Posted by  ARdata on Jul 24, 2025 10:57:38 AM

This week, the regulatory focus pivoted sharply towards two critical frontiers: digital resilience and investment integrity. The Australian Securities and Investments Commission (ASIC) fired a significant warning shot across the industry by launching a landmark lawsuit against a licensee for alleged cybersecurity failures, setting a new precedent for digital governance. In a parallel move, the federal government initiated a major policy push to combat greenwashing with a new framework for sustainable investment labels. These forward-looking actions unfolded against a backdrop of continued enforcement and new data from the Australian Financial Complaints Authority (AFCA), which revealed a record high in consumer complaints, painting a complex picture of the industry's health.

 

Cybersecurity in the Crosshairs: ASIC Launches Landmark Suit

 

The most significant development this week was ASIC’s decision to sue Fortnum Private Wealth over a major 2021 cyber-attack. The regulator alleges the licensee failed to have adequate cybersecurity systems and risk management processes in place, leading to a "significant and harmful" data breach that exposed the sensitive personal information of thousands of clients. This is the first time ASIC has taken such action related to cybersecurity failings, signalling a significant escalation in its expectations for how licensees manage digital risks. 

The case, which Fortnum has vowed to defend, will be a critical test of a licensee’s obligations under the Corporations Act to act efficiently, honestly, and fairly, and to have adequate risk management systems. Regardless of the outcome, it serves as an unambiguous message to the entire industry that ASIC now considers robust cybersecurity defences a non-negotiable component of a licensee’s core duties. The action follows a string of enforcement activities targeting basic compliance, including issuing infringement notices to two AFS licensees for allowing advisers to provide advice while unregistered.

 

Truth in Labelling: Government and Regulators Tackle Greenwashing

 

In his first significant policy initiative, Assistant Treasurer and Minister for Financial Services, Dr Daniel Mulino, announced the launch of a Treasury consultation on a new labelling regime for sustainable investment products. The proposed framework aims to provide clear, standardised labels for investment products marketed as "sustainable" or "green," helping investors make more informed decisions and combating the risk of greenwashing. The government hopes this will build investor confidence and help channel capital towards legitimate, sustainable projects.

Other regulatory and political pressures complemented this policy move. Independent MP Allegra Spender has pushed for a comprehensive review of the Your Future, Your Super (YFYS) performance test and RG 97 fee and cost disclosure rules, arguing the current regulations can lead to suboptimal investment outcomes and hinder national productivity. Meanwhile, ASIC’s surveillance of the private credit market continues, with the regulator singling out specific funds for further review as part of its ongoing probe into the rapidly growing sector. On the anti-money laundering front, AUSTRAC unveiled its regulatory priorities for 2025-26, naming digital currency exchanges, payment platforms, and major banks as high-risk sectors requiring intense scrutiny.

 

A Tale of Two Sectors: Complaints Data Reveals Diverging Fortunes

 

The Australian Financial Complaints Authority (AFCA) provided a detailed scorecard on the industry's performance with the release of its annual complaints data. For the first time, AFCA received over 100,000 complaints in a single year, a record high. However, the data revealed a stark divergence between sectors. While complaints related to superannuation saw a significant drop, complaints about investments and financial advice jumped by 18%, noting that these primarily relate to Dixon and the failed Shield and First Guardian funds. 

ASIC's continued actions against individuals further coloured this enforcement backdrop. The regulator permanently banned a convicted fraudster for offering illegal investment advice and secured an extension of a travel restraint order against Merhi Saad, an adviser linked to the failed Shield and First Guardian funds. In other news, the Australian Prudential Regulation Authority (APRA) announced it would maintain its current macroprudential policy settings, including the 3% serviceability buffer for home loans, citing ongoing economic uncertainties.

 

Context, Looking Ahead & Takeaways

 

This week represents a clear evolution of regulatory priorities. While previous weeks focused on implementing existing reforms and broad governance principles, the Fortnum lawsuit marks a tactical escalation, targeting specific operational failures in the critical area of cybersecurity. Similarly, the sustainable finance consultation moves the greenwashing conversation from a supervisory issue to a concrete policy design phase. The AFCA data provides a crucial feedback loop, validating the regulatory focus on investment advice while perhaps offering some encouragement on the progress made in superannuation.

Looking ahead, the Fortnum case will be a landmark legal battle, with its outcome set to define cybersecurity obligations for all licensees for years to come. The consultation on sustainable investment labels, which closes later this year, offers the industry a crucial window to shape the future of ESG product design and marketing.

 

Key Takeaways:

  • Short-term (0–3 months): Licensees must urgently conduct a thorough review of their cybersecurity frameworks, incident response plans, and third-party provider risks. The Fortnum lawsuit establishes a new and immediate standard of care that ASIC will test.
  • Short-term (0–3 months): All financial services firms should analyse AFCA’s complaints data to identify common pain points and proactively address potential issues in their own client service and advice processes, particularly around service quality and misleading conduct.
  • Medium-term (3–12 months): Asset managers and product issuers must actively engage with Treasury’s consultation on sustainable investment labels. The outcome will fundamentally reshape product development, disclosure, and distribution strategies for all ESG-related offerings.

Topics: ARdata News