AFSLs must prepare for stricter compliance and scrutiny due to new privacy rules.

The Attorney-General’s Privacy Act Review Report released in February 2023, proposed 116 changes to the Privacy Act 1988 to align with global standards. In September 2023, the Australian government agreed to 38 proposals, accepted 68 in principle, and noted 10.

Key proposals include the security and destruction of personal information, the requirement to outline types of personal information used in automated decision-making, a tiered civil penalty system for privacy breaches, and expanded court powers.

Legislative amendments are expected this year, with further consultations to refine the proposals. However, Treasury has not confirmed when the new rules will take effect.

This will impact licensees in terms of:

🟣 Enhanced compliance requirements
🟣 Increased regulatory scrutiny
🟣 Operational adjustments
🟣 Employee training and awareness
🟣 Client communication and trust

Licensees will need to update privacy policies and implement secure disposal of personal information, which affects both client and employee data and may require updates to employment contracts.

For client data, licensees and advisers must be transparent about data storage and use, commit to data protection, and obtain clear, informed consent.

As compliance experts, we will be keeping our clients up to date as well as enhancing Privacy Policies within our Compliance Framework and System.