“There’s no change, there’s no pace
Everything within its place”
— Cold Chisel, “Flame Trees”
Gaps and omissions
We’ve all developed our own strategies for dealing with loss or absence.
Some people accept the truth of their loss. Some people adapt. Some people prefer denial.
Licensees, or more correctly Licensee Management, react to compliance issues in the same way.
It’s not unusual, as the Royal Commission highlighted, for large Licensees to avoid problems by simply ignoring them and commissioning opinions that allow them to invalidate any suggestion of non-compliance. Advice is commissioned, reports sanitised and rewritten and Licensees, freed from any obligation to act, simply continue in blissful ignorance.
Unfortunately, this cultural predisposition is neither reasonable nor limited to institutional licensees.
You may recall that, in a previous article about ASIC and Financial Circle, we highlighted that the Court found that the Licensee:
- failed to have adequate policies and processes in place to ensure its advisers complied with the provisions of the Corporations Act; and
- its advisers failed to comply with the Corporations Act.
The fact that many in the financial services industry dismissed Financial Circle as an outlier means that the significance of this conclusion may have been overlooked by everyone except ASIC but, if you are a licensee, you should be acutely aware of your liability and risk. You should understand that
there can be a failure to take reasonable steps to procure compliance, even without proof that that failure led to an actual contravention of the other provisions.
You may think this point is well understood but, in my view, it seems to be a novel suggestion for some licensees – particularly those that consider that they’re “doing enough” or that they’re “too small to attract ASIC’s attention.”
Regulatory invisibility is an unreliable risk-management strategy.
It may seem effective in some conditions but, like capitalising interest on a loan, it can be disastrous when conditions change.
“their compliance arrangements were ‘fundamentally flawed’ and appeared to be ‘designed to minimise regulatory risk rather than guide activities of the business’ ”
— Justice O’Callaghan, Australian Securities and Investments Commission v Financial Circle Pty Ltd  FCA 1644 at 127
What is reasonable?
As ASIC have repeatedly stated, the reasonable steps that a licensee should take to ensure effective compliance with the laws will depend upon the nature, scale and complexity of its business. It’s a scalable obligation but, in my view, reasonable practice requires
- policies and procedures addressing ss 961B (Best Interest Duty), 961G (Appropriateness) and 961J (Client Priority);
- a definition of, and commitment to, best interests, client priority and appropriateness;
- pre-vetting or peer-review and escalation;
- secure and effective record keeping;
- regular and targeted risk-based monitoring and supervision of Advisers;
- effective ongoing training;
- training on identifying and managing conflicts of interest;
- no-fault breach reporting; and
- regular review of its measures, processes and procedures.
We’ve consistently argued that these are the bare minimum and need to be tested by risk based monitoring and supervision and buttressed by effective training and transparent breach reporting.
Some licensees are still struggling to refine their compliance arrangements in the face of regulatory changes, alarmist legal advice and in apprehension of regulatory action, but, in reality, Licensees still have considerable discretion to determine what constitutes ‘reasonable steps’. Unfortunately, they often fail to recognise that their subjectivity fundamentally compromises their compliance arrangements. Subjectivity, when coupled with a lack of regulatory experience, creates problems far greater than corporate naiveté; it perpetuates a culture that dismisses risks, trivialises consequences and undermines the sustainability of the business.
Sonnie may simply be echoing Justice Stewart’s legal definition of pornography, but his point is well made; you can’t achieve understanding and appreciation – of compliance, investing or any other satisfying pursuit – without application and experience.
Emperors in new clothes
We once spoke with a Licensee enjoying prolonged and, in their view, unnecessary regulatory attention. In simple terms, ASIC had identified multiple, and significant, best-interest failures in advice provided by one of the Licensee’s representatives. The Licensee had never been in this situation before and sought advice. We started by asking if the problematic advice had been reviewed. The Licensee responded that it had and a few minor issues had been identified. When we suggested that it might be prudent for the Licensee to review their compliance arrangements given the significant difference in opinion between ASIC and their internal compliance resource, we were assured that “there was nothing to worry about” and the advice was good.
Time will tell if the Licensee’s confidence in their compliance arrangements is misplaced but, in our view, while you may be best placed to explain your compliance arrangements, you may lack the objectivity to properly assess their adequacy.
Unfortunately, not all services are equal.
If you engage an external party to review your arrangements please ensure that they have the processes, capability and competence to provide the services you require. Don’t be satisfied with vague assurances; demand a detailed, objective and insightful assessment of your compliance arrangements, culture and controls.
Insight and application
Our Licensee Review, for example, focuses on the measures, processes and procedures you have in place to ensure that:
- your compliance arrangements are formalised, documented and tailored to your business and the scope of your activities (particularly where you relied on pro forma documentation to support your AFSL application);
- your financial requirements (particularly cash flow projections and assets and liabilities) are documented, correctly calculated and monitored;
- your monitoring and supervision plan is current, effective and adequately supported by training and remediation plans;
- your risk management plan is both adequate and documented; and
- you have adequate dispute resolution procedures.
In accordance with our methodology, we assess a Licensee’s compliance and risk framework, by focusing on those risks that would adversely affect consumers and the provision of efficient, honest and fair financial services.
We start by considering the measures, processes and procedures you have in place and, through analysis and interviews, appropriately expand the review beyond compliance to encompass an assessment of other matters including your:
- governance structure
- approach to advertising and promotion
- application of FASEA Code of Ethics
- regulated documents
- remuneration model; and
- your human, financial and technological resources.
Given ASIC’s willingness to litigate and pursue civil and administrative actions, Licensees should be aware that they can no longer ignore their compliance obligations or fail to invest in the review and refinement their compliance arrangements.
If you need help, we’re here.
download asic v financial circle