Home / Regulation / Licensing update: Learning from Lanterne

ASIC's successful case against the rogue "licensee for hire" serves as a timely reminder of what can happen when AFSLs aren't on top of their compliance responsibilities. Here are ten tips to avoiding the same fate.

Since the publication of Australia Securities and Investments Commission’s case against Lanterne Fund Services, compliance consultants have been subjected to a lot of questions about licensee obligations (and regulatory expectations).

Although it may not have broken new ground, Lanterne seems to have reiterated critical aspects and clearly highlighted the real consequences of Licensees contravening their obligations.

Here are ten critical steps licensees must take to stay in the corporate regulator’s good books:

1.         Identify and assess the risks faced by your business, including the risks relating to your corporate authorised representatives and authorised representatives (and document your identification and assessment of the risks faced by your business, including your risk management framework and your risk management tools);

2.         Have a documented and rigorous due diligence and background check process for prospective representatives, and conduct ongoing checks to ensure their ongoing authorisation is appropriate. This means supplementing your initial due diligence of potential representatives with an active monitoring program (that actively and consistently identifies the risks associated with their conduct);

3.         Implement effective systems, processes or controls to manage or mitigate risks, including an incident management process and a systematic, documented and risk-based audit process (and make sure that you conduct regular audits of your representatives);

4.         Engage or employ adequately trained and skilled compliance and risk management personnel (particularly to provide independent oversight of your risk management systems and undertake audits and reviews of your representatives);

5.         Engage a sufficient number of Responsible Managers (with appropriate knowledge and skills) to match the financial services you offer and your representatives’ businesses and activities (and ensure they have sufficient time effectively to conduct their roles);

6.         Publish clear and practical guidance about the nature, extent and discharge of your representatives’ obligations under the financial services laws. This means publishing and maintaining a tailored compliance manual that is current, relevant to your business, and accurately references the regulatory and compliance obligations of your business and your representatives;

7.         Regularly assess the skill and competency requirements of your representatives and take adequate steps to address those requirements or deficiencies (by providing or arranging training, professional development or other instructional programs for your representatives);

8.         Don’t exclusively rely on representatives’ self-assessment reports or attestations. Instead, take active steps to satisfy yourself that your representatives have undertaken training by requesting, obtaining and inspecting their training records or other evidence of relevant training. Remember to follow up on any exceptions noted in the audits or compliance self-assessments and document any informal discussions with your representatives (particularly about compliance and risk management issues);

9.         Have adequate information technology capability and human resources for your business’s nature, scale and complexity. At a minimum, your compliance arrangements should encompass a technology resourcing plan and an up-to-date Disaster Recovery Plan (please don’t rely on outdated security and backup processes);

10.      Don’t rely on paper files and paper records. Use software to underpin your monitoring and supervision framework.