Skip to main content

About ASIC

Privacy Impact Assessment Register

ASIC has prepared the following Privacy Impact Assessment (PIA) Register in accordance with section 15 of the Australian Government Agencies Privacy Code (the Privacy Code). Under the Privacy Code, all agencies, including ASIC, must conduct a PIA for all projects that significantly impact the way they handle personal information.

The PIA Register below sets out the PIAs ASIC has completed since 1 July 2018. The PIA register will be updated from time to time as new PIAs are completed.

Title of PIA

Project description

Date completed

RegistryConnect – modernisation of Banned & Disqualified Registers Privacy Impact Assessment about the RegistryConnect Program, modernising the storage and search functionality for ASIC’s Banned & Disqualified Registers. 17 June 2026
Unclaimed Moneys Team call solution migration to Amazon Web Services Connect Privacy Impact Assessment about the migration of the Unclaimed Moneys Team call solution to the Amazon Web Services Connect Connect system. 20 May 2026
Mobile Investigations Platform Privacy Impact Assessment about the privacy impacts of a pilot considering the replacement of ASIC’s existing primary mobile investigative platform. 13 March 2026
MFA update to improve device security Privacy Impact Assessment about Implementing Multi-factor authentication for authenticating users of systems that is phishing-resistant. 13 March 2026
Publication of Internal Dispute Resolution Data Privacy Impact Assessment about the publication of Internal Dispute Resolution data interactive dashboard. 10 March 2026
RegistryConnect – Search modernisation Privacy Impact Assessment about the RegistryConnect Program modernisation project to modernise search functionality within ASIC’s companies and professional registers. 13 February 2026
CASIY AI Simulator use for Learning & Development Privacy Impact Assessment about the use of an AI-powered role-playing tool for learners to practice skills. 13 February 2026
Inquiry into Australian Securities Exchange Privacy Impact Assessment about ASIC's Inquiry into Australian Securities Exchange group in June 2025. 19 December 2025
Deployment of AWS Textract Privacy Impact Assessment about using Amazon Textract to improve the efficiency of reviewing free text documents of interest, including those containing complex forms, tables or handwriting. 17 December 2025
Disclosure reporting system Privacy Impact Assessment about implementation of new internal disclosure reporting system. 12 November 2025
Advoc8 Privacy Impact Assessment about ASIC’s use of the Advoc8 platform, a full-suite technology platform designed for public affairs and government relations professionals. 17 August 2025
Enforcement and Compliance use of AWS Translate Privacy Impact Assessment for Enforcement & Compliance about the use of Amazon Translate. 1 August 2025
Digital Asset Tracing Privacy Impact Assessment about the use of Digital Asset Tracing. 28 July 2025
Officeholder linkage Privacy Impact Assessment about the matching of Director ID data with data about company officeholders for regulatory purposes. 23 July 2025
Markets use of AWS Transcribe Privacy Impact Assessment about the use of AWS Transcribe by Market Integrity. 12 June 2025
Event registration platform procurement – ASIC events Privacy Impact Assessment about utilising EventsAir is to manage the registration of internal and external participants, attending these events. 9 May 2025
RegistryConnect - Telephony Privacy Impact Assessment for the Registry Connect telephony solution. 6 May 2025
Aurion Payroll & Core HR System Replacement Privacy Impact Assessment about replacing ASIC’s payroll and core HR system with a modern and Government standardised human resource (HR) program. 25 February 2025
Letters to E&C Privacy Impact Assessment for about an Enforcement and Compliance internal culture project. 20 February 2025
Implementation of TechnologyOne Privacy Impact Assessment about replacing ASIC’s financial systems with TechnologyOne. 17 January 2025
Regulation and Supervision use of AWS Transcribe Privacy Impact Assessment about the use of AWS Transcribe. 14 November 2024
Regulatory Data Repository Modernisation Project Privacy Impact Assessment about analysing the privacy risks associated with ASIC's Regulatory Data Repository Modernisation Program. 8 November 2024
Machinery of government changes for the return of Registry to ASIC Privacy Impact Assessment about Machinery of Government changes. 5 November 2024
Multi-Factor Authentication (MFA) for Regulatory Portal Privacy Impact Assessment about implementing multi-factor authentication for the Regulatory Portal. 23 August 2024
Foundational PIA for use of Artificial Intelligence and Large Language Models Privacy Impact Assessment for CDAO sandbox testing environment for LLMs. 22 August 2024
Closed-circuit television (CCTV) and electronic access control system (EACS) Update Privacy Impact Assessment about replacing ASIC’s existing CCTV and EACS systems with another similar system. 20 August 2024
External Printing Services 2024 Privacy Impact Assessment about Registry Operations external printing services. 14 August 2024
Australian Financial Services License Project Privacy Impact Assessment about the digital experience for AFS Licensees and processes for applying for and managing their licences. 8 August 2024
Digital Services Platform Project Privacy Impact Assessment about the implementation and setup of the Outsystems product in ASIC’s Amazon Web Services environment. 12 July 2024
Lite Review Privacy impact Assessment about using natural language processing. 27 June 2024
Source Acquisition - Ingest AFSA data via API feed Privacy Impact Assessment about ingesting Australian Financial Security Authority data via API feed. 17 June 2024
Identity Governance and Administration Privacy Impact Assessment about replacing ASIC’s legacy identity system to deliver an automated, integrated and secure identity lifecycle and access management platform. 5 June 2024
Compensation Scheme of Last Resort Operator notifications project Privacy Impact Assessment about how ASIC, through Misconduct & Breach Reporting, will receive, store, register and use specified notifications. 18 April 2024
Integration of ASIC Mainframe Registers data into the Enterprise Data Platform Privacy Impact Assessment about using Processing Data through the ASIC Enterprise Data Platform in ASIC’s Amazon Web Services tenancy 17 April 2024
Conflict of Interest – Disclosures Privacy Impact Assessment about the operating effectiveness of ASIC’s Conflicts of Interest Policy with regards to disclosures of interest. 11 April 2024
Conflict of Interest – Trading Privacy Impact Assessment about monitoring of trading non-disclosures within ASIC. 11 April 2024
Updating the Report of Misconduct Form Privacy Impact Assessment about updating the Report of Misconduct form. 26 February 2024
Event registration system procurement Privacy Impact Assessment about Eventbrite, an event registration site is to manage the registration of external participants. 26 February 2024
CRM Data Lake Project Privacy Impact Assessment about setting up a direct connection between ASIC CRM Online and ASIC’s Enterprise Data Platform – also known as Data Lake. 22 February 2024
ASIC Enterprise Data Platform Privacy Impact Assessment about the Enterprise Data Platform which integrates with ASIC's data governance platform and with a range of other data transfer, data management and analytics tools. 15 December 2023
Expense8 Implementation Privacy Impact Assessment about procuring Expense8 as a Whole of Australian Government Travel and Expense Management tool. 22 September 2023
Cyber Resilience Survey Privacy Impact assessment about facilitating the end-to-end delivery of the next iteration of the cyber resilience self-assessment questionnaire 4 September 2023
General Insurance Claims Handling Project Privacy Impact Assessment about analysing data and claim files to understand consumer experiences and identify issues in home insurance claims. 29 July 2023
Scams Intelligence Forms Privacy Impact Assessment about improving and streamline the way Misconduct and Breach Reporting handles scam reports of misconduct. 14 July 2023
Enforcement use of Amazon Web Services Transcribe Privacy Impact Assessment about use Amazon Web Services Transcribe to aid in transcription of multimedia files (for example videos) that are of potential interest to Enforcement. 22 June 2023
Forensic Accounting Service - Demarq software Privacy Impact Assessment about finding a new way to expediate the ability to analyse bank statements received from financial institutions in PDF form. 6 February 2023
Sine Visitor Management System Implementation of an Electronic Visitor and Contract Management System for visitors and contractors to use to sign in when entering ASIC sites. Specifically, ASIC Sydney, ASIC Brisbane, ASIC Melbourne, ASIC Perth, ASIC Adelaide and ASIC Hobart offices. 18 October 2022
Implementation of Applicant Tracking System (Springboard) Privacy Impact Assessment about the Talent Acquisition function, previously recruitment process outsourcing (RPO), and bringing the recruitment function inhouse. 30 June 2022
Speak up Speak Up project involves the implementation of a two-way communication platform, where ASIC staff can anonymously raise a concern or make a confidential report about suspected wrongdoing. 15 June 2022
Registry transition The Registry Transition project involves the transfer of staff and functional responsibility for the registers from ASIC to the Australian Business Register Service. In particular, operation of the Registry Business will be performed by the Registrar’s staff (on behalf of ASIC) under an ASIC delegation following a machinery of government change on 15 April 2021. 31 May 2022
Modernising Business Registers Program - Registry Transition Privacy Impact Assessment involving the transfer of operational and functional responsibility for the In-scope Registers and the Registry Business from ASIC to the Registrar. 23 December 2021
Self-Managed Super Fund Auditors Campaign Privacy Impact Assessment about contacting Auditors using Campaign Monitor for the purpose of executing our regulatory role. 9 November 2021
ASIC Director ID Implementation and management of a unique Director Identification Number (Director ID) for eligible officers as part of the Modernising Business Registers Program. 14 September 2021
Management of leave balances audit Privacy Impact Assessment about identifying challenges associated with the management of staff leave. 10 September 2021
Modernising Business Registers Program - ASIC Director ID Privacy Impact Assessment involving the implementation and management of a unique Director Identification Number (Director ID) for eligible officers. 3 September 2021
Internal Dispute Resolution (IDR) Data Implementation of a mandatory data reporting and publication framework for complaints received by financial firms. 24 May 2021
Windows Laptop Project Privacy Impact Assessment about replacing the virtual desktop interface with a Windows Laptop. 7 April 2021
Employee Feedback Platform Privacy Impact Assessment about Employee Feedback Platform which is a tool designed specifically for the collection and analysis of responses to human resources surveys. 25 February 2021
Invia Mobile Fleet Manager Privacy Impact Assessment about using the Optus Mobile Fleet Manager product to inform ASIC IT Business Office and other IT forums of financial expenditures. 23 December 2020
Regtech Voice Analytics Privacy Impact Assessment about a capability uplift initiative, aimed at building a unified methodology for ASIC to review audio files across formats for the purpose of its investigations and compliance review. 14 October 2020
Avaya Customer Call Centre Upgrade Privacy Impact Assessment about upgrading the Customer Call Centre core infrastructure. 28 August 2020
Life Insurance Framework review Project Privacy Impact assessment about how to determine whether life insurance commission caps should be further reduced. 13 August 2020
Alares IT Product Privacy Impact Assessment about enabling ASIC to utilise an IT product that has been developed by an external service provider called Alares. 13 August 2020
ATO ASIC Data Fusion Program Fusion of ASIC and ATO data to assist ATO in identifying phoenixing behaviour. 29 June 2020
Enterprise Data Hub and Data Lake The project builds and develops the Data Lake and Enterprise Data Hub a new way of warehousing and analysing that data to build ASIC's data capability. 11 June 2020
WebEx for Examinations As a result of COVID-19 restrictions, considering the adoption of WebEx audio and video conferencing for the purposes of examinations under s 19 of the Australian Securities and Investments Commission Act 2001 and s 256(1) of the National Consumer Credit Protection Act 2009. 6 May 2020
Single Touch Payroll The project implements ASIC’s response to the statutory requirement for all employers to notify payments (such as salaries and wages), PAYG withholding and superannuation information to the ATO under Division 389 of Schedule 1 to the Taxation Administration Act 1953 – Reporting by employers. 12 February 2019
Iron Mountain Scan on Demand This project aims to digitise archived physical files stored offsite when requested by ASIC staff, through services performed by an external provider. 20 December 2018