4.1 Existing arrangements

4.1.1 AFSL holders

As mentioned earlier in this chapter, a key principle in CLERP 6 was to regulate intermediaries (including financial advisers) at firm level rather than at the individual level, in part to allow ASIC to target its resources efficiently.[1] Thus, individual financial advisers do not generally hold AFSLs. Instead, an individual financial adviser will usually be:

  • an employee of an AFSL holder;[2]
  • an authorised representative of an AFSL holder;[3] or
  • an employee of an authorised representative of an AFSL holder.[4]

As has been mentioned elsewhere, the Corporations Act imposes obligations on AFSL holders in relation to the employees and authorised representatives who provide financial advice under their licence, including an obligation to take reasonable steps to ensure that their representatives comply with financial services laws.[5]

Thus, as ASIC submitted, primary responsibility for discipline lies with AFSL holders, who are responsible under the law for the conduct of their advisers.[6]

The chief means by which licensees detect both improper conduct and poor advice by their advisers remains regular and random auditing of advisers’ files.

The efficacy of the audit depends first upon there being a complete and accurate file recording the dealings between adviser and client. As the examples studied in evidence show, there can be no effective audit if the adviser keeps control of the file and will not release it to the licensee.

Next, the audit must be designed to reveal significant defaults. The evidence in the second round of hearings showed that audits often were not designed this way. For example, for too long, AMP maintained an audit system in which issues of high importance (such as not pursuing the client’s best interests) could be treated as ‘immaterial’ when forming the overall audit grading.[7] No departure from the central duty of an adviser can properly be regarded as ‘immaterial’.

The evidence also showed that, too often, bad audit results had no, or no significant, consequences for the adviser. For example, for too long, Westpac maintained a consequence management scheme under which point deductions for poor audit results were erased before the next audit would fall due.[8] A system of that kind did nothing to penalise bad work and nothing to encourage better work.

I doubt whether it is possible to prescribe a single, ‘ideal’ audit or consequence management system. Much will depend on the way that an AFSL holder structures its business. An effective system for a large licensee is likely to look different from an effective system for a small licensee.

However, it is likely that more could be done to facilitate ‘better practice’ in this area. In particular, ASIC should consider whether there are ways that it could provide further guidance to the industry about ‘best practice’ in the design of audit and consequence management systems. If appropriate, that work could be informed by observations made in the course of the Close and Continuous Monitoring Program, an on-site supervisory approach taken by ASIC that commenced in October 2018.

In circumstances where poor conduct is identified and consequences are applied, AFSL holders have done too little to share that information with others. Two particular problems should be noted.

First, licensees are not doing enough to communicate between themselves about the backgrounds of prospective employees. The ABA’s reference checking and information-sharing protocol is limited to signatories and not consistently applied.[9] Licensees also frequently fail to respond adequately to requests for references regarding their previous employees.[10] Nor do they always take the information delivered to them seriously enough. The result is that financial advisers facing disciplinary action from their employer can shop around for another licensee to employ them.

Examples of the limited or inadequate disclosures made about former employees were observed in the course of hearings. When Dover Financial Services asked Westpac for information about the conduct of Mr Andrew Smith, Westpac said only that there was an ongoing investigation and that Westpac had ‘concerns’ about Mr Smith’s conduct.[11] Of greater concern, when Dover asked an ANZ licensee (Millennium3) for information about Mr Christopher Harris’s conduct, Millennium3 did not provide Dover with any material information even though it had made a notification to ASIC in relation to Mr Harris.[12]

Compliance with the ABA’s reference checking and information-sharing protocol (or, at least, requirements in the nature of those contained in the protocol) should be mandatory for all AFSL holders whose licence authorises the provision of financial advice. Submissions received from industry generally supported extending the operation of the protocol to all AFSL holders.[13] Consideration could be given to making a breach of the protocol (or equivalent obligations) equivalent to a breach of financial services laws for the purposes of section 912A of the Corporations Act.

Second, licensees are not sufficiently sharing information with ASIC about advisers. Licensees may fail to report, or report late, their concerns about an adviser’s conduct. Obviously that impedes ASIC’s ability to enforce disciplinary sanctions on those who have breached the law. That is so even though licensees themselves depend on ASIC’s Financial Adviser Register (FAR) for a definitive listing of banned advisers to indicate whether an adviser has a poor history.[14]

ASIC established the FAR in 2015.[15] The Register is publicly available, and contains information about current and former financial advisers who have been active since 31 March 2015. ASIC maintains the Register using information provided by AFSL holders and authorised representatives. Unlike various other registers that it maintains, ASIC has no legal obligation to maintain a register containing all of the information in the FAR. Further, unlike registers in other industries, inclusion confers no particular legal status on a financial adviser. In particular, inclusion is not a precondition to providing financial advice.

In July 2015, ASIC began using its compulsory information-gathering powers to require AFSL holders to provide it with information about financial advisers in respect of whom licensees had ‘serious compliance concerns’ and ‘other compliance concerns’.[16] Serious compliance concerns are where the licensee believes and has some credible information in support of the concerns identified that a financial adviser may have engaged in dishonest, illegal, deceptive and/or fraudulent misconduct or any misconduct that, if proven, would be likely to result in an instant dismissal or immediate termination; or deliberate non-compliance with financial services laws or gross incompetence or gross negligence.[17] Other compliance concerns include breaches of internal business rules or standards, adverse findings from audits, and conduct resulting in actual or potential financial loss to clients.[18]

The evidence in the Commission’s second round of hearings revealed a number of issues in the way that AFSL holders categorised compliance concerns it had identified as ‘serious’ concerns or ‘other’ concerns in their responses to ASIC.[19] However, putting those problems of implementation to one side, I consider that there is significant value in information of this kind being reported to ASIC. Compliance concerns in relation to an individual adviser may not constitute a significant breach of an AFSL holder’s obligations, and therefore would not trigger the reporting requirement under section 912D of the Corporations Act. However, ASIC may consider that those concerns warrant some action being taken against the adviser. Unless it receives information about those concerns, it is difficult for ASIC to take that action. Information about compliance concerns from different licensees is also likely to reveal trends emerging in the industry, and enable ASIC to target its education and enforcement activities to address emerging issues.

The reporting of ‘serious compliance concerns’ by AFSL holders to ASIC should be formalised. Licensees should be required to report such concerns to ASIC on a quarterly basis. As I explain further below, mandatory reporting will also form an important part of a unified disciplinary system for financial advisers.

One further point should be made. When an entity detects that an adviser has engaged in misconduct (whether by giving inappropriate advice or otherwise), it should always consider what steps it should take to see whether the adviser may have acted poorly in respect of matters other than those that are the immediate focus of attention. As the evidence before the Commission showed, entities have not always done this. The result is that the damage done by an adviser may not come to light until long after the event, which works to the detriment of both the affected clients and the entity itself. It is necessary in principle, and better in practice, for entities discovering misconduct by an adviser to make whatever inquiries are reasonably necessary to determine the nature and full extent of the adviser’s conduct.

Recommendation 2.7 – Reference checking and information sharing

All AFSL holders should be required, as a condition of their licence, to give effect to reference checking and information-sharing protocols for financial advisers, to the same effect as now provided by the ABA in its ‘Financial Advice – Recruitment and Termination Reference Checking and Information Sharing Protocol’.

Recommendation 2.8 – Reporting compliance concerns

All AFSL holders should be required, as a condition of their licence, to report ‘serious compliance concerns’ about individual financial advisers to ASIC on a quarterly basis.

Recommendation 2.9 – Misconduct by financial advisers

All AFSL holders should be required, as a condition of their licence, to take the following steps when they detect that a financial adviser has engaged in misconduct in respect of financial advice given to a retail client (whether by giving inappropriate advice or otherwise):

  • make whatever inquiries are reasonably necessary to determine the nature and full extent of the adviser’s misconduct; and
  • where there is sufficient information to suggest that an adviser has engaged in misconduct, tell affected clients and remediate those clients promptly.

4.1.2 ASIC

In its submission following the second round of the Commission’s hearings, ASIC said that, as a regulator, its role is to oversee advisers’ compliance with the law and not to supervise or monitor their work.[20] It said that primary responsibility for discipline lies with licensees, who are responsible under the law for the conduct of their advisers.[21] That is undoubtedly correct. In my view, however, and as I said in the Interim Report, ASIC’s enforcement of the law with regard to individual advisers is an important part of the disciplinary system. It is for that reason that a robust approach to enforcement is critical.

Financial services licensees that breach those sections of the Corporations Act that impose the best interests duty (section 961B), oblige the provision of appropriate advice (section 961G), warn of incomplete or inaccurate advice (section 961H), and require giving priority to the client’s interests (section 961J), are liable to civil penalty.[22] Licensees must take reasonable steps to ensure that representatives of the licensee comply with those sections (sections 961B, 961G, 961H and 961J).[23] Authorised representatives are themselves liable to civil penalty for contravention of any of those sections.[24] Clients who suffer loss or damage because of a breach of the sections can recover compensation,[25] and the court dealing with an action under that section can make any of several other kinds of order.[26]

As I observed in the Interim Report, these civil penalty provisions have seldom been invoked. No civil penalty proceedings had been instigated in the five years before Ms Louise Macaulay (Senior Executive Leader of ASIC’s Financial Advisers Team) gave her evidence about these issues in the second round of the Commission’s hearings.[27] Ms Macaulay said of civil penalty proceedings generally, that they ‘are time‑consuming and resource intensive for ASIC’, that ‘their outcome is not proximate to the time of the misconduct’ and that ‘[t]heir deterrent effect is limited by the (currently modest) size of the available penalty’.[28] More particularly, in the context of financial advice, she pointed out that a civil penalty order, of itself, does not include a banning order. These observations about civil penalty proceedings must be considered in the light of whether other ways of dealing with breaches of the provisions are speedier, less time‑consuming or more effective in deterring similar conduct.

The chief regulatory tool ASIC has used in connection with financial advice has been the power to make a banning order prohibiting a person from providing any, or any specified, financial services either permanently or for a specified period.[29] Since 2008, ASIC has made 350 banning orders, of which 229 were made in relation to financial advisers.[30] Just under half of those banning orders were permanent orders.[31]

As Ms Macaulay explained, the process of making a banning order takes time. The time between ASIC becoming aware of the conduct that might warrant making a banning order and deciding to investigate the matter may vary from ‘a couple of months’ to ‘any length of time up to a year’.[32] It may take six to 12 months to get a brief to the delegate and the delegate may take five months to make the decision.[33] Add to those times any appeal to the Administrative Appeals Tribunal or any proceedings for judicial review and the whole process may take anything up to two years.

No doubt, as Ms Macaulay said, banning orders serve a purpose of protecting the public. But a regulator’s choice of regulatory steps should not be treated as requiring exercise of only one form of power. There are cases where more than one power can and should be exercised. The process of making a banning order may be every bit as long as the pursuit of civil penalties. Court processes may prove to be more costly, if the action is fought. But chosen wisely, cases pursuing civil penalty may be prosecuted to conclusions that lead to a public denunciation of conduct that has breached the law. And public denunciation of unlawful conduct is a deterrent and educative tool that is important to the proper regulation of the whole of the relevant regulated community (here financial advisers and advice licensees).

4.1.3 Industry associations

Just as there is no requirement for individual financial advisers to be registered by ASIC, there is also no requirement for advisers to be members of any particular industry association. Nevertheless, many financial advisers choose to be members of one or more of these associations. There are several bodies for advisers to choose from, including the FPA and the AFA.

Both the FPA and the AFA seek to advance the cause of financial advisers generally. Each seeks to promote the creation and growth of financial planning and advice as a profession. Both the FPA and AFA now have processes and systems for disciplining members. But the evidence before the Commission did not show that either the FPA or the AFA currently plays any significant role in maintaining or enforcing proper standards of conduct by financial advisers.

As I observed in the Interim Report, neither ASIC nor licensees are sharing information with industry associations. Both the FPA and the AFA find out about members under ASIC investigation from media releases and news stories. Licensees almost never report their concerns about advisers to industry associations. The two associations do not share disciplinary information between themselves. Members of the public are generally unaware of the FPA and AFA, and are more likely to take their complaint to a dispute resolution body than report advisers to the industry bodies. The result is that industry bodies now have little basis on which to play any effective disciplinary role.

Neither do advice licensees currently look to the associations for that purpose. Licensees may encourage advisers to join a professional association. But licensees do not routinely tell either association of misconduct by advisers.

The FPA’s treatment of the complaint made to it about the conduct of Mr Henderson in connection with Ms McKenna (referred to above) did not instil confidence in FPA’s disciplinary arrangements, at least as they stood when the Commission took evidence about the matter. The process described in evidence was prolonged, opaque and directed more to settling an agreed outcome to the complaint than imposing proper standards of conduct by members. And, as noted earlier, Mr Henderson chose not to renew his membership of FPA when he did not get his preferred outcome. Mr Dante De Gori, the CEO of the FPA, said that the failure to pay membership dues does not terminate the membership of a member against whom a complaint remains outstanding. Even if that is so, and even if the FPA were to expel the member concerned, it seems that the expulsion would be of little or no moment to a self‑employed financial adviser.

Financial advisers are not currently required to belong to an association, and though some employers of employed financial advisers require it, few if any specify which. Advisers are free to switch between associations at any time, or, as Mr Hagger put it, ‘go down the road to another association’ if they are expelled.[34] The FPA and AFA therefore actively engage in recruitment of members from the industry and, to some necessary extent, from each other. Membership fees are their chief source of revenue.

Representatives of each association said that promoting the profession was one of its key functions.[35] These characteristics sit uncomfortably with those of effective discipline that include objectivity, consistency and compulsion, and the tension was clearly borne out in the case of Mr Henderson and the FPA.

Mr De Gori said that the only compulsory sanction available to the FPA is to expel members. To encourage members to comply with disciplinary decisions, the association may threaten to name them as the subject of its proceedings, although generally, names are kept confidential. The AFA has undertaken only two disciplinary matters since 2013, both of which resulted in a reprimand.[36]

The Code of Ethics being developed by FASEA will come into force in January 2020.

If, as both the FPA and AFA hope, industry associations become monitoring bodies under the Corporations Act, much will depend upon how they perform those tasks. The monitoring bodies will play an important part in setting the tone and the culture of those who act as financial advisers.

4.1.4 FASEA and the Code of Ethics

As noted earlier, recent legislation[37] seeks to advance the ‘professionalism’ of financial advice: by requiring higher education and training standards;[38] and by establishing FASEA[39] and requiring compliance[40] with a Code of Ethics to be prepared by FASEA[41] and monitored by a ‘monitoring body’.[42]

When the amended regulatory provisions come into effect, all advisers will be required to become members of a code monitoring body. Advisers will be prohibited from changing associations while under investigation by a monitoring body, and all breaches of the Code will have to be reported to ASIC and the adviser’s licensee. Breaches of the Code and any sanctions will be listed on the FAR.[43]

In these ways, the new scheme will deal directly with several of the issues raised above. The requirement to share information is welcome. The restriction on advisers changing schemes mid-investigation should limit the evasion of disciplinary processes that is otherwise possible in a system where multiple bodies administer one code of ethics. However, advisers not under investigation but looking for a lighter touch will still be free to switch monitoring bodies. The consistency between various code monitoring bodies in enforcing discipline will therefore be important.

It is important to recognise the proper place of the proposed Code of Ethics. Codes of ethics are not laws. Codes of ethics are important to fostering public confidence and practitioner integrity in a profession. They are composed by industry practitioners according to agreed industry processes. Laws, by contrast, are the product of a public process conducted under the authority of democratic institutions. It is laws, and not codes of ethics, that are the proper repositories for basic norms of conduct. This qualitative disparity mandates a difference in approach to contraventions of each.

While codes of ethics have a part to play in setting professional standards of behaviour, the industry must be conscious of their boundaries. The investigation and punishment of breaches of law should not be outsourced to private bodies. Licensees and industry bodies should not try to resolve breaches of law by advisers internally, but must notify ASIC or other appropriate authorities. A breach of the code of ethics must not be allowed to obscure, or be treated as more significant than, a breach of the law.

Though laws and professional codes serve different normative purposes, the discipline they impose can have similar objectives. Both ASIC and the FPA emphasised the protection of the public as their overriding disciplinary aim. For that reason, they may not take action, for example, against an unscrupulous adviser who has ceased to practice.

Disciplinary powers do have a protective aspect. In some cases, protecting the public will be a critical aspect of disciplinary action. But the imposition of discipline in a civil or even a professional setting usually, by analogy with criminal sentencing, serves multiple purposes. Among those purposes will ordinarily be purposes of punishment, denunciation, and the identification of conduct that breaches applicable norms. To characterise disciplinary action as serving only to protect the public is wrong. Not only is the characterisation wrong, it hides the need for regulatory bodies to give proper weight to the other purposes that are to be achieved by taking regulatory action.

[1]Background Paper No 7, 9.

[2]Corporations Act s 911B(1)(a).

[3]Corporations Act s 911B(1)(b).

[4]Corporations Act s 911B(1)(c).

[5]Corporations Act s 912A.

[6]ASIC, Module 2 Policy Submission, 15–16 [77]–[83].

[7]See Transcript, Sarah Britt, 23 April 2018, 1620–2, 1647.

[8]See Transcript, Michael Wright, 19April 2018, 1422.

[9]Exhibit 2.248, 20 September 2016, ABA Financial Advice – Recruitment and Termination Reference Checking and Information Sharing Protocol, 1–2; Transcript, Louise Macaulay, 27 April 2018, 1918–19.

[10]ASIC, Module 2 Policy Submission, 13 [64].

[11]FSRC, Interim Report, vol 2, 176, 185; Transcript, Michael Wright, 20 April 2018, 1459–62.

[12]FSRC, Interim Report, vol 2, 196; Transcript, Darren Whereat, 20 April 2018, 1547; Exhibit 2.149, undated, Letter from Millenium3 to Dover.

[13]See ASIC, Module 2 Policy Submission, 13–14 [63]–[67]; AMP, Module 2 Policy Submission, 22 [107]; NAB, Module 2 Policy Submission, 20 [81]; Westpac, Module 2 Policy Submission, 18 [79]–[80]; AFA, Module 2 Policy Submission, 19; FPA, Module 2 Policy Submission, 19–20.

[14]Transcript, Andrew Hagger, 24 April 2018, 1672.

[15]Exhibit 2.247, Witness statement of Louise Macaulay, 25 April 2018, 13 [35].

[16]See Transcript, Andrew Hagger, 24 April 2018, 1672; Transcript, Louise Macaulay, 27 April 2018, 1925–6.

[17]See Transcript, Michael Wright, 19 April 2018, 1432.

[18]See Transcript, Michael Wright, 19 April 2018, 1432.

[19]See, eg, Transcript, Michael Wright, 19 April 2018, 1432–3; Transcript, Andrew Hagger, 24 April 2018, 1673–4.

[20]ASIC, Module 2 Policy Submission, 16 [80].

[21]ASIC, Module 2 Policy Submission, 15 [78].

[22]Corporations Act s 961K.

[23]Corporations Act s 961L.

[24]Corporations Act s 961Q.

[25]Corporations Act s 961M.

[26]Corporations Act s 961N.

[27]Transcript, Louise Macaulay, 27 April 2018, 1915.

[28]Exhibit 2.247, Witness statement of Louise Macaulay, 25 April 2018, 16 [51].

[29]Corporations Act ss 920A–920B.

[30]Exhibit 2.247, Witness statement of Louise Macaulay, 25 April 2018, 5 [20]. See also Transcript, Louise Macaulay, 27 April 2018, 1914. The figures given in Exhibit 2.247 were said not to include banning orders made by a Court in civil proceedings or undertakings not to provide financial services given pursuant to EUs.

[31]Transcript, Louise Macaulay, 27 April 2018, 1914.

[32]Transcript, Louise Macaulay, 27April 2018, 1911.

[33]Transcript, Louise Macaulay, 27 April 2018, 1911.

[34]Transcript, Andrew Hagger, 24 April 2018, 1671.

[35]Transcript, Dante De Gori, 26 April 2018, 1819; Transcript, Philip Kewin, 26 April 2018, 1828.

[36]Exhibit 2.230, Witness statement of Philip Kewin, undated, 14–15.

[37]Corporations Amendment (Professional Standards of Financial Advisers) Act 2017 (Cth).

[38]Corporations Act Pt 7.6 Div 8A ss 921B–921D.

[39]Corporations Act s 921X.

[40]Corporations Act s 921E.

[41]Corporations Act s 921U.

[42]Corporations Act ss 921G–921T.

[43]Treasury, Module 2 Policy Submission, 15 [94].