The Australian Securities and Investments Commission (ASIC) has highlighted technology risks such as scams and cyber resilience as a top priority to address over the next four years.
Under its latest corporate plan [pdf], ASIC said it will “focus on the impacts of technology in financial markets and services, drive good cyber-risk and operational resilience practices, and act to address digitally enabled misconduct, including scams.”
Other priorities to be tackled under its action plan include product design and distribution, sustainable finance and retirement decision-making.
It aims to deliver on its priorities via eight core strategic projects with plans underway to combat scams, manage digital assets, improve cyber resilience and governance, and boost its digital capabilities, while continuing its "ongoing regulatory work”.
The regulator stated it will develop “enhanced, data-informed approaches to identifying, quantifying and disrupting scams”.
It will also seek to collaborate “with other agencies to target investment scams more effectively."
ASIC added that since “cryptocurrency-assets and decentralised finance (DeFi) are global phenomena” reaching “beyond geographic jurisdictions”, it is “committed to using the full range of our powers to preserve the integrity of the Australian financial markets”.
Part of its plans involves “supporting the development of an effective regulatory framework….taking enforcement action to protect consumers from harms associated with crypto-assets”.
ASIC will also look to “raise awareness and undertake proactive supervisory actions” to boost cyber security and operational resilience while taking ‘enforcement action against egregious conduct”.
The Financial Accountability Regime (FAR), developed to improve the risk and governance within the financial sectors, will also be uplifted through close collaboration with the Australian Prudential Regulation Authority (APRA) to “facilitate a smooth implementation”.
Under its digital technology and data project, ASIC said it will “continue to bolster ... capabilities to be a leading digitally enabled, data-informed regulator.”
“We will use data and technology to more quickly and accurately identify harms in our environment, conduct better analysis of data assets to support improved decision making, and drive more efficient, proportionate and targeted regulation,” the report stated.
ASIC said its data strategy will enable it “to become a more collaborative and digitally connected workplace that uses digital technologies and data to support our people in achieving effective and efficient regulatory outcomes.”
Across the next four years, ASIC intends to “collect more data” despite “not currently have the powers to collect granular recurrent data across all financial services and credit sectors that we regulate.”
“However, we have been developing recurrent data collections where possible in collaboration with our peer regulators, particularly APRA.
“We will also continue to work with Treasury to explore law reform that can enhance ASIC’s data collection powers," it said.
Its eight core project plans are supported by internal priorities that push ASIC to expand its digital technology use, data and analytics efficiency, recruitment and modernisation of its business registers.
ASIC noted it has $446 million available to support its plans in 2022–23, an 11 percent reduction from the previous year.
It said it would “maintain flexibility in our budgeting to ensure that our priorities can quickly adapt where there are changes in our regulatory environment during the year."