The Security Legislation Amendment (Critical Infrastructure) Bill passed both houses of the Commonwealth Parliament on Monday 22 November 2021. 

Key elements of the legislation are:

• Section 8D defines the critical infrastructure sector as being:

Each of the following sectors of the Australian economy is a critical infrastructure sector:

                     (a)  the communications sector;

                     (b)  the data storage or processing sector;

                     (c)  the financial services and markets sector;

                     (d)  the water and sewerage sector;

                     (e)  the energy sector;

                      (f)  the health care and medical sector;

                     (g)  the higher education and research sector;

                     (h)  the food and grocery sector;

                      (i)  the transport sector;

                      (j)  the space technology sector;

                     (k)  the defence industry sector.

• section section 8E defines a critical infrastructure asset as being an asset that relates to a critical infrastructure sector. There are definitions of specific types of critical infrastructure assets
• there are very broad definitions of when assets relate to a sector
• the definition of a relevant impact is broad and general
• Part 2B sets out the obligations of mandatory reporting.  Section 30BC, regarding a critical cyber security incident, provides, in part:

Read the rest of this entry »

The European Commission has recently released its proposed regulation of Artificial Intelligence. It is the first ever legal framework on AI.  Given the impact of the European Union’s implementation of the General Data Protection Regulation (GDPR) on worldwide data collection, use, storage and security this proposal, if the Artificial Intelligence Act becomes European law it will have similarly significant impact. The proposal runs to 108 pages with 17 pages of attachments.  It will be a seriously large, laborious and slow process to go from its proposal to adoption stage.

There is a useful 10 page overview titled Communication on Fostering a European approach to Artificial Intelligence.  And being the EU there is a 66 page overlong and detailed plan on AI titled Coordinated Plan on Artificial Intelligence 2021 Review.

The media release Read the rest of this entry »

Yesterday and first thing this morning the media was abuzz, with coverage from the Guardian,  the Sydney Morning Herald, the ABC and the Financial Review (amongst many other news outlets) with news of proposed changes to the insolvency laws as embargoed releases were provided to them last night.

The Treasurer revealed the proposed changes to the insolvency laws.  That will significantly affect  professionals who practice insolvency law such as myself.

The Treasurers’ media release relevantly provides:

The 10 page fact sheet is found here and Read the rest of this entry »

Today the Federal Treasurer announced an extension of the temporary amendments to the continuous disclosures obligations under the Corporations Act 2001 until 21 March 2021.

This announcement does not come as a particular surprise to insolvency practitioners.

The release Read the rest of this entry »

Yesterday the Australian Government released a Consultation Paper with the exposure draft of the Data Availability and Transparency Bill 2020 (the “DAT Bill”).

The Consultation Paper is a mere 33 pages.  The exposure draft of the DAT Bill comes in at 104 pages with the explanatory memorandum coming in at a relatively slender 74 pages.  The enactment of the DAT Bill will give rise to consequential amendments which are found in the Data Availability and Transparency (Consequential Amendments) Bill 2020 and accompanying explanatory memorandum.

The consultation period, for comments and submissions, closes at 5pm on 6 November 2020.  Given the breadth and depth of the DAT Bill that is quite a short time frame in the age of COVID.

The road has been smoothed for the introduction of this quite radical, on one view, and transformative, on another, change to the usage of data collected by public agencies.  The interim National Data Commissioner has framed the proposal, in her press release Modernising government data sharing, in terms of being Read the rest of this entry »

The Attorney General announced yesterday that the Commonwealth Government will extend the insolvency and bankruptcy protections previously enacted in relation to:

• trading while insolvent
• increasing the threshold at which creditors can issue a statutory demand and the time for responding to a statutory demand.

The protections will extend until 31 December 2020.

The Attorney General’s media release provides:

The Morrison Government will continue to provide regulatory relief for businesses that have been impacted by the Coronavirus crisis by extending temporary insolvency and bankruptcy protections until 31 December 2020.

Regulations will be made to extend the temporary increase in the threshold at which creditors can issue a statutory demand on a company and the time companies have to respond to statutory demands they receive.

The changes will also extend the temporary relief for directors from any personal liability for trading while insolvent.

These measures were part of more than 80 temporary regulatory changes the Government made designed to provide greater flexibility for businesses and individuals to operate during the coronavirus crisis.

The extension of these measures will lessen the threat of actions that could unnecessarily push businesses into insolvency and external administration at a time when they continue to be impacted by health restrictions.

These changes will help to prevent a further wave of failures before businesses have had the opportunity to recover.

In addition, the Government is providing an unprecedented level of support totalling $314 billion to cushion the blow for workers, households and businesses during the coronavirus crisis.

As the economy starts to recover, it will be critical that distressed businesses have the necessary flexibility to restructure or to wind down their operations in an orderly manner.

The Government will continue to help businesses successfully adapt and restructure so that they can bounce back on the other side of this crisis.

As the Age reports in ‘More harm than good’: Businesses get reprieve but thousands still set to fail on the the changes, importantly that the extensions may actually harm rather than benefit Read the rest of this entry »

Today the Australian Securities and Investments Commission (“ASIC”) commenced proceedings against RI Advice Group Pty Ltd (“RI”).   It has been filed in the Federal Court Victorian Registry.  

RI holds an Australian Financial services licence and at all relevant times was a wholly owned subsidiary of the Australia and New Zealand Banking Group Limited (the ANZ).

According to the Concise Statement :

• on 3 January or 3 March 2017 RI became aware of a ransomware attack on the computer systems of one of RI’s authorised representatives in 2016 which made files inaccessible [5];
• on 30 May 2017 RI became aware another authorised representative’s files were hacked which affected 226 client groups [6]. 

ASIC alleges that in relation to each of those incidents RI should have but failed to:

 (a) properly review the effectiveness of cybersecurity controls relevant to these incidents across its AR network, including account lockout policies for failed log-ins, password complexity, multi-factor authentication, port security, log monitoring of cybersecurity events, cyber training and awareness, email filtering, application whitelisting, privilege management and incident response controls; and (b) ensure that those controls were remediated across its AR network where necessary in a timely manner, in order to adequately manage risk with respect to cybersecurity and cyber resilience.

• between 30 December 2017 and 15 April 2018 an unknown malicious agent obtained and retained remote access to an authorised representative’s remote access to its file server and spent 155 hours accessing sensitive client information.  That resulted in 27 clients reporting unauthorised use of their personal information with that there were 3 attempts to redirect mail and multiple bank accounts being opened upon without consent.  There was a notification to the Australian Information Commissioner.  An investigation revealed that 8,104 individuals were exposed to the breach.

ASIC alleges that the risk management systems and resourcing relating to cybersecurity and cyber resilience were inadequate Read the rest of this entry »

In Lewis (liquidator), in the matter of Concrete Supply Pty Ltd (in liq) [2020] FCA 841 White considered the relevant principles in considering an application under section 477(2B) of the Corporations Act 2001.

FACTS

Between August 2009 and November 2017, ABCL had supplied concrete to Concrete Supply [5].

In October 2017, ABCL discovered that it had been underpaid about $12 million by Concrete Supply.  The underpayment was disguised by false entries made by one of its employees.  ABCL sought payment of the shortfall from Concrete Supply. On 14 November 2017, the directors of Concrete Supply resolved that it was, or was likely to become, insolvent and appointed Messrs Cooper and Cantone at Worrells as administrators. On 19 December 2017, the creditors of Concrete Supply resolved that it enter into a Deed of Company Arrangement (” DOCA”) [5].

ABCL opposed the Read the rest of this entry »

In Yeo, in the matter of Ready Kit Cabinets Pty Ltd (in liq) v Deputy Commissioner of Taxation [2020] FCA 632 Middleton J considered the operation of the sub sectin 588FE(2B) involving the voidable transactions and whether payments were made under the administrator of a deed of company arrangement.

FACTS

On 29 October 2013, Mr Yeo and Mr Rambaldi were appointed as joint and several administrators of Ready Kit Cabinets Pty Ltd (in liq) (” the Company”) [8].

The DCT  commenced proceedings seeking to wind up the Company before the appointment of  Yeo and Rambaldi as voluntary administrators [9].  The first meeting of the Company’s creditors was convened and held on 7 November 2013 [10].  On 14 November 2013,  Yeo and Rambaldi issued a circular to creditors in which they advised that the second meeting of the Company’s creditors would be held on 22 November 2013. Yeo and Rambaldi provided creditors with a copy of a s 439A report with the circular [11].  At the second meeting of creditors  a resolution was passed that the Company should execute a deed of company arrangement [12].

On or about 11 December 2013, the DOCA was executed by:

• each of the Company (by its then administrators,  Yeo and Rambaldi),
•  Yeo and Rambaldi as deed administrators, and
• the Director [13].

His Honour identified key provisions of the DOCA as:

• Recital H. [14], that:

This Deed binds all Creditors of [the Company] pursuant to Section 444D of the Corporations Act and [the Company], all officers and members of [the Company], and the Administrators pursuant to Section 444G of the Corporations Act.

•  management and control of the Company’s day-to-day business affairs were returned to the Director;
• a fund was established and controlled by the Deed Administrators which constituted the whole of the property available for distribution to participating creditors [15];
• the Company and Director made certain covenants and undertakings, including in respect of the Company’s compliance with its taxation obligations [15]; and
•  upon default of the DOCA by the Company or the Director, the Deed Administrators were to convene a meeting of creditors to determine whether to terminate the DOCA and wind up the Company [15].

Between 11 December 2013 and 5 July 2017, the Company was returned to the management and control of the Director and continued to trade [16]. During this time the Company incurred fresh liabilities Read the rest of this entry »

The Commonwealth Attorney General’s Department has released an exposure draft of the Privacy Amendment (Public Health Contact Information) Bill 2020.

The Attorney General’s media release provides:

The COVIDSafe app is a critical tool in helping our nation fight the COVID-19 pandemic.

With more than 4 million COVIDSafe registrations many Australian’s are already doing their part to help protect and save lives.

Attorney-General, Christian Porter, today released draft legislation which will codify the existing protections for individuals’ data collected by the COVIDSafe app that have been established in the Health Minister’s Biosecurity Act Determination.

The Privacy Amendment (Public Health Contact Information) Bill 2020, will reinforce the protections set out in the Determination made by the Minister for Health under the Biosecurity Act 2015on 25 April 2020, placing the protections into primary legislation through amendments to the Privacy Act 1988. Read the rest of this entry »