1. Home
  2. News
  3. ASIC shelves plans to publish firm-level breach data

ASIC shelves plans to publish firm-level breach data

Regulatory
06 Oct 2025

ASIC has shelved plans to publish firm-level Reportable Situations (RS) data after carefully considering feedback from the managed funds industry, but the regulator will push ahead with plans to make firm-level Internal Dispute Resolution (IDR) data public. 

ASIC will still publish RS data on an aggregate level. ASIC intends to publish industry-level RS data in an interactive dashboard so that users can draw insights into the nature and impact of breaches reported, and how industry is identifying and responding to those breaches. 

In a recent announcement, ASIC said it had received 47 submissions in response to its  Consultation Paper 383 Reportable situations and internal dispute resolution data publication (CP 383), including from the Property Funds Association of Australia (PFA).

ASIC said it gave careful consideration to the feedback received. In its announcement, the regulator said: “ASIC sought to balance the benefits of firm-level transparency against concerns around the maturity of the RS regime, particularly following recent changes to firms’ reporting obligations.

“While proceeding with plans to publish firm-level IDR data, ASIC has made key changes to how the data will be presented, including around complainant privacy, data comparisons, and explanatory material to support contextualisation.”

ASIC has stated that the RS dashboard on aggregate level data is set to be published this October, while the IDR firm-level dashboard will be published later this year. 

PFA made a submission to ASIC’s Consultation Paper 383: Reportable situations and internal dispute resolution data publication (CP 383) in June 2025. 

The consultation paper proposed greater visibility of breach and complaints data for managed funds, with the initial proposal including two dashboards of firm-level Reportable Situations (RS) and Internal Dispute Resolution (IDR) data, putting breach and complaints data into the public domain. 

PFA expressed concerns about ‘naming and shaming’ investment schemes, and said it could act as a disincentive to reporting.

PFA outlined several potential issues, including: 

  • The potential for creating perverse incentives and underreporting – risk of reputational damage may lead some licensees to under-report, potentially undermining the integrity and effectiveness of the RS and IDR regimes.
  • Publishing the raw data alone without proper context, which could be misinterpreted by the public, investors, and media – an obvious example is that high numbers of reports may reflect a strong compliance culture and robust systems, rather than poor conduct. 
  • Potential to dampen innovation and new market entrants. Those developing new products or services, or entering new markets, may be more likely to encounter reportable situations as part of responsible risk management. Yet the threat of public ‘naming and shaming’ could discourage such innovation.

A copy of PFA’s submission and other submissions to ASIC’s Consultation Paper 383, and ASIC’s response, is available here.

The PFA welcomes these developments. 

If you have any questions for the PFA’s Issues & Regulatory Committee (IRC), please contact PFA: pfa@propertyfunds.org.au