You have 4 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Powered by MOMENTUM MEDIA
Breaking news and updates daily. Subscribe to our Newsletter
facebook linkedin X Instagram youtube

Explore

SECTIONS

MORE

search button
Advertisement

Dealer group facing court over alleged cyber-security failures

ASIC has commenced proceedings in the Federal Court against a subsidiary of IOOF group following a number of alleged cyber breach incidents at certain authorised representatives of the licence, including an SMSF advice firm.

user icon
Fri, 21 Aug 2020 Security
Dealer group facing court over alleged cyber-security failures
expand image

ASIC has commenced proceedings in the Federal Court of Australia against RI Advice Group, an Australian Financial Services (AFS) licence holder, for failing to have adequate cyber-security systems.

In a public statement, ASIC said the action follows a number of alleged cyber breach incidents at certain authorised representatives (ARs) of RI, including an alleged cyber breach incident at Frontier Financial Group Pty Ltd as trustee for The Frontier Trust (Frontier) from December 2017 to May 2018. Frontier Financial Group provides a wide range of advice services including superannuation and SMSFs.

RI was, until 1 October 2018, a wholly owned subsidiary of Australia and New Zealand Banking Group Limited. On 1 October 2018, RI became a wholly owned subsidiary of IOOF Holdings Limited (IOOF).

ASIC has alleged that Frontier was subject to a “brute force” attack whereby a malicious user successfully gained remote access to Frontier’s server and spent more than 155 hours logged into the server, which contained sensitive client information including identification documents.

The corporate regulator also alleges that RI failed to have implemented, including by its ARs, adequate policies, systems and resources which were reasonably appropriate to manage risk in respect of cyber security and cyber resilience.

ASIC is also seeking declarations that RI contravened provisions of the Corporations Act, specifically sections 912A(1)(a), (b), (c), (d) and (h) and (5A), and orders that RI pay a civil penalty in an appropriate amount to be determined by the court.

It is also seeking compliance orders that implements systems that are reasonably appropriate to adequately manage risk in respect of cyber security and cyber resilience and provide a report from a suitably qualified independent expert confirming that such systems have been implemented.

You need to be a member to post comments. Become a member for free today!

Comments (0)

Cyber Daily Comments
Attach images by dragging & dropping or by selecting them.
The maximum file size for uploads is MB. Only files are allowed.
 
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
Posting as

    newsletter
    cyber daily subscribe
    Be the first to hear the latest developments in the cyber industry.
    CD Logo

    OUR PLATFORMS AND BRANDS

    EVENTS AND SUMMITS

    PODCASTS

    LEARNING AND EDUCATION

    MOMENTUM MARKETS NETWORK

    LINKS

    STAY CONNECTED

    Be the first to hear the latest developments in the cyber industry.

    momentummedia media
    most innovative companies awards

    OUR PLATFORMS AND BRANDS

    EVENTS AND SUMMITS

    PODCASTS

    LEARNING AND EDUCATION

    MOMENTUM MARKETS NETWORK

    LINKS

    CATEGORIES

    STAY CONNECTED

    Copyright © 2025 MOMENTUMMEDIA