Overview 

Five Bills – 1) Commonwealth Registers bill 2019; 2) Treasury Laws Amendment (registries Modernisation and Other Measures) Bill 2019; 3) Business Names Registration (Fees) Amendment (Registries Modernisation) Bill 2019; 4) Corporations (Fees) Amendment (registries Modernisation) Bill 2019; and 5) National Consumer Credit Protection (Fees) Amendment (registries Modernisation) Bill 2019 – passed both Houses without amendment on 12 June.

The legislative package does two things:

1. creates a new Commonwealth Business Registry Regime which will centralise and modernise business registers 
2. Schedule 2 to the Treasury Laws Amendment (Registries Modernisation and Other Measures) Bill 2019 introduces a director identification number (DIN) requirement.

A new centralised Commonwealth business registry regime to streamline registry services and increase efficiency

The legislative package creates a new Act, the Commonwealth Registers Act 2019, and makes related amendments to a range of existing laws to create a new Commonwealth business registry regime.  

In her second reading speech, Assistant Minister for Superannuation, Financial Services and Financial Technology Jane Hume summed up the purpose of the reform as being to both modernise and improve the effectiveness of registry services.   Senator Hume said that the legislative package provides, 

'legislative flexibility for the government to modernise Australia's business registers onto a single platform to be administered by the Australian Business Register, within the Australian Taxation Office. Modernising the business registers will address registry fragmentation, improve business user experience, reduce risks of ongoing operating, foster data-driven innovation and enable better use of registry data.  The IT infrastructure underpinning Australia's business registry services has been found wanting and needs to be upgraded to meet current and future demands'. 

Initial scope of the new regime

Initially 34 business registers administered by the Australian Securities and Investments Commission (ASIC) and the Australian Business Register which is currently kept by the Commissioner of Taxation will be included.  Additional government registers may be brought into the regime by future legislative reforms.

Administration of the new regime

The new regime will be administered by a registrar (which will be 'an existing Commonwealth body' appointed by the minister).  
The registrar will be able to make data standards on matters relating to the performance of their functions and the exercise of their powers, including on matters relating to the collection, maintenance and disclosure of information.  The explanatory memorandum gives a number of examples of what the data standards may cover including: what information will be collected; the type of information which may be collected; how the information will be collected; the form in which information will be submitted; how information will be authenticated; the correction of information; the storage of information; and the integration of linking of information.  

The explanatory memorandum states that enabling the registrar to make data standards (by way of legislative instrument) in this way is intended to increase the efficiency of registry services.

'Data standards can be readily amended over time to keep up with changes in best practice, industry preference, the needs of those using registry services, and technology. The flexibility offered also enables a ‘tell us once’ approach to the collection of information, minimising the number of interactions clients have with the registrar. Currently, a reporting entity may have to provide the same information to multiple registers, increasing regulatory burden and the cost of administering registry services'.

Protection and disclosure of information – new offence for unauthorised disclosure/recording of information

The Commonwealth Registers Bill will regulate the disclosure of 'protected information' – ie information obtained by an official in the course of their employment and obtained/disclosed under the legislation or under another law in connection with particular functions or powers of the registrar - including the circumstances in which information may/may not be disclosed and who it may be disclosed to. 

The legislation also creates an offence for an official to record or disclose information held by the registrar unless authorised to do so by the registrar.  The maximum penalty for disclosing registry information in breach of this offence provision is imprisonment for two years.

A defendant carries an evidential burden for establishing that a recording or disclosure of registry information was authorised. To satisfy this requirement, the defendant must be able to point to evidence that suggests a 'reasonable possibility that the recording or disclosure was authorised'. 

The explanatory memorandum states that a recording or disclosure will be authorised if it was: a) for the purposes of the new registry regime; b) happened in the course of the performance of an official’s duties; c) each person to whom the information relates consented to the disclosure; d) the information was disclosed to a government agency for the performance of its functions; or, e) the benefits associated with the disclosure outweigh the risks (including privacy risks) after those risks have been mitigated.'

The purpose of authorising disclosure to a government entity is intended, the explanatory memorandum states, to ensure 'real time access' to registry information.  For example it will mean that ASIC has access to real-time registry information necessary to exercise its regulatory functions or powers.
Under the changes the Minister; the registrar, including its staff and members; a delegate of the registrar, including its staff; and, employees and officers of Commonwealth bodies 'have statutory immunity for acts done in good faith in connection with the new registry regime'.  

Ability to apply to prevent the the disclosure of registry information 

The legislation also allows a person to apply to the registrar to prevent 'inappropriate disclosure'  of registry information that relates to them. 
The explanatory memorandum states that 'The data standards may provide for how such applications are to be made and decided. However, where the registrar is satisfied that the disclosure is not appropriate, the disclosure is taken to not be in accordance with the disclosure framework'.  

Decisions reviewable by the AAT

All decisions made by the registrar under the new regime are subject to merits review by the Administrative Appeals Tribunal, except decisions made by legislative instrument. This includes decisions made by the registrar under the data standards or disclosure framework.

Regulatory implications?

The explanatory memorandum states that only 'registry functions' are being transferred to the registrar.  These include: a) receiving registry information (including information contained in applications for registration) from registrants; b) recording that information (and telling the registrant when that record has been made); c) receiving updates of registry information from registrants, including through the initiation of processes, such as annual reviews, to update registry information; and d) making decisions about registry information, including the removing of records, and associated internal review of those decisions.

As such, ASIC's regulatory functions and powers are not intended to be impacted by the changes. The explanatory memorandum states that"

'only "registry" aspects of the current law are brought into the new registry regime and therefore affected by the present amendments. ‘Regulatory’ functions and powers are not affected by the new law and continue to be administered by the body that currently administers those functions and powers. This means that for regulatory functions and powers there is no change to the way in which the present law operates, including how the relevant regulator interacts with the entities it regulates or how information flows between them'.

The explanatory memorandum states that 'registry provisions tend to relate to the establishment, maintenance and use of registers while regulatory provisions tend to relate to things such as monitoring and enforcing the law and licencing and registering market operators and financial service providers'. 

New Director Identification Number (DIN) requirement

Schedule 2 of Treasury Laws Amendment (Registries Modernisation and Other Measures) Bill 2019 introduces a new director identification number (DIN) requirement. 

Under the changes, directors of bodies corporate registered under the Corporations Act 2001 or Corporations (Aboriginal and Torres Strait Islander) Act 2006 will be required to apply to the registrar for a permanent, unique director identification number.  Each director will keep this identifier, even if they cease to be a director, and the same identifier will not be re-issued to any other person.  

The registrar will be required to issue a director with a DIN, where they are satisfied the director's identity has been established.  The legislation also gives the registrar powers to administer the new requirement including powers to: record DINs, b) cancel and reissue DINs; c) determine the numbering plan for the new requirement; and e) determine how directors are to establish their identity. 

The explanatory memorandum states that 'The registrar is provided with little or no discretion in the exercise of most of these functions and powers. In particular, the registrar must give a person a DIN if that person is eligible to apply for a DIN and has established their identity to the satisfaction of the registrar. Likewise, the registrar cannot give a person a DIN or cancel a person’s DIN without notifying the person'.

The registrar will also be able to exempt a person or class of persons from needing to obtain a DIN or provide them with additional time in which to apply for a DIN. 

Why is the new requirement being introduced?  

The new DIN requirement is intended to 'provide traceability of a director's relationships across companies, enabling better tracking of  directors of failed companies and will prevent the use of fictitious identities'. 

The primary aim of the new requirement is to make it easier to track unlawful activity, including phoenix activity, though it's also expected that it will have other benefits.  For example: it is expected to reduce time/cost for administrators and liquidators by making it simpler to track directors and their corporate history.

New DIN obligations

Under the new DIN requirement, directors will be required to: a) apply for a DIN prior to be appointed as a director; b) required to apply for a DIN within a prescribed period of being directed to do so by the registrar; C) prohibited from knowingly applying for multiple DINs; and d) prohibited from misrepresenting a DIN to a government body or registered body.  

Penalties for non-compliance

The legislation includes civil and criminal penalties for failure to apply for a DIN (within the required time frame).   The legislation also includes criminal penalties for: a) deliberately providing false identity information to the registrar, b) intentionally providing a false DIN to a government body or relevant body corporate, or c) intentionally applying for multiple DINs.  

The legislation also enables the registrar to issue infringement notices in relation to such conduct. 

Commencement of the new DIN requirements

The new DIN requirement commences on a date set by proclamation or if the measures haven't commenced, two years after the date of Assent.
The Explanatory Memorandum states that,

'Each function and power in the new law does not apply until the function or power is assigned to the registrar. This means that the DIN requirement will not apply until the day (the application day) the Minister appoints a registrar to administer the new requirement.'

The AFR reports that the DIN is expected to apply from the first half of 2021.  

Transitional arrangements

The Explanatory Memorandum states that:

'A person who is a director immediately before the application day must apply for a DIN within a period specified by a legislative instrument made by the Minister.  Until this period is specified, there is no requirement on such directors to apply for a DIN'. …
'A person who is appointed a director within the first 12 months of the new regime’s operation with an additional 28 days to apply for a DIN.  After this transitional period ends, the standard rule applies, that is, a director must apply for a DIN prior to being appointed as a director or within any later period as may be allowed by the regulations or the registrar'.  

[Sources: Explanatory Memorandum; Commonwealth Registers bill 2019; Treasury Laws Amendment (registries Modernisation and Other Measures) Bill 2019; Business Names Registration (Fees) Amendment (Registries Modernisation) Bill 2019; Corporations (Fees) Amendment (registries Modernisation) Bill 2019; National Consumer Credit Protection (Fees) Amendment (registries Modernisation) Bill 2019]