Australia's current financial services regulatory & compliance landscape is changing rapidly - Clyde & Co's weekly Regulatory Roundup will ensure you are up to date with the most important changes. In each edition, we will set out five key developments from the past week for you to consider. 

Subscribe here: ONLINE LINK

1. ASIC v Lanterne Fund Services Pty Limited [2024] FCA 353: ASIC has won a landmark case against “licensee for hire” operator Lanterne. Lanterne authorised over 60 corporate authorised representatives, which in turn had over 250 authorised representatives sitting beneath them, to conduct a range of financial services businesses under its AFSL. Total funds under management were a total of over $1.685 billion. The Court found that despite charging upfront onboarding fees plus subsequent ongoing monthly fees, Lanterne “failed to maintain basic risk and compliance management systems” in contravention of its obligations under section 912A(1) of the Corporations Act, posing a significant risk to investors. This case – and the $1.5m penalty – will come as a warning to AFSL-for-hire businesses that a “set and forget” mentality will be not be tolerated. With this increased pressure on such businesses, authorised representatives across the industry may need to start planning to be authorised in their own right… 
2. ASIC v Noumi Ltd [2024] FCA 349: Noumi has lost its legal professional privilege fight to withhold a PwC report that was prepared to assist Noumi’s lawyers with providing legal advice. Although the Federal Court accepted that legal professional privilege had attached to the report at the outset (and such privilege was not waived by the publishing of certain materials to the ASX), the disclosure of the PwC report to ASIC via a voluntary disclosure agreement constituted a waiver of privilege and meant the company was required to provide the report to the former CEO. This is an important decision for parties considering the provision of confidential materials to ASIC as part of their obligations to engage openly with the regulator. 
3. Proposed changes to Australia’s merger control regime: the Treasury has announced sweeping reforms to Australia’s merger control regime to make it “faster and stronger and simpler”. If passed, the proposed changes will enter into force from 1 January 2026. All deals falling above certain (yet undefined) thresholds will require notification to, and approval from, the ACCC prior to completion. All mergers within the previous three years will be aggregated for the purposes of assessing whether a new merger meets the notification thresholds, even if they were not individually notifiable, and there will be a public register maintained by the ACCC with details of notified mergers and rationale for determinations. Failing to notify the ACCC or completing a merger without approval will be void and may attract a pecuniary penalty. The expectation is that more potential deals will fall within scope of the new regime with the inevitable knock on effect of increased transaction risk brought about by conditional agreements. 
4. ASIC to appeal the Finder Wallet crypto decision: ASIC is appealing the Federal Court’s decision in ASIC v Finder Wallet Pty Ltd [2024] FCA 228 that concluded the cryptocurrency “Finder Earn” product was not a “financial product” as defined under the Corporations Act. ASIC contends that the product was in fact a debenture as, on a proper construction of the product terms, the investor lent or deposited money with Finder and entered into an arrangement to acquire and transfer stablecoin TrueAUD. The appeal illustrates ASIC’s ongoing concern about the lack of regulatory safeguards in the crypto market and the increasing tension between fintech innovation and the frameworks designed to ensure consumer protection. Crypto providers will be watching developments carefully and it will be interesting to see whether Finder relaunches the product in light of this judgement. 
5. International perspective: in its April 2024 Global Financial Stability Report, the IMF has raised significant concerns that the financial sector is more exposed than ever to the risk of cyber-attacks with nearly one in five of all incidents allegedly affecting firms in the sector. Whilst the direct losses suffered by financial firms have historically been relatively modest, the IMF flagged that severe incidents at major financial institutions could pose macro-financial stability risks with the shared use of third-party IT providers, exacerbating the risk of “common shocks and spillovers”. At a supervisory level, regulators are being pushed to implement stronger supervisory frameworks along with holding board members responsible for promoting a conducive risk culture, cyber hygiene, and cyber training and awareness. These findings are consistent with CPS 230 and FAR, and should continue to inform governance priorities for Australian entities going forward.

Learn more about our global regulatory and investigations team here.