CPD: ASIC’s enforcement priorities – practical adviser implications
ASIC is fundamentally a consumer protection agency. The various functions it performs, including market oversight, surveillance, enforcement and education, ultimately all roll up to one core purpose – ensuring good conduct by financial services providers in order to protect consumers of those services from bad outcomes.
Each year ASIC publishes its enforcement priorities for the following year, essentially flagging to all market participants what they see as the most problematic areas worthy of extra attention and resources.
In August 2024, ASIC published their 2025 enforcement priorities[1], and as well as giving insight into how the industry is evolving, they also convey a more practical purpose for industry participants – including financial advisers and licensees – providing a checklist of items necessary to ensure one remains compliant.
According to the 2024 Adviser Ratings Financial Advice Landscape Report[2], over 94% of advice practices comprise 5 advisers or less, with around 60% comprising single advice licensees, and the more we see advisers acting as licensees, the more these enforcement priorities become directly relevant to the adviser population.
In this article, we will examine the consumer protection role played by ASIC, through the lens of its 2025 priorities, drilling down into some of the newer ones and those likely to have the most impact on advisers. Readers will gain an understanding of the way ASIC performs its role, and the specific aspects of the advice value chain that should be evaluated to ensure advisers are operating compliantly and delivering positive outcomes for their clients.
A quick refresher – how ASIC operates
ASIC performs a number of activities in order to promote integrity and consumer protection within the Australian financial system. These include:
- Enforcement and compliance
- Including areas that impact market integrity or cause consumer harm
- ASIC administers and enforces compliance with many of the regulatory instruments directly relevant to financial advisers, including the Corporations Act 2001, and Delivering Better Financial Outcomes (DBFO).
- Supervision and Surveillance
- Through mechanisms such as file sampling, mystery shopping and targeted reports, ASIC seeks to ensure providers are acting in the best interests of consumers, operating fairly and efficiently, and within the terms of their licence.
- Guidance
- Laws are generally very complex and hard to translate into practical application.
- Through its familiar ‘Regulatory Guides (‘RGs), ASIC provides guidance about how they will administer and enforce the law, and what they consider to be good practice.
- Licensing and registration
- ASIC assesses a range of license and registration applications, including for AFSLs and Managed Investment Schemes.
- Regulatory relief
- Where appropriate ASIC provides relief from laws, to facilitate business and promote innovation in the industry.
- Engagement
- With peer regulators in Australia and overseas, and external panels of experts in order to understand developments and systemic risks.
- Education
- Financial literacy is a key consumer protection pillar, and through its longstanding Moneysmart website, ASIC provides consumer facing education, information and tools.
- ASIC Registers
- ASIC administers more than 30 legal registers including the Financial Adviser Register (FAR).
ASIC 2025 focus areas at a glance
ASIC’s focus areas are a subset of its overarching strategic priorities, as summarised below:
Media coverage gives advisers clues
Financial media coverage[4,5] – at the time the ASIC priorities were launched – highlighted a number of specific areas directly impacting advisers and practice owners, including the use of Artificial Intelligence and offshoring, as well as Internal Dispute Resolution (IDR) processes. In truth though, a broader range of themes also relevant to advisers, including greenwashing, superannuation fund performance and DDO obligations, featured extensively in the media over prior months.
Deeper Dive – DDO
The Design and Distribution Obligations are intended to protect consumers by ensuring firms take a consumer-centric approach to the design and distribution of financial products. While the Target Market Determination (TMD) document is the most visible manifestation of DDO, the regulations are less about disclosure and more about the supporting processes and governance around aligning customers and products.
ASIC Report 795, issued in September 2024, contained the results of DDO surveillance between October 2023 and August 2024. Their review revealed[6]:
- many issuers had limited due diligence arrangements to assess and monitor third party distributors
- some issuers of high-risk products were relying on broad search terms in online marketing
- many issuers used poor quality consumer questionnaires, and
- only a few issuers monitored consumer outcomes and product performance.
The report recommends issuers improve distribution practices regarding the selection and supervision of distributors, training staff, marketing materials, consumer questionnaires, and information and monitoring outcomes.
Advisers also have reporting and record keeping obligations under DDO, both in terms of justifying and documenting any cases where a product recommendation is inconsistent with the TMD, and in terms of providing data to product issuers around complaints and significant dealings.
As detailed in ASIC Information Sheet 264[7], advice licensees and financial advisers are required to report to issuers:
- if they receive a complaint, how many complaints they have received during a reporting period
- any other information that the issuer specifies in the TMD to assist the issuer to determine whether an event or circumstance has occurred that would reasonably suggest that the TMD is no longer appropriate, and
- when they become aware of a significant dealing in the product that is not consistent with the TMD.
Financial advisers must also keep records about the above distribution information in relation to products for up to seven years.
In light of ASIC’s heightened focus and recent successes in prosecuting issuers, it seems almost inevitable that product providers will review their own processes and interactions with distributors. Financial advisers should probably expect fund managers and insurers to step up their demands for distribution data and reporting, and should thus consider whether their existing approach can stand up to any such demands.
Deeper Dive – Artificial Intelligence
AI will undoubtedly transform many industries, and indeed many advisers expect it to be a significant driver of efficiencies across many aspects of the advice value chain.
In a survey by AR Data[8], advisers were asked which areas of advice they expected AI to impact:
- 15% said portfolio management
- 54% said SOA/ROA production
- 56% said marketing, and
- 61% said client engagement.
Many practices have already put AI platforms such as ChatGPT and Microsoft Co-Pilot to use in their marketing and communication, leveraging its ability to generate high quality written content (not traditionally a strength of most advisers).
Of more concern to ASIC however is the use of AI in generating SOAs and ROAs, and even more fundamentally, the actual advice contained in these documents.
ASIC likely have two major concerns here.
One is in the capacity for AI to make errors. It is well documented that ChatGPT can make errors in both facts, and in data analysis. A quick google search will find examples of error rates ranging from 7% to over 50%, depending on the scenario.
As the ones ultimately still responsible for their advice, advisers using AI, whether it be to craft documents, or for tasks such as product comparisons, cash flow analysis, and scenario modelling, still need to quality check every output produced by AI.
ASIC’s second concern is likely around data protection and privacy. Loading sensitive client data up to generic off-the-shelf AI platforms such as OpenAI (ChatGPT) is fraught with risks, including the lack of security of that data and even potential legal complications around data ownership.
Advisers have extensive ethical and legal obligations around protecting client data, and before using AI with client data should do a thorough due diligence around these issues before selecting and using a platform.
Deeper dive – offshoring
An enduring narrative within advice circles has been the quest for efficiency. The rising cost of providing advice has put it out of reach for many Australians, and threatened the financial viability of many practices.
Various studies have found cost to be the single biggest barrier to clients seeking financial advice, and the last few years has seen this issue tackled by policymakers – most recently through the Quality of Advice review – and by the profession itself through the adoption of technology and outsourcing to bring costs down.
Advisers are an expensive resource, capable of generating significant hourly revenues, and thus using them for low value tasks such as data gathering, completing application forms, and ongoing client administration makes little economic sense. Many advisers have reached this realisation and have chosen to outsource to providers who can perform the tasks at a much lower cost.
The most significant cost savings – from 30% to 70% in hourly rate terms – are made when that outsourcing provider is offshore, where wage and other employee costs are lower. The Philippines, for example, is home to a number of outsourcing providers who are supporting thousands of Australian advisers with services including client onboarding, document production, paraplanning, fact finds, insurance quotes and renewals, and client administration.
So strong has been the growth of offshoring, ASIC have specifically called it out in their enforcement priorities, highlighting data security and privacy as a particular concern, stating:
“We will review how investment managers and financial advisers manage the risks of using offshore service providers. In particular, we will look at how they manage risks related to technology, data sharing and privacy. We will also publish resources that will help licensees improve the security of client data when sending it offshore.”[9]
ASIC’s concern around third party providers and data risks had been raised earlier, in late 2023, when ASIC Chair Longo said, in response to their ‘cyber pulse’ survey findings:
“For all organisations, cyber security and cyber resilience must be a top priority. ASIC expects this to include oversight of cyber security risk throughout the organisation’s supply chain – it was alarming that 44% of participants are not managing third-party or supply chain risks. Third-party relationships provide threat actors with easy access to an organisation’s systems and networks.”[10]
Advisers and Licensees working with offshore providers are thus on notice to ensure their own risk management frameworks are robust, not only in the initial selection of a provider, but in the ongoing governance around provider engagement, including staff training, monitoring, reporting, and cyber resilience testing.
Deeper dive – private markets
While it remains much smaller than the public market, the Australian private equity market has grown significantly over recent years. Assets under management in Australian-focused private equity funds – an important component of the private equity market – nearly tripled in size – to $66 billion – between 2010 and 2024[11].
Private credit offerings have also grown rapidly, so quickly in fact that research houses have sounded alarm bells. But with more and more people meeting the sophisticated investor test, the access to new investment opportunities is sure to propel further growth, prompting ASIC – concerned about the opacity and illiquidity of private market offerings – to ramp up their scrutiny.
Speaking on the issue, ASIC chair Joe Longo said:
“While Australia’s private markets are dwarfed in size by our listed equity markets, their opacity presents an outsized risk to market integrity, particularly as more investors become exposed. The addition of a new strategic priority aimed at driving consistency and transparency across markets and products puts all market participants on notice.”[12]
One of the biggest issues faced in this space is the knowledge gap, especially with clients.
A global survey[13] of investment advisers found around 70 per cent were planning to increase clients’ allocation to the asset class compared with 12 months ago, driven by the opportunities for diversification and performance.
That same survey found that while over 90% of advisers rated their own knowledge of private markets as advanced or intermediate, 50% rated their clients’ knowledge as beginner level or non-existent.
While the availability of retail private market offerings in Australia remains limited, advisers working with clients on a wholesale basis are on notice to not only do exhaustive due diligence around individual recommendations, but more broadly to address client knowledge levels significantly lower than that seen with more traditional investment products.
Deeper dive – dispute resolution
Also due for increased ASIC scrutiny is the adequacy of internal dispute resolution (IDR) arrangements.
Their latest Corporate Plan notes they will undertake a cross-sector surveillance of compliance with IDR requirements outlined in Regulatory Guide 271 Internal dispute resolution (RG 271)[14].
This surveillance will check whether entities have fair and efficient dispute resolution processes in place, and identify areas where licensees need to improve.
In 2024, ASIC will publish observations from the first year of IDR data reported by all firms, while in 2025 they will publish firm-level IDR data.
ASIC’s handling of dispute resolution data itself came under scrutiny from a Senate Inquiry earlier in 2024, with the Inquiry Report noting that 93 per cent of reportable situation reports made by AFSLs were assessed as requiring no action in 2022–23, representing more than 26,000 reports[15].
This pressure on ASIC is likely to be passed down, and AFSLs are therefore on notice to ensure their IDR arrangements are formalised, operating fairly and efficiently, and all reporting obligations are being complied with.
Summary
As the entity responsible for financial consumer protection, ASIC’s enforcement priorities, published each year via an updated Corporate Plan, provide financial advisers with both valuable insights into new trends and issues within the financial system, and practical signalling around the specific areas that will come under increased scrutiny going forward, allowing advisers to similarly tighten their compliance in a targeted way.
In August 2024, ASIC publicly released their priorities for 2025, highlighting a range of areas of focus, including climate risks, retirement outcomes, and cyber resilience.
Through the media, various ASIC spokespeople also highlighted emerging areas of concern with direct relevance to financial advisers and licensees, including IDR processes, offshoring, the growth of private markets, DDO governance, and the use of Artificial Intelligence in advice.
By understanding the dynamics within these issues, and the concerns held by ASIC, advisers and licensees will be better equipped to position themselves for the future and to ensure they are compliant and delivering positive consumer outcomes.
Take the FAAA accredited quiz to earn 0.5 CPD hour:
CPD Quiz
The following CPD quiz is accredited by the FAAA at 0.5 hour.
Legislated CPD Area: Regulatory Compliance & Consumer Protection (0.5 hrs)
ASIC Knowledge Requirements: Regulatory Environment (0.5 hrs)
please log in to start this quiz
———–
References:
[1] https://www.moneymanagement.com.au/news/financial-planning/asic-unveils-strategic-enforcement-priorities-fy25
[2] https://www.adviserratings.com.au/news/2024-australian-financial-advice-landscape-report/
[3] https://download.asic.gov.au/media/1t4gbqvs/asic-corporate-plan-2024-25-published-22-august-2024.pdf
[4] https://www.professionalplanner.com.au/2024/08/asic-places-offshoring-and-ai-in-advice-under-magnifying-glass/
[5] https://www.moneymanagement.com.au/news/financial-planning/asic-unveils-strategic-enforcement-priorities-fy25
[6] https://asic.gov.au/about-asic/news-centre/find-a-media-release/2024-releases/24-200mr-asic-calls-on-product-issuers-to-review-distribution-practices-for-ddo-compliance/
[7] https://asic.gov.au/regulatory-resources/financial-services/giving-financial-product-advice/faqs-design-and-distribution-obligations-for-advice-licensees-and-financial-advisers/#how-the-design-and-distribution-obligations-apply
[8] https://www.adviserratings.com.au/news/2024-australian-financial-advice-landscape-report/
[9] https://download.asic.gov.au/media/1t4gbqvs/asic-corporate-plan-2024-25-published-22-august-2024.pdf
[10] https://asic.gov.au/about-asic/news-centre/find-a-media-release/2023-releases/23-300mr-asic-calls-for-greater-organisational-vigilance-to-combat-cyber-threats/
[11] https://www.rba.gov.au/publications/bulletin/2024/apr/the-private-equity-market-in-australia.html
[12] https://asic.gov.au/about-asic/news-centre/find-a-media-release/2024-releases/24-184mr-asic-expands-strategic-priorities-for-coming-12-months/
[13] https://www.ifa.com.au/news/34364-advisers-need-to-tackle-private-markets-knowledge-gap
[14] https://asic.gov.au/regulatory-resources/find-a-document/regulatory-guides/rg-271-internal-dispute-resolution/
[15] https://www.moneymanagement.com.au/news/financial-planning/asic-unveils-strategic-enforcement-priorities-fy25
CPD Quiz
The following CPD quiz is accredited by the FAAA at 0.5 hour.
Legislated CPD Area: Regulatory Compliance & Consumer Protection (0.5 hrs)
ASIC Knowledge Requirements: Regulatory Environment (0.5 hrs)
please log in to start this quiz
You must be logged in to post or view comments.