This is a service specifically targeted at the needs of busy non-executive directors. We aim to give you a “heads up” on the things that matter for NEDs in the week ahead – all in two minutes or less.  

In this Edition, we examine ASIC’s July 2021 Market Integrity Update, updates to FIRB guidance, and a (relatively rare) example of a winding up order being obtained by ASIC. This week’s Risk Radar reflects on further updates in the cyber security regulation sphere. 

GOVERNANCE & REGULATION    

ASIC issues July 2021 Market Integrity Update. ASIC has published its Market Integrity Update for July 2021 which contains regulatory developments and issues affecting market intermediaries. The Update noted there has been an increase in merger and takeover activity, with ASIC reminding market participants to be vigilant to the risk of leaks or mishandling of information. In particular, Directors of listed entities involved in control transactions are advised to proactively manage information about the transaction, including (1) requiring consultants and contractors to enter confidentiality agreements; (2) having appropriate arrangements to handle inside information; and (3) recording who has been provided with inside information and when.  Entities should also have a formal leak policy outlining steps to monitor and react to any leaks of proposed transactions. 

Treasury issues updated FIRB Guidance Notes. On 20 July 2021, the Treasury updated the Guidance Notes available on the FIRB Website, which ‘aims to provide clarity to investors about their obligations under the foreign investment framework, including by addressing a number of issues identified since major reforms to the framework commenced on 1 January 2021’. Changes have been made to all Guidance Notes except the Conditions Reporting Guidance Note (G13), with significant changes identified in the documents by a sidebar down the right hand margin.

LEGAL

ASIC obtains order to wind up NSW software company. On 15 July 2021, the New South Wales Supreme Court (Supreme Court) ordered that Semantic Software Asia Pacific Limited (Semantic) be wound up on just and equitable grounds and that liquidators be appointed. On 24 June 2021, ASIC filed an application to the Supreme Court seeking the appointment of liquidators of Semantic, and alleging Semantic, among other things: was unlawfully dealing with investor funds; had issued shares without compliance with the Corporations Act; had issued shares to investors with a share buy-back guarantee in circumstances where the company did not have sufficient funds to meet that obligation; and had entered into related party transactions with a former Semantic director without shareholder approval. On 28 June 2021, the Court made orders preserving Semantic’s assets and restraining a current Semantic director and the former director involved from receiving or soliciting funds from investors and from advertising, promoting, or marketing fundraising for Semantic. See ASIC’s media release. The case demonstrates the importance for Directors to take advice on the often complex requirements of the Corporations Act regarding maintenance of capital.

RISK RADAR

Australia’s cyber security regulations. In previous editions of Boardroom Brief we have discussed the increasing threat cyber attacks pose to companies, and the risk to Directors of claims of breach of duty in failing to take proper precautions against such attacks. On 13 July 2021, the Australian Government published a discussion paper, Strengthening Australia’s cyber security regulations and incentives, and has opened submissions on the paper which can be made until Friday 27 August 2021 via this submission form. The Government is consulting on stronger cyber security regulations and incentives, seeking feedback in three main areas: setting clear cyber security expectations through cyber security standards for corporate governance, personal information and smart devices; increasing transparency through cyber security labelling for smart devices, software vulnerability disclosure policies and health checks for small business; and protecting consumer rights through appropriate legal remedies for victims. See the Department of Home Affairs’ media release here. Alternatively, for those looking for a quick overview of good cyber practices for organisations, see ASIC’s cyber resilience good practices guide here.