Ground breaking Federal Court Decision on Cybersecurity Risk Management Obligations

In an Australian first, the Federal Court on 5/5/22 has found Australian Financial Services licensee, RI Advice, breached its license obligations to act efficiently and fairly when it failed to have adequate risk management systems to manage its cybersecurity risks. 

ASIC said the finding came after a “significant number” of cyber incidents at authorised representatives of RI Advice between June 2014 and May 2020 had potentially compromised thousands of clients. This had resulted in the potential compromise of confidential and sensitive personal information of several thousand clients and other persons

Managing cybersecurity risk is critical for all businesses – and this decision can be seen as a forerunner of how regulators will hold regulated entities  to account under financial services regulation for failing to properly manage these risks. 

The ASIC release is well worth reading.

Thank you for your message, Our support team will be in touch with you shortly.

Subscribe to our Newsletter

Subscribe to RegulationCity’s newsletter for the latest regulatory updates, news, and insights on financial services regulation in Australia. Don’t miss out, sign up now!