Your Questions. Our Answers.
what are the financial services laws?
The "financial services laws", sometimes referred to as the "applicable laws" or the "relevant laws" are a broad range of interrelated laws including the Corporations Act (including, for example The Professional Standards Act ), the Australian Securities and Investments Commission Act, the Anti-Money Laundering and Counter-Terrorism Financing Act, the National Consumer Credit Protection Act, the Privacy Act, the Competition and Consumer Act, the Income Tax Assessment Act, the Cash Transactions Reports Act, the Superannuation (Industry) Supervision Act, and all other existing and new laws, regulations and rules including Australian Stock Exchange Rules) which may impact Licensees, their representatives or their authorised activities. This includes Corporations Regulations, the corresponding State legislation, relevant administrative ruling, tribunal determinations and circulars, guides and orders published by a relevant body including The Australian Competition and Consumer Commission (ACCC), The Australian Securities & Investments Commission (ASIC), Australian Prudential Regulation Authority (APRA), The Australian Taxation Office, Australian Transaction Reports and Analysis Centre, Credit and Investments Ombudsman, Financial Ombudsman Service, Office of the Australian Information Commissioner and Associations including the Tax Practitioners Board, ASFA, The Financial Services Council, CPA, AFA, FPA, SAFAA and SMSF Professionals Association of Australia
what is fintech?
'Fintech' is simply the specialised application of technology to finance and generally consumer finance. Technological advances in costs and capability provide the opportunity for new entrants or existing players to 'disrupt' the market and deliver new services and options to capture market share from existing platers like the big banks.
Microsoft Excel could be seen as early fintech but it generally refers to players like Stockspot, Betterment, First Rung or Acorns. For a good introduction to this space read Finder's article or visit Australian Fintech.
what is regtech
'Regtech' is the specialised application of technology to legal, regulatory and compliance obligations (often including risk management and governance). There's generally some overlap between the consumer facing Fintech and the Business facing Regtech but they're often complementary. KPMG's excellent report on the Fintech landscape covers both - including our regtech solution.
what is the difference between an incident and a Breach?
In general terms, an Incident is any failure to meet internal measures, processes and procedures or a failure to comply with the law, licence or industry standards. A Breach is an incident with a specific legal character and consequence. Typically, breaches are failures, or anticipated failures, that demonstrate or suggest a failure to act “efficiently, honestly and fairly” or in compliance with the financial services laws.
Not all Incidents are Breaches but all Breaches are Incidents. Remember that any failure of you business processes or systems (including the conduct of your advisers) are Incidents that may later, depending on their context, consequence and impact, be identified as a Breach.
what is a compliance plan?
A Compliance Plan is at the heart of a Licensee's Compliance Framework. This documents (which may also be referred to as an Obligation and Risk Register) outlines the legal and professional obligations imposed on, or assumed by, the Licensee. The Compliance Plan outlines how the Licensee will ensure they comply with their obligations and how, and how frequently, they will confirm that have met their legal obligations.
what should my compliance framework do?
Regardless of the "nature, scale and complexity" of your business, if you are a Licensee you should have in place arrangements that:
- ensure your compliance with your licence obligations and the financial services laws; and
- addresses the specific compliance risks of your business, (especially those that may materially affect consumers); and
- demonstrates that:
- your representatives understand their compliance obligations;
- you monitor compliance with obligations;
- compliance breaches are addressed and reported.