Regulatory Alerts2026-02-09
ASIC action sees FIIG Securities ordered to pay $2.5 million over cyber security failures
The Australian Securities and Investments Commission secured a Federal Court order requiring FIIG Securities to pay $2.5 million in penalties and $500,000 in costs for failing to protect client data from cyber threats between 2019 and 2023. The regulator highlighted that inadequate controls worsened a 2023 breach exposing sensitive information of 18,000 clients, marking the first time civil penalties were imposed for cyber security failures under general AFS licensee obligations. The judgment mandates FIIG to implement a compliance program with an independent expert to ensure its cyber resilience systems are reasonably managed and fit for purpose.
Share