The continuing uncertainty around the provision requiring licensees to provide financial services ‘efficiently, honestly and fairly’ under section 912A(1)(a) of the Corporations Act (EHF provision) comes into sharpest focus against the backdrop of the new breach reporting regime.
In this article, we examine some common questions and challenges we are seeing emerge in relation to the EHF provision in the context of a licensee’s breach reporting obligations.
Does “inefficiency” of itself constitute a breach of the EHF provision or does the inefficiency also have to operate unfairly (or dishonestly)?
We have followed closely the shifting judicial consideration as to whether the phrase ‘efficiently, honestly and fairly’ must be read compendiously, or whether it should be read as introducing separate standalone obligations. The most recent judicial trend suggests that the phrase may come to be interpreted as imposing three separate but concurrent obligations.
While concepts of fairness and honesty are well understood, the concept of ‘efficiency’ is the source of widespread uncertainty across the industry. In particular, is ‘inefficiency’ on its own sufficient to trigger a breach of the EHF provision and if so, what degree of inefficiency is required?
In the recent case of ASIC v RI Advice Group Pty Ltd (No 2), while it was held unnecessary to resolve whether the EHF provision was compendious or not, the relevant failure of the AFS licensee to have adequate compliance, monitoring and supervision frameworks in place to ensure financial advice was being provided appropriately was primarily analysed by reference to the efficiency limb of the EHF provision, and little reference was made to the honestly or fairness limbs. The Federal Court considered efficiency could be used as a yardstick; or in other words, as a standalone obligation such that any inefficient conduct alone could constitute a breach of the EHF provision.
In our view, while the Federal Court has demonstrated that it is prepared to apply the EHF provision as three separate obligations and that a breach of any one limb may constitute an overall breach of the EHF provision, this is not settled law by any means. More recently in ASIC v Commonwealth Securities Limited, which was handed down on 25 October 2022, it was held that “ultimately, the distinction may be of limited practical impact.”
If inefficiency alone can trigger a breach of the EHF provision, this then takes us to the question of materiality.
Is there a materiality threshold before a breach of the EHF provision arises?
Neither the EHF provision nor the relevant case law offers any clear sense of whether a materiality threshold applies. A breach of the EHF provision in this sense is like piercing an invisible veil and licensees are understandably struggling to grapple with this invisible threshold.
In our view, it does stand to reason that some degree of materiality should apply, especially having regard to the fact that the EHF provision is a foundational conduct obligation in financial services law which attracts potentially considerable civil penalties. Such an obligation can surely not have been intended to capture, for example, isolated errors and delays, but rather focused on matters of a more systemic nature that the licensee could and should have prevented. While any assessment under the EHF provision will look to the processes that a licensee has in place and not be focussed solely on outcomes, regard must also be had to the consequences of conduct. In some cases, it may also be relevant to consider any neutralising impact of remediation or rectification measures that have been implemented by a licensee.
We attempt to draw out some of these considerations below:
- How many clients were impacted? The efficiency limb of the EHF provision would have regard to questions like this, which are sometimes more ambiguous than questions centred around the honesty and fairness limbs. For example, what is the reasonable expected standard of performance? Are we more concerned about the total number of clients impacted (e.g. 10 clients) or the total proportion of clients impacted (e.g. 10%)? Potentially it depends on the impact to the relevant cohort, and the extent to which such number or proportion is reflective of a more systemic and enduring error.
- What was the level of harm? For example, a bulk of statements of advice were issued correctly to clients but only a handful were not. While it may seem uncontroversial that this would not be a breach of the EHF provision due to the total number or proportion of members impacted, it may be if there was a severe impact on the handful of members affected. Alternatively, if there is no member impact or the incident has been remediated such that there is no resulting impact, this may point towards there not being a breach of the EHF provision (but noting such conclusion cannot be reached focussing solely on outcomes and regard should be had to other factors).
- Was the incident avoidable? That is, were there ways to prevent the breach, such as controls or systems? Were there Board deliberations/intervention which could have been put in place?
In ASIC’s recent Report 740 Insights from the reportable situations regime: October 2021 to June 2022 (REP 740), ASIC has expressed concern that licensees are inappropriately categorising the root cause of an incident as ‘human error’. Where the root cause of an incident is human error, the implication is that such an incident could not have been avoided by the licensee. It is important to assess instances of human error and whether they are reasonably foreseeable/ preventable versus unavoidable, as this will contribute, in our view, to whether the incident could have and should have been prevented by the licensee (e.g. through a system or other control). In turn, this will also impact upon any analysis under the EHF provision.
- Has any loss been remediated? The recent case of ASIC v NAB handed down on 7 November 2022 supports the position that the existence or otherwise of a reasonably suitable remediation program can be relevant to whether a financial service has been provided in accordance with the EHF provision, notwithstanding that remediation activity is not, itself, a financial service:
It would be an unduly restrictive reading of the section if the “service” referred to excluded the steps to be taken if a service has been defectively performed. A “service” is not merely the performance of an act, but includes the terms of the arrangement under which the act is performed, for example that it should not be done with gross negligence. There is merit in the view that unless and until the service has been provided in full and properly according to the arrangement, it has not been provided.
Consequently, consideration can be given to the potentially neutralising impacts of a remediation program, including preventative measures, where such remediation program has been or is being developed to compensate clients who have suffered loss, or otherwise remedy an issue.
- How serious was the conduct? More egregious breaches may attract the honesty and fairness limbs, for example, a bad motivation/purpose (e.g. bad faith). Examples include breach of good faith, acting for an improper purpose, and acting unconscionably. Alternatively, breaches that are more trivial or smaller in nature, for example, a one-off mistake, may not meet the materiality threshold:
[the EHF provision] does not require commercial perfection whereby any possibility of error or mistake is eliminated. It is most unlikely that the legislature intended that the imposition of penalties could be incurred merely because, from time to time, employees mistakenly enter data into the bank’s computers.
- If several incidents occur that could each, in their own right, be considered a breach of the EHF provision, can they be aggregated so that they can be seen to be one breach?
In our view, yes, where such breaches arise from the same pattern of conduct. ASIC in Regulatory Guide 78: Breach reporting by AFS licensees and credit licensees (RG 78) outlines that when there are several incidents arising from a single, specific root cause, these incidents can be aggregated and notified to ASIC in the one report. However, as noted above, ASIC in REP 740 has expressed concerns around how adequately licensees are identifying and addressing underlying root causes of aggregated breaches.
If one incident constitutes a breach of another provision of financial services law (e.g. Corporations Act, ASIC Act), as well as the EHF provision, is the one incident reportable as multiple breaches?
As a matter of law, yes. In addition, the breach reporting form lodged via the ASIC Regulatory Portal is structured in this way so that multiple boxes can be marked for multiple breaches arising from the same incident.
When looking at a breach of EHF in the provision of a financial service, should unrelated incidents be aggregated insofar as there may have been a series of instances of inefficiency, albeit unrelated?
In our view, no. Licensees should have appropriate processes in place for establishing the root causes of incidents so they are not aggregated with unrelated incidents. It would also be a materiality question as to whether the unrelated instances of inefficiency would constitute a breach of the EHF provision, with regard to factors such as those outlined above.
Is a breach of the EHF provision a standalone breach or does a licensee also have to breach another section (e.g. misleading or deceptive conduct) to be in breach of the EHF provision?
A breach of the EHF provision is a standalone breach. It follows that:
- a breach of another provision of financial services law does not automatically result in a breach of the EHF provision; and
- a breach of the EHF provision is not predicated on there being a breach of another provision of financial services law.
To this point, ASIC in Regulatory Guide 104 AFS licensing: Meeting the general obligations states:
If you fail to comply with the other general obligations [in section 912A], it is unlikely that you will be complying with the [EHF] obligation. However, the [EHF] obligation is also a standalone obligation that operates separately from the other general obligations. For example, if you have contractual obligations to clients and breach them, this might not be a breach of the other general obligations, but it could amount to a failure to provide your financial services efficiently, honestly and fairly.
Consequently, while it can often be the case that conduct engendering a breach of another financial services law, for example, misleading and deceptive conduct may also constitute a breach of the EHF provision, this is not an automatic or foregone conclusion. The EHF provision is not a catch-all provision capturing all other breaches of financial services laws. Similarly, it is not a filler obligation that only applies where there is no specific financial services law provision.
The EHF provision is also not a proxy for a fiduciary duty. While the ‘fairness’ limb of the EHF provision may require balancing the interests of both clients and the licensee, this is not a back door into other fiduciary duties, for example, the best interests duty. A licensee will not become a fiduciary simply by virtue of its role in providing financial services, some other specific fiduciary relationship must exist.