Australia: Legal update: Handling Confidential Information
Release of ASIC Consultation Paper

Purpose

ASIC states that the guidelines are designed to help companies, advisers, investment banks and other service providers raise the standard of their internal policies and procedures for the handling of price-sensitive confidential information, so as to reduce the occurrence of market sensitive leaks. However, it is also apparent that the guidelines are intended to create documentary records to allow investigation of leaks and insider trading by ASIC.

Background

The proposed guidelines are the result of ASIC's Confidential Information Project, which identified a number of abnormal stock trading and media leaks immediately prior to announcement of transactions. ASIC is concerned to ensure price-sensitive and confidential information is not misused and is communicated equally to all market participants.

If adopted, ASIC claims that the guidelines will bring Australia into line with international best practice and enable companies and advisers to benchmark their policies and practices.

Proposed standards

The proposed standards will complement existing fiduciary and legal obligations of parties involved in commercial transactions. The proposed standards include:

• Insider lists
  • Companies should maintain a register of all people who are insiders on sensitive transactions. In addition, third party advisers should be required to provide the company with up-to-date lists of all people within their firm who have access to the company's confidential information. ASIC believes insider lists will help to limit the number of staff privy to confidential information by promoting the "need-to-know" principle.

• Classification of confidential information
  • In major transactions, information created by or given to a company should be classified according to the level of protection it requires. It is envisaged that even basic security measures can greatly reduce mismanagement of confidential information.

• Leak investigations
  • When a leak is suspected or confirmed, the company should conduct a formal (but proportionate) investigation to identify the source of the leak and take appropriate action. Such a standard would act as a deterrent to employees who may otherwise misuse the company's confidential information. ASIC indicates that the investigation will only need to be an internal investigation but it is not clear what a proportionate investigation will require in practice.

• Confidentiality agreements
  • Companies should not rely on past dealings and the expected professionalism of third parties to safeguard their confidential information. Instead, it is recommended that companies require all advisers to sign transaction-specific confidentiality agreements.

• Reinforcing individual obligations
  • Highly sensitive transactions require more stringent policies and procedures and may necessitate that employees sign individual confidentiality agreements. Such an approach is aimed at increasing an employee's mindfulness of their personal responsibilities in respect of the confidential information.

• Consent to market soundings
  • Market soundings increase the risk of price-sensitive confidential information being misused. Companies should require investment banks to seek their consent to sound the market. Additionally, soundings should only take place when the market is closed or the particular stock is in a trading halt. The number of parties sounded should also be limited.

• Use of sounding script
  • The use of a formal 'sounding script' is recommended to ensure that the confidential information is disseminated in a controlled, systematic and transparent way.

• Notification of sounding
  • Investment banks should notify ASIC within 48 hours of conducting a market sounding and provide details of all institutions contacted, the contact persons and whether each of them agreed to be made an insider.

Enforcement

These are only guidelines and, accordingly, they have no legal effect of their own. ASIC's consultation paper highlights the risks of not protecting confidential information but a breach of the guidelines would not necessarily cause a contravention of the kind described by ASIC.

The risk areas identified by ASIC are:

• an employee or board member of the company engaging in insider trading in breach of s1043 of the Corporations Act;
• the company being in breach of continuous disclosure obligations under Ch 3 of the Listing Rules; and
• an employee of an adviser engaging in insider trading in breach of the adviser's AFS licence.

The key impact of the guidelines from an enforcement perspective is that the records required by the guidelines would allow ASIC to more easily investigate potential contraventions of these provisions.

Impact

ASIC claims that many companies and advisers already have in place policies and procedures to handle confidential information and that, as such, the guidelines are not expected to create a high burden of compliance. However, the best practice guidelines go well beyond the procedures that are, in our experience, adopted by companies and their advisers involved in capital raisings and mergers and acquisitions.

Recommendations

If the Regulatory Guide is adopted in the draft form, companies should review current policies and practices in light of the proposed guidelines and consider whether they should update those policies or change those practices having regard to the new ASIC guidance.

The consultation paper detailing the proposed standards and rationales can be accessed via the ASIC website:

Consultation period

ASIC is seeking comments until 21 February 2010.

The regulatory guide is expected to be released in April 2010.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

http://deacons