In an unrelated note, do you know how invasive ASIC can be? Their "proactive surveillance" is fun.

Basically any financial company is well aware of the level of scrutiny behind stuff like this, so I wouldn't be surprised to see another government agency being given similar controls/access. Probably the OIAC I guess considering they already do the mandatory data breach reporting stuff.