Skip to content


Australian regulatory authorities continue to pursue an aggressive enforcement agenda, with consequential increases in the workload of in-house litigation and investigation teams.

The current regulatory agenda is being encouraged by a number of factors, including ongoing public criticism and fallout from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (Financial Services Royal Commission), as well as substantial increases in funding by the Government for key regulators, including the Australian Transaction and Reports Analysis Centre (AUSTRAC).

While the impact of Covid-19 appears to have resulted in a slight pause in the overall level of enforcement action, that trend is likely to be reversed as the Australian economy begins its recovery from the effects of the pandemic. The financial sector continues to draw much of the attention of regulators, but public statements by some regulators, as well as recent reforms, have radically changed the compliance landscape. Boards of all companies, regardless of sector, are under unprecedented pressure to manage conduct risk effectively.

Investigations trends/developments

Each of Australia’s key regulators has been active in 2020, in spite of the effects of the Covid-19 pandemic.

There has been increased enforcement from Australia’s corporate, markets, financial services and consumer credit regulator, the Australian Securities & Investments Commission (ASIC), which can be explained in part by the ongoing effect of recommendations made following the Financial Services Royal Commission. In response to the Financial Services Royal Commission, ASIC adopted a new enforcement approach known as “Why not litigate?”, resulting in more cases being pursued through the courts, rather than by way of settlements or enforceable undertakings. In financial year 2020/2021, enforcement action is budgeted to account for approximately 45% of ASIC’s annual budget of AUD471 million, with another 26% allocated to supervision and surveillance activities.

Australia’s financial crime regulator, AUSTRAC, which is proving itself to be one of Australia’s most successful and prolific regulators, came to an agreement with Westpac Banking Corporation (Westpac) around a AUD1.3 billion penalty arising from 23 million alleged breaches of anti-money laundering laws. This penalty is the largest civil penalty in Australian history.

In order to support its ongoing activities, including its enforcement agenda, AUSTRAC has received a AUD104 million funding increase (to be implemented over four years) in the 2020-2021 Federal Budget, including an additional 67 new staff. In addition to strengthening its enforcement activities, the increased funding is intended to support the delivery of a new modern reporting system that better assists reporting entities to fulfil their compliance obligations, and allow more resources to be dedicated to proactive regulation, education and outreach to support industry.

In its 2020 statement of enforcement priorities, Australia’s competition regulator, the Australian Competition and Consumer Commission (ACCC), continued to place a focus on cartel conduct and other anti-competitive practices that involve “Australians, Australian business or entities carrying on business in Australia”. It has placed particular emphasis on competition and consumer issues relating to digital platforms and has focused on investigations involving digital platforms allegedly misleading consumers about the collection and the use of their personal data. The ACCC has also been looking closely at the pricing and selling practices of essential services, particularly in relation to electricity and telecommunications.

The ACCC is continuing in its prosecution of a high-profile criminal cartel case against two global investment banks, one of Australia’s largest domestic banks, and six of their senior executives, relating to a capital raising in 2015 and four phone calls that occurred among the defendants over a weekend.

On 1 January 2020 the Australian Sanctions Office was created within the Department of Foreign Affairs and Trade. The enforcement of sanctions in Australia is criminal, not civil. Enforcement of Australia’s sanctions laws has witnessed a steady increase in recent years, with a number of criminal prosecutions currently working their way through the court system, including one case involving the alleged export of nickel alloys to Iran (which is a banned export on the basis that it could contribute to Iran’s nuclear programme), and another prosecution in which an individual has been charged with breaching United Nations sanctions for the supply of products related to the proliferation of weapons of mass destruction to North Korea.

Significant law reforms impacting corporate criminal liability

The Australian Law Reform Commission’s (ALRC) Final Report on Corporate Criminal Responsibility (see here) (ALRC Corporate Criminal Responsibility Report) was made public on 31 August 2020. The ALRC inquiry into corporate criminal responsibility in Australia followed on from widespread concerns that corporations, and senior officers within those corporations, are not adequately held to account for serious corporate misconduct. The report makes a number of recommendations, with the stated intention of better aligning corporate liability with corporate culpability, and reducing the multiplicity and complexity of current laws relevant to corporate misconduct, many of which the ALRC says lack a principled basis and are often duplicative. Highlights from the ALRC’s findings are:

  • prosecutions of corporations, relative to individuals, are extremely rare, even in heavily regulated sectors where corporations are most active;
  • prosecutors withdraw a significantly higher number of charges against corporations than they withdraw against individuals for corporate crimes, suggesting that existing laws present real difficulties in prosecuting corporations;
  • Commonwealth law contains a variety of complex mechanisms for attributing criminal responsibility to corporations, but should instead contain just one standard mechanism. In order to focus squarely on corporate blameworthiness, fault should be attributed to corporations with a poor compliance culture. A corporation should be able to avoid liability by demonstrating it took reasonable precautions to prevent misconduct (ie by demonstrating an absence of corporate fault);
  • there is concern that the paucity of corporate criminal prosecutions, and regulators’ frequent reliance on civil penalty provisions, have led to a mind-set that the penalties imposed are little more than a cost of doing business;
  • new penalty and sentencing options should be introduced to empower courts to take into account the impacts on third parties, and to punish those most involved in the wrongdoing.

Amendments to Australia’s anti-money laundering legislation were passed in December 2020 to simplify and clarify provisions relating to customer due diligence, correspondent banking and tipping off. See here for our discussion of the amendments when they were introduced to parliament in 2019, and our discussion of the passing of the amendments by parliament here.

In the coming months it is likely the Crimes Legislation Amendment (Combating Corporate Crime) Bill 2019 will be passed. This legislation will introduce a “failure to prevent bribery” offence similar in style to the s7 Bribery Act 2010 office, as well as a deferred prosecution agreement scheme.

Internal investigations – key developments

In the current enforcement environment, ASIC is heavily scrutinising claims for privilege in the context of regulatory investigations, particularly in circumstances where sufficient details supporting the basis of the claim are not provided from the outset.

The ALRC report (see above) highlights the importance of conducting appropriately tailored internal investigations, and the potential for hindsight scrutiny of the adequacy of those processes by external parties (eg prosecutors, courts) in the context of regulatory enforcement action. The ALRC Corporate Criminal Responsibility Report recommended that the Crimes Act 1914 (Cth) should be amended to require a court to consider a multitude of factors when sentencing a corporation, including “any measures that the corporation has taken to reduce the likelihood of its committing a subsequent offence, including: (i) internal investigations into the causes of the offence; (ii) internal disciplinary action; and (iii) measures to implement or improve a compliance program”. In-house teams should consider taking steps to ensure they have, or source externally, appropriately qualified expertise to conduct such investigations.

Sectors targeted by law reforms or enforcement action

The financial services sector remained a focus for enforcement action during 2020 across multiple regulators.

The AUD1.3 billion civil penalty imposed on Westpac for breaches of Australia’s anti-money laundering laws marked the largest civil penalty in Australian history. AUSTRAC’s Chief Executive Officer, Nicole Rose, indicated that AUSTRAC will remain focused on the financial sector in 2021, stating “our role is to harden the financial system against serious crime and terrorism financing and this penalty reflects the serious and systematic nature of Westpac’s non-compliance”.

This is not to say that AUSTRAC is only focused on the financial services sector; AUSTRAC has publicly indicated that it is considering enforcement action against a major non-banking institution, with a view to commencing proceedings during the 2020/21 financial year.

In its Enforcement Update[1], ASIC stated that it is prioritising:

  1. Financial Services Royal Commission referrals and case studies.
  2. Misconduct related to superannuation and insurance.
  3. Cases that engage ASIC’s new powers or provisions that now carry penalties or higher penalties.
  4. Illegal phoenix activity.
  5. Auditor misconduct.
  6. New types of misconduct (eg those carried out online or using emerging technologies).

In addition, ASIC has stated that it will always prioritise:

  1. Significant market misconduct.
  2. Misconduct that is serious either by its nature or extent of harm, or that involves a large market participant or licensed entity.
  3. Misconduct that involves a high risk of significant consumer harm, particularly involving vulnerable consumers.
  4. Misconduct by individuals, particularly criminal conduct or government failures, at board or executive levels.

Separately, as the impact of Covid-19 began to be felt across the Australian economy, ASIC stated in March 2020 that it was recalibrating its regulatory priorities. It said it would maintain its enforcement activities but would target “action necessary to prevent immediate consumer harm, egregious illegal conduct and other time critical matters”. ASIC has also stated that it has implemented a set of pandemic-related enforcement priorities to guide its response to misconduct associated with the pandemic. Those priorities aim to address misconduct arising from behaviour seeking to exploit the pandemic environment, opportunistic misconduct (such as scams, unlicensed misconduct, and misleading and deceptive advertising), failures to disclose materially negative information, opportunistic and misleading market announcements made to the ASX, and egregious governance failures.

Cross-border coordinated enforcement activity

Australian regulatory authorities regularly collaborate with their overseas counterparts. For example, the Australian Federal Police (AFP) has been a member of the International Foreign Bribery Taskforce since 2013 and has worked on several matters with its other members (including the UK National Crime Agency and the U.S. Federal Bureau of Investigations (FBI)), a number of which are ongoing.

In a recent example of cross-border cooperation and enforcement, in November 2020 the AFP arrested a former senior executive of Leighton Offshore Pty Ltd for foreign bribery offences, engaging in conduct to falsify books, and knowingly providing misleading information, all in relation to a plan to bribe Iraqi officials in exchange for oil pipeline contracts. The AFP stated that it had worked in close collaboration with the UK’s Serious Fraud Office, the U.S. Department of Justice, and the FBI. The AFP also stated that it had obtained evidence from ten countries, and provided evidence to help foreign law enforcement partners secure guilty pleas to foreign bribery charges.

In January 2020, AUSTRAC, in cooperation with the AFP and Philippine authorities, announced several actions against entities and individuals connected with child exploitation offences in the Philippines. It has also been involved in proceedings against Westpac for numerous money laundering compliance failures at the bank, including money transfers to the Philippines. Those proceedings resulted in the agreement between AUSTRAC and Westpac described above.

ASIC continues to bring civil penalty proceedings against a large mining company and former senior individuals for alleged breaches of accounting standards and disclosure obligations. The proceedings arose from a similar enforcement action taken by the U.S. Securities and Exchange Commission and the UK Financial Conduct Authority. In announcing the enforcement action, each of these regulators referred to the support provided by the others in collecting and sharing evidence.

Financial crime issue predictions for 2021

Responding to greater enforcement activity and improved enforcement powers of regulators is a principal challenge for corporates operating in Australia at present. As noted above, regulators have received major additional funding to undertake this enforcement activity. The increased funding has led to greater cooperation and coordination between regulators, as well as an increase in concurrent regulatory investigations (where the conduct falls within overlapping regulatory ambits). As a result, the Australian legal and compliance market is experiencing a considerable skills shortage, making it even more difficult to staff the increased workload.

Further, pressure on boards to adequately monitor non-financial risks, as well as the recent imposition of several new obligations that are broadly worded or principle-based (such as the Financial Accountability Regime, which will replace the Banking Executive Accountability Regime that commenced on 1 July 2019 and which is designed to further increase transparency and accountability and improve risk culture and governance by imposing a range of accountability obligations on an array of entities and their senior executives), has necessitated the development of more mature compliance systems. This has led to an increase in change projects designed to identify and manage such risks, and a greater investment in consultants with expertise in regulatory compliance, as well as corporate culture and governance.

General Counsel will need to be particularly focused on the use of IT systems and infrastructure to address conduct risk and compliance processes. Such systems can be critical for meeting the regulatory obligations of large institutions, however breakdowns in those systems or related processes can lead to large-scale data breaches or systemic non-compliance with the regulations they were intended to meet.

This article is part of the Allen & Overy Cross-border White collar Crime and Investigations Review. Please visit the review homepage for our overviews and insights in other jurisdictions. 

[1] Report 666, September 2020


Download the Cross-Border White Collar Crime and Investigations Review

Silhouettes of people meeting

The 'Cross-Border White Collar Crime and Investigations Review' analyses the latest developments and trends, and highlights the most significant among the current and emerging issues that white collar crime and investigations in-house counsel should prioritise in the year ahead.