CPD: Record-keeping in financial advice – the key to compliance and consumer protection
Advisers need to have a clear understanding of their record-keeping obligations under ASIC regulations and the Financial Adviser Code of Ethics.
Introduction
The financial services regulatory framework is a key pillar of financial consumer protection. Regulatory compliance is therefore not merely about avoiding penalties, but is a critical step in building consumer trust and confidence in the financial advice process, and in the financial advice profession as a whole.
Within that framework, one of the most important elements is record-keeping. Proper record-keeping not only satisfies adviser compliance obligations, but it also safeguards advisers (and clients) in the event of disputes and audits. Failing to maintain proper records can lead to serious penalties, reputational damage, and license suspension.
With inadequate record-keeping at the centre of many client complaints and FSCP determinations, and a new ASIC instrument affecting this area issued in September 2024, this article is a timely exploration of best practices in contemporary record-keeping, and is designed to help advisers protect themselves and their clients.
Why record-keeping matters
Under ASIC regulations and the Corporations Act 2001, advisers are obligated to retain detailed records of client interactions, advice provided, and the reasoning behind their recommendations. Proper record-keeping helps:
- Compliance with regulatory and professional association guidelines: ensuring adherence to Best Interest Duty and other legal obligations
- Consumer protection: demonstrating transparency and providing proof of informed consent, it also facilitates the tracking of progress against plans and helps clients understand the fees charged and the services received
- Risk management: an evidence base that helps protect advisers in the event of legal disputes, complaints, and investigations, especially by recording the outcomes of risk profiling, verification of instructions, and any subsequent variation to those obstructions
- Audit readiness: enabling smoother, more efficient compliance audits by the maintenance of accessible, well organised records
- Improved business value: A practice with quality record-keeping is likely to attract a higher value in the event of sale, through being a lower compliance risk.
What records are advisers obliged to keep?
Adviser record-keeping obligations are mainly enshrined in two instruments – ASIC Corporations Instrument 2024/508, and the Financial Adviser Code of Ethics.
ASIC requirements – what records?
ASIC Instrument 508[1] became effective in September 2024, essentially making permanent a Class Order dating back to 2014 (CO 923). It provides guidance about the aspects of the advice process for which records must be kept, as well as the timeframe for records to be retained.
In summary, licensees must ensure records of the following matters are kept in relation to the provision of personal advice:
- the information relied on and the action taken by the provider that indicates the provider has, in accordance with subsection 961B(1), acted in the best interests (the best interests duty) of the client in relation to the advice
- if subsection 961B(2) is being relied on to prove that the best interests duty has been satisfied—the information relied on and the action taken by the provider that satisfies the steps in that subsection
- the advice given, including the reasons why, under section 961G, it would be reasonable to conclude that the advice is appropriate to the client, had the provider satisfied the best interests duty, and
- where the provider knows, or reasonably ought to know, that there is a conflict between the interests of the client and the interests of a person mentioned in any of the paragraphs in subsection 961J(1)—the information relied on and the action taken by the provider to indicate that the provider has given priority to the client’s interests when giving the advice.
ASIC requirements – how long?
One of the controversial aspects of the ASIC Instrument relates to the amount of time records must be kept.
ASIC requires AFS Licensees who provide personal advice to retail clients to keep records for a period of at least seven (7) years after the day advice was provided to the client to comply with best interests duty and related obligations[2]. They must be accessible to the licensee during that period, and this obligation applies even where the AFSL ceases to be licensed.
Where the provider of the personal advice is an authorised representative and the authorised representative is responsible for keeping records, the authorised representative must provide the records to the AFS Licensee upon request, where the request is made for the purposes of comply with the recording keeping obligations within 7 years after the day on which the personal advice was provided to the client.
A practical outcome of this requirement is the handover – to the AFSL – of all client files and records when an Authorised Representative leaves a licensee.
Why the controversy?
Prior to issuing Instrument 508 in September 2024, ASIC conducted a public consultation. As part of the consultation, the Financial Advice Association (FAAA) argued that – by continuing the original 2014 class order – Instrument 508 is effectively out of date and ramping up the cost of advice.
According to the FAAA, ASIC’s requirements generate a high level of compliance activity and effort, and have increased the cost of providing advice.
“The FAAA have for a long time advocated for greater regulatory capacity for financial advisers to rely upon their professional judgement, rather than the type of prescriptive record-keeping obligations that are set out in this class order,” their submission[3] said.
The FAAA also flagged concerns around the application of the regulations even after a licensee has gone into administration, or when an authorised representative dies.
“The continuation of these record-keeping obligations beyond the closure of these businesses or the death of an individual, in the absence of an obvious alternative solution, is quite problematic.”[4]
The code of ethics and record-keeping
A core objective of the 2019 Financial Planners and Advisers Code of Ethics is to lay down standards in the area of client care, and the keeping of accurate and comprehensive records is clearly key to caring for clients and protecting their interests.
Standard 8 of the Code[5] governs financial adviser record-keeping, and this standard specifically requires advisers to:
- Keep records of all the advice and services they provide, and
- Ensure records of clients, including former clients, are kept in a form that is complete and accurate.
That means, rather than recording a bare minimum of personal information for each client, advisers must keep and file every piece of correspondence between themselves and their clients. This means physical documents, and also communication including emails, phone calls, voice/video recordings, electronic messages, and any conversations with clients during meetings.
Keeping clear, accurate and complete records also evidences adviser compliance with other Code of Ethics requirements around informed consent and best interests including Standard 2 (acting with integrity and in the best interest of your client) and Standard 5 (your client has understood the advice and recommendations you’ve given them).
In the course of ‘knowing your client’, and in order to give the best quality advice, advisers must gather a lot of information, encompassing:
- current client circumstances
- broader, long-term needs and likely circumstances
- family members’ broader, long-term needs and likely circumstances;
- risk tolerances;
- money attitudes; and
- financial and lifestyle goals.
Keeping records safely and securely
Record-keeping obligations don’t just relate to what records are kept, they also relate to how they are kept, specifically the requirements to keep any client information in those records private and confidential. This obligation is enshrined in both law and applicable professional conduct frameworks.
The overarching legal requirements can be found in the 13 Australian Privacy Principles which underpin the 1988 Privacy Act[6]. These principles govern standards, rights and obligations around:
- the collection, use and disclosure of personal information
- an organisation or agency’s governance and accountability
- integrity and correction of personal information
- the rights of individuals to access their personal information.
A breach of an Australian Privacy Principle is regarded as ‘interference with the privacy of an individual’ and can lead to regulatory action and penalties (including a maximum fine currently of up to $50 million[7]).
Whilst small businesses (those with annual turnover less than $3 million) are largely exempt from the requirements of the Act, financial advisers do not enjoy this exemption, as they are generally classified as ‘reporting entities’ under Section 6 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.
Professional association guidelines
The FAAA Best Practice Standards[8] also reference the importance of record-keeping, specifically in relation to:
- recording the scope of services to provided (s1.8)
- gathering and recording client factual and qualitative information (s2.5)
- recording client asset holdings in a Client Asset Register (s5.6), and
- the maintenance of separate and independent files in relation to each client (s7.18).
Record-keeping in the spotlight
In addition to the publicity surrounding the release of Instrument 508 in late 2024, two other factors have been keeping the topic of record-keeping top of mind for many in the industry:
- recent determinations by the Financial Complaints body (AFCA), and by the Financial Services & Credit Panel (FSCP) – the advice disciplinary body, and
- the likely replacement of the Statement of Advice through the yet to be legislated Tranche 2 of the Delivering Better Financial Outcomes (DBFO) reforms.
Poor record-keeping is poor advice
Poor record-keeping continues to be a significant driver of client disputes and disciplinary actions taken against advisers. Two examples from 2024 illustrate this.
Case study 1: SOA fails to adequately record client objective
AFCA determination 969037, published in June 2024[9], concerns the case of a client who received advice in relation to their SMSF. Specifically, the clients had an existing SMSF and sought advice about the suitability of their SMSF and its investments.
Normally advisers find themselves in the cross hairs for inappropriately placing clients into SMSFs, however in this case, the reverse was true, and the adviser recommended the client stay in their SMSF, on the basis that exiting the SMSF structure and the selling the property the fund owned would cause considerable losses.
AFCA, however, found that among the reasons the client sought the advice was the belief that their growth objectives and growth-oriented risk profile would not be met by the property owned by the fund. The advice to retain the property within the SMSF was therefore deemed inappropriate.
AFCA found no evidence the adviser had reviewed the cash flow of the fund, conducted a fresh risk profile, or considered alternative strategies. Nor did the SOA accurately record the client’s objectives.
The AFCA determination upheld the client complaint, and required the adviser to pay over $90,000 plus interest (in lieu of lost growth). Along with likely process deficiencies, inadequate or non-existent record-keeping was a key failing that contributed to this outcome.
Case study 2: FSCP clamps down on poor record-keeping
Describing record-keeping as the “mortar between the bricks” of the advice process, the FSCP suspended an adviser for three months for failures in this area[10].
According to the FSCP, the adviser failed to comply with his obligations when providing advice to three clients, using records of advice (ROA) that relied on statements of advice (SOA) that had been given to the clients up to seven years ago.
Finding that two of the clients had experienced significantly changed circumstances since the original SOA was issued, the FSCP found that the adviser could therefore not rely on the exemption from issuing an SOA.
The panel noted there was insufficient evidence on the client files that reasonable enquiries had been made about the clients’ relevant circumstances.
“Ultimately, record-keeping on all three client files was poor. Details of advice processes, if undertaken, could not be substantiated.”[11]
Will the end of SOAs change much?
While, at the time of publishing, Tranche 2 of the DBFO legislation had not been put to Parliament, there is a commitment from both major parties to implement the legislation, regardless of the result of the 2025 federal election[12].
Arguably two of the most significant reforms flagged as part of Tranche 2 are the scrapping of the Safe Harbour provisions around Best Interest Duty, and the scrapping of SOAs in favour of a more streamlined document (the format of which is currently unknown).
Both reforms are clearly very significant from a record-keeping perspective, with the scrapping of SOAs likely to force many advisers to focus on their broader record-keeping.
Countering concerns that the scrapping of SOAs would somehow leave advisers with less protection in the event of client disputes, experts argue that in fact SOAs were never regarded as the primary evidentiary source when investigating complaints, rather it was the quality of records kept about client/adviser interactions and conversations that were the most important.
As one expert said, “I’ve never seen a situation where a phrase missing or present in a document is what a matter hinged on.”[13]
AFCA Commissioner Shail Singh observed that the dispute process will always come down to evidence that proved the adviser gave proper advice that is free of any conflicted interests. “If something goes wrong, how do you demonstrate that you’ve satisfied your professional obligations?”[14]
Singh also made it clear that it was the file notes, and not the SOA, that provided the best evidence:
“I really should be clear on that – the longer [SOAs] often don’t help and sometimes you have to look at the other documentation to understand whether informed consent was given to a particular strategy.”[15]
The AI revolution, making record-keeping easier
The idea that record-keeping is about paper based records of face-to-face conversations is no longer representative of the modern advice practice. Increasingly, adviser client interactions are virtual, taking place via video meetings, phone calls, SMS and social media messages, emails, and online data capture through website and dedicated portals.
ASIC has long stated it is technology agnostic, and in this regard, file notes do not have to be paper based, or even written documents. They can just as easily be scanned records or electronic recordings.
One of the hottest topics in advice right now is of course Artificial Intelligence (AI) and its potential to revolutionise many aspects of advice, including operational efficiencies.
Seemingly every day a new AI powered tool for advisers is launched to market, helping in areas such as making transcripts of video calls, and creating file notes in the blink of an eye. It’s more advanced uses include checking client comprehension of topics discussed during a meeting (which can help support proof of informed consent).
A system that listens in on client meetings, captures every detail, and auto-generates a perfect, organised summary file note is probably a dream scenario for advisers who want to focus on building relationships rather than being bogged down by administrative tasks.
But this scenario, is much as it is real, also comes with its own considerations, including the occasionally suspect accuracy of the outputs, and data security issues.
In step with the rapid adoption of AI by the advice profession, ASIC has flagged[16] its concerns around ‘governance gaps’ in the use of AI, and its subsequent intention to heighten its scrutiny of AI usage by licensees and individual advisers.
Conclusion
Record-keeping is the backbone of regulatory compliance in financial advice, serving as both a safeguard for advisers and a critical element in consumer protection. The introduction of ASIC Instrument 2024/508, in late 2024, has reinforced the long-standing obligations for advisers to maintain detailed, accurate, and accessible records. Despite industry concerns over the cost and administrative burden, robust record-keeping practices remain non-negotiable, ensuring advisers can demonstrate adherence to Best Interest Duty, ethical standards, and privacy laws.
Recent determinations from AFCA and FSCP highlight how poor record-keeping can expose advisers to financial penalties, disputes, and even license suspension. As the industry moves toward Tranche 2 of the DBFO reforms, which will see the end of Statements of Advice (SOAs), advisers must refine their broader record-keeping practices to ensure compliance and mitigate risk.
While emerging technologies such as AI-driven documentation tools can improve the quality and efficiency of record-keeping, they also present governance challenges. With ASIC signalling increased scrutiny over AI use, advisers must balance innovation with compliance, ensuring data integrity and security.
Ultimately, advisers who proactively enhance their record-keeping processes will not only safeguard their businesses but also strengthen trust with their clients and regulators alike.
Take the FAAA accredited quiz to earn 0.5 CPD hour:
CPD Quiz
The following CPD quiz is accredited by the FAAA at 0.5 hour.
Legislated CPD Area: Regulatory Compliance & Consumer Protection (0.5 hrs)
ASIC Knowledge Requirements: Regulatory Environment (0.5 hrs)
please log in to start this quiz
———–
References:
[1] https://www.legislation.gov.au/F2024L01201/latest/text
[2] https://sophiegrace.com.au/asic-record-keeping-obligations-on-afsls/?srsltid=AfmBOoqJP72RMTlXEGkXXrEw5-4vm4_YNmw5Q_WbBmmwZRlqPH2h2dSF
[3] https://www.professionalplanner.com.au/2024/09/faaa-argues-record-keeping-requirements-too-onerous/
[4] Ibid.
[5] https://myintegrity.com.au/wp-content/uploads/2024/07/FG002_Financial-Advisr-CoE-Guide_10-2020.pdf
[6] https://www.oaic.gov.au/privacy/australian-privacy-principles/australian-privacy-principles-quick-reference
[7] https://www.corrs.com.au/insights/higher-penalties-and-other-privacy-act-amendments-commence
[8] https://faaa.au/wp-content/uploads/2023/04/FAAA-Practice-Standards.pdf
[9] https://my.afca.org.au/searchpublisheddecisions/kb-article/?id=cbef98d1-df5d-ef11-bfe4-6045bde57fbd
[10] https://www.moneymanagement.com.au/news/financial-planning/fscp-clamps-down-poor-recordkeeping
[11] Ibid.
[12] https://www.moneymanagement.com.au/news/financial-planning/howarth-commits-implementing-dbfo-reforms-current-form
[13] https://www.professionalplanner.com.au/2023/02/go-away-soa-record-keeping-and-file-notes-already-the-superior-proof-of-advice/
[14] Ibid.
[15] Ibid.
[16] https://www.professionalplanner.com.au/2024/08/asic-places-offshoring-and-ai-in-advice-under-magnifying-glass/
CPD Quiz
The following CPD quiz is accredited by the FAAA at 0.5 hour.
Legislated CPD Area: Regulatory Compliance & Consumer Protection (0.5 hrs)
ASIC Knowledge Requirements: Regulatory Environment (0.5 hrs)
please log in to start this quiz
———–
References:
[1] https://www.legislation.gov.au/F2024L01201/latest/text
[2] https://sophiegrace.com.au/asic-record-keeping-obligations-on-afsls/?srsltid=AfmBOoqJP72RMTlXEGkXXrEw5-4vm4_YNmw5Q_WbBmmwZRlqPH2h2dSF
[3] https://www.professionalplanner.com.au/2024/09/faaa-argues-record-keeping-requirements-too-onerous/
[4] Ibid.
[5] https://myintegrity.com.au/wp-content/uploads/2024/07/FG002_Financial-Advisr-CoE-Guide_10-2020.pdf
[6] https://www.oaic.gov.au/privacy/australian-privacy-principles/australian-privacy-principles-quick-reference
[7] https://www.corrs.com.au/insights/higher-penalties-and-other-privacy-act-amendments-commence
[8] https://faaa.au/wp-content/uploads/2023/04/FAAA-Practice-Standards.pdf
[9] https://my.afca.org.au/searchpublisheddecisions/kb-article/?id=cbef98d1-df5d-ef11-bfe4-6045bde57fbd
[10] https://www.moneymanagement.com.au/news/financial-planning/fscp-clamps-down-poor-recordkeeping
[11] Ibid.
[12] https://www.moneymanagement.com.au/news/financial-planning/howarth-commits-implementing-dbfo-reforms-current-form
[13] https://www.professionalplanner.com.au/2023/02/go-away-soa-record-keeping-and-file-notes-already-the-superior-proof-of-advice/
[14] Ibid.
[15] Ibid.
[16] https://www.professionalplanner.com.au/2024/08/asic-places-offshoring-and-ai-in-advice-under-magnifying-glass/
Earn CPD Points
CPD: The return of the prodigal product – Credit default swaps explainedBackground One of the downsides of the Global Financial Crisis (GFC) has been the tarnished reputation of certain financial instruments that were developed with good intentions, namely derivatives. While there [...]
CPD: The value of advice – harness your expertiseThe value of advice cannot always be readily quantified. It’s so much more than simply making money for clients, although that is a key factor. Being able to articulate value [...]
CPD: The investment case for global smaller companiesFinancial advisers have long understood the benefits of adding an Australian small cap exposure to a client’s diversified portfolio. Those same benefits apply to global small caps – and on [...]
CPD: Financial Advice Regulatory Digest – through a consumer protection lensIntroduction Along with disclosure, financial literacy, and financial advice, financial services regulation is one of the four accepted pillars of financial consumer protection[1]. Staying abreast – and ideally ahead – [...]
CPD: The ethical consequences of inappropriate adviceThe Australian Financial Complaints Authority (AFCA) has opened a consultation into how it determines compensation for complaints involving financial advisers. A week or two before that announcement was made, AFCA’s [...]
You must be logged in to post or view comments.