ASIC Chair on What Constitutes Effective Compliance


In a recent speech at the Australian Compliance Institute, ASIC Chair Joe Longo shared some relevant insights regarding what constitutes effective compliance for the insurance industry.


ASIC banner


In a recent speech at the Australian Compliance Institute, ASIC Chair Joe Longo shared some relevant insights regarding what constitutes effective compliance for the insurance industry. He also highlighted critical compliance issues on ASIC’s radar. Here are some key takeaways from his address. 

According to Mr Longo, compliance professionals have never been more important in building trust, leading the charge in creating an ethical culture, and being a respected and proactive gatekeeper. He also encouraged those in the industry to keep asking questions and never stop learning because it enhances compliance and its influence on business operations.  

“In Australia, we’ve seen large, well-resourced businesses that have compliance systems and processes in place,” Mr Longo said. “And still, they’ve failed to prevent the very issues they were designed to avoid. Why? Because regulatory compliance was undermined by the culture and ethics of the organisation. They had the appearance of compliance – but it was a hollow, empty kind of compliance.”   

Mr Longo acknowledged that regulatory expectations have never been more intense and complex.  He highlighted a recent global survey of Chief Compliance Officers by KPMG, which found:  

  • 84% expected to face increasing regulatory expectations and scrutiny in the next two years  

  • 34% say new regulatory requirements are the biggest compliance challenge, followed by data analytics (30%)  

  • 36% rate cybersecurity as their top compliance improvement priority, followed by data privacy (35%)   

  • 41% say Environment Social Governance compliance programs are still in the planning and development stage  

“ASIC is of course keenly aware of the impact of law reform and new regulatory requirements on business and markets,” Mr Longo said. “This is why, as industry adjusts to new requirements, our approach has generally been to take a pragmatic and proportionate approach to supervision and enforcement during the transition phase of any implementation.”  

What’s on ASIC’s Radar?  

Mr Longo mentioned two areas of interest on ASIC’s radar; mandatory climate reporting on its way to becoming law, and the rapid increase of technology, particularly AI.    

Due to the significance of the changes required for compulsory climate risk disclosure, ASIC will take into consideration a period of transition to this compliance.    

“We will be taking a ‘proportionate and pragmatic’ approach to the supervision and enforcement of the regime while industry adjusts to these new requirements,” Mr Longo said. 

However, ASIC will be proactive in identifying ‘greenwashing’ in climate reporting and stamping out misleading and deceptive conduct will be a priority.   

Mr Longo emphasised that AI is an evolving issue that is top-of-mind for governments, businesses, and regulators in Australia and around the world, and while ASIC is undertaking work in this area, it is also monitoring developments. 

“At ASIC, our focus is on the range of risks associated with the use of AI that arise in financial services and markets,” Mr Longo said. “These include risks around bias and discrimination, loss of privacy, misinformation and disinformation, lack of explainability and transparency, unethical conduct, and copyright issues.   

Safe and responsible use of AI can only be realised through strong governance, transparency, and accountability, including human oversight, and robust information security to protect data and privacy.”