Critical infrastructure: are you ready to report?

Current site :    AU   |   EN
China Hong Kong SAR
United Kingdom
United States

This article was written by Louis Chiam and Jonathan Mitchell


Starting on 11 July 2018, owners and operators of Australia's critical infrastructure assets have 6 months to report current ownership and operating details to the Federal Government's newly-formed Critical Infrastructure Centre (CIC). As outlined in our earlier publication on the Security of Critical Infrastructure Legislation, the CIC is required to maintain this data in a register which owners and operators will be required to update on an ongoing basis. Owners and operators have 6-month grace period to provide their initial details, and are then required to update the CIC of any changes.

In this alert we outline:

  • the entities which will be captured by these new reporting requirements
  • the details of what is required to be reported
  • some potential issues you may encounter in the reporting process

While the reporting obligations sound straightforward, if you're affected, we suggest you consider the issues straight away as:

  • the ownership and operator information should be cross-checked with other government filings, e.g. FIRB, ATO and NGER
  • the reporting requirements are detailed, so a significant volume of information is likely to be require
  • for large corporate groups with multiple interest-holders incorporating trust or partnership structures, it can take some time to determine which entities are captured
  • reporting entities must make 'best endeavours' to obtain information from third parties, so you may need time to seek disclosure consent
  • given the extensive disclosures, you may require board consent

Are your assets 'critical'?

Critical infrastructure assets include:


  • Synchronous electricity generation stations that generate electricity above the following jurisdictional megawatt thresholds:  NSW 1400MW, VIC 1200MW, QLD 1300MW, WA 600MW, SA 600MW, TAS 700MW & NT 300MW
  • Electricity generation stations that are contracted to provide a system restart service
  • Electricity transmission networks or distribution systems that ultimately service at least 100,000 customers


  • One or more water or sewerage systems or networks managed by a water utility which ultimately service more than 100,000 connections


  • Gas processing facilities with capacity of at least 300 terajoules per day
  • Gas storage facilities with a maximum daily quantity of at least 75 terajoules per day
  • Gas distribution networks which ultimately service at least 100,000 customers
  • Gas transmission pipelines that are larger than the following jurisdictional thresholds: Eastern market 200 TJ/day, Northern market 80 TJ/day, Western market 150 TJ/day and the Tasmanian Gas Pipeline


  • Broome Port
  • Port Adelaide
  • Port of Brisbane
  • Port of Cairns
  • Port of Christmas Island
  • Port of Dampier
  • Port of Darwin
  • Port of Eden
  • Port of Fremantle
  • Port of Geelong
  • Port of Gladstone
  • Port of Hay Point
  • Port of Hobart
  • Port of Melbourne
  • Port of Newcastle
  • Port of Port Botany
  • Port of Port Hedland
  • Port of Rockhampton
  • Port of Sydney Harbour
  • Port of Townsville


  • Any other assets declared to be critical infrastructure assets, and assets prescribed by the Rules

Are you the 'responsible entity' or a 'direct interest holder'?

Reporting entities which are required to report information to CIC include both:

Responsible entity – essentially the licence-holder or port-operator.

Direct interest holder – means each entity:

  • together with any associates of the entity, holds an interest of at least 10% in the asset (generally excluding moneylenders); or
  • holds an interest in the asset that puts the entity in a position to directly or indirectly influence or control the asset.

Importantly, this applies whether the ultimate owners are Australian or foreign – all groups are caught and must report.

What do you have to report?

Responsible entity

The initial obligations is to report the following operational information in relation to the asset:

  • location of the asset;
  • description of the area the asset services;
  • details of the responsible entity;
  • details of the CEO of the responsible entity;
  • the a description of the arrangements under which the operator operates the asset or a part of the asset; and
  • a description of the arrangements under which data is maintained.

Rules have recently been published which provide further details on these requirements.

Direct interest holder

The initial obligation is to report interest and control information in relation to the entity and the asset, including:

  • name, ABN and address
  • the type and level of the interest held
  • information about the influence and control it is in a position to directly or indirectly exercise in relation to the asset
  • information about the ability of a person, who has been appointed by the entity to the body that governs the asset, to directly access networks or systems that are necessary for the operation or control of the asset

Corporate groups

Importantly, the report also needs to cover each 'higher entity' that has influence or control (e.g. a traced 10% interest).  Given the sophistication of many infrastructure holding structures (e.g. to facilitate difference types of investors), this can involve numerous entities.

Ongoing reporting obligation

If any information reported by you in relation to a critical infrastructure asset becomes incorrect or incomplete, that is a notifiable event under the Act and the correct and updated information must be reported within 30 days of the notifiable event. 
If an asset becomes a critical infrastructure asset after 11 January 2019, the reporting entity will have up to six months to report the required information.

Potential issues for your organisation

The purpose of the Act is to improve the transparency of the ownership and operational control of critical infrastructure assets in Australia. The potential reach of the reporting obligations under the Act in respect of higher entities within the ownership structure of a critical asset exemplify this purpose – and may lead to reporting complexities for certain organisations.

Volume of information

The volume of information requirement to be reported by reporting entities could be quite extensive. The reporting requirements capture each entity in the corporate structure, not just direct and ultimate interest holders.

Captured entities

Completing an assessment of which entities are 'reporting entities' and which entities are 'higher entities' can be time-consuming and complex. This is particularly the case for structures that include trusts, partnerships and superannuation funds. Further, the definition of interest in an asset means a legal or equitable interest in the asset. Again, this demonstrates the intended reach of the reporting obligations under the Act.

Reasonable endeavours to obtain information

A reporting entity must use best endeavours to obtain all the relevant information for reporting. If some of the information cannot be obtained, reporting entities will need to satisfy themselves that they have made 'best endeavours' to try and retrieve that information prior to the end of the grace period in January 2019.

The Federal Court has refused an application to stay proceedings to quantify compensation for patent infringement (quantum proceedings) pending the outcome of separate parallel proceedings challenging the validity of the infringed patent on new grounds. The case is significant as intellectual property cases are regularly bifurcated with liability determined separately damages or an account of profits. A patentee may also bring consecutive infringement cases and therefore have two separate cases considering invalidity issues for the same patent running in parallel.

03 August 2022

Since the introduction of a nationwide Marketing Authorization Holder (MAH) system in 2019, licenses have linked directly to therapeutic products rather than manufacturers.

03 August 2022

The Bill is one of the first items of legislative change introduced by the Government in the industrial relations sphere, reflecting one of several election promises made under the “Secure Australian Jobs Plan”.

03 August 2022