How to prepare so you're Regulator Ready

Written by Nicole Alexander, Head of Licensee Standards at Centrepoint Alliance

In a recent speech to the Parliamentary Joint Committee on Corporations and Financial Services, ASIC Chair, James Shipton, shared the strategic priorities for ASIC this year as outlined in the Corporate Plan 2019-23. The top two are high deterrence enforcement action and prioritising the recommendations and referrals from the Royal Commission.

This is supported by their plans to increase surveillance and enforcement activities. ASIC reported that they have commenced 77 investigations and completed 48 investigations between January and June 2019.

If you receive a notice from ASIC to provide information and fail to comply, the consequences may be severe, with penalties up to $18,000, or 2 years imprisonment, or both. So, what can you do to ensure that you are informed and ready to respond?

1. Understand ASIC’s information gathering powers

Firstly, it’s important that you know what may be asked of you. ASIC uses their information gathering powers help them to monitor compliance with the law and take enforcement action where necessary. The most common power that ASIC will use is asking you to produce documents or provide information. For example, you may be required to produce client files, describe and provide information about your policies, procedures and compliance measures, or copies of documents and records.

If you receive a notice to provide documents or information, it does not necessarily mean you have breached the law or are suspected of committing an offence. ASIC also gather information to help them to provide guidance and clarity on expected standards of behaviour.

2. Be prepared

Ensuring that you have adequate compliance arrangements in place is key to being prepared for responding to any request or notice. You should document:

  • your policies, procedures and compliance measures
  • how your procedures will be monitored and what reporting you will do
  • how frequently procedures will be reviewed and who is responsible

You could look at the areas ASIC has identified in their Corporate Plan and review the adequacy of your compliance arrangements.

You should also consider:

  • How quickly you could respond – do you have the resources and time?
  • Can you access the information required such as access to files, current and historical documents, policies and procedures? Do you need to get information from others?

3. Don’t delay

It’s important to act promptly when you receive the notice. This will ensure you have enough time to understand exactly what is required and provide others enough time to assist if needed.

It's also important to honestly and completely disclose all relevant information. And if you discover a breach while you are preparing the response? Take immediate action, a good breach report showing how you have addressed an issue will be viewed favourably by the regulator.

4. Ask for help

Lastly, if you are unsure about what is being asked for, or what your obligations are, ask for help. Talk to your compliance consultant or lawyer. And don’t be afraid to go back to ASIC and ask them to clarify their request. Knowing exactly what is required and by when will help you to respond to the request and minimise the stress and disruption to your business.

Want more information?

If you are an AFS Licensee, contact us to find out how Centrepoint can help your business through tailored services, power in community and strength in numbers.

Watch Responsible Manager Training Webinar