Privacy Impact Assessment Register
ASIC has prepared the following Privacy Impact Assessment (PIA) Register in accordance with section 15 of the Australian Government Agencies Privacy Code (the Privacy Code). Under the Privacy Code, all agencies, including ASIC, must conduct a PIA for all projects that significantly impact the way they handle personal information.
The PIA Register below sets out the PIAs ASIC has completed since 1 July 2018. The PIA register will be updated from time to time as new PIAs are completed.
|
Title of PIA |
Project description |
Date completed |
|---|---|---|
|
Enforcement and Compliance use of AWS Translate |
Privacy Impact Assessment for Enforcement & Compliance about the use of Amazon Translate. |
1 August 2025 |
|
Digital Asset Tracing |
Privacy Impact Assessment about the use of Digital Asset Tracing. |
28 July 2025 |
|
Markets use of AWS Transcribe |
Privacy Impact Assessment about the use of AWS Transcribe by Market Integrity. |
12 June 2025 |
|
RegistryConnect - Telephony |
Privacy Impact Assessment for the Registry Connect telephony solution. |
6 May 2025 |
|
Letters to E&C |
Privacy Impact Assessment for about an Enforcement and Compliance internal culture project. |
20 February 2025 |
|
Regulation and Supervision use of AWS Transcribe |
Privacy Impact Assessment about the use of AWS Transcribe. |
14 November 2024 |
|
Machinery of government changes for the return of Registry to ASIC |
Privacy Impact Assessment about Machinery of Government changes. |
5 November 2024 |
|
Multi-Factor Authentication (MFA) for Regulatory Portal |
Privacy Impact Assessment about implementing multi-factor authentication for the Regulatory Portal. |
23 August 2024 |
|
Foundational PIA for use of Artificial |
Privacy Impact Assessment for CDAO sandbox testing environment for LLMs. |
22 August 2024 |
|
External Printing Services 2024 |
Privacy Impact Assessment about Registry Operations external printing services. |
14 August 2024 |
| Lite Review |
Privacy impact Assessment about using natural language processing. |
27 June 2024 |
|
Source Acquisition - Ingest AFSA data via API feed |
Privacy Impact Assessment about ingesting Australian Financial Security Authority data via API feed. |
17 June 2024 |
|
Updating the Report of Misconduct Form |
Privacy Impact Assessment about updating the Report of Misconduct form. |
26 February 2024 |
|
Sine Visitor Management System |
Implementation of an Electronic Visitor and Contract Management System for visitors and contractors to use to sign in when entering ASIC sites. Specifically, ASIC Sydney, ASIC Brisbane, ASIC Melbourne, ASIC Perth, ASIC Adelaide and ASIC Hobart offices. |
18 October 2022 |
|
Speak up |
Speak Up project involves the implementation of a two-way communication platform, where ASIC staff can anonymously raise a concern or make a confidential report about suspected wrongdoing. |
15 June 2022 |
|
Registry transition |
The Registry Transition project involves the transfer of staff and functional responsibility for the registers from ASIC to the Australian Business Register Service. In particular, operation of the Registry Business will be performed by the Registrar’s staff (on behalf of ASIC) under an ASIC delegation following a machinery of government change on 15 April 2021. |
31 May 2022 |
|
ASIC Director ID |
Implementation and management of a unique Director Identification Number (Director ID) for eligible officers as part of the Modernising Business Registers Program. |
14 September 2021 |
|
Internal Dispute Resolution (IDR) Data |
Implementation of a mandatory data reporting and publication framework for complaints received by financial firms. |
24 May 2021 |
|
ATO ASIC Data Fusion Program |
Fusion of ASIC and ATO data to assist ATO in identifying phoenixing behaviour. |
29 June 2020 |
|
Enterprise Data Hub and Data Lake |
The project builds and develops the Data Lake and Enterprise Data Hub a new way of warehousing and analysing that data to build ASIC's data capability. |
11 June 2020 |
|
WebEx for Examinations |
As a result of COVID-19 restrictions, considering the adoption of WebEx audio and video conferencing for the purposes of examinations under s 19 of the Australian Securities and Investments Commission Act 2001 and s 256(1) of the National Consumer Credit Protection Act 2009. |
6 May 2020 |
|
Single Touch Payroll |
The project implements ASIC’s response to the statutory requirement for all employers to notify payments (such as salaries and wages), PAYG withholding and superannuation information to the ATO under Division 389 of Schedule 1 to the Taxation Administration Act 1953 – Reporting by employers. |
12 February 2019 |
|
Iron Mountain Scan on Demand |
This project aims to digitise archived physical files stored offsite when requested by ASIC staff, through services performed by an external provider. |
20 December 2018 |