Financial Services and Credit Monthly Update August 2025

COMPETITION

ACCC greenlights industry talks on payment infrastructure reform

On 1 August 2025, the Australian Competition and Consumer Commission (ACCC) authorised Australian Payments Network Limited (AusPayNet), Australian Payments Plus Limited, and other stakeholders to collaborate on the future of account-to-account payment infrastructure. The authorisation, granted with conditions, permits discussions and information sharing aimed at developing a unified industry vision and reaching in-principle agreement on a desired future state. Participants include members of the Bulk Electronic Clearing System and New Payments Platform, with the Reserve Bank of Australia (RBA) and the Treasury also involved. The authorisation does not extend to implementing any agreed outcomes and a separate approval would be required for that. The authorisation is valid for 18 months, expiring on 31 January 2027. 

Proposed reforms to boost small and medium banks competition

The Council of Financial Regulators (CFR), in consultation with the Australian Competition and Consumer Commission (ACCC), has published the final report of its review into competition in the small and medium-sized banking sector. The review examined the role of small and medium-sized banks in providing competition and trends and barriers affecting their competitiveness. The CFR recommends a suite of regulatory and legislative changes aimed at reducing compliance burdens and improving access to funding for non-major banks, including nine recommendations for the Federal Government and nine actions for regulators.

Key proposals include streamlining breach reporting and annual compliance obligations for small banks, expanding the three-tier prudential framework of the Australian Prudential Regulation Authority (APRA), and increasing the covered bond issuance cap from 8% to 12% of assets. The report also supports modernising the Financial Claims Scheme (FCS) to enable faster depositor payouts and proposes a new “Tier 4” regime with lighter-touch regulation for very small banks, contingent on additional safeguards.

The Federal Government has accepted in-principle eight of the nine recommendations by the CFR, with consultation to follow on a proposed lighter-tough regime for very small banks and adjustments to the FCS.

APRA has announced that it is committed to taking the actions proposed by the CFR, including formalising a three-tiered prudential framework, streamlining accreditation for internal ratings-based capital models, clarifying capital adjustments under Pillar 2 of the Basel framework, and improving transparency in the bank licensing process.

The Australian Securities and Investments Commission (ASIC) has announced changes to internal dispute resolution (IDR) data reporting requirements for small banks as proposed by the CFR. From January 2026, small banks will shift from six-monthly to annual IDR data submissions. ASIC will adopt a no-action position until formal system changes are implemented in 2027, effectively accelerating the reform by over a year. ASIC will also establish ongoing processes to review broader reporting obligations for small and medium-sized banks.

CONSUMER PROTECTION

ASIC expands crackdown on investment scams

ASIC has expanded its investment scam website takedown program to include social media advertisements, aiming to disrupt the growing use of online platforms by scammers. Since July 2023, ASIC has coordinated the removal of over 14,000 scam websites and ads, including fake investment platforms, phishing links, and cryptocurrency scams. The program now averages 130 takedowns per week.

Recent trends identified by ASIC include “AI washing” (claims of fake trading bots driven by artificial intelligence (AI)), use of polished website templates and fake documents, embedding of legitimate third-party content, AI-generated fake news articles featuring celebrities, and “cloaking” techniques that tailor scam content to users’ location and device. Despite a reported 25.9% drop in overall scam losses since 2022, Australians lost $945 million to investment scams in 2024. The expansion to social media aims to cut off more pathways scammers use to reach victims and reflects the evolving nature of online fraud.

ASIC has also intensified its efforts to combat investment scams exploiting celebrity images, with over 330 scam websites shut down so far in 2025, marking a 25% increase on the same period last year. ASIC’s takedown program targets fraudulent schemes using unauthorised images of prominent Australians such as Andrew Forrest, Gina Rinehart and Anthony Pratt.

ASIC also flagged emerging risks around superannuation switching schemes, which often begin with online ads offering free “super health checks” and use high-pressure tactics to push unsuitable products. The regulator urges consumers to apply its “Stop. Check. Protect.” framework when assessing financial offers.

Scam losses climb despite fewer reports, crypto fraud surges

The National Anti-Scam Centre has reported that Australians lost an estimated $173.8 million to scams in the first half of 2025, according to the its Scamwatch data released during Scams Awareness Week. While overall scam reports fell 24% compared to the same period in 2024 to 108,305, reports involving financial loss rose by 40.5%, with particularly sharp increases among First Nations Australians (55.3%) and those who speak English as a second language (44%).

Online shopping scams were the most reported category, with over 6,300 cases. One victim lost more than $11,000 to a fake travel agent offering a “free digital travel assistant” via a convincing website. Losses to phishing scams totalled $19.5 million, driven by a rise in cryptocurrency impersonation scams mimicking bank fraud tactics. Despite the uptick in losses, scam-related harm remains below 2022 and early 2023 peaks.

CORPORATE

ASIC targets non-lodgement by formerly grandfathered companies

ASIC has ramped up its scrutiny of financial report lodgements by large proprietary companies, following widespread non-compliance among firms previously exempt under the now-repealed grandfathering provisions. Of the 1,166 companies formerly covered by the exemption, over half failed to lodge their financial reports for financial year 2023 or 2024. ASIC investigated 58 suspected large proprietary companies and confirmed 32 had breached lodgement obligations. ASIC also flagged that auditors had not reported most of these breaches, as required. The grandfathering exemption was removed in August 2022, obliging affected companies to lodge audited financial reports. ASIC has now launched a broader surveillance campaign targeting non-lodgement, expected to conclude in in the first quarter of 2026. Regulatory action remains on the table for ongoing non-compliance.

ESG

Treasury opens consultation on climate transition planning guidance

On 15 August 2025, the Treasury released a consultation paper seeking feedback on proposed guidance for climate-related transition planning. The initiative forms part of the Australian Government’s Sustainable Finance Roadmap and aims to support organisations in identifying and managing climate-related risks and opportunities.

The paper is split into two parts: Part A outlines the role of transition planning and the proposed design approach; and Part B provides draft illustrative guidance aligned with that approach. The guidance is intended to promote international comparability, reflect domestic policy settings, and strike a balance between ambition and flexibility. Submissions are open until 24 September 2025.

FINANCIAL MARKETS

Draft loan securities regulations released for consultation

On 4 August 2025, the Treasury released the draft Loan Securities Regulations 2025 (Cth) for public consultation, ahead of the scheduled sunset of the existing 2015 regulations on 1 October 2025. The draft regulations repeal and remake the current framework, with updates to language and layout to reflect modern drafting standards. Notably, provisions allowing reissue of certificates for lost, stolen, destroyed or mutilated securities have been removed, consistent with the Commonwealth’s cessation of scrip-based securities. Payment provisions remain unchanged, while delegation of powers has been revised to align with best practice. Submissions closed on 15 August 2025.

Treasury consults on remake of Commonwealth Inscribed Stock Regulations

On 4 August 2025, Treasury released the draft Commonwealth Inscribed Stock Regulations 2025 (Cth) for public consultation, ahead of the scheduled sunset of the existing 2015 regulations on 1 October 2025. The draft instrument repeals and remakes the current regulations without altering their substantive operation. Key changes include updates to language and formatting to reflect contemporary drafting standards for legislative instruments. Delegations of power under the regulations have also been revised to align with best practice governance principles. The consultation closed on 15 August 2025. 

ASIC moves to boost capital market competition

ASIC has announced a suite of measures aimed at enhancing competition and innovation in Australia’s capital markets. It is finalising its review of a listing market application from Cboe Australia (a subsidiary of Cboe Global Markets (Cboe)), which already facilitates trading in securities and exchange traded products listed on the Australian Securities Exchange (ASX). ASIC also plans to expand the list of approved foreign markets to include Cboe’s US and Canadian exchanges, and the Canadian Securities Exchange, which is seeking to acquire the National Stock Exchange of Australia. These steps will allow Australian investors to engage in certain transactions on these platforms. Separately, ASIC has approved an expansion of FCX platform’s licence to support private market bookbuilds and is exploring ways to streamline dual listings of foreign companies.

ASIC consults on overhaul of trading system rules

ASIC has released Consultation Paper 386 proposing amendments to the Market Integrity Rules (MIRs) for securities and futures markets, aiming to modernise regulation of trading systems and algorithmic trading. The changes seek to streamline rules across markets, reduce complexity, and align with international standards, including International Organisation of Securities Commission principles.

Key proposals include extending principles-based obligations to the development, testing, and monitoring of trading algorithms, and mandating “kill switches” to halt errant algorithmic activity. ASIC also plans to repeal outdated provisions, such as the annual notification requirement for automated order processing, with a conditional no-action position for securities participants from November 2025.

The consultation responds to the increasing dominance of algorithmic trading, now comprising 85% of equities and 94% of SPI 200 futures trading, and the growing use of AI, which may heighten risks during market volatility. Submissions are due by 22 October 2025.

FINANCIAL PRODUCTS

ASIC extends hardship relief for frozen investment schemes

ASIC has extended the operation of its hardship withdrawals relief for frozen managed investment schemes by 18 months, to 28 February 2027. The relief, originally introduced during the COVID-19 pandemic under ASIC Corporations (Hardship Withdrawals Relief) Instrument 2020/778 (Cth), permits responsible entities to allow withdrawals for members facing financial hardship, despite suspended redemptions and halted new investments.

The extension, effected via the ASIC Corporations (Amendment) Instrument 2025/548 (Cth), follows targeted consultation with stakeholders. While some supported allowing the relief to lapse, others argued for its continuation, particularly if amended to improve usability. Responsible entities relying on the relief must meet specified criteria (such as urgent financial hardship, unemployment, or permanent incapacity) and notify both ASIC and scheme members of their intention to do so.

ASIC is inviting further feedback on the relief and its conditions by 31 October 2025, ahead of deciding whether to remake the instrument with amendments or allow it to lapse.

ASIC consults on remake of managed investment pricing relief

ASIC is consulting on a proposal to remake ASIC Corporations (Managed Investment Product Consideration) Instrument 2015/847 (Cth), which is due to sunset on 1 October 2025. The instrument provides relief for managed investment schemes registered before 1 October 2013 (excluding time-share schemes), allowing responsible entities flexibility in pricing interests. The proposed remake would extend the relief for five years, with minor changes to simplify documentation of pricing discretions and align drafting with ASIC’s current style. ASIC has opted not to apply the newer 2023 instrument to older schemes, citing legal and operational burdens. Around 1,762 schemes may rely on the existing relief. Submission closed on 29 August 2025.

INSURANCE

ASIC extends relief for incidental retail cover in wholesale insurance

ASIC has remade the ASIC Corporations (Incidental Retail Cover) Instrument 2022/716 (Cth), extending its operation for five years beyond its scheduled expiry on 16 August 2025. The instrument exempts insurers and brokers from certain retail client obligations under the Corporations Act 2001 (Cth) (Corporations Act) when retail cover is incidentally included in wholesale insurance contracts. The relief targets business insurance products that contain minor, inseparable retail components, such as personal effects cover for employees, ensuring these do not trigger retail compliance requirements. The exemption does not apply where the retail cover is optional or separately purchased. The instrument includes conditions to ensure the retail component remains incidental and appropriately integrated. Under the Legislation Act 2003 (Cth), legislative instruments sunset after ten years unless renewed.

ASIC flags concerns over life insurers’ direct sales practices

ASIC has issued a letter to life insurance companies urging improvements in direct sales practices, following a review of industry conduct between July 2021 and June 2024. ASIC identified persistent deficiencies, including a doubling of dispute rates since its last review in 2018. Key recommendations include integrating complaints and cancellation data into product design, linking sales staff remuneration to compliance and customer satisfaction, and applying consistent standards to retention calls. ASIC also emphasised the need to treat complaints as business intelligence and to improve oversight of objection-handling practices. The review follows earlier findings in ASIC’s 2018 report, The sale of direct life insurance (REP 587) and echoes concerns raised in the 2019 Financial Services Royal Commission. ASIC has signalled that enforcement action may follow if companies fail to address the issues outlined.

PAYMENTS

AusPayNet releases fraud report for the 2024 calendar year

On 14 August 2025, Australian Payments Network Limited (AusPayNet) released its Australian Payment Fraud Report 2025, detailing trends in card and cheque fraud during the 2024 calendar year. It is reported that Australian card fraud rose sharply in 2024, with total losses reaching $913 million - up 20% from the previous year. The increase was largely driven by a 25% spike in overseas card-not-present (CNP) fraud, which accounted for half of all card fraud despite representing just 3% of total card spend. Overseas CNP fraud occurred at a rate of $12.08 per $1,000 spent, more than 12 times the domestic rate.

Domestic CNP fraud rose 11% to $362 million, but the fraud rate fell to a record low of 97 cents per $1,000 spent. However, the domestic CNP fraud rate is slower than the 21% increase in domestic card usage. Fraud involving lost or stolen cards increased 31% to $68 million, while counterfeit/skimming and cheque fraud declined by 20% and 44% respectively.

ACCC greenlights industry talks on payment infrastructure reform

On 1 August 2025, the ACCC authorised AusPayNet, Australian Payments Plus Limited, and other stakeholders to collaborate on the future of account-to-account payment infrastructure. The authorisation, granted with conditions, permits discussions and information sharing aimed at developing a unified industry vision and reaching in-principle agreement on a desired future state. Participants include members of the Bulk Electronic Clearing System and New Payments Platform, with the Reserve Bank of Australia (RBA) and the Treasury also involved. The authorisation does not extend to implementing any agreed outcomes and a separate approval would be required for that. The authorisation is valid for 18 months, expiring on 31 January 2027. 

ACCC backs industry coordination on card payments encryption upgrade

The ACCC has issued a draft determination proposing to authorise coordination among members of AusPayNet to upgrade encryption standards across the card payments system. The authorisation would allow AusPayNet and members of the Issuers and Acquirers Community (IA Community) to jointly implement a migration from the legacy Triple Data Encryption Standard to the more secure Advanced Encryption Standard (AES). The proposal includes permission to share information to monitor progress and resolve implementation issues. The ACCC considers AES a more suitable long-term solution for protecting sensitive payments data. If granted, the authorisation would remain in place for eight years. Submission on the draft determination closed on 29 August 2025.

ACCC proposes reauthorisation of AusPayNet governance provisions

The ACCC has proposed to reauthorise AusPayNet and members of its IA Community Framework to continue enforcing key governance provisions. The draft determination covers certification, suspension and termination rules within the IA Community Framework, which governs clearing and settlement for ATM and card network transactions, including Visa, Mastercard, American Express and eftpos. These provisions set minimum standards for conduct and dispute resolution among participating banks. The proposed authorisation would be valid for five years. Submission on the draft closed on 29 August 2025.

PRIVACY AND DATA

Productivity Commission floats draft reforms on data and digital technology

The Productivity Commission has released an interim report outlining draft recommendations to harness data and digital technology for productivity gains. Commissioned by the Federal Government, the inquiry identifies four priority reform areas: enabling AI’s productivity potential, expanding data access, introducing outcomes-based privacy regulation, and improving financial reporting through digitisation. The proposals aim to support safer and more efficient data use across sectors, including financial services. Submissions on the interim report are invited until 15 September 2025.

PRUDENTIAL

APRA releases 2025–26 Corporate Plan

APRA has released its 2025–26 Corporate Plan, outlining strategic priorities for the next four years and policy, supervision, and data initiatives for the coming 12 to 18 months. The plan focuses on four objectives: maintaining financial and operational resilience, responding to emerging risks, achieving regulatory balance, and enhancing organisational effectiveness.

Key initiatives include strengthening cyber resilience across regulated industries, particularly in light of AI adoption and geopolitical tensions; assessing compliance with the new Prudential Standard CPS 230 on operational risk management; and updating governance standards. APRA will also publish results from its inaugural System Stress Test and Climate Vulnerability Assessment for general insurers.

The plan signals increased scrutiny of superannuation fund expenditure and investment governance, and proposes a third tier of proportionality in banking regulation. APRA also aims to reduce duplicative requirements and promote access to affordable reinsurance. Internally, APRA will invest in data infrastructure, leadership development, and workplace culture.

APRA opens consultation on minor framework updates

On 25 August 2025, APRA commenced consultation on a series of minor amendments to the prudential and reporting framework for authorised deposit-taking institutions, insurers, and registrable superannuation entity licensees. The proposed changes are technical in nature and do not alter existing policy settings. They aim to clarify existing requirements and ensure the framework remains current. Submissions are open until 22 September 2025.

SUPERANNUATION

Consultation on superannuation retirement income principles

The Treasury has opened consultation on a set of best practice principles aimed at improving retirement income solutions offered by superannuation funds. The consultation paper seeks input on best practices across three areas: understanding fund membership, expanding access to retirement products and features, and enhancing member communications. The principles form part of the government’s broader initiative to improve the retirement phase of superannuation. Submissions are open until 18 September 2025. 

Review of superannuation fee disclosure rules on property investment

ASIC has launched a targeted review of Regulatory Guide 97 Disclosing fees and costs in PDSs and periodic statements (RG 97), focusing on how stamp duty and other transaction costs are disclosed in superannuation product documents. The move follows concerns raised at a recent investor roundtable that current disclosure requirements may distort performance test outcomes and deter super funds from investing in property.

Under RG 97, stamp duty on unlisted property investments must be disclosed as a transaction cost, while for listed property, it is included in investment fees. The review will assess whether this inconsistency affects investment decisions and whether class order relief is warranted to harmonise disclosure of private credit arrangements. It will also consider whether changes could support internal management of credit assets, potentially reducing costs for members and supporting business lending. The review, involving ASIC, the Treasury, and industry representatives, will report by 30 November 2025.

APRA expands superannuation data reporting FAQs

On 15 August 2025, APRA published 32 new frequently asked questions (FAQs) relating to Superannuation Data Reporting. The additional FAQs aim to clarify reporting obligations under APRA’s Superannuation Data Transformation project and assist superannuation trustees in meeting data submission requirements and interpreting reporting standards.

AML/CTF

New AML/CTF Rules tabled, staged rollout begins March 2026

On 29 August 2025, the Australian Transaction Reports and Analysis Centre (AUSTRAC) tabled the new Anti-Money Laundering and Counter-Terrorism Financing Rules 2025 (Cth) (Rules) in Parliament, following a two-stage public consultation process. The Rules supplement the amended the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) and aim to modernise Australia’s financial crime framework in line with global standards.

Key effective dates of the Rules include 31 March 2026, when updated obligations commence for existing reporting entities (excluding threshold transaction and suspicious matter reporting, which remain unchanged until 2029), and when enrolment opens for newly regulated “tranche 2” sectors. These include real estate, accounting, legal, trust and company services, precious metals and stones, and virtual assets. Obligations for tranche 2 entities begin on 1 July 2026.

The Rules are split into two instruments: one covering general obligations and the other setting out exemptions. AUSTRAC has also published a renumbering table to assist with navigating changes from the consultation draft.

AUSTRAC targets dormant remitters in registration crackdown

AUSTRAC has launched a campaign urging inactive independent remittance businesses to voluntarily cancel their registrations or face regulatory action. Of the more than 900 entities currently listed, a significant number are believed to be inactive. AUSTRAC warns that dormant registrations may be exploited by criminals seeking to launder illicit funds, particularly given the sector’s exposure to cash and cross-border transfers. Under the AML/CTF Act, registered remitters must maintain accurate ownership and activity records. AUSTRAC has signalled that it will begin cancelling registrations where businesses fail to act. The move follows a similar initiative targeting digital currency exchanges, which led to 22 voluntary withdrawals and 100 pending cancellations. AUSTRAC plans to publish a public version of its digital currency exchange register to improve transparency.

DISPUTES AND ENFORCEMENT

ASIC releases 2025–26 Corporate Plan

On 27 August 2025, ASIC released its 2025–26 Corporate Plan. The plan identifies more than a dozen new initiatives, including reviews of offset accounts, debt collection practices, whistleblower protections, and advice on establishing self-managed superannuation funds. ASIC will also continue its scrutiny of high-risk superannuation switching and pursue accountability for super trustees.

ASIC reported a 50% increase in formal investigations and a 19% rise in new civil proceedings over the past year, following internal restructuring. The plan also formalises ASIC’s focus on regulatory simplification, building on the work of its Simplification Consultative Group.

A new suite of performance measures has been introduced to improve transparency around ASIC’s impact. The plan includes ongoing work on capital markets reform and the ASX infrastructure inquiry. ASIC commenced 38 civil proceedings and 252 investigations in 2024–25, up from 32 and 168 respectively the previous year.

ASIC reports surge in retail misconduct complaints

ASIC has published new data revealing a sharp rise in misconduct reports affecting retail investors. Between 1 January and 30 June 2025, ASIC received 7,561 reports of misconduct, raising 11,060 issues. Of these, 5,909 related to financial services and retail investor concerns, including credit, licensing obligations, and conduct involving advice, insurance, and misleading or unconscionable behaviour.

The regulator also released its latest Enforcement and Regulatory Update, outlining key actions over the same period. Highlights include a $27 million penalty against AustralianSuper Pty Ltd for failing to merge duplicate accounts for over 90,000 members, enforcement action against multiple Macquarie Group entities for repeated compliance failures, and proceedings against Choosi Pty Ltd for allegedly misleading customers about its insurance product comparisons.

AFCA updates guidance on responding to financial hardship complaints

On 14 August 2025, the Australian Financial Complaints Authority (AFCA) released an updated version of its Financial Difficulty External Dispute Resolution Response Guide. The revised guide sets out clearer expectations for how financial firms should handle complaints involving financial hardship.

Key changes include more detailed requirements for documenting and explaining decisions, responding to hardship notices, and demonstrating compliance with obligations under the National Credit Code and relevant industry codes. The guide also incorporates AFCA’s fairness principles. New content addresses customer vulnerability and provides an expanded list of supporting information that firms should include in their responses.

Special levy proposed to cover CSLR shortfall

The Treasury has launched a consultation on imposing a special levy to address a funding shortfall in the Compensation Scheme of Last Resort (CSLR) following a request from the Assistant Treasurer and Minister for Financial Services. The CSLR was established to provide compensation to complainants where an eligible determination by AFCA remains unpaid by its members. The CSLR operator has estimated that claims costs for personal financial advice in 2025–26 will reach $67.3 million, exceeding the legislated $20 million cap on levies for the advice sub-sector. This triggers a provision under the CSLR legislation allowing the Minister to raise a special levy to cover the excess. The consultation will also inform the broader CSLR post-implementation review. Submissions can be made until 29 August 2025.

APRA imposes capital add-on and licence conditions on KeyInvest

On 5 August 2025, APRA announced a $5.5 million operational risk capital add-on for KeyInvest Limited (KeyInvest), a life insurer and friendly society specialising in funeral bonds. The move follows an independent review commissioned by APRA which identified deficiencies in KeyInvest’s risk management framework and questioned the board’s oversight of long-term strategic objectives. The capital add-on applies to KeyInvest’s management fund and will remain until APRA’s concerns are resolved. Additional licence conditions require KeyInvest to implement a remediation plan addressing the review’s recommendations and to develop a board renewal plan for APRA’s approval. While KeyInvest has begun remediation efforts, APRA expects further work to confirm their effectiveness.

Four charged over alleged bond scam laundering

ASIC has charged four Victorian men, Dimitrios (James) Podaridis, Peter Delis, Bassilios (Bill) Floropoulos, and Harry Tsalikidis, with money laundering offences linked to a fraudulent investment scheme. Between January and July 2021, the group allegedly dealt with funds obtained through a scam involving fake bonds and financial products. While not accused of running the scam itself, the men are alleged to have handled proceeds of crime. The scheme used fake comparison websites and social media ads to lure investors, followed by high-quality counterfeit prospectuses mimicking legitimate financial institutions. Funds were deposited into Australian accounts controlled by the accused and then moved offshore or to crypto exchanges. The matter is listed for committal mention on 30 October 2025.

NSW Supreme Court upholds bank’s right to exit high-risk charity account

The Supreme Court of New South Wales has dismissed proceedings brought by Merciful Group Incorporated (Merciful) against Norfina Limited, trading as Suncorp Bank (Suncorp) over the closure of its account. Merciful, a registered charity, challenged Suncorp’s decision to terminate the relationship, arguing it breached contractual and implied obligations. Suncorp cited risk concerns including unexplained high-value transactions, links to high-risk jurisdictions, and use of money remitters. Justice Hammerschlag found Suncorp acted within its contractual rights and prudential obligations, concluding it had legitimate business interests in closing the account. The Court rejected Merciful’s claims for declaratory relief and an injunction, noting Suncorp was not obliged to investigate or engage with the customer before exercising its rights. The decision reinforces the discretion banks have to exit relationships deemed inconsistent with their risk appetite and compliance frameworks.

iSignthis and former CEO penalised for disclosure failures

The Federal Court has imposed a $10 million penalty on iSignthis Ltd (now Southern Cross Payments Ltd) (iSignthis) for breaching disclosure laws, and disqualified its former CEO, Nickolas Karantzis, from managing corporations for six years. Mr Karantzis was also fined $1 million for breaching director duties and providing misleading information to the ASX.

The Court found that between 2018 and 2020, iSignthis engaged in multiple contraventions, including misrepresenting revenue composition, failing to disclose significant one-off revenues and costs, and withholding information about the termination of its relationship with VISA. Justice McEvoy criticised Mr Karantzis for minimising the seriousness of his conduct in relation to the disclosure failures. iSignthis, which provided identity verification and payment services, was delisted from the ASX in November 2022. ASIC commenced proceedings in December 2020, with liability findings handed down in June 2024.

Information Commissioner civil penalty proceedings against Optus

The Australian Information Commissioner (AIC) has commenced civil penalty proceedings in the Federal Court against Singtel Optus Pty Ltd and Optus Systems Pty Ltd (together, Optus) over the 2022 data breach that exposed the personal information of approximately 9.5 million Australians. The AIC alleges that between October 2019 and September 2022, Optus failed to take reasonable steps to protect personal data, breaching the Privacy Act 1988 (Cth) (Privacy Act). The compromised data included names, contact details, and government-issued identifiers such as passport and Medicare numbers. The AIC contends that Optus’s cybersecurity practices were inadequate given the volume and sensitivity of the data it held. The AIC is seeking civil penalties under section 13G of the Privacy Act, with a potential maximum of $2.22 million per contravention. The increased penalties introduced in December 2022 do not apply to this case. 

Court fines Rent4Keeps and franchisee $7.4m for unlawful credit practices

The Federal Court has ordered Rent4Keeps Pty Ltd (Rent4Keeps) and its largest franchisee, Darranda Pty Ltd (Darranda), to pay a combined $7.4 million in penalties for breaching credit laws and overcharging vulnerable consumers. Darranda was fined $3.4 million and Rent4Keeps $4 million for entering into 516 agreements mischaracterised as leases, which were in fact credit contracts subject to the 48% annual cost rate cap.

The Court found Darranda failed to disclose key contract terms, including interest rates and cash prices, and did not act efficiently, honestly and fairly. Rent4Keeps was found to have been knowingly involved in the breaches. The contracts involved essential household goods, such as fridges and washing machines, sold at up to four times their retail value. The conduct occurred before legislative changes extended the 48% cap to consumer leases. Rent4Keeps has ceased operations, but a related entity, R4K, continues to trade under similar arrangements.

NAB and subsidiary fined $15.5m for hardship failures

The Federal Court has imposed civil penalties totalling $15.5 million on National Australia Bank Limited (NAB) and its subsidiary AFSH Nominees Pty Ltd (AFSH) for failing to respond to 345 customer hardship applications within the 21-day timeframe required under the National Credit Code. The breaches occurred between 2018 and 2023 and were attributed to staff incorrectly using a system “reject” button, resulting in no communication being sent to affected customers. Justice Neskovcin described the contraventions as serious and widespread, noting that timely responses could have mitigated the impact on customers. NAB and AFSH admitted to the breaches only after ASIC commenced proceedings. In addition to the penalty, both entities must publish adverse publicity notices on their websites and send them directly to affected customers.

ASIC sues Mercer Super over systemic reporting failures

ASIC has commenced Federal Court proceedings against Mercer Superannuation (Australia) Limited (Mercer), alleging systemic non-compliance with the reportable situations regime between October 2021 and September 2024. The regulator claims Mercer failed to report seven investigations entirely and delayed another by over a year. These investigations concerned serious member services issues, including incorrect insurance premium refunds for deceased members, failure to establish accounts with default insurance, and unprocessed member information updates. ASIC also alleges Mercer provided false or misleading information in its reports, understating the number of affected members. ASIC is seeking declarations and civil penalties against Mercer.

Google admits anti-competitive conduct in search engine deals

On 18 August 2025, the ACCC commenced Federal Court proceedings against Google Asia Pacific Pte. Ltd. (Google) over anti-competitive agreements with Telstra Limited and Optus Mobile Pty Limited. Between December 2019 and March 2021, the telcos agreed to exclusively pre-install Google Search on Android phones sold to consumers, in exchange for a share of advertising revenue. Google has admitted that these arrangements likely hindered competition in the general search engine market, contravening section 45(1)(a) of the Competition and Consumer Act 2010 (Cth). Google has agreed to jointly submit to the Court that it should pay a $55 million penalty. It has also provided a court-enforceable undertaking to remove certain pre-installation and default search engine restrictions from its contracts with Android phone manufacturers and telcos.

ACCC investigates misleading energy plan promotions

The ACCC has launched an investigation into energy retailers following a designated complaint from the Australian Consumers’ Association (CHOICE), alleging misleading conduct in the promotion of energy plans. The complaint, submitted under the new designated complaints framework introduced in May 2024, raises concerns that retailers are advertising plans as offering “savings” or “value” when they may in fact be poor value for consumers. CHOICE also highlighted issues with retailers using identical plan names for differently priced offerings and prompting customers to switch to plans they may not be eligible for, particularly in the context of “Better Offer” and “Best Offer” messages required on energy bills.

The ACCC has deemed the complaint to relate to a significant or systemic market issue and will investigate whether the conduct breaches the Australian Consumer Law. It will also engage with the Australian Energy Regulator and Victorian Essential Services Commission as part of broader law reform and review processes.

ASIC actions relating to Shield Master Fund failures

ASIC has launched civil penalty proceedings against Equity Trustees Superannuation Limited (Equity Trustees) in the Federal Court, alleging due diligence failures in relation to the Shield Master Fund (Shield). Between 2023 and 2024, Equity Trustees oversaw the investment of approximately $160 million of member superannuation savings into Shield, which ASIC claims lacked a track record and ultimately led to erosion of member balances. ASIC alleges breaches of trustee duties under the Superannuation Industry (Supervision) Act 1993 (Cth) and failures to meet financial services licence obligations under the Corporations Act. Equity Trustees had approved four Shield investment options across its platforms, including NQ Super and Super Simplifier. ASIC is seeking declarations and civil penalties against Equity Trustees.

ASIC has also banned Robert John Tohill, compliance manager and responsible manager of MWL Financial Services Pty Ltd (MWL), from providing financial services for five years. The decision follows findings that Mr Tohill was involved in contraventions of financial services laws linked to Shield. Mr Tohill sat on MWL’s investment committee that approved Shield, and reviewed Statements of Advice containing misleading performance claims and undisclosed lead generator arrangements. He also oversaw Financial Services Guides and MWL’s compliance manual, both of which failed to meet disclosure and governance standards.

ASIC has also applied to the Federal Court to broaden its proceedings against former financial adviser Ferras Merhi, alleging unconscionable conduct and multiple breaches of financial services laws. Between 2020 and 2024, Merhi and his advisers reportedly directed clients to invest approximately $296 million into the First Guardian Master Fund and $230 million into Shield, both of which have since collapsed. ASIC alleges Mr Merhi used marketing firms to funnel clients into his advice businesses, Venture Egg and Financial Services Group Australia (in liquidation) (FSGA), receiving nearly $37 million in fees and marketing payments. Clients were allegedly misled into believing they were receiving independent advice, while being steered into risky, pre-determined portfolios. ASIC is seeking injunctions and asset freezes against Mr Merhi, and the appointment of receivers to his personal assets and provisional liquidators to FSGA. 

AUSTRAC orders audit of Binance Australia

AUSTRAC has directed Binance Australia to appoint an external auditor following concerns about its anti-money laundering and counter-terrorism financing (AML/CTF) controls. The order applies to Investbybit Pty Ltd, Binance Global’s Australian entity, which is registered as a digital currency exchange provider. AUSTRAC cited deficiencies in Binance Australia’s latest independent review, which was limited in scope given the exchange’s size and risk profile. AUSTRAC also raised concerns about high staff turnover, inadequate local resourcing, and insufficient senior management oversight which are factors that may undermine AML/CTF governance.

AUSTRAC’s action follows its 2024 National Risk Assessment, which identified digital currencies as increasingly vulnerable to criminal exploitation. Binance Australia has 28 days to nominate external auditors for AUSTRAC’s approval. The audit will assess the adequacy of its AML/CTF systems, including customer due diligence and transaction monitoring.

TerraCom fined $7.5 million for whistleblower victimisation

On 27 August 2025, the Federal Court ordered TerraCom Limited (TerraCom) to pay a $7.5 million penalty for contraventions of whistleblower protections, marking ASIC’s first enforcement outcome under these provisions. The case centred on public statements made by TerraCom in early 2020, including ASX announcements and an open letter in national newspapers, which dismissed a whistleblower’s allegations as false and self-serving.

TerraCom admitted that its communications caused the whistleblower reputational harm and emotional distress, despite an independent investigation partially supporting the allegations. The proceedings followed a lengthy legal battle over ASIC’s access to a report by PricewaterhouseCoopers commissioned by TerraCom. The Full Court ultimately ruled that privilege had been waived due to public disclosures. ASIC’s separate case against four former TerraCom executives was dismissed in July.