afsl-holder-fined-for-not-managing-cybersecurity-risk-acy-advisory

An Australian first, AFSL holder fined for not managing Cybersecurity risk

ASIC has sent a strong message, in a first, that AFSL holders will be held accountable for not managing cybersecurity risk as part of their overall obligation to efficiently and fairly. Financial services company RI Advice Group was ordered to pay $750,000 towards ASIC’s costs by the Federal Court (https://asic.gov.au/about-asic/news-centre/find-a-media-release/2022-releases/22-104mr-court-finds-ri-advice-failed-to-adequately-manage-cybersecurity-risks/). The finding comes after a…

Details

Risk Management

The purpose of risk management is to identify potential events that may impact on an entity, quantify the impact and likelihood of occurrence and then manage the risk in accordance with the organisation’s risk appetite. Risk appetite is the amount of risk an organisation will assume in pursuit of its goals – this should be…

Details

Compliance

Compliance is the process by which organisations identify and meet their strategic obligations whether arising in law, standards, codes of practice or from stakeholder expectations. Focussing on legal obligations in isolation results in a minimalist and narrow approach, which cannot leverage an organisation’s ability to efficiently manage all aspects of compliance risk. The Board should…

Details

Governance

Governance is the system by which organisations are directed and controlled, involving the allocation of rights and responsibilities across all constituencies including the Board, management, staff, shareholders and other stakeholders. Governance provides the rules for decision making and accountability – setting levels and measurement of performance against objectives – the structure and compliance requirements, ranging…

Details

Ethics

Ethics provides the overarching principles and rules which govern individual and organisational behaviour. These rules are normally documented in a values statement and reflected in policies, procedures and expected behaviours. Why promote ethics in business? An organisation with a strong ethical base is less likely to breach legal obligations, particularly where the law or circumstances…

Details