The corporate regulator has warned it will seek record penalties for breaches of market disclosure amid new findings that listed companies are acting illegally by failing to disclose material cyber attacks.on Friday, the largest ever fine in Australia for a breach of market disclosure rules, Australian Securities and Investments Commission deputy chairman Sarah Court signalled the regulator will pursue even higher fines.
High profile listed companies that have been hit with cyber-attacks over the past decade include ANZ, CBA, Telstra and Wesfarmers. Professor Frino declined to share which companies he alleges would have been in breach of laws. He is investigating a possible class action relating to disclosure against Medibank, among other companies, and was not surprised by the research.
Professor Frino, who has provided expert evidence on disclosure rules in a number of cases, urged Australia to follow the Securities Exchange Commission, which has proposed a rule requiring listed companies to disclose within four days to the market if they have been “successfully” cyber-attacked.“We are well aware of these kind of issues and cyber is an enforcement priority that we are continuing to elevate and focus on,” she said.
Presumably, these companies incorrectly assumed that cyber-attacks are not market sensitive, or worse still decided to try and hold back the information.warned last November Professor Frino, currently a Senior Fulbright Scholar in the US, said that it was time for the Australian government and regulators to act.