Site search
Key themes shaping Australian regulatory enforcement risk in 2024
Key themes shaping Australian regulatory enforcement risk in 2024

Fraud and scams

Key regulatory and enforcement developments in 2023

There was a significantly increased focus on fraud and scams in 2023 by regulators and enforcement agencies, driven by growing consumer losses in the wake of fraud and scam activity.

Key developments in 2023:

  • ASIC 1, the ACCC2 and ACMA announced that scam detection and disruption was a strategic priority, and AUSTRAC indicated that entities need to be mindful of scammers using stolen personal information to facilitate crimes.3
  • AFCA also expressed alarm at the rising number of scam-related complaints it is receiving—up 95% since 2022.4
  • In April 2023, ASIC published Report 761 Scam prevention, detection and response by the four major banks5 (Report 761). Report 761 sets out ASIC's expectations for the banking sector in helping to minimise the impact of scams on the Australian community, noting that scam losses for major bank customers exceeded $550 million last financial year.
  • The ACCC issued two publications focused on scams:
    • 2022 Targeting Scams report,6 which explains key statistics and trends in scam activity and highlights some of the ACCC's work in this space, and that of other government and law enforcement agencies, and the private sector to disrupt scams and educate consumers. The report found that the combined losses to scams was at least $3.1 billion in 2022—an 80% increase on total losses recorded in 2021.
    • 'The Little Black Book of Scams',7 which highlights the scams that target Australians and is designed to help consumers identify and avoid the 10 most common methods scammers use.
  • On 1 July 2023, the Government launched the new National Anti-Scam Centre (NASC)8—a taskforce within the ACCC and guided by an industry advisory board representing the finance, digital platforms and telecommunications sectors, as well as consumer advocates, victim support services and others with relevant expertise. The NASC works together with government, the private sector, other regulators, law enforcement and community organisations to disrupt scammers, raise consumer awareness about scams and assist scam victims. The NASC will operate through a series of 'fusion cells': expert, time-limited taskforces designed to address specific and urgent problems. The first fusion cell has been launched and is being led by the ACCC and ASIC, with a focus on combatting the growing problem of investment scams.
  • The Government committed to introduce new mandatory industry codes outlining the responsibilities of the private sector in relation to scams, focusing on banks, digital communications platforms and telecommunications.9 In November 2023, Treasury released a consultation paper seeking feedback on the proposed features of the 'Scams Code Framework' (Framework) outlined in the paper. The key features of the proposed Framework include:
    • The Framework would be established by introducing a new overarching regime in primary law, eg the Competition and Consumer Act 2010. This overarching framework would set mandatory obligations for businesses in designated sectors within the 'scams ecosystem' to address scams delivered over their services.
    • Mechanisms would be established under sector-specific legislation, enabling government or regulators to develop codes and standards for designated sectors, with additional, tailored obligations to prevent, detect, disrupt and respond to scams.
    • The initial sectors covered by the Framework would be banks (under ASIC-administered legislation), telecommunications providers (under the Telecommunications Act 1997 (Cth), regulated by ACMA) and digital communications platforms (under ACMA-administered legislation), as those sectors are the most targeted by scammers.
  • Australian banks announced the Scam-Safe Accord in November 2023,10 which sets out a number of anti-scam measures across the industry, including a $100m industry investment. The measures include confirmation of payee details, increased warnings and greater intelligence sharing. The Scam-Safe Accord also has the support of the Government.11
  • Courts in both Australia and the UK did not expand the limits of common law liability in relation to banks for scams. Decisions of the UK Supreme Court12 and the NSW Supreme Court13 have reinforced the conventional understanding that banks do not generally have liability for Automated Push Payment (APP) scams except in a limited number of scenarios..

What are the likely regulatory and enforcement developments in Australia in 2024?

We expect there will continue to be heightened focus from regulators and enforcement agencies regarding fraud and scams, and that regulators will expect entities to have robust systems and processes to monitor, detect and disrupt fraud and scams.

The proposed new mandatory industry codes to address scams will be a significant step, with consultation closing on 29 January 2024. We expect Treasury to announce next steps, following the closure of submissions. Consumer groups remain focused on agitating for Australian banks to be made liable under statute to reimburse customers who have been scammed (as they are in the UK). It remains to be seen whether the Australian Government considers it appropriate to impose this kind of liability in Australia.

We may also see possible enforcement activity by ASIC, following the release of Report 761, to check whether entities it regulates have actioned the recommendations.

With the advent and implementation of the NASC and the ACCC's prioritisation of scam detection and disruption, we also expect to see further initiatives from the ACCC to disrupt scams and raise consumer awareness.

While APRA has indicated it will support action taken by government and other entities to reduce the prevalence and impact of scams on the community, it has not indicated an intention to take enforcement activity in relation to scams at this stage.

Who are the key regulators and enforcement agencies in relation to this area?

ASIC, ACCC, ACMA and APRA.

What are the key sectors of focus?

Banks, telecommunications and digital communications platforms, such as content aggregation services, connective media services and media-sharing services.

Footnotes

  1. ASIC Corporate Plan 2022–26: Focus 2022–26 (see external priority 4 'Technology risks' at page 7).

  2. Compliance and enforcement policy and priorities | ACCC (see priority 2).

  3. Are data breaches a money laundering and terrorism financing risk? (allens.com.au)

  4. AFCA receives record 100,000 financial complaints (smh.com.au)

  5.  23-101MR ASIC calls for improved approaches to scams as major bank customers report over $550 million in scam losses | ASIC

  6. Targeting scams: report of the ACCC on scams activity 2022 | ACCC

  7. The Little Black Book of Scams | ACCC

  8. National Anti-Scam Centre | ACCC

  9.  Scams – Mandatory Industry Codes Consultation paper (treasury.gov.au)

  10. Banks unite to declare war on scammers  - Australian Banking Association (ausbanking.org.au)

  11. Government welcomes Scam Safe Accord | Treasury Ministers

  12. Philipp v Barclays Bank UK PLC [2023] UKSC 25.

  13. O’Brien v Supercheap Security Pty Ltd [2023] NSWSC 21) and O’Brien v Supercheap Security Pty Ltd [2023] NSWSC 761.