Jaime Lumsden Kelly

Providers of short-term credit and continuous credit contracts are on ASIC’s radar, with ASIC recently issuing two new product intervention orders modifying what fees can be charged when relying on the different credit exemptions. These orders follow ASIC’s successful appeal before the Full Federal Court, which unanimously found that a ‘financial supply fee’ charged by a service provider is a charge ‘made for providing credit’. Given that many BNPL providers rely on these exemptions, the implications of these orders are significant for the BNPL sector.

ASIC made the product intervention orders by way of legislative instruments imposing conditions on the issuing of short term credit (ASIC Instrument 2022/647)^[1] and continuing credit contracts to retail clients (ASIC Instrument 2022/648)^[2]. The orders came into effect on 15 July 2022.

What are the orders?

The ‘Short-Term Credit Product Intervention Order’ is intended to improve on and extend the current restrictions on what short-term credit providers can charge. Currently, fees or charges for the provision of short-term credit are capped. The intervention orders extend these caps to restrict the types of fees or charges under a collateral or associated contract. This would include, for example, contracts for administration services in connection with a credit contract so that credit providers cannot exceed the cap limits by restructuring their fees across multiple contracts for multiple related services.

Similarly, the ‘Continuous Credit Product Intervention Order‘ is intended to prevent providers of continuous lines of credit from charging certain fees or charges under a collateral contract and limits the amount a credit provider can charge for associated services.

ASIC’s Explanatory Statement states that in their view the costs associated with short-term or continuous credit contracts far outweigh the benefits. As such, the orders seek to protect vulnerable customers who may suffer significant harm from predatory lending practices. They do this by clarifying what fees are caught by the fee caps for short-term credit and continuous credit contracts and make it clear that the fee caps also apply to fees, interest and charges under collateral contracts.

ASIC has defined collateral contracts as one that is separate to but also related to the short-term or continuous credit contract between a credit provider and retail client. This could include contracts for services such as assisting with the application for credit, distribution of loan products, or administration of, or debt collection activities in relation to, a short-term or continuous credit contract. It includes activities associated with arranging for short-term or continuous credit, including fast tracking applications.

If an activity is a by-product of a short-term or continuous credit relationship, and a fee or charge is imposed, the provider will need to ensure they are compliant with the fee caps under the product intervention orders. Non-credit services which necessarily or optionally include a credit component may also be caught under the orders as a collateral contract.

Impact on exempt credit providers

In Consultation Paper 355 (Product Intervention Orders: Short Term Credit and Continuing Credit Contracts), ASIC stated that credit providers are charging fees for the provision of credit in line with the caps under the Code, but these charges only equate to a minor percentage of the overall fees (i.e., 2%). ASIC also states that the fees under a separate contract, such as a contract for service or engagement of a third-party service provider, equates to the remainder of the overall fees (i.e., 98% of the total fees charged) and far exceeds the caps outlined by the Code.

Service providers such as bill smoothers, invoice financiers or buy now, pay later providers who are currently operating under a credit exemption may now be caught by the National Credit Code. Such providers should review their current arrangements to ensure that they comply with the Product Intervention Orders in order to continue to rely on the exemptions, otherwise service providers may face heavy penalties or may be required to get an Australian credit licence.

Exemptions?

There may be an exemption for providers that impose fees or charges under a collateral non-cash payment facility.

Buy now, pay later providers may also be exempt where they are relying on the continuous credit exemption.

By Jaime Lumsden, Michele Levine and Stephanie McClelland

———-

References:
[1] https://www.legislation.gov.au/Details/F2022L00975
[1] https://www.legislation.gov.au/Details/F2022L00976

The post BNPL impacted by ASIC Intervention Orders appeared first on AdviserVoice.

Jaime Lumsden

New reporting requirements now apply to AFS licensees for financial years commencing 1 July 2021.

What are the new financial requirements?

AFS licensees previously relying on special purpose financial statements will now be required to prepare general purpose financial statements due to amendments to the Australian Accounting Standards.

How do the changes to the accounting standards apply to AFS Licensees?

AFS Licensees, who are not APRA regulated, must annually prepare and lodge with ASIC financial statements using form FS70. These financial statements must now be prepared as general purpose financial statements.

General purpose financial statements have either Tier 1 or Tier 2 requirements:

• Tier 1 (full disclosure) requirements apply to entities which have public accountability.  Requirements include full application of recognition, measurement, and presentation requirements for all assets, liabilities, income and expenses. Under AASB 1053 Application of tiers of Australian Accounting Standards (AASB 1053) entities which have public accountability must comply with the full disclosure requirements of Tier 1.
• Tier 2 (reduced disclosures) requirements apply to all other entities that have no public accountability. Requirements involve the recognition and measurement requirements of Australian Accounting Standards, but with reduced disclosures. Tier 2 general purpose financial accounts have been recently replaced with the new simplified disclosures as set out in AASB-1060 General Purpose Financial Statements – Simplified Disclosures for For-Profit and Not-for-Profit Tier 2 Entities (AASB-1060).

Public accountability applies to entities where:

• Its debt or equity instruments are traded in a public market, or it is in the process of issuing such instruments for trading in a public market (a domestic or foreign stock exchange or an over-the-counter market, including local and regional markets); or
• It holds assets in a fiduciary capacity for a broad group of outsiders as one of its primary businesses (this includes AFS licensees that hold client monies or assets).

Some examples of AFS licensees that have public accountability and would need to meet the Tier 1 requirements, include:

• ASX listed entities;
• General insurance broker that holds client money;
• Retail over-the-counter derivative issuers;
• Corporate advisers that deal in financial products;
• Over-the-counter derivative traders;
• Wholesale trustees;
• Responsible entities of a registered scheme; and
• Corporate directors of a corporate collective investment vehicle.

For some AFS licensees, it is less clear whether they have public accountability, for example, the impact to underwriting agencies who manage a trust account for insurers is not as clear. There may be times where underwriting agencies pay claims or return premiums on behalf of the insurer through a trust account which they manage for the insurer. Under the Corporations Act, those payments are not required to be held in a statutory trust account under s981B of the Corporation Act (because it is not client money) and such money is held at the risk of the insurer. AFS licensees should seek assistance from their accountant/auditor to determine whether they can rely on the simplified disclosure regime of Tier 2.

AFS licensees should update internal processes and provide training to staff involved in managing financial arrangements and statements.

By Jaime Lumsden and Sónia Cruz.

The post Financial Reporting Changes for AFS Licensees appeared first on AdviserVoice.

Who is a Responsible Manager?

An AFS licence holder has an obligation to always maintain organisational competence. This is demonstrated by relying upon the knowledge and skills of the people who manage the business operations.  These people are known as Responsible Managers. This is an artificial role designed by ASIC to determine whether a licensee has organisational competence when assessing licence applications.

What is a Responsible Manager’s Role?

Responsible Managers should be directly responsible for the significant day-to-day decisions about the ongoing provision of financial services. This means the people in your business who:

• are responsible for the quality of your financial services, and
• decide how your financial services are provided and supervise the provision of those services.

Responsible Managers can act in one or all of the following capacities for an AFS licensee:

• as an employee or authorised representative
• as a director, or
• purely as a contractor to be a Responsible Manager in circumstances where the licensee does not have the organisational competency inhouse.

So before accepting (or continuing in) a role as a Responsible Manager, make sure that:

• you have the time or capability to do the role properly
• your job description carefully defines your role and responsibilities as a Responsible Manager
• you’re given the authority and autonomy to properly exercise those responsibilities – otherwise you could be liable for something that is outside your control
• the licensee has adequate compliance arrangements or a keen appetite for improving them.

Who is not a Responsible Manager

Senior executives responsible for business operations, such as a chief financial officer, risk manager, or HR manager, are unlikely to have the level of direct responsibility for the provision of financial services that would be expected of a Responsible Manager. This will, of course, depend on the size and scale of the business. In some small businesses, the Responsible Manager may be the managing director, and in larger businesses it could be someone in a middle management position that has the responsibility for overseeing the significant day-to-day decisions about the ongoing provision of financial services.

Who qualifies as a Responsible Manager?

Whether a Responsible Manager has the knowledge and skills to fulfil the role comes down to whether the person qualifies under one of 5 prescribed pathways set by ASIC. These can be quite rigid and usually require the person to have the same or similar experience in the financial services for which they are demonstrating organisational competency.

The 5 prescribed pathways are:

1. the person meets a widely adopted industry or relevant APRA standard and has 3 years’ relevant experience over the past 5 years
2. the person is individually assessed by an authorised assessor as having relevant knowledge equivalent to a diploma and 5 years’ relevant experience over the past 8 years
3. the person holds a university degree in a relevant discipline and has completed a short industry course, and 3 years’ relevant experience over the past 5 years
4. the person holds an industry or product specific qualification equivalent to a diploma and 3 years’ relevant experience over the past 5 years
5. if the person does not fit into any of the above 4 options then this option can be used by providing ASIC with a submission to demonstrate the responsible manager’s relevant experience over the past 10 years.

Responsible Managers must also be ‘fit and proper’. This is demonstrated by supplying ASIC with two business references and criminal history and bankruptcy checks, and completing ASIC’s statement of personal information form.

ASIC may have concerns over whether a person is fit and proper to be a Responsible Manager if:The nominated Responsible Manager has had an AFS or credit licence suspended or cancelled;

• a banning or disqualification order has been made by a court against the nominated Responsible Manager
• the nominated Responsible Manager has been disqualified from managing corporations;The nominated Responsible Manager has been banned from engaging in any credit activity under a State or Territory law
• the nominated Responsible Manager has ever been linked to a refusal or failure to give effect to a determination made by AFCA
• the nominated Responsible Manager has been convicted of an offence in the last 10 years.

Compliance

When Responsible Managers or business activities change, your organisational competence must be reviewed to ensure that the licence holder continues to meet its organisational competence obligation.

Some compliance measures for complying with the organisational competence obligation are:

• include a regular agenda item in your compliance/management meetings to consider whether any changes to your business activities or Responsible Managers affects your organisational competency
• have a succession plan in place for Responsible Managers, especially those that have key expertise in particular financial products
• maintain and update a Responsible Manager register that shows their knowledge and skills and the financial services for which they are demonstrating organisational competency, and the ASIC option they were nominated under to support their appointment
• keep records showing that you have reviewed your organisational competence and the steps you have taken to maintain your organisational competence, and
• to ensure the Responsible Manager continues to be fit and proper, conduct periodic criminal history and bankruptcy checks.

Some of the ways we can help in relation to Responsible Managers are:

• Responsible Manager Service Agreement template for engaging external responsible managers.
• Responsible Manager Masterclasses. We run these as public course throughout the year (the next one will be held in the second half of 2022) or we can be engaged to run a private in-house session;
• Responsible Manager assessments to advise whether they will satisfy ASIC’s requirements to support a licence application or variation; and
• Responsible Manager notifications of appointment.

By Sónia Cruz, Head of Licensing

The post Responsible Managers in a nutshell appeared first on AdviserVoice.

Jaime Lumsden Kelly

The Fold Legal is delighted to have made a submission to the Treasury Consultation Paper on Crypto asset secondary service providers: Licensing and custody requirements, which is looking at how the industry will be regulated in the future.

The regulation of the crypto industry is an important step for both the local and global crypto industry. As we have seen with other industries, most notably new energy, uncertainty stifles innovation and a clear pathway to regulation provides the strongest foundation for true innovation, growth, consumer protection and a competitive market.

The scope of regulatory reform outlined in the Consultation Paper is centred on the following key principles:

• ensuring that regulation is fit for purpose, technology neutral and risk-focused
• creating a predictable, light touch, consistent and simple legal framework
• avoiding undue restrictions
• recognising the unique nature of digital assets, and
• harnessing the power of the private sector.

The Consultation Paper presents an opportunity to build a regulatory framework for the future that is technologically agnostic, fit for purpose, has in-built flexibility and strikes an appropriate balance between regulation, consumer protection and innovation. Embarking on legislative change of this nature is no small task and it is critical that we take the opportunity to ensure that the regulatory framework meets the intended objectives and provides the industry with a clear and appropriate transition pathway.

Our submission proposes a regime within the Corporations Act that utilises the existing licensing framework and includes additional obligations for advisory and brokering services undertaken by licensees. In our view, this approach provides:

• the greatest flexibility for current crypto providers to expand their business into traditional markets and for traditional businesses to expand into crypto-assets
• reflects the realities of the provision of services in relation to crypto-assets
• delineates between financial products and crypto-assets
• imposes obligations commensurate with the risks
• mitigates licensing and regulatory duplication
• promotes regulatory certainty, and
• provides appropriate consumer protections.

The Fold Legal is deeply steeped in the fintech space since early 2013 and has been actively involved in the crypto industry since 2015. We are technical specialists that have a broad and deep understanding of blockchain technology, crypto assets, exchanges, DAOs, alternate platforms and crypto product and service offerings. Our crypto knowledge combined with our financial services expertise is market leading. We use our industry knowledge and expertise to deliver practical, compliant and innovative solutions for our clients. We have worked with a range of clients including crypto exchanges, miners, crypto payment businesses, crypto platforms, DAOs and crypto token issuers.

Read the full submission here.

By Jaime Lumsden, Michele Levine or Nicholas Pavouris

The post The Fold Legal prepares submission on the future of crypto regulation appeared first on AdviserVoice.

Simon Carrodus

On 5 May 2021, the Federal Court handed down a landmark decision in Australian Securities and Investments Commission v RI Advice Group Pty Ltd (2022) FCA 496 by declaring that RI Advice Group Pty Ltd (RI Advice) had breached its obligation to:

1. provide financial services efficiently, honestly, and fairly, and
2. have in place adequate risk management systems, by failing to have adequate cybersecurity risk management controls in place. This was a landmark decision as it was the first time that an AFS licensee had been found to be in breach of the requirement for AFS licensees to provide financial services efficiently, honestly, and fairly by not having adequate cybersecurity risk management systems.

In this article, we explore:

1. What happened?
2. What did the Court say?
3. What does this mean for AFS licensees?
4. How The Fold can help.

What happened?

RI Advice, as the AFS licensee of more than 100 authorised representative (AR) practices, provided financial services to approximately 60,000 retail clients.

Between June 2014 and May 2020, a number of separate cybersecurity incidents occurred at the AR practices. These cybersecurity incidents involved:

1. the hacking of an AR practice’s Google email account
2. the hacking of an AR practice’s third party website provider (which hosted the AR practice’s knowledge centre)
3. a hacker sent an email to a client, from the email address of an employee of the AR practice, requesting money
4. an AR practice’s reception desk computer being subject to ransomware delivered by email, resulting in certain files being encrypted and made inaccessible
5. an AR practice’s server being hacked by brute force through a remote access port, resulting in files being held ransom and 220 client files becoming encrypted and unrecoverable
6. an AR practice being hacked through brute force and being undetected for several months, resulting in thousands of client files becoming compromised and personal information stolen – this also resulted in phishing emails being sent to clients
7. the hacking of an AR practice’s email and an email being sent to the AR practice’s bookkeeper requesting that funds be transferred to a Turkish bank, and
8. the hacking of an employee of an AR practice’s email resulting in 150 phishing emails being sent to the AR practice’s clients requesting that they access a Dropbox folder.

While RI Advice had organised some cyber security training sessions for its ARs and had implemented some information security controls s, RI Advice conceded that these steps were inadequate to manage its cyber security risk across its AR practices.

It was also identified that at one particular AR practice up to 90% of the desktops did not have up to date anti-virus software, no scans were scheduled during the week for antivirus software, no offsite backup had been performed and password and security details were found in text files on the server desktop.

In June 2018, RI Advice engaged cyber security consultants and independent experts to investigate specific incidents and to identify and implement measures to address cybersecurity risks. RI Advice also updated its cyber security policies and introduced measures that required its authorised representatives hold cyber insurance. However, RI Advice but admitted that it took too long to implement these measures across its practices.

On 21 August 2020, ASIC commenced proceedings against RI Advice for an alleged failure to:

1. provide financial services efficiently, honestly, and fairly
2. comply with the conditions of its AFS licence
3. comply with financial services laws, and
4. have available adequate resources provide the financial services and carry out supervisory arrangements.

ASIC and RI Advice ultimately settled the matter, with RI Advice admitting to the Court on 7 April 2022 that it had contravened its obligations to:

1. provide financial services efficiently, honestly, and fairly, and
2. have in place adequate risk management systems.

What did the Court say?

Efficiently, honestly, fairly

Although RI Advice admitted to contravening section 912A(1)(a) of the Corporations Act, it disagreed with ASIC’s argument regarding what was the appropriate test for determining whether a breach of this section had occurred.

RI Advice argued that the “public expectation” test (as submitted by ASIC) was not the appropriate test for determining whether an AFS licensee had breached the efficiently, honestly, and fairly obligation.

Justice Rofe agreed with RI Advice, stating that:

“In a technical area such as cybersecurity risk management, the reasonable standard of performance is to be assessed by reference to the reasonable person qualified in that area, and likely the subject of expert evidence before the Court, not the expectations of the general public”.

RI Advice also argued that, while they admitted to contravening the efficiently, honestly, and fairly provision, it did not mean that they had not acted “honestly”.

Justice Rofe agreed with RI Advice stating that a party could contravene the efficiently, honestly, and fairly obligation without having acted dishonestly.

Adequate risk management systems

RI Advice also admitted to contravening the requirement under the Corporations Act to have in place adequate risk management systems. Justice Rofe provided some guidance around what constituted “adequate risk management systems”.

On the question of “adequacy”, her Honour clarified that the Court’s assessment of adequate risk management systems (including those of AFS licensee) will be informed by evidence from relevantly qualified experts in the field.

Outcome

As a result of RI Advice admitting to contravening sections 912A(1)(a) and (h) of the Corporations Act, the Court ordered that RI Advice must:

1. Engage a cybersecurity expert to identify what further documentation and controls in respect of cybersecurity and cyber resilience are necessary for RI Advice to manage risk across its AR practices, and
2. Pay $750,000 towards ASIC’s costs.

What does this mean for AFS licensees?

The RI Advice case clarifies that each AFS licensee must have in place cybersecurity risk management systems across their AR network to protect themselves and their clients from cybersecurity attacks. This includes:

1. up-to-date anti-virus software
2. regular virus scans across the whole AR network
3. up-to-date cybersecurity and cyber resilience training for directors, employees and ARs
4. an AFS licensee cybersecurity policy which ARs are required to implement and comply with as a part of their AR agreement. The cybersecurity policy should address:
   1. Data protection
   2. Password protection and storage, and
   3. Process for dealing with spam and suspected phishing emails.

This case also makes it abundantly clear that the cyber resilience of an AFS licensee’s AR network is the responsibility of the AFS licensee and not the individual AR practice. Determining whether a breach of your AFS licensee obligations requires technical knowledge and expertise in cybersecurity.

How The Fold can help

If you are concerned that your cybersecurity risk management systems and policies may not be adequate, we are here to help.

Through our relationship with some of the best cybersecurity firms in Australia, The Fold Legal can conduct a coordinated cybersecurity health check. We will:

1. Update or create your cybersecurity and cyber resilience policies;
2. Conduct cybersecurity penetration tests of your risk management systems;
3. Provide advice on any identified cybersecurity breaches and how they impact your AFS licensee obligations; and
4. Conduct a full cybersecurity review to ensure that you are running a “best-in-practice” AFS licensee business.
By Simon Carrodus and Glenjon Aligiannis.

The post “Have you tried turning it off and on again?” – A review of the decision in ASIC V Ri Ad appeared first on AdviserVoice.

Jaime Lumsden

Purchasing an Australian financial service licence (AFSL) or an Australian credit licence (ACL) is an exciting opportunity to take your financial service business to the next stage of growth. The process is often much quicker than applying for a licence directly, enabling you to get to market fast. One of the critical steps in purchasing a company that holds an AFSL or ACL is ensuring that the licence does what you need it to do and carries no major regulatory risks.

Most buyers understand the general importance of completing due diligence when they acquire a business or asset, and most purchasers also understand that they need to do some level of regulatory due diligence, however, this is often limited to understanding whether there are any regulatory or compliance risks associated with the way the business has been run. What we rarely see are businesses confirming that the licence authorisations actually enable them to provide their desired services.

Not all licenses are the same, in fact, they vary significantly. Whilst on face value it is easy to tell if the licence is appropriate in some respects (e.g. whether it enables both retail and wholesale client business), there are often elements of the licence that require more careful consideration – in particular, having the correct advice and dealing authorisations for the financial products that your business needs.

Whilst the risk is lower for certain licence types, it is still worth confirming. For example, licences for insurance underwriting and insurance broking are relatively straightforward. However, when purchasing one of these types of licences, you should confirm if you are also required to have a claims handling and settling services authorisation, and if so, what type, as these vary from business to business depending on how claims services are being offered and managed. Most financial planning licences typically cover similar financial products, but there are often subtle differences when it comes to rarer or high-risk authorisations, such as whether they cover products like managed discretionary accounts, margin lending and derivatives.

Where we tend to see the biggest risks is with licences for funds and payment products. With these kinds of product offerings, it is important that you take advice on what financial services are being provided and what the licensing implications are. For example, we have seen payments businesses obtain typical payments licences in the past that they believed would cover their product offering, only to find out that they required a licence that not only had authorisations for non-cash payment facilities but also covered basic deposit products and miscellaneous financial investment products which are not as common authorisations in these types of licences. Funds licences tend to vary significantly depending on what the proposed funds will invest in and there is often a need to consider each licence authorisation against the proposed investment offering to ensure that the authorisation suits.

The other common pitfall is in checking that the licence has the right advice and deal authorisations. It is often relatively simple to confirm if the licence supports general or personal advice, but the distinction between the deal authorisations is subtler and less well understood. For example, securing a licence that has an “apply for” authorisation in respect of payments will not support a business of operating a payments system – this business needs the “issue” authorisation. The “arranging” authorisation is even more limited.

What you don’t want to have to deal with is a situation where you need to vary a licence that you have spent considerable money on, in a hope to accelerate your business, because the authorisations are not what is required or because there are other conditions (such as a key person condition) that prevent you from utilising the licence and requiring a lengthy and expensive variation.

What to check for:

• Ask for a full copy of the licence and check the conditions, is there a key person condition, are there any other limits?
• Does the licence allow you to provide advice and deal in the products you need?
• Whether the licence covers retail and wholesale clients and whether you can meet the different requirements that attach to each?

When to engage help:

• if you are unsure what licence authorisations you require
• if you are unsure whether a proposed licence is appropriate
• if you need to vary your licence.

By Jaime Lumsden and Nicholas Pavouris

The post Are you getting the licence you’re paying for appeared first on AdviserVoice.

Simon Carrodus

On 28 March 2022 the Australian Securities and Investments Commission (ASIC) released Report 722 ‘ASIC Enforcement Update July to December 2021’ (Report 722).

In this article, we:

1. review the key data points in Report 722 and compare them against the previous update – ‘ASIC Enforcement Update January to June 2021’ (Report 699)
2. provide you with our insights and commentary;
3. review the relevant data for financial services specifically, and
4. provide you with our contact details in case you have any questions!

Key data points from Report 722 and Report 699

The second half of 2021 was another busy year for ASIC’s Enforcement Team. Here at The Fold Legal, we pay attention to ASIC’s biannual Enforcement Updates to monitor themes and trends. And of course we like to share our analysis with you.

Below are the figures for the second half of 2021 identified in Report 722 compared against the first half of 2021 as outlined in Report 699:

*Only two (2) people were imprisoned, although ASIC obtained six (6) custodial sentences. For consistency, we have only included the number of people imprisoned, in keeping with Report 699.

What does this tell us?

From the table above, we can see that in the second half of 2021, ASIC increased its activity within the market in the following areas:

1. individual charges in criminal proceedings
2. criminal charges laid, and
3. civil penalty cases commenced.

ASIC also appears to have experienced an increasingly successful end to 2021, by securing an increase in:

1. non-custodial sentences;
2. the value of the civil penalties imposed by the courts (an increase of over 180%); and
3. individuals disqualified or removed from directing companies.

Given this data, we expect the next Enforcement Update to indicate a proportionate increase in these areas for the first half of 2022. This is because ASIC has:

1. commenced 21 civil penalty proceedings, an increase of 9 since the first half of 2021, and
2. seen the number of civil penalty proceedings before the courts increase by 12.

We also can expect that ASIC will continue to conduct its investigations at a similar pace – around 50 investigations per half-year.

What does this mean for the financial services industry?

Report 722 showed a small, but important, decline in enforcement activity across the financial services industry more broadly.

When comparing the reported figures in Report 722 to those in Report 699, we see the trends outlined in the table further below.

NOTE:

1. The figures represented are the differences between the two Reports. For example, the first reported number of -3 for ‘Credit’ means that there were 3 fewer criminal credit case outcomes in Report 722 vs Report 699, and
2. Insurance was not addressed in Report 699:

From this we can see that:

1. ‘Financial advice’, ‘Investment management’ and ‘Other financial services’ saw moderate to significant increased enforcement activity during the latter half of 2021, and
2. ‘Credit’ and ‘Superannuation’ saw significant declines in enforcement activity during the same period.

These trends accord with what we are seeing in the market at the moment. Financial advice continues to be a strong area of interest to ASIC with an uptick in the number of administrative proceedings brought by the regulator.

What next?

We anticipate that the next Enforcement Update from ASIC will show that it has been an equally busy, if not busier, period than the second half of 2021. This is due to:

1. the increased number of civil penalty proceedings commenced
2. the increased number of civil penalty proceedings before the courts currently, and
3. the consistently high number of investigations commenced during the latter half of 2021.

This is in line with what we are seeing, and we encourage our clients to seek professional advice as early as possible when they receive a communication from ASIC.

If you’ve had contact from ASIC and are unsure of what to do, please contact us. We deal with ASIC every day and will be happy to navigate your through the process.

By Simon Carrodus and Glenjon Aligiannis

The post Who watches The Watchmen? We do – a review of the ASIC Enforcement Update appeared first on AdviserVoice.

Simon Carrodus

ASIC has released a consultation paper^[1] on what matters should be heard by the Financial Services and Credit Panel and how it will assess an adviser as a fit and proper person.

A new Sheriff in town…

Last year, the government passed legislation to give the Financial Services and Credit Panel (FSCP) its own legislative functions and powers to address a range of misconduct by financial advisers.

The powers of the FSCP include the power to direct financial advisers to undertake specified training, counselling or supervision and to report certain matters to ASIC.

The FSCP may also:

• suspend or cancel a financial adviser’s registration
• issue infringement notices
• recommend ASIC commence civil penalty proceedings, and
• enter into enforceable undertakings with financial advisers.

ASIC has now released consultation paper 359 (CP 359)^[2] setting out changes to the FSCP and associated Regulatory Guide 263.

ASIC is seeking feedback on its proposed approach in deciding when to convene the FSCP including:

• determining whether loss or damage to a client or benefit to an adviser is material, and
• assessing a financial adviser’s fitness and propriety.

To convene or not to convene…

Ordinarily, if ASIC has not already exercised its banning and disciplinary powers, it has broad discretion to convene the FSCP to consider misconduct by financial advisers.

ASIC must convene the FSCP in the following circumstances:

• when an adviser is convicted of fraud
• if ASIC believes they are not a fit and proper person
• they have contravened the education and training requirements of the Corporations Act, or
• have contravened a financial services law and that contravention is serious.

A contravention is ‘serious’ if it:

• has resulted, or is likely to result, in material loss or damage to a client of the financial adviser
• has resulted, or is likely to result, in a material benefit to the financial adviser, or
• involves dishonesty.

CP 359, however, proposes the FSCP also be able to meet to address issues that would provide a regulatory benefit to investors and consumers without any convening circumstances being present.

“We consider that targeting misconduct that is widespread or part of a growing trend and matters that, if considered by a sitting panel, will send an effective and deterrent message to industry, is likely to result in regulatory benefit.”

In theory, this sounds great. Financial adviser misconduct will be assessed and sanctioned by peers, which the Federal Government believes will drive further improvements within the industry. The thing is, out of the 31 members of the FSCP who were appointed last week, only about 25% of these members are qualified financial advisers.

With only 2 panel members required for each case, theoretically, there should be enough financial advice specialists on the panel so that advice hearings will be attended by at least one qualified financial adviser. However, there is no guarantee that this will be possible.

It’s unknown as to what percentages of cases are expected to cover financial advice and whether the number of financial advisers on the panel is sufficient. Importantly, the availability of panel members will be impacted by numerous factors both personal and professional, including the requirement to sit out hearings where a conflict of interest exists.

More than a synonym – When is a financial adviser fit and proper?

ASIC must convene a sitting panel where they reasonably believe that a financial adviser is not a fit and proper person to provide personal advice to retail clients in relation to relevant financial products.

In terms of assessing a financial adviser’s fitness and propriety, ASIC intends to consider whether the financial adviser:

• is competent to provide personal advice to retail clients on the relevant financial products they are authorised to provide personal advice on (based on their knowledge, skills and experience), and
• has the attributes of good character, diligence, honesty, integrity and judgement.

This assessment of fitness and proprietary represents a departure from the prescriptive tests applied to both credit and AFS licensees and relies on rather vague and subjective notions of favourable personality attributes. In the absence of defined criteria or additional guidance, and in light of ASIC’s existing resourcing problems, one might question whether the drafting is deliberately broad to allow ASIC to palm off ‘pesky little adviser issues’ to the FSCP more often.

IS ASIC still judge, jury and executioner?

In most circumstances, yes. When it wants to be, that is.

ASIC’s proposed changes to Regulatory Guide 263 effectively widen the circumstances in which ASIC must convene a sitting panel. Whilst ASIC can still exercise their own banning powers, these powers may be delegated to the sitting panel where ASIC considers the matter is appropriate because of its significance, complexity or novelty.

What do you think? Whilst a financial adviser is unable to forum shop between ASIC and the FSCP, would you prefer to be heard by a panel of your ‘peers’?

Submissions to ASIC are open until 28 March 2022.

By Jessica Smith and Simon Carrodus 

——–

[1] https://download.asic.gov.au/media/v45jwlhf/cp359-published-28-february-2022.pdf
[2] Ibid.

The post Financial Services and Credit Panel – with great power comes great responsibility appeared first on AdviserVoice.

Simon Carrodus

On 2 August 2021, the Federal Court handed down its decision in the matter of Australian Securities and Investments Commission v RI Advice Group Pty Ltd (No 2) (2021) FCA 877.

Background

The Australian Securities and Investments Commission (ASIC) commenced proceedings against RI Advice Group Pty Ltd (RI Advice) for an alleged failure to comply with section 961L of the Corporations Act 2001 (Cth) (Corporations Act) by failing to take ‘reasonable steps’ to ensure that its authorised representative (Mr John Doyle) complied with his obligation to:

1. Act in the best interests of the client (section 961B of the Corporations Act)
2. Provide personal advice that is appropriate for the client (section 961G)
3. Warn the client where personal advice is based on incomplete or inaccurate information (section 961H), and
4. Prioritise the client’s interests where there is a conflict of interest between the interests of the adviser and the client (section 961J).

Mr Doyle admitted to each of the alleged contraventions of the Corporations Act.

ASIC’s case against RI Advice

In summary, ASIC’s case against RI Advice was that:

1. RI Advice knew or ought to have known that Mr Doyle was not meeting RI Advice’s standards and was not complying with its business rules, and that there was a substantial risk that he was breaching his legal obligations
2. Despite repeated warning signs, RI Advice failed to take any significant steps to investigate Mr Doyle until mid-2015, after ANZ, which owned RI Advice at the time, reviewed a selection of Mr Doyle’s advice files and gave them the worst possible rating on its advice scorecard;
3. As a result, ANZ undertook further file reviews, which identified similar issues with Mr Doyle’s other client
4. By failing to take reasonable steps, RI Advice effectively ensured that Mr Doyle’s clients and their investments would stay with RI Advice as Mr Doyle’s clients would not be made aware of the inappropriate advice they had received, and
5. RI Advice permitted Mr Doyle to keep advising clients where there was a substantial risk that he would breach the best interest obligation.

Lessons for AFS licensees

“Although the duty in s 961L is broad, the case law has begun to fill in the contours of what is expected of a licensee by way of compliance with the provision.”

In making its decision, the Federal Court supported the proposition that whilst AFS licensees are legally obliged under section 961L to take reasonable steps to ensure that their representatives (including authorised representatives) comply with sections 961B, 961G, 961H and 961J (Relevant Sections), they are not required to take optimal steps in ensuring compliance with those sections.

This is a particularly interesting statement from the Federal Court as it creates a scale that the Federal court will use when assessing the steps taken by an AFS licensee to comply with the Relevant Sections. This scale is divided into four parts:

1. Steps at the higher end, considered “optimal” (read as best practice)
2. Steps which, although not optimal, are reasonable
3. Steps which are not reasonable in ensuring that representatives comply with the Relevant Sections, and
4. Steps which were not taken by the AFS licensee but, had they been taken, would have been reasonable in ensuring that representatives complied with the Relevant Sections.

Distinguishing between the first two categories is unnecessary as any steps taken by an AFS licensee that are considered to be optimal will mean that it is automatically categorised as reasonable.

With this in mind, The Fold Legal considers it to be of significant importance for AFS licensees to be able to:

1. Distinguish between steps that are reasonable, and those that are not reasonable, in ensuring that representatives comply with the Relevant Sections
2. On an ongoing basis, consider whether a step that was once reasonable may no longer be reasonable as the business evolves (particularly as the business grows or down-sizes), and
3. Consider which steps they are not taking, which, had they been taken, may be reasonable in ensuring that their representatives comply with the Relevant Sections.

The Federal Court also outlined that the steps an AFS licensee must take to ensure its representatives are complying with the Relevant Sections are dependent on the specific obligation that the AFS licensee is attempting to comply with. This means that what is reasonable in ensuring that a representative complies with the best interest duty may not be reasonable in ensuring that a representative prioritises the client’s interests over their own.

Unfortunately, there are an enormous number of compliance measures, actions and steps that an AFS licensee must consider and take in attempting to ensure that its representatives comply with the Relevant Sections. Each of these steps falls into one of the four categories outlined above.

Unlike the safe harbour steps outlined in section 961B(2) of the Corporations Act, there is no clear pathway for compliance for section 961L, which makes it still particularly tricky for AFS licensees to navigate safely.

Penalties

The penalties for failing to comply with section 961L can be significant. Recently, on 6 February 2022, the Federal Court penalised RI Advice $6 million for their repeated failure to comply with section 961L, even though RI Advice had taken steps to remediate all clients affected by Mr Doyle’s conduct. The Federal Court determined that a substantial penalty was warranted in this case, signifying the importance of understanding the obligation to take reasonable steps pursuant to section 961L.

AFS licensees will need to take into consideration the following when determining whether any step, measure or action is to be implemented or taken:

1. The number of representatives of the AFS licensee
2. The composition of the AFS licensee’s representatives (either employed advisers or authorised representatives), and
3. The structure of the AFS licensee (is it a vertically integrated model or not?).

Here at The Fold Legal, we try to make the complex simple. We have advised many AFS licensees on the steps, measures and actions they should take (and not take) to ensure compliance with section 961L.

If you are concerned about your obligations as an AFS licensee or would like to review the steps you are taking to comply with section 961L, please get in touch. We are here to help.

By  Simon Carrodus and Glenjon Aligiannis

The post Who Would Be An AFSL? – The Court’s Review Of Section 961L appeared first on AdviserVoice.

Charmian Holmes

If you are appointed to provide financial services on behalf of an Australian financial service licensee, you must enter into an authorised representative (AR) agreement. In this blog we set out some tips and traps to be aware of when negotiating this agreement.

Authorisations

Of course you should only enter into an AR agreement with a licensee who has the appropriate authorisations for the services you want to provide. Other points to consider are:

• Are you able to sub-authorise representatives? Consider who is doing what in your business – your business may require you to sub-authorise one key adviser.
• Will you need the ability to sub-authorise advisers in the future? For example, will your business expand in the future? If you don’t need this ability, it’s not necessary to negotiate to include it, however you should ensure that you have the right to vary the agreement later in case it is required.
• If you’re able to sub-authorise advisers, are you or the licensee responsible for making the notifications to ASIC? Noting that these notifications must be made within certain periods of time.

For general insurance businesses, having the ability to sub-authorise employees and contractors to provide financial services may be essential to delivery of the financial services. Provided they have appropriate training and qualifications, their appointment as ARs can be managed by the corporate authorised representative/business rather than the licensee. Licensees can set conditions about who you can sub-authorise in the AR agreement.

Don’t forget that, generally, a licensee cannot appoint another licensee as an authorised representative. However, a licensee who is an insurer can appoint another licensee as an AR if they act under a binder with the insurer. Read the blog on negotiating binder agreements^[1] if you’re considering putting one in place.

The licensee may want to vary or replace the authorisations granted under the AR agreement if the licensee is planning to revise their service offering. In this situation, if the changes no longer suit the business and would restrict your delivery of services, you may need the ability to quickly terminate the AR agreement and find a new licensee with the appropriate authorisations.

Revenue and client servicing rights

The AR agreement must be clear about the revenue allocations. It’s common for the revenue to belong to the AR but be collected by the licensee. This is because, in some cases, it has to be banked in a statutory trust account managed by the licensee, but in other cases the product issuers will only deal with a licensee. Where the licensee collects revenue earned from services provided by the AR and it is owed a licensee fee, they may deduct their fees from the revenue before remitting the money to you.

Ensure there is transparency over the amounts collected and deducted. You should be able to request information from the licensee including tax invoices and revenue statements (within reasonable timeframes).

Client servicing rights should belong exclusively to the person who has the client relationship – and this means the AR. However, if there are issues in terms of delivery of the services (for example, the AR is incapacitated, suspended or banned and cannot service the clients), this might justify a situation where the licensee may need the right to step in and advise the clients directly.

Client records – confidentiality and intellectual property

The AR agreement should contain intellectual property obligations to protect both parties’ intellectual property, including where the AR is using the licensee’s branding. Both parties should be subject to confidentiality provisions, which should at a minimum apply to:

• Intellectual property;
• Client data and transaction/advice records;
• Business and finance data;
• Trade secrets; and
• Business operations and processes.

If you and the licensee will develop products, processes, strategies and other intellectual property together, ensure there are obligations in the AR agreement that clearly set out who owns the rights in that intellectual property.

Liability

An AR agreement will include liability and indemnity provisions. Licensees will want to be fully indemnified for any losses, costs and liabilities they have arising from your activities under their licence. However, it is important to ensure that your liability under the AR agreement reflects the extent to which you caused or contributed to the loss or damage, i.e. you should include ‘proportionate liability’ principles.

Many ARs do not negotiate changes to the liability provisions and simply accept them on a ‘take it or leave it’ basis. It is possible to negotiate reasonable changes to the AR Agreement to adjust your liability position.

You should ensure that your liability under the AR agreement will be limited to a specific amount, in the event that your insurance policies will not respond. If claims for client remediation are made and they relate to advice you gave or products you sold, you may be liable for those claims without recourse to insurance.

However, you should still be liable to the licensee for specific types of losses that are within your control, for example:

• serious adviser misconduct
• dishonesty
• gross misconduct
• fraud.

Depending on your relationship with the licensee, they may ask you to be liable for other losses. For example, AFCA claims, judgements and costs of insurance policy excesses. Never agree to provide a personal guarantee for these losses, as agreeing to this could expose you to personal bankruptcy if the licensee enforces its rights to be indemnified against your business and your business cannot pay.

Termination, cessation, and suspension

Termination, cessation, and suspension are three different things but they should all be addressed in the AR agreement.

Parties should be able to terminate the AR agreement for at least three reasons:

• If a party cannot perform the agreement. For example, if a party is insolvent/bankrupt, the AR is banned or disqualified by ASIC or the licensee’s licence is suspended or revoked. For serious events like these, termination is necessary and appropriate;
• A party has breached the agreement and failed to remedy the breach within a reasonable time frame; and
• A party voluntarily terminates by giving notice in advance. This is common where an AR is terminating because they will have their own licence or they are moving to another licensee.

Suspending the agreement might be appropriate in other cases, for example where the AR’s conduct is being investigated or where the AR is unwell for a temporary period and the licensee steps in to service the clients. It is important to ensure that suspensions are not indefinite. They should run for a reasonable period and, if the suspension exceeds this timeframe, it should become a termination event for which the agreement can be terminated.

If your AR agreement is suspended or terminated because a party has been banned or lost their authorisation, the agreement should cover how the services can continue to be provided to clients:

• If the AR is banned, is the licensee able to contact the clients to service them? If not, what happens to the clients? It’s essential that they continue to receive appropriate services.
• If the agreement is terminated because the licensee loses their licence, who is responsible for notifying the clients? Can the AR work with another licensee to ensure continuity of the services for the clients?

Where the agreement is terminated for any reason, the parties must agree what happens after termination to the clients, the client data and records, confidential information/intellectual property and revenue. Non-solicitation clauses and other restraints are common in AR agreements where the AR wants to protect the goodwill in their business.

By Charmian Holmes and Rachel Hart

———

[1] In a bind? Traps in binder agreements

The post Tips and traps for authorised representative agreements appeared first on AdviserVoice.