Some court cases are a gamechanger and force companies to rethink their positioning on major themes, such as cybersecurity and risk management.
The recent RI Advice case in Australia is one such example. The Australian Federal Court found that an Australian Financial Services licensee, RI Advice, breached its license obligations to act efficiently and fairly when it failed to have adequate risk management systems to manage its cybersecurity risks.
The first ruling of its kind
The ruling, the first of its kind in Australia, followed several cyber incidents that occurred at authorized representatives of RI Advice between June 2014 and May 2020.
In the case, Australian Securities and Investments Commission (AISC) deputy chair, Sarah Court, said the cyberattacks were significant events that allowed third parties to gain unauthorized access to sensitive personal information.
She suggested it was imperative for all entities, including licensees, to have adequate cybersecurity systems in place to protect against…
