ASIC has recently completed several targeted reviews focusing on the Australian financial advice sector, essentially signalling a ‘back to basics’ approach. Focus areas include Self-Managed Super Fund (SMSF) establishment advice, Internal Dispute Resolution (IDR) and breach reporting accuracy, and clearer governance around offshore outsourcing arrangements.
Review of SMSF establishment advice
A targeted review of 100 SMSF files was conducted to determine why clients are often advised to set up funds that are not suitable for their needs. The findings indicate notable room for improvement in both advisor conduct and licensee oversight.
- Compliance gap: Only 38 files demonstrated compliance with the duty of ‘best financial interests’
- Client detriment: The remaining files failed to demonstrate compliance with the ‘best financial interests’ duty, and ASIC had significant concerns regarding client detriment in 27 of these files.
- “Order-Taking”: Many advisors failed to conduct independent investigations and were found to simply process a client’s request without adequate assessment.
- Lack of prioritisation to clients with conflicts of interest: including recommending advice to facilitate the purchase of off-the-plan properties via limited recourse borrowing arrangements.
ASIC are actively commencing enforcement action where significant client detriment was identified.
Key takeaways for advisors include ensuring licensees are accountable for the advice provided by their financial advisors. Development and implementation of strict policies are recommended; however, compliance testing is critical to ensure financial advisors are meeting their obligations and only recommending an SMSF when it is suitable for the client.
Internal Dispute Resolution (IDR) obligations
Following a review of reporting practices, ASIC found that many licensees are unintentionally under-reporting complaints due to a misunderstanding of the rules and what qualifies as a complaint. The key matters to be aware of are as follows:
- The definition of a ‘complaint’ is very broad and defined as any expression of dissatisfaction. It does not have to be serious, involve compensation, or remain unresolved to be a reportable matter.
- Reporting Windows, notably IDR data which must be lodged via the ASIC Regulatory Portal twice a year (Jan-Feb and July-Aug).
Licensees are strongly encouraged to ensure their systems, training and processes are robust enough to support accurate IDR reporting, in line with RG 271.
Reportable situations
ASIC also conducted a review of the Reportable Situations (Breach Reporting) Regime, which suggests there may still be some uncertainty around the expanded rules introduced in 2021.
- Under-reporting: Many licensees are failing to lodge reports for situations that meet the ‘reportable’ threshold.
- Lack of breach reports: Many had not received copies of a report lodged about them by other firms.
Licensees are reminded that if there are reasonable grounds to believe another licensee has committed a reportable breach, there is obligation to report this to ASIC. There is also a requirement to provide that licensee with a copy of the report lodged with ASIC.
It is strongly recommended that all licensees review their obligations and applicable polices in place to ensure they are meeting their responsibilities.
Review of offshore outsourcing
There are several risk considerations regarding the management of outsourcing advice support functions (such as paraplanning and administration) to Offshore Service Providers (OSP).
Key risks identified include:
- Loss of data control– Difficulties in protecting client information in offshore locations.
- Conflicting laws– OSPs may have to comply with their local government data requests and these may conflict with Australian laws.
- Data breach management– Detecting and responding to data breaches and cyber incidents may be challenging when the function is located offshore.
There are notable concerns from ASIC that many licensees do not have adequate robust systems in place for the assessment, appointment and ongoing performance monitoring of offshore providers. Instead, there is an over-reliance on their representatives to ensure risks are managed appropriately.
Mandatory actions for licensees include exercising due care in selecting providers, regularly monitoring performance of OSPs, and enforcing a clear plan to handle breaches of Service Level Agreements (SLAs) and privacy obligations.
Summary
The overall theme of the Financial Advice Update is a closer focus on licensee accountability, where ASIC is moving beyond education and into enforcement and remediation actions. It is recommended that advice licensees ensure they continue to be aware of their obligations particularly under RG 271, RG 78, and conduct regular audits of OSP data security.
Source:
