant, a regulatory authority or a client in connection with their role as a market participant; and
  (b)   those legal proceedings may affect the operations of the market operator, or the interpretation of the Market Integrity  Rules or the Market Operating Rules,
  the market participant must, upon commencing or upon becoming aware of the proceedings, immediately notify ASIC and the market operator in writing of the particulars of the proceedings (MIR 2.2.5).
•     A market participant must notify ASX in writing immediately if any of the circumstances set out in the Procedures occur (OR 5000).

The self-reporting requirements in the ASX Procedures apply, among other circumstances, if a market participant becomes aware that it has breached any of the Rules and that breach is significant. For the purpose of determining whether a breach is significant, a market participant must have regard to: (i) the number or frequency of similar breaches; (ii) the impact of the breach on the market participant’s ability to comply with any other Rule or Procedure or to conduct its business operations as a market participant; (iii) the extent to which the breach indicates that a market participant’s arrangements to ensure compliance with the Rules and Procedures is inadequate; (iv) the actual or potential financial loss to the market participant arising from the breach; and (v) any other matters specified by ASX from time to time.

See generally ASX Operating Rules Guidance Note 8 Notification Obligations.

ASX 24 Rules
•     A market participant must notify ASIC as soon as practicable upon becoming aware that the market operator or a regulatory agency is investigating and/or has instituted proceedings against it (MIR 2.1).
•     A trading participant must notify the Exchange in writing immediately if any of the circumstances set out in the Procedures occur (OR 5000).

The self-reporting requirements in the ASX 24 Procedures apply, among other circumstances, if a trading participant becomes aware that it has breached any of the Rules and that breach is significant. For the purposes of determining whether a breach is significant, a trading participant must have regard to: (i) the number or frequency of similar breaches; (ii) the impact of the breach on the trading participant’s ability to comply with any other Rule or Procedure or to conduct its business operations as a trading participant; (iii) the extent to which the breach indicates that a trading participant’s arrangements to ensure compliance with the Rules and Procedures is inadequate; (iv) the actual or potential financial loss to the trading participant arising from the breach; and (v) any other matters specified by the Exchange from time to time.

See generally ASX 24 Operating Rules Guidance Note 8 Notification Obligations.

AMLCTFA s41 - Reports of Suspicious Matters
A suspicious matter reporting obligation arises for a reporting entity in relation to a person (the first person) if, at a particular time (the relevant time):
•     the reporting entity commences to provide, or proposes to provide, a designated service to the first person; or
•     both:
  •     the first person requests the reporting entity to provide, or inquires of the reporting entity whether the reporting entity would be willing or prepared to provide, a designated service to the first person; and
  •     the designated service is of a kind ordinarily provided by the reporting entity;
and, at the relevant time or a later time, the reporting entity suspects on reasonable grounds that any of the following conditions is satisfied:
•     the first person, or an agent of the first person who deals with the reporting entity in relation to the provision or prospective provision of the designated service, is not the person they claim to be;
•     information the reporting entity has concerning the provision, or prospective provision, of the service:
  •     may be relevant to investigation of, or prosecution of a person for, an evasion, or an attempted evasion, of a Commonwealth, State or Territory taxation law;
  •     may be relevant to investigation of, or prosecution of a person for, an offence against a Commonwealth, State or Territory law;
  •     may be of assistance in the enforcement of the Proceeds of Crime Act 2002, the regulations under that Act or an equivalent law of a State or Territory; or
  •     may be relevant to the investigation of, or prosecution of a person for, an offence covered by paragraph (a), (b) or (c) of the definition of "financing of terrorism", or by paragraph (a) or (b) of the definition of "money laundering", in AMLCTFA s5; or
•     the provision, or prospective provision, of the service is preparatory to the commission of an offence covered by paragraph (a), (b) or (c) of the definition of "financing of terrorism", or by paragraph (a) or (b) of the definition of "money laundering", in AMLCTFA s5.

Query whether the highlighted references to "person" above would be read by a court as meaning someone other than the reporting entity and so a reporting entity would not have to report itself to Austrac if it had committed an offence. However, those references would plainly apply to any suspicion by a reporting entity that one of its officers or employees involved in the provision of a designated service by the reporting entity may have been involved in committing an offence against a Commonwealth, State or Territory law (eg insider trading or market manipulation in breach of the Corporations Act).

Cp FTRA s16(1) and (1A) - Reports of Suspect Transactions
Where:
•     a cash dealer is a party to a transaction; and
•     the cash dealer has reasonable grounds to suspect that:
  •     information that the cash dealer has concerning the transaction:
    •     may be relevant to investigation of an evasion, or attempted evasion, of a taxation law;
    •     may be relevant to investigation of, or prosecution of a person for, an offence against a law of the Commonwealth or of a Territory;
    •     may be of assistance in the enforcement of the Proceeds of Crime Act 1987 or the Proceeds of Crime Act 2002 or the regulations made under those Acts;
    •     may be relevant to investigation of, or prosecution of a person for, a financing of terrorism offence;
  •     the transaction is preparatory to the commission of a financing of terrorism offence; or
the cash dealer ... shall, as soon as practicable after forming that suspicion:
•     prepare a report of the transaction; and
•     communicate the information contained in the report to the Austrac CEO.

Query again whether the highlighted references to "person" above would be read by a court as meaning someone other than the cash dealer and so a cash dealer would not have to report itself to Austrac if it had committed an offence. However, those references would plainly apply to any suspicion by a cash dealer that one of its officers or employees involved in a "transaction" to which the cash dealer was a party may have been involved in committing an offence against a Commonwealth or Territory law (eg insider trading or market manipulation in breach of the Corporations Act).

Auditor and Actuary Reporting Requirements
Various obligations imposed upon auditors and actuaries who uncover breaches of law to report those breaches to the relevant authorities, eg:
•     CA s990K - auditors of AFSL holders
•     CA s601HG - auditors of MIS compliance plans
•     Insurance Act s49A - auditors and actuaries of general insurers
•     Life Insurance Act ss88 and 98 – auditors and actuaries of life insurers
•     Superannuation Industry (Supervision) Act s129(3) - auditors and actuaries of superannuation entities
•     CA s311 - auditors of companies generally

 

Crimes Act 1900 (NSW) s316 – Concealing Serious Indictable Offences
(1)   If a person has committed a serious indictable offence and another person who knows or believes that the offence has been committed and that he or she has information which might be of material assistance in securing the apprehension of the offender or the prosecution or conviction of the offender for it fails without reasonable excuse to bring that information to the attention of a member of the Police Force or other appropriate authority, that other person is liable to imprisonment for 2 years.
(2)   A person who solicits, accepts or agrees to accept any benefit for himself or herself or any other person in consideration for doing anything that would be an offence under s316(1) is liable to imprisonment for 5 years.
(3)   It is not an offence against s316(2) merely to solicit, accept or agree to accept the making good of loss or injury caused by an offence or the making of reasonable compensation for that loss or injury. …

This replaces the common law offences of "misprision of felony" and "compounding a felony" (Crimes Act s341). "Serious indictable offence" is defined in s4 as an indictable offence punishable by imprisonment for 5 years or more or life. It is unclear whether this would embrace offences under the laws of the Commonwealth or other States and Territories, or whether it only applies to offences under NSW law.

Return to Outline


Copyright © 2002-2016 Inhouse Legal Solutions Pty Limited ABN 16 003 663 456.