Chair Sarah Court spoke in a fireside discussion with The Hon. Simon Birmingham, CEO of the Australian Banking Association (ABA), at the ABA conference in Melbourne on 17 June 2026.
Check against delivery
Simon: Sarah, thank you very much. We are delighted that you’ve taken the time early on to be able to come to this feature event for the ABA. As [MC] Ticky [Fullerton] acknowledged in her introduction, you’re very experienced in stepping into the role as ASIC Chair, including that experience, obviously, from your time as Deputy. Start with just some reflections on the last five years, and how you see that framing and shaping the way you step into now the hot seat of the Chair’s role.
Sarah: Thank you. Well, good morning, everyone. It’s good to be here, and I very much appreciate the invitation so early in my tenure. The last five years, well, I think the first thing I’d say, Simon, just looking back, is that the ASIC of today looks very different to the ASIC that I joined five years ago, and I think that’s a good thing. At that time, of course, we were very much in the aftermath of the Royal Commission, as was the banking sector as a whole. And since then, it’s been really a period of great change.
Some of those changes we have very deliberately strengthened our enforcement posture that we’ve taken on a lot of big cases. We’ve had record penalties imposed by the court. And indeed, we’ve had record custodial sentences imposed as well. I’m assuming this audience is not quite so familiar with that part of our work, but we have a very active criminal investigation program as well.
We’ve driven our regulatory agenda forward. That includes work, again, very familiar to this audience, on financial hardship and scams. And it reflects a continuing focus from us, perhaps an increased focus from us, on consumer outcomes. And we’ve done a lot of work alongside this sector on improving customer outcomes, particularly those resulting from failures in systems and processes.
And I did just want to take a moment, Simon, to talk about this issue, about systemic failure, process failure. Because we hear a lot from large financial institutions. When we’re looking at poor customer outcomes or conduct issues, often the response to that is, well, look, we’ve got these really old systems, they don’t really talk to each other. It’s really expensive to invest in upgrading. And I think we don’t accept those as reasons for the customer impacts from those failures. And indeed, we’ve made as one of our enduring enforcement priorities, something we describe as systemic failures by large financial institutions that result in customer and consumer harm. That’s an area that we’ll certainly continue to focus on going forward.
Regulatory simplification, that’s another big piece of work that we’ve been doing. I know it’s really topical. It’s been the case this morning. We’ve made meaningful progress on it, and we have tried to listen very carefully to issues that have been raised with us by the sector. And you and I have spoken in the past, Simon, about particularly that duplication in data collection by various regulators. I know that causes frustration, and we’re working closely with APRA and other regulators in really working out how to make some meaningful reductions there.
And I think just finally to look back is, there has been enormous law reform over the last five years following the Royal Commission, and we have all had to work towards implementation of that. And some of those changes, I think it’s fair to say, have proven a real challenge for all of us to implement. Both the regulators and the regulated. I recognise that going forward, look, the banking sector obviously faces a lot of increased complexity.
I’m sure you’re spending the morning talking about the challenges and risks. I’m talking about geopolitical in particular, but the other obvious one is AI. And so, as a regulator, what we want to be able to do is to use our regulatory toolkit in a way that of course supports innovation, productivity and growth, but while at the same time maintaining those important consumer protections.
The Financial [Services] Royal Commission, I don’t want to keep talking about it, and indeed, coming in today, I sort of thought, how much should we still be talking about the Royal Commission? It was a long time ago now. I think it is though, certainly from where I sit, it is very important that the lessons of the Royal Commission are not forgotten or diluted. We’re continuing to think about those things. As many of you will know, we did raise some concerns recently when some of the banks changed their rem [remuneration] model for proprietary lenders. We’re also conscious of the discussion to move back towards providing advice. I think we’ll have some thoughts about some things to say about that. It’s important in our view that the sector doesn’t overcorrect at all, in our view, to some of those Financial [Services Royal] Commission consequences.
And then finally, I just wanted to let you know; one of the issues that we have started regularly hearing more about is the difficulty that some older Australians are facing when trying to access credit. And it’s been particularly raised with us in the concept of access to credit cards. And this is in circumstances where those people have significant liquid assets that would be available to discharge any balances.
Now, we have a concern about that. We have a few queries about that. The responsible lending obligations are clearly a very important consumer protection. Obviously, we remain very committed to them. But they are principles-based, and they do provide lenders with some flexibility. I think our current view within ASIC is, look, lenders can actually do a lot more for this older Australian cohort under the current settings than perhaps some of them are willing to do. But at the same time, we also, to give a bit of a nudge or a prompt in that direction, have considered whether or not we might do some minor updates to our reg [regulatory] guide, so reg [regulatory] guide 209 on that issue, just to make sure that there is some real clarity for lenders.
That’s a long list of where we’ve come from and where we might go to, Simon, but those are some of my thoughts.
Simon: Thanks so much, Sarah. Indeed, there was a lot in that, and thank you for doing so. I’ll touch on a couple, particularly just that last point around, indeed, senior Australians. There are always things that surprise you as you take on a new role, in a new industry, and you bring a wealth of experience. Mine was tangential to banking, but not direct, and there are plenty of big issues and bigger things that I’ve had to learn about in the last few months.
But also the little things that come along, that advocacy from seniors groups to talk to us, to talk to you, and to say, this isn’t quite working as we want it to be, and I think Anthony Miller, in his session earlier, reflected on the fact that post-Royal Commission culture, as we would want it to be, is for banks to take a very cautious approach as to how they interpret information. And so that access to financial services and how responsible lending guidelines are set isn’t really where they cautiously apply and interpret those regs.
You’re right to call out that there is flexibility. I guess the cautiousness as to how that flexibility is used. But the senior groups really identifying concern about targeted access to specific financial products. Really, well, you’ve obviously heard the same messages that we’ve heard, and I know, I think, we’ve got COTA [Council on the Ageing] and some of the other groups here today, and I’m sure they’ll be enthusiastic about taking a look at whether there are targeted ways to address that.
I think equally, in the Royal Commission space, it does need to be mentioned, because the lessons must be enduring, and that’s right. Again, I welcome the fact that from the law reform that stemmed, the changes that have stemmed, we’re all still learning as well about some of the consequences. And the announcement yesterday by yourselves and APRA around the financial accountability regime.
Sarah: Yes, that’s a good example.
Simon: And that’s right, and that is upholding the law, upholding the expected standards, but making sure that it’s not a paper-chewing machine, but it’s actually effective for how you regulate our members.
Sarah: Yeah, and on that, it’s a really good example. I hope it’s also, Simon, sending a clear message to the banking industry that we are listening. Some of the complaints that we hear, and we’ll come to this if we have time, are other regulators, as aligned as they can be, are we asking for the same kinds of information, the same kinds of data and documents? That has a real burden, and I think what we are trying to do is to be proactive about some of those issues, to say, yep, we hear that, we understand that. We do need to work more closely together, we do need to make sure that we don’t have regulation for regulation’s sake. Like we need good regulation, we don’t just need more regulation, we need effective regulation that is meaningful when it’s properly implemented. And I think the FAR changes are a good example, where we’re giving those things some deep thought.
Simon: Yeah, and very well planned. It goes to how you do it effectively, and that’s what really matters at the crux.
Sarah: Indeed.
Simon: You’ve touched on AI and those challenges, and a theme running through this morning has definitely been risk, and how that is most effectively managed at one level, incentivised at the right level for the economy and investment. Where now you’re taking on the role, are you really seeing the emerging risks that you want to put some early priority into?
Sarah: Yeah, well in some ways I think we have touched on some of these issues before. I’ll be reasonably quick. I think the question is, what are the emerging risks that we are watching most closely at the moment? I mean, there are a range of economy-wide issues that are as important for us as they are for the banking sector. One of the key ones we’ll continue to focus on, of course, is scams and financial fraud, and the often life-changing and catastrophic impacts of those events on people.
With the technology increasing, the scale and sophistication of scams and other forms of financial crime, including, of course, we’ve recently seen all of the loan fraud-related issues, we’re just going to continue that as a focus, and our work on scams is really multifaceted. We’re looking at a lot of disruptions. We have a takedown service that’s removing hundreds of websites every week that are fake phishing sites and false investment scams. We’re doing a lot of regulatory work in scams over the last few years. We’ve done some really deep dives into a number of financial institutions and have reported on what we think is working well and what we think perhaps can be improved.
And then, of course, we’ve got enforcement matters as well. We’ve got a significant matter against HSBC Australia at the moment, where these are all allegations still before the court, but we were really concerned that, that particular bank failed to implement the appropriate protections and disruptions when it was on notice that its customers were being impacted by a significant scam. That work will obviously continue.
I think another area of work that you would appreciate we’ll continue looking at is the whole issue of cost of living and financial hardship. We have done a significant amount of work in relation to lenders’ hardship policies and how they implement those policies. Again, we’ve done over the last few years really significant surveillance work and issued a report on what we found. And we have also taken a number of matters to court in relation to hardship.
I think just one observation on hardship: it’s sometimes put to us that a lender gets many, many hardship requests, and genuinely we deal with them in the right way and they get dealt with within statutory timeframes. And I think it’s not reasonable of you just to pick on the few hundred examples where there’s been failures. I think our response to that is for those individuals, for each of those individual customers, those failures really have a very catastrophic impact. And some of the stories in relation to hardship impacts are very significant. That’s why we said we take those messages. That’s why we ask the court to impose the kind of penalties that we do. Hardship will continue to be a focus for us.
And then, look, just talking about technology, innovation, AI, Simon, you know, AI, we’re all grappling with it. Obviously it poses significant risks, but on the flip side, we always have to remember it also offers significant opportunities if it’s used well. We did a report in relation to governance arrangements in the face of AI innovation a little while ago. I think our main finding there that we were concerned about was that the governance around how AI is adopted and implemented perhaps lagged behind what was going on. And so we certainly have called that out and said, look, we are going to – we don’t have per se objections obviously to AI, as I say it’s got lots of positives, but it does need to be, in our view, a real focus on governance, transparency and what outcomes it’s really providing for consumers.
They’re some of the things, and I haven’t touched on things like geopolitical and other issues, because I know they’re going to be discussed no doubt at length elsewhere in the conference.
Simon: Indeed, and they’ve had a good run so far, and I’ve got no doubt they’re going to get an additional run in the session to come around the geopolitical. And AI is going to be with us and something we’re all having to respond to.
Sarah: Yes, that’s right.
Simon: And, of course, [inaudible] in so many different ways. You touched on scams and fraud, which are areas where I think there’s a real sense of desire for alignment between the industry and ASIC, because that is where we want to see scams and fraud reduced. Increasingly, the ecosystem that the government has legislated to tackle through its scam prevention framework recognises that in many ways we’re the last line of defence. A really important one, as Nuno said this morning, we should be held to account to make sure that if we know it’s a scam bank account we should be blocking transactions into that scam bank account. We should be taking those actions.
But, equally, where Meta knows that it’s a scam advertisement, they should only be taking that advertisement down, but making sure that that advertiser doesn’t just get to pop up and proliferate with 200 other AI‑generated scam advertisements that replace the one that was taken down. In looking at those areas of alignment, I guess, especially in the scams and fraud space, we just need the scope for us to work more closely together.
Sarah: Yes, it’s a good call out. I should, of course, have mentioned this whole new area of the scams prevention framework. It’s going to be a really big deal for ASIC, for other regulators, and for industry. The other piece of work in scams that we do, I think, when the government came in several years ago, it was very mindful to try to bring – recognising scams is an industry world, a whole of economy issue, to bring together both those various sectors, so telcos, banks, digital platforms. I know that the banks have got a real interest in the digital platforms being held to account here.
Simon: Stopping them at the source.
Sarah: I understand, I understand your view, or the views. And so, bringing them all together, but together with policy makers, with regulators, and other industry participants. I think that was really unusual. Like, Australia is world-leading in relation to our response to scams. We very much welcome that. I know that the ABA and the banking sector have done a lot of thinking, quite understandably, about scams. I think, one of our team here mentioned to me, I think there was a figure this morning, of how much the sector has collectively invested in relation to scams prevention, and we absolutely recognise that. I think there has been significant inroads made there.
Yes, I think we can all work together on scams. It’s a different kind of regulatory response that scams requires. As I say, it’s a lot more about disruption than about traditional enforcement methods. But we are very excited about the framework coming in, and ASIC will have a lot of work to do with the banks and other sectors as well, interestingly for us, in relation to implementation.
Simon: Indeed. And, obviously, lots of details to get right between now and the SPF [Scams Prevention Framework] commencing, but we’re certainly excited about the potential and what it can yield, and trying ultimately to ensure that Australia has world‑leading starts in a range of areas when it comes to tackling the impact of social media, and particular platforms, is replicated in terms of success, hopefully, in driving down scam losses and showing others how that can actually be done effectively too.
That trust equation that is very much at the core of the message out of the Royal Commission years, the lessons that need to continue to be reinforced there, but then as you look at that changing technology landscape and how consumers are interacting differently with technology, equally how banks have to think about how they use and deploy that technology. Are there any core messages that you want to deliver to a room largely, not exclusively, but largely full of banking industry fears about how you’ll look at them to maintain trust, and the approach that you expect ASIC to apply in that regard?
Sarah: Yes, I think Simon, if I’ve got it right, the theme of the conference is banking boldly, and I think that flavour has come through a bit. Your question is about how do you, as I understand it, how does the sector innovate responsively but also maintain the customer trust. It’s that looking forward and trust within that.
I think putting it really simply and perhaps far more bluntly than perhaps it’s prudent to, there’s sort of, and we talk about this within ASIC, there’s no point in being bold and innovative and creative, etc, etc, if you’re bungling the basics. When I think about that since I’ve come to ASIC, I’ve been quite struck as to just how frequently the industry – and it’s not just banking, we also regulate super funds as you know, and insurance – but how frequently the basics are got wrong.
And when I look at our sort of enforcement profile against the banks, for example, we’re very rarely in court dealing with some bold, new innovation or something, a bright, new, shiny offer. What we’re in court about and what we get grumpy about is when a bank has simply not paid the customers the interest rates that it said it would for term deposits, as an example. Or we talked about hardship; if a bank doesn’t respond to a hardship application within the 21 days that it’s required to, or in many examples we see hasn’t responded to the application at all. Or where a bank’s failed to properly detect that there’s been fees improperly charged, and they haven’t been refunded.
This is about while you’re doing the bold new exotic things, making sure the basics continue to be delivered and improved. And some of that goes back to my comments earlier about systemic issues, system failures, legacy and the like.
I think the point is about – so we recognise and appreciate the banks, as I said in my earlier remarks, are operating in an increasingly complex and increasingly competitive environment. Very much acknowledge that, and that that new environment and that competition is coming not only from other banks, but from various new entrants, digital players, digital platforms, indeed, new payments providers. There’s a high – I can imagine it feels like there’s a whole range of things sort of coming at the sector.
But, in recognition of that, to use that cliché phrase, you have to be able to walk and chew gum, right? You need to be able to get the – if you have the bright, shiny, new exciting consumer offering over here, you can’t drop the ball on the basics. And I think, in terms of trust, which is, I think, also in your question, the issue is, I think that’s where the trust risk lies for the sector. It’s not on the innovation side so much, as just perhaps not continuing to get the basics right.
Simon: Thanks, thanks Sarah. And I think we all face an increasing challenge in a very cluttered world of digital information to sort the wheat from the chaff, and the responsibility on banks to make sure they get that right. I was intrigued to have discussions with AFCA, for example, the other day, talking about the increasing challenge they’re facing as they get more AI generated complaints coming in, as to how you make sure that the complaints that are definitely real, definitely need quick action, and other factors, how you make sure your systems are able to respond effectively when you’re at risk of also facing huge growth in the volumes due to use of technology elsewhere, but then how you use that technology to manage those volumes.
Sarah: And one of the just – because I know we’re going to run out of time, so just one of the things on hardship for example that you sort of wonder about if you think about AI tools and advanced technology and being involved and the like, is there a way, and maybe some of the banks are already doing this, but to use all of those technologies, AI, other things to really work out which customers are the most vulnerable, or are likely to become vulnerable, and therefore maybe looking at hardship and other things. Are there ways that you can think about using that kind of new innovations and new technology to be very customer focused, customer centric and pick out where those problems are likely to arise and then cut them off at the pass, rather than playing catch up later when a hardship application gets lost somewhere in the system.
Simon: Absolutely. And yes we are right up against a timer. I’ll invite a closing reflection perhaps on how we can best work with you in meeting those customer expectations and maintaining that trust in helping to achieve regulatory simplification where we can, without compromising… any parting words of advice you’d provide to the ABA and also all of the banks and other regulated sectors in the room.
Sarah: Well, I think nothing beyond the observation that I’ve made, Simon. I think we have a very good at ASIC – as I know other regulators do – a very good working relationship with the ABA. We very much value the input from the industry. I know we engage regularly in all sorts of forums and panels and external things. I think my only parting words would be yes, we can work together, yes, we can help work out how to best protect customers.
And I guess the only thing I’d ask in response is just recognising, as I’m sure most in the room do, that regulators have got a job to do. We have an important job to do. We can’t be seen as being too close to industry too often, and we need to be seen to be using a big stick from time to time when it matters. And obviously we will be continuing to do that, that’s what the public expects of us and that’s what we’ll do. But it’s not personal, it’s a sign of us being a good regulator. Perhaps I’ll leave you on that.
Simon: Thank you.