Will your internal compliance pass the ASIC test? Steps to take before the regulator comes knocking


Last month’s report on the Performance of ASIC by the Senate Economics Reference Committee is a loud warning to financial service providers to get their house in order. ASIC’s reaction to the findings is likely to be swift and advisers and their licensees should expect to come under scrutiny in the near future.


The Committee determined that ASIC needs to become a far more proactive regulator and do more to address early warning signs of corporate wrongdoing. 

To facilitate these goals, the report recommends ASIC increase its surveillance activity and make its findings public. The government is also urged to consider increasing penalties for AFSL holders that fail to lodge timely reports of significant breaches to ASIC.

While the media storm around the report will eventually abate, AFSL holders should expect the consequences of the findings to ratchet up. The first noticeable impact is likely to be increased scrutiny of internal compliance regimes, particularly as to whether an organisation’s regime can effectively identify and manage instances of misconduct.

ASIC’s chairman, Mr Greg Medcraft, provided a clear warning in his statement to the Committee, that compliance:

should be seen as an investment, not as a necessary evil, and if compliance professionals can ensure they have strong arrangements in place then hopefully we will not have to pay them a visit”.

Three steps to avoid the regulator paying a visit

AFSL holders all have their own tried and tested internal compliance systems. However, in this new environment of greater regulatory vigilance, it would be prudent for AFSL holders to consider whether their current systems are sufficient. There are a few practical steps AFSL holders can take to minimise the potential for a visit from the regulator. 

1. Conduct an internal review of systems for identifying instances of misconduct or high-risk complaints 

An internal review is your starting point. The review should identify any loopholes in existing internal compliance regimes which are ripe for exploitation by unscrupulous financial advisors. 

Organisations should ensure they have identified the key warning signs for misconduct so that any cases of misconduct can be picked up quickly. This will put you in the best position to properly investigate the matter and, if required, report the matter to ASIC within the requisite timeframe. 

You should also consider, as part of internal review, whether there is a systemic compliance culture issue that needs to be addressed within the organisation. 

2. Ensure that all legitimate reports of misconduct are investigated sooner rather than later to avoid ASIC or the media stepping in and investigating the matter

In light of the call for ASIC to become a more proactive, ASIC will no doubt expect financial organisations to be similarly proactive and address all legitimate allegations or “warning signs” of misconduct. A failure to do so could land AFSL holders in breach of their reporting obligations and result in ASIC knocking on their door.

3. Keep the regulator informed of instances of misconduct and ensure there is a suitable compensation regime for victims

Consider how cases of misconduct are dealt with in your organisation. In the current environment, a failure to recognise and fairly compensate victims could attract negative media attention which will lead to a damaged reputation. 

The Committee identified one particular ASIC sanctioned compensation process as being fundamentally flawed. Accordingly, financial organisations should be aware that their existing compensation processes may be called into question and may not be sufficient in the future. 

We suspect that the key to effective future compensation processes will be ensuring there is an element of independence in the process. This may include engaging independent experts to assist with the process.

By being proactive now, AFSL holders can put themselves in a better position to avoid future scrutiny or surveillance by ASIC. When taking these steps, you should also consider potential litigation risks and how they can be minimised in ways that, to the extent possible, preserves legal privilege in communications that are confidential and made for the purpose of giving or receiving legal advice. We give a more detailed analysis on identifying and minimising litigations risks in this article.

The content of this publication is for reference purposes only. It is current at the date of publication. This content does not constitute legal advice and should not be relied upon as such. Legal advice about your specific circumstances should always be obtained before taking any action based on this publication.

Related Content


Anna Ross

Partner. Sydney
+61 2 9210 6904


James Whittaker

Partner. Sydney
+61 2 9210 6667


Mark Wilks

Partner. Sydney
+61 2 9210 6159


Richard Flitcroft

Partner. Sydney
+61 2 9210 6435