Regulatory Changes Affecting Non-Bank Lenders

Introduction

The Australian financial landscape has witnessed a notable rise in the significance of non-bank lenders, particularly private entities such as family offices, specialized funds, and private companies. These players provide crucial capital, often catering to borrowers or segments underserved by traditional banking institutions. However, this growth, occurring partly outside the full glare of prudential regulation applied to banks, has attracted increasing attention from regulators. Over the past two years, the Australian Securities and Investments Commission (ASIC) and other governmental bodies have introduced or proposed regulatory changes aimed at enhancing transparency, governance, and consumer protection within this diverse sector. This article analyzes these key recent regulatory developments impacting private non-bank lenders in Australia, focusing specifically on the period from mid-2023 to mid-2025. It examines the specific changes, including heightened ASIC scrutiny, the expansion of the Consumer Data Right (CDR), and new reporting obligations, before delving into their operational, financial, and strategic impacts on family offices, private funds, and private lending companies. Finally, it offers concluding thoughts on navigating this evolving regulatory environment.

The Evolving Regulatory Landscape (Australia, 2023-2025)

Recent years have marked a distinct shift towards greater regulatory oversight for Australia's non-bank lending sector, particularly concerning private entities. Key developments include:

1. Intensified ASIC Scrutiny and Enforcement Posture:
   ASIC has explicitly signaled a stronger focus on the non-bank lending industry, driven by concerns over transparency, particularly within the rapidly growing private credit market (Source 1). This market, providing alternative financing often through funds, has seen significant expansion, reportedly accounting for 10% of Asia-Pacific private debt funds in 2024, up from less than 5% two years prior (Source 1). Concurrent with this growth are concerns about practices such as fee and expense allocation, management of conflicts of interest, marketing based on hypothetical performance, and potentially inadequate valuation methodologies, especially in property funding (Source 1). In response, ASIC established a dedicated team to investigate the sector (Source 1). This focus is underpinned by ASIC's existing robust investigatory powers, including the ability to issue notices under section 30 of the ASIC Act 2001, compelling the production of 'books' (records) related to compliance, policies (e.g., valuation, conflicts, risk assessment), and marketing materials. Notably, entities cannot refuse production on grounds of self-incrimination (Source 2). This signifies a lower tolerance for opacity and a greater willingness by the regulator to intervene.

2. Expansion of the Consumer Data Right (CDR):
   Following consultations, the Australian government is proceeding with the expansion of the CDR framework to encompass the non-bank lending sector, with a phased implementation scheduled between mid-2026 and late-2027 (Source 2). The CDR aims to empower consumers by allowing them, with consent, to direct data holders to share their data with accredited third parties, fostering competition and innovation (Source 2). For non-bank lenders, this translates into a significant new obligation. Under the draft rules updated in November 2024, entities with over $1 billion in resident loans and finance leases and more than 1000 customers will become designated data holders, mandated to share specified product data and consumer transaction data (limited to the preceding two years) upon valid request (Source 2). This obligation also extends to entities managing loans on behalf of non-bank lenders meeting these criteria. While the thresholds were raised from earlier proposals and the scope narrowed to exclude certain niche products (like consumer leases or reverse mortgages, for which sharing is voluntary), the compliance burden for designated 'Initial Providers' (>$10bn loan book) and 'Large Providers' (>$1bn loan book and >1000 customers) remains substantial (Source 2).

3. Enhanced Transparency and Reporting Mandates:
   Beyond CDR, other regulatory initiatives point towards increased transparency:

   • Public Disclosure of Compliance Data (CP 383): In April 2025, ASIC released a consultation paper (CP 383) proposing the public, firm-level disclosure of data submitted through reportable situation (breach reporting) mechanisms and internal dispute resolution (IDR) channels (Source 3). The stated aim is to increase visibility into firms' compliance track records and complaints handling performance. While still under consultation (as of May 2025), this move signals a potential future where licensee performance data becomes publicly accessible, impacting reputation and stakeholder perception (Source 3).

   • Sustainability Reporting (RG 280): Finalised in March 2025, Regulatory Guide 280 outlines requirements for mandatory climate-related financial disclosures under Chapter 2M of the Corporations Act (Source 3). This applies progressively to entities meeting certain size thresholds (including large private companies, potentially impacting larger family offices or fund structures). It requires entities to report on climate risks and opportunities, aligning with international trends towards environmental, social, and governance (ESG) transparency (Source 3).

   • Ongoing Compliance Certification: While a minor update, the reissuance of INFO 135 in April 2025 confirms the continuing obligation for credit licensees to lodge annual compliance certificates, reinforcing the baseline expectation of adherence to licensing conditions (Source 3).

These developments collectively paint a picture of a regulatory environment demanding greater accountability, data accessibility, and public disclosure from non-bank lenders, particularly those operating at scale.

Impact Analysis on Private Non-Bank Lenders

The confluence of heightened regulatory scrutiny, new data sharing mandates, and increased transparency requirements presents a multifaceted challenge for Australian private non-bank lenders. The impacts span operational processes, financial resources, and strategic direction, varying somewhat depending on the lender's scale and structure (e.g., family office, fund, private company).

Operational Impacts:

Operationally, lenders face a significant uplift in compliance burdens. The intensified ASIC focus necessitates a thorough review and potential overhaul of internal governance frameworks, risk management protocols, and compliance procedures (Source 1). Documenting policies related to fee structures, conflict management, valuation methods, and marketing claims becomes paramount, not just for internal control but also in anticipation of potential regulatory requests under ASIC's information-gathering powers (Source 1, Source 2). For larger entities captured by the CDR expansion, the operational challenge is immense, requiring the development and maintenance of complex, secure systems for data sharing, adhering to strict technical standards and timelines stretching from 2026 into 2027 (Source 2). Furthermore, the potential public disclosure of breach and IDR data (CP 383) elevates the importance of robust internal reporting and resolution processes (Source 3). Similarly, mandatory sustainability reporting (RG 280) for larger entities demands new data collection and reporting capabilities (Source 3).

Financial Impacts:

These operational changes carry direct and indirect financial costs. Direct costs include investments in technology (for CDR implementation, enhanced reporting systems), legal and consulting fees (for navigating regulations, sustainability reporting), and increased staffing for compliance and risk functions (Source 1). Indirect costs may arise from potential enforcement actions, remediation efforts, or reputational damage if publicly disclosed data (under proposals like CP 383) reflects poorly on the lender (Source 3). While difficult to quantify precisely, the overall financial burden associated with meeting these heightened regulatory expectations is substantial, particularly for implementing CDR (Source 2).

Strategic Impacts:

Strategically, private non-bank lenders must embed regulatory awareness and compliance deeper into their business models. The increased scrutiny, particularly from ASIC, means regulatory risk is a more prominent factor in decision-making (Source 1). For larger players, the significant investment required for CDR compliance needs careful strategic planning and resource allocation (Source 2). While burdensome, increased transparency and adherence to higher standards could strategically benefit lenders by enhancing credibility with investors, borrowers, and the market generally, potentially attracting more capital and fostering trust (Source 1). Conversely, failure to adapt can lead to significant reputational damage, loss of investor confidence, and potentially limit growth opportunities. Sustainability reporting, while a compliance requirement for some, also presents a strategic opportunity to appeal to ESG-conscious investors and stakeholders (Source 3).

Impact Differentiation:

• Private Credit Funds: Face the most direct impact from ASIC's scrutiny on governance and transparency. Larger funds bear the brunt of CDR implementation costs and potential sustainability reporting (Source 1, Source 2, Source 3).

• Family Offices: Impact varies significantly with scale. Larger, formalized lending operations face similar challenges to funds, especially if meeting CDR or Corporations Act reporting thresholds. Governance and conflict management are key focus areas (Source 1, Source 2, Source 3).

• Private Companies (Lending): Those holding an ACL are subject to ongoing compliance and potential public data disclosure. CDR and sustainability reporting depend on size thresholds. General ASIC scrutiny applies based on conduct (Source 2, Source 3).

Conclusion

The regulatory environment for private non-bank lenders in Australia is clearly tightening. Driven by concerns around transparency, governance, and consumer outcomes, recent changes spearheaded by ASIC and legislative updates like the CDR expansion signal a move towards greater accountability. While these developments impose significant operational and financial challenges, particularly related to compliance costs, system upgrades (especially for CDR), and enhanced reporting, they are not without potential upsides. Increased transparency and adherence to robust standards can bolster the sector's credibility, potentially improving access to capital and strengthening stakeholder relationships. Successfully navigating this evolving landscape will require proactive engagement with regulatory expectations, strategic investment in compliance infrastructure and governance, and fostering a strong internal culture of risk management and transparency. The era of operating 'in the shadows,' as noted by commentators (Source 1), appears to be drawing to a close for many in the Australian private non-bank lending sector.

References

1. Pinsent Masons. (2024, September 3). ASIC focus will mean greater scrutiny for Australian non-bank lenders. Out-Law Analysis. Retrieved May 4, 2025, from https://www.pinsentmasons.com/out-law/analysis/asic-focus-mean-greater-scrutiny-australian-non-bank-lenders

2. Hall & Wilcox. (2025, January 13) . New CDR rules and ASIC notices. Hall & Wilcox News. Retrieved May 4, 2025, from https://hallandwilcox.com.au/news/new-cdr-rules-and-asic-notices/

3. Australian Securities and Investments Commission (ASIC) . (2025). Regulatory tracker 2025. Retrieved May 4, 2025, from https://asic.gov.au/regulatory-resources/find-a-document/regulatory-document-updates/regulatory-tracker/regulatory-tracker-2025/ (Specifically referencing CP 383, INFO 135 update, RG 280)

   _______________________________________________________________________________________________________________________________________________________________

   For more information, please contact Gavin McInnes on 07 3367 8681 or gmcinnes@grmlaw.com.au.

    The information contained in this article is general in nature and cannot be regarded as anything more than general comment. Readers of this article should not act on the basis of this comment without consulting one of GRM LAW 's legal practitioners who will consider their particular circumstances.

   Expertise

   GRM LAW has a wide range of experience assisting companies in all aspects of banking & finance, business, corporate, property, managed funds and IT law.

   Not only will you find that GRM LAW is likely to have assisted someone in your exact situation, but you’ll find that a GRM LAW lawyer can distill a complex legal issue into a set of actionable options for you to consider.