Introduction
The Australian Securities and Investments Commission (ASIC) has confirmed its new approach to publishing internal dispute resolution (IDR) data, a significant shift that directly impacts charities holding an Australian Financial Services Licence (AFSL). This move means ASIC publishes firm-level complaints data, making your organisation’s dispute resolution performance publicly accessible and creating considerable new reputational risks.
Understanding these new IDR data reporting obligations is essential, as the public release of this information differs significantly from how Reportable Situations (RS) data is handled. Given the complexities of the legislative instruments and the potential for a breach to result in penalties, consulting with a not-for-profit lawyer is a critical step in preparing your organisation for this new era of transparency.
Does This Apply to Your NFP & Identifying Which Charities Hold an AFSL
Identifying AFS Licensees & Superannuation Trustees
The mandatory IDR data reporting obligation applies to specific entities, including certain not-for-profit organisations. Under the framework established by ASIC, any organisation holding an Australian Financial Services (AFS) licence or acting as a superannuation trustee must comply with these requirements. This can encompass a range of charitable entities that engage in financial activities.
The reporting obligations extend to entities that perform specific functions, such as:
- Providing financial product advice to clients
- Dealing in or making a market for a financial product
- Operating a registered scheme, like some community foundations
- Acting as a trustee for a regulated superannuation fund, which may include NFP super funds
Determining whether your organisation’s activities necessitate holding an AFSL can be a complex process. Given the potential for penalties for non-compliance, consulting with a not-for-profit lawyer is a crucial step to clarify your legal standing and reporting obligations.
The Scope of Financial Services Provided to Retail Clients
A key factor in determining whether your organisation must submit IDR data to ASIC is the type of client you serve. The requirement specifically targets AFS licensees that provide financial services to retail clients.
This distinction is critical for not-for-profit organisations to understand. If your charity holds an AFS licence but exclusively serves wholesale clients, it may fall outside the scope of this particular IDR data reporting framework.
The focus on retail clients is designed to enhance transparency and consumer protection for individuals engaging with financial services. Therefore, your NFP must assess its client base to confirm if these reporting obligations apply.
Request a Consultation with one of our experienced Lawyers today.
Get Your Initial Consultation
ASIC’s New Public Dashboard Policy & Why Your Internal Disputes Will Go Public
Publication of Firm-Level IDR Data
ASIC has confirmed its approach to publishing IDR data, deciding to release this information at a firm-specific level. This move is designed to increase both transparency and accountability across the financial services industry.
By making complaints data public, ASIC aims to:
- Motivate firms to enhance their practices
- Provide customers with valuable information
The publication of firm-level IDR data will be presented on a public-facing dashboard. This approach aligns with the existing practice of the Australian Financial Complaints Authority (AFCA), which already publishes firm-level external dispute resolution data.
However, to protect privacy, ASIC will exclude certain sensitive details from the firm-level reports, such as:
- Complainant demographic data, including gender
- Age and postcode
Exclusion of Firm-Level Reportable Situations Data
In contrast to its policy on IDR data, ASIC will not publish RS data at the firm level. Following industry consultation, the regulator decided to release RS data only in an aggregated, industry-level format.
This means that:
- Insights into the nature of breaches will be available
- Individual firms will not be named
ASIC’s decision was influenced by feedback that raised concerns about the maturity of the RS regime. The regulator sought to balance the benefits of firm-level transparency with the need to allow reporting practices to mature, particularly after recent changes to firms’ reporting obligations.
This approach avoids a “name and shame” scenario for reportable situations, which some stakeholders argued could discourage full and accurate reporting of breaches.
100% Obligation-Free
Speak to one of our Experienced Lawyers Today
Differences Between Reportable Situations & IDR Data Sets
Aggregated Industry-Level Data for Reportable Situations
After considering industry feedback, ASIC will not publish RS data at the firm level. This decision is designed to balance the benefits of transparency with concerns about the maturity of the RS regime, giving more time for reporting practices to develop.
Instead, ASIC will publish RS data in an aggregated, industry-level format. With this approach:
- Individual licensees’ names and licence numbers will not be included in the public dashboard.
- Users will still be able to:
- Draw insights into the nature and impact of reported breaches.
- Understand how the industry is identifying and responding to these situations.
Specifics of Firm-Level IDR Data Reporting
In contrast to its approach for RS, ASIC will publish IDR data at the firm level. This means your organisation’s name will be publicly visible on the IDR dashboard. This approach aligns with the existing publication of external dispute resolution data by AFCA.
To protect privacy, certain information will be excluded from the firm-level publication. The public data will not include:
- Demographic data, such as the complainant’s gender and age.
- The complainant’s postcode.
- Information on whether a complaint is about an authorised representative.
This method of publishing complaints data is intended to enhance accountability and transparency, encouraging firms to improve their internal dispute resolution practices.
Request a Consultation with one of our experienced Lawyers today.
Get Your Initial Consultation
The New Battlefield Where Public Reputational Risk Becomes a Legal & Governance Crisis
The Name & Shame Implications for AFSL Holders
ASIC’s decision to publish firm-level IDR data has raised significant concerns among industry stakeholders. Many view this approach as a “name and shame” tactic, where an organisation’s complaints data is made publicly accessible, potentially damaging its reputation. This public disclosure creates a new and challenging environment for AFSL holders.
Industry feedback highlighted several fears regarding this increased transparency:
- Some submissions argued that using data, which licensees are legally required to report to ASIC, to publicly identify them is an inappropriate use of that information.
- There is a perception that this transparency could be punitive.
While ASIC has shelved plans to publish firm-level RS data, the regulator is proceeding with its plan for IDR data. As a result, your charity’s name and performance in handling disputes will be visible, turning a reputational issue into a potential governance crisis that demands a review of your NFP and charity governance compliance. This situation requires careful management, ideally with the assistance of a not-for-profit lawyer.
Impact on Consumer Confidence & Market Participation
From ASIC’s perspective, the publication of firm-level IDR data is intended to achieve positive outcomes for the financial services sector. The regulator believes that this transparency will provide a strong incentive for firms to improve their internal dispute resolution practices and overall performance. This approach also aligns with the existing publication of external dispute resolution data by AFCA.
ASIC’s goal is to use the public dashboard to enhance accountability and drive better consumer outcomes. By providing access to this complaints data, ASIC aims to:
- Encourage firms to lift their standards and improve their IDR processes.
- Promote consumer confidence in the financial services industry.
- Allow consumers and investors to make more informed decisions when participating in the financial system.
100% Obligation-Free
Speak to one of our Experienced Lawyers Today
A Proactive Defence & How to Legally Overhaul Your IDR Process Before Data Publication
Meeting the IDR Data Reporting Obligations & Timeframes
Complying with ASIC’s IDR data reporting framework is a mandatory and ongoing obligation for all in-scope financial firms, including charities holding an AFSL.
Your organisation must submit an IDR report to ASIC every six months, adhering to strict reporting periods and submission windows. The standard reporting cycles are as follows:
| Reporting Period | Submission Window |
|---|---|
| 1 January to 30 June | 1 July to 31 August |
| 1 July to 31 December | 1 January to the end of February |
ASIC has also released an updated IDR data reporting handbook. Your organisation will first be required to submit IDR data in accordance with this updated handbook during the July to August 2026 submission window, which will cover all complaints data from 1 January 2026 onwards.
Failing to submit a compliant report within these timeframes constitutes a breach of the ASIC Corporations (Internal Dispute Resolution Data Reporting) Instrument 2022/205 (Cth) and can result in penalties, a matter often handled under administrative law. Therefore, it is essential to consult a not-for-profit lawyer to ensure compliance.
Ensuring Accuracy in Recording Complaints & Issue Codes
To ensure your IDR data passes ASIC’s validation process, your organisation must accurately record and classify all complaints data. This involves:
- Carefully mapping your internal complaints system to the official IDR data dictionary and data glossary provided by ASIC, which set out the specific information financial firms are required to collect and report.
- Using the correct codes for every data element in the submitted IDR data file, including the product or service, the specific complaint issue, and the outcome.
Your data will undergo two stages of validation:
- An initial basic validation of the file format.
- A subsequent deep validation to verify that each row of data meets the rules prescribed in the IDR data dictionary.
Given the complexity of correctly classifying complaints, working with a not-for-profit lawyer can help ensure your data is accurate and successfully passes ASIC’s validation checks.
Request a Consultation with one of our experienced Lawyers today.
Get Your Initial Consultation
The Importance of Consulting a NFP Lawyer Regarding Your Reporting Obligations
Managing Complex Legislative Instruments & Penalties
The IDR data reporting obligations are given legal effect by the ASIC Corporations (Internal Dispute Resolution Data Reporting) Instrument 2022/205 (Cth). This makes compliance a legal duty, not just a guideline.
The complexity of this legislative instrument requires careful interpretation to ensure your charity meets all its requirements. Failure to submit a compliant IDR report within the specified submission window constitutes a breach of these legal requirements. Such a breach can lead to significant penalties, creating legal and financial risks for your organisation.
To avoid these risks, seeking strategic legal support for Australian not-for-profits is essential. A lawyer can help you:
- Understand the specific demands of the instrument
- Avoid the severe consequences of non-compliance with your reporting obligations
Interpreting Data Variables & Contextual Explanations
When ASIC publishes the firm-level IDR data, it will include explanatory material to help the public understand and interpret the information. This material is intended to:
- Provide context
- Prevent unfair comparisons between different organisations
The public dashboard will emphasise metrics like average and median resolution times.
Understanding how these data variables are defined and calculated is crucial for accurate IDR data reporting. The IDR data reporting handbook contains a detailed data dictionary and glossary that your organisation must follow precisely.
A not-for-profit lawyer can provide critical assistance in interpreting these complex definitions and ensuring your complaints data is classified correctly. This directly impacts how your organisation’s performance is presented to the public.
100% Obligation-Free
Speak to one of our Experienced Lawyers Today
Conclusion
ASIC’s decision to publicly publish firm-level IDR data introduces considerable reputational risks for charities holding an AFSL. Understanding the specific IDR data reporting obligations and ensuring your complaints data is accurately recorded is crucial to avoid a potential breach and manage this new transparency.
To ensure your organisation is fully prepared for these changes, contact LawBridge’s experienced not-for-profit lawyers for specialised legal guidance. Our team provides trusted expertise to help you interpret complex legislative instruments and overhaul your IDR process, ensuring you meet your reporting obligations and safeguard your charity’s reputation.
