Being prepared for regulator requests
Like any heavily regulated sector, those working in insurance and financial services generally have detailed plans in place to ensure they are meeting their compliance obligations. However, they also need to be ready to respond if the regulator flexes their enforcement muscles.
We are seeing an increase in the number of clients receiving notices from the FMA under section 25 of the Financial Markets Authority Act 2011 requiring them to produce information. These notices are typically served on a particular individual within an organisation and are often accompanied by a “Confidentiality Order”. The FMA has comprehensive powers under section 44 of the Act to make confidentiality orders on any terms and conditions it sees fit.
These orders seem to follow a standard template and can be extremely broad, prohibiting the recipient from disclosing any information (including the simple fact that they have received a notice) to anyone other than the FMA and legal counsel. The penalties for breach are severe and can include a criminal conviction and fine of up to NZD300,000.
This means someone within an organisation may be compelled to provide information to the FMA but cannot discuss that with anyone else in the organisation (save for legal counsel). That can throw up all sorts of issues for organisations — including: potentially conflicting duties of disclosure (e.g. for directors to shareholders, subsidiaries to parent companies, buyer under a sale and purchase agreement and employees to their employer), workplace health and safety considerations (e.g., how can staff be properly supported when they are subject to confidentiality constraints), and the practicalities of complying with regulatory information requests with limited recourse to internal support.
It's important for organisations to be aware of these processes and to have a plan in place for what should happen if someone does receive a communication from the FMA and ensure that their staff know what to do on receipt — including how to access legal advice.
Where a notice is accompanied by a Confidentiality Order, the first stop must be a legal advisor to ensure the recipient does not unintentionally breach any obligation. That could be an in-house/internal lawyer providing the lawyer holds a practising certificate and is discussing the matter for the purpose of giving and receiving legal advice (as opposed to from a purely commercial risk perspective).
One potential challenge for an in-house lawyer is the extent to which receiving this information puts them in a difficult position — including their duties to share information with their client (i.e., the organisation). Another challenge often faced by in-house lawyers is the difficulty in maintaining a clear line between solicitor/client communications and communications within a business that may not attract legal privilege. For those reasons, it may be preferable to also include an external lawyer in the mix.
The important thing is to be prepared.
We are more than happy to discuss the approach that might work best for your organisation.