Super Alert – 14 November 2025: ASIC 2026 enforcement priorities, APRA updated super data reporting FAQs, OAIC new data breach reporting dashboard
Welcome to the weekly KHQ Super Alert. This week ASIC announced its enforcement priorities for 2026 and published various speeches delivered by its executive team. Treasury published a speech delivered by the Assistant Treasurer and Minister for Financial Services. Meanwhile, APRA updated its superannuation data reporting FAQs and the OAIC released a new data breach reporting dashboard.
ASIC – 2026 enforcement priorities announced
On 13 November 2025, ASIC released its 2026 enforcement priorities which the regulator has designed to ‘protect consumers from financial harm and uphold the integrity of Australia’s financial markets’.
ASIC’s new enforcement priorities for 2026 include:
- ‘Financial reporting misconduct including failure to lodge financial reports.’
- ‘Claims and complaint handling failures by insurers.’
The continuing enforcement priorities for ASIC in 2026 are:
- ‘Strengthening investigation and prosecution of insider trading conduct.’
- ‘Holding super trustees to account for member services failures.’
- ‘Auditor misconduct.’
ASIC’s Deputy Chair, Sarah Court, delivered a speech on the same day in relation to the publication of the enforcement priorities.
Click here and here for details.
Treasury – Speech in relation to focus for superannuation sector
On 12 November 2025, Treasury published a speech delivered by the Assistant Treasurer and Minister for Financial Services, the Hon Dr Daniel Mulino MP which addressed a range of key priorities and impending reforms that will impact the superannuation sector. Key notes from the speech included:
- A best principles framework is being developed in relation to the retirement phase, and this has already seen ‘extensive consultation completed’.
- The development of a member service standards framework is now ‘at quite an advanced stage’ and Treasury is focusing on both the development and enforcement of those standards.
- Treasury is ‘looking to work with [the] sector on better regulation in a generic sense… [and]…around reducing the burden of data asks’.
- Treasury acknowledged the importance of the cyber security collaboration coordination framework.
- Reform in superannuation is complicated but Treasury is committed to ‘delivering reforms, which will enable people who can’t afford [advice] or for where it’s not appropriate for them to have full‑fee advice for them to receive appropriate guidance and advice’.
- The Assistant Treasurer signposted that Treasury is ‘going to be holding a roundtable with all the peaks and the regulators in the not‑too‑distant future to work on some case studies of where we might be able to explore reducing that red tape’.
Click here for details.
APRA – Speech in relation to trust in the superannuation industry
On 12 November 2025, APRA published a speech delivered by Executive Director Carmen Beverley-Smith in relation to building trust in superannuation. Some of the key comments included the following:
- ‘The events of this year serve as a reminder that trust is not static. Funds must continuously strive to maintain member confidence in their super as the stewards of it.’
- ‘…APRA is specifically interested in the quality and capability of trustee boards. APRA is currently engaging with the industry to uplift board governance standards… APRA expects to release draft governance standards and guidance in the second quarter of next year.’
- ‘Cyber resilience is a high priority focus for APRA…including our clear message that multi-factor authentication is the bare minimum expectation in relation to cyber controls.’
Click here for details.
APRA – Update to Superannuation Data Transformation FAQs
On 11 November 2025, APRA added 9 new frequently asked questions (FAQs) for superannuation data reporting. At the same time APRA archived FAQ 553.0c which related to the reporting of material exposures, and updated the worked example in FAQ 553.3a relating to out of cycle valuations. The new FAQs deal with:
- reporting certain derivative exposures of counterparties where populating reporting tables results in validation errors;
- reporting cash flows for transfers from accumulation to pension products; and
- reporting the correct instrument type where cash collateral is received from securities lending and then reinvesting in a reverse repurchase agreement.
Click here for details.
ASIC – Speech in relation to Australia’s financial capability and consumer protection
On 7 November 2025, ASIC published a speech by one of its Commissioners, Alan Kirkland. The focus of the speech was on the role of financial literacy in consumer protection and the rebuilding and refreshing of Moneysmart. Some of the key points included the following:
- ‘Consumers are often vulnerable to exploitation in the financial system because for many of the decisions they make, they are equipped with less knowledge than the person or firm on the other side of the transaction.’
- ‘…[f]inancial literacy and education need to be complemented by strong consumer protection laws that encourage firms to do the right thing by their customers.’
- ‘…[o]nly 26% of Australians over the age of 18 consider themselves to be ‘very knowledgeable’ on money and financial matters.’
- ‘…[w]hen [Australians] have used Moneysmart, 93% report a positive experience.’
- ASIC has recently released a new version of its retirement planner (a calculator on Moneysmart) and intends to release ‘a new ‘retirement hub’ with a range of content resources to help Australians planning for retirement.’
Click here for details.
OAIC – New data breach dashboard launched
On 4 November 2025, the OAIC launched its new ‘Notifiable Data Breaches (NDB) statistics dashboard’. The ‘dashboard is an interactive tool that allows the Australian community to access, analyse and benchmark data’ received under the NDB scheme.
According to Australian Privacy Commissioner Carly Kind, the OAIC’s goal for the new dashboard is to help reporting entities learn from the experiences of others. ‘The dashboard contains new statistics for January to June 2025. These show the OAIC was notified of 532 data breaches during the period, a 10% decrease compared with the previous six months’.
The dashboard is set to be updated every six months.
Click here for details.
Want KHQ Super Alerts delivered straight to your inbox each week? Click here to subscribe.