Busy year ahead

With important regulatory reviews taking place, 2023 looms large with a packed governance regulation agenda. Climate change reporting and workplace sexual harassment are also prominent blips on directors’ radars, writes Louise Petschler GAICD.

Climate reporting

The federal government released a discussion paper on 12 December covering proposed elements of a new Australian climate reporting framework. Consultations close this month and the AICD will provide input.

The government’s aim is to introduce standardised, internationally aligned reporting requirements for organisations to make disclosures across climate governance, strategy, risk management, targets and metrics. Reporting is likely to be mandatory for large listed entities and financial institutions — and phased in over time.

The consultation is considering a range of framework issues including:

• Coverage: Expected to start with listed entities and financial institutions.
• Phasing: Phased approach, with the first reports being required for FY 2024–25.
• Scope: Aligned with the Taskforce on Climate-related Financial Disclosures (TCFD) and the International Sustainability Standards Board (ISSB) standards (see AICD’s ISSB overview at bit.ly/3IPWgxY).
• Reporting: Requirement to disclose material scope 3 emissions on a “phased-in” basis.
• Proportionate application of liability: This is of particular concern to AICD and we commissioned external legal advice on liability issues for Australian directors as part of our input to the ISSB consultation last year. A safe harbour similar to the US SEC’s proposal for scope 3 emissions is a possible mechanism to balance incentivising disclosure and penalising misconduct.
• Offset and transition plans: If made mandatory, approach to disclosure and assurance.

Modern Slavery Act review

The statutory review of Australia’s Modern Slavery Act 2018 (Cth), led by Professor John McMillan AO, is due to deliver its report to the Attorney-General in March this year. The review is considering issues including a lower threshold for reporting (currently applying to organisations with $100m-plus in annual turnover), penalties for non-compliance and a new anti-slavery commissioner.

AICD’s submission was lodged in November last year, informed by consultation with AICD members, Division Councils, committees and external stakeholders. 

We noted that boards have significantly increased their focus on risks of modern slavery, with increased awareness and focus on risks in supply chains across organisations, government and civil society. We also acknowledged that due diligence and reporting practices are still developing — and that continued improvement is needed.

In its recent Broken Promises report, the Australian Human Rights Law Centre (AHRLC) found that in the second year of reporting under the Act, 66 per cent of companies did not address all mandatory reporting requirements, and 43 per cent did not identify ‘“obvious” modern slavery risks in their supply chains.

AICD supported retaining the current reporting threshold and provided in-principle support for penalties for egregious breaches of the Act, also proposing a reasonable steps defence. We have encouraged any new anti- slavery commissioner to have a legislatively defined focus on education, awareness-raising and collaboration, citing the opportunity for collaboration with industry on common supply chain risks.

Cybersecurity strategy

In December 2022 the federal government announced a new expert panel to oversee a refreshed national Cyber Security Strategy (2023–30). The panel comprises former Telstra CEO Andy Penn, Cyber Security Cooperative Research Centre CEO Rachael Falk MAICD, and former Chief of Air Force, Air Marshal Mel Hupfeld AO DSC.

The AICD will engage with the panel on consideration of any measures to enhance the governance of cybersecurity in Australian organisations. The AICD worked with Falk on the development of the AICD/CSCRC Cyber Security Governance Principles, released late last year. We have received positive feedback from members across all sectors on the principles.

In related developments, in November last year, federal parliament passed amendments to the Privacy Act 1988 that significantly enhance penalties for serious and repeated privacy breaches. The long-standing Privacy Act review is expected to report early this year, with stronger obligations expected of businesses of all sizes in respect of data governance and management.

Continuous disclosure review

Important reforms to Australia’s continuous disclosure laws will also undergo a statutory review this year. The changes, introduced with strong support from the AICD, re-inserted a fault component into breaches of continuous disclosure and misleading and deceptive conduct provisions of the Corporations Act 2001 (Cth).

In the AICD’s view, the reforms provide a more balanced approach requiring securities class action plaintiffs to prove fault, such as “knowledge, recklessness or negligence” for a breach of disclosure laws to be established. As the corporate regulator, the Australian Securities and Investments Commission can, of course, also take action for breaches of disclosure laws. We anticipate an upwards trend in securities class action activity in Australia will continue and may, in fact, broaden into new frontiers with soon-to-be-mandatory sustainability reporting, and potential new “direction of action” being considered under the Privacy Act review. The review will be a priority for the AICD this year and we will be advocating for the reforms to be retained.

Workplace sexual harassment

In late 2022, parliament passed legislation establishing a new positive duty on all employers to take reasonable and proportionate measures to eliminate discrimination, sexual harassment and victimisation in the workplace as far as possible. Other amendments strengthened Australian Human Rights Commission (AHRC) powers to assess and enforce compliance with the positive duty and conduct systemic inquiries into unlawful discrimination.

A 12-month transition period applies before the AHRC’s new powers with the positive duty to “monitor and assess compliance” commence. This gives employers time to understand their obligations and implement changes if necessary.