Joe Longo urged directors to think beyond the simple yardstick of measuring any proposed action in the light of company and shareholder best interests. The Australian community, he indicated, is demanding more of today’s companies.

While acknowledging that increased regulatory complexity was a challenge for business and society more broadly, he argued that directors had a duty to abide by several fundamental principles: Do I understand the business of the company for which I’m a director? Do I have a continuous curiosity in understanding all aspects of the business and the reasonably foreseeable financial and non-financial risks? Am I committed to challenging management to ensure my understanding is well-founded?

ASIC is looking closely at the role boards play in the presentation of false and misleading information. Mr Longo gave some real-life examples of recent moves by the regulator against companies alleged to have falsified documents, discredited whistleblowers and failed to disclose key write-downs and other material information.

With an audience anxious to hear about the recent high-profile move against Star Entertainment Group’s board, Mr Longo also recapped ASIC’s main argument – in a nutshell, if you’re working on the board of a large casino with an international customer base, you should be aware of the inherent risks of money laundering and criminal associations. His advice? Don’t be on the board of a business you don’t understand or you’re not curious about and don’t close your eyes to reasonably foreseeable risks or fail to interrogate your senior team effectively.

In the aftermath of two huge cyber attacks on major Australian organisations, Mr Longo said “cyber preparedness is squarely a board level issue”. ASIC has conducted regular surveys with financial market firms since 2016 to complete self-assessments on their cyber resilience and it plans to carry out a broader survey this year to “test the cyber pulse” of corporate Australia.

Mr Longo cautioned boards to prioritise cyber risks and resilience, suggesting directors need to ask whether cyber risk is included in the organisation’s management framework; whether there’s a clear, tested response and recovery plan; and whether there’s a clear communications strategy in place for customers, regulators and the market when things go wrong.

Ultimately, he said a successful national cyber security strategy was dependent on “meaningful engagement across all levels of government, industry and the community”.

As the world moves to decarbonise, reliability and transparency about sustainability claims will be key to attracting ESG investment for the Australian market. ASIC has its sights on sustainable investment options, taking action against a super fund for allegedly exposing investors to industries the fund said were excluded, including coal and gambling.

Mr Longo made the point that Australian companies still have a lot of work to do to make their ESG credentials easy to access, as well as credible for consumers. Importantly, ASIC is now supporting a move towards mandatory climate-related disclosure and they’re working with fellow regulators here and abroad to establish consistent disclosure standards.