In a public statement, the corporate regulator said it sought a review following a significant number of breaches reported by the ANZ Group in relation to activities conducted through its wholly owned OnePath group of subsidiary companies.
According to the statement, from early 2013 to mid-2015, around 1.3 million customers were affected by breaches, requiring refunds and compensation of around $4.5 million. This also required rectifications and other remediation of about $49 million, ASIC said.
In one instance, 1,400 superannuation fund members had $28.7 million in contributions allocated to the incorrect super account for a period up to 12 months.
ANZ has now returned these funds to the correct accounts and provided more than $400,000 in compensation for lost earnings and/or incorrect fees, the statement said.
OnePath also failed to take further action in relation to 21,000 cheques it had sent to customers that were not banked within 15 months.
These cheques included proceeds of insurance claims, superannuation benefits and refunds of premiums. A total of $2.9 million was ultimately returned to customers, with a further $11.6 million treated as unclaimed monies.
ASIC was concerned that these breaches reflected compliance issues, which may have an impact on the AFSL obligations of entities within the ANZ Group.
ANZ has engaged PricewaterhouseCoopers to independently review the OnePath subsidiaries' compliance management framework, the statement said. The bank has also agreed to take appropriate actions to implement recommendations stemming from the PwC review. ASIC will further monitor the rectification of the breaches.
ASIC deputy chair Peter Kell said: "Appropriate compliance and systems to monitor compliance are essential for banks to adhere to their AFS obligations. This is important in maintaining customer trust and confidence in the sector."
He added: "ASIC expects all AFS licensees to have systems in place to ensure they can satisfy their general AFS obligations."
Other breaches include failure to provide disclosure documentation for some insurance products and having inadequate systems or processes to ensure compliance.
"In some cases, processes did not ensure reasonable steps were taken to contact customers or that statutory time frames were met. Some processes included manual steps that were not followed up on," ASIC said.
Further, there was insufficient supervision of some outsourced functions as well as some processing errors, such as payments made to incorrect superannuation accounts.
The PwC review will review and assess the design and operational effectiveness of the OnePath compliance management framework, including policies and processes. It will also assess the adequacy of processes designed to identify and manage the financial services laws, which apply to the OnePath companies holding AFSLs.
In addition, it will identify any gaps in the compliance management framework and report back to the ANZ Group and ASIC.