AFS Licensee General Obligations

Key Takeaways

• The general obligations under section 912A(1) of the Corporations Act are the foundational duties for all Australian Financial Services (AFS) licensees.
• These obligations are principles-based, requiring you to act efficiently, honestly, and fairly, maintain competence, have adequate resources, and manage risk.
• ASIC applies these obligations based on the ‘nature, scale, and complexity’ of your business; it is not a one-size-fits-all approach.
• You are ultimately responsible for compliance, even if you outsource certain functions to third-party providers.
• Failing to meet these obligations can result in serious regulatory action, including the suspension or cancellation of your AFS licence.

An Australian Financial Services (AFS) licence isn’t just a piece of paper; it’s a commitment to upholding a high standard of conduct. The core of this commitment is found in the general obligations under section 912A(1) of the Corporations Act 2001. These duties are the bedrock of your entire compliance framework and shape every aspect of your operations.

Understanding these obligations is fundamental to protecting consumers, maintaining market integrity, and running a successful financial services business. They are not a simple checklist to be ticked off, but foundational principles that must be embedded in your culture. From our experience working with licensees, those who integrate these principles into their daily operations are far better equipped to manage regulatory change and build lasting client trust.

What Are the General Obligations for an AFS Licensee?

The general obligations under s912A(1) of the Corporations Act are a set of ten core duties you must uphold at all times. They cover everything from your conduct and competence to your resources and risk management systems. Think of them as the constitution for your financial services business.

Here is a breakdown of these ten key duties:

1. Provide services efficiently, honestly, and fairly. This is the cornerstone obligation. It requires you to act with integrity and professionalism in all your business dealings.
2. Maintain competence. You must have the necessary skills and knowledge to competently provide the financial services authorised under your licence.
3. Have adequate financial resources. You’re required to hold sufficient financial resources to run your business compliantly and manage potential risks. For more detail, ASIC’s Regulatory Guide 166 provides specific requirements.
4. Have adequate risk management systems. You must establish and maintain effective systems to identify, assess, manage, and monitor the risks associated with your business. (We will cover this in detail in our upcoming article on Risk Management Frameworks).
5. Manage conflicts of interest. You must have arrangements in place to identify and manage any conflicts that arise between you, your representatives, and your clients.
6. Comply with licence conditions and financial services laws. You must follow all conditions imposed on your AFS licence and comply with all applicable laws.
7. Ensure your representatives comply with the law. You must take reasonable steps to ensure your authorised representatives also comply with financial services laws.
8. Ensure your representatives are trained and competent. It’s your responsibility to ensure all representatives have the training and competence needed for their roles, as outlined in guides like RG 146.
9. Have a dispute resolution system. You must have a system for handling client complaints that meets ASIC standards, which includes membership of the Australian Financial Complaints Authority (AFCA).
10. Have arrangements for compensating retail clients. This typically means holding adequate professional indemnity (PI) insurance to cover potential client losses, as detailed in RG 126.

Who Are the Key Regulators in Australia’s Financial Services Landscape?

While ASIC is the primary conduct regulator for AFS licensees, your duty to “comply with the financial services laws” extends to rules set by several other key bodies. Understanding this wider environment is essential, as different regulators govern different aspects of your operations.

Here are the main players you should be aware of:

• ASIC (Australian Securities and Investments Commission): Your principal regulator, responsible for corporate, markets, financial services, and consumer credit law. They issue and oversee your AFS licence.
• AUSTRAC (Australian Transaction Reports and Analysis Centre): Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regulator and financial intelligence unit.
• APRA (Australian Prudential Regulation Authority): The prudential regulator that supervises banks, insurance companies, and most superannuation funds.
• TPB (Tax Practitioners Board): Responsible for regulating tax agent services, which can overlap with financial advice.
• OAIC (Office of the Australian Information Commissioner): Administers the Privacy Act 1988, which governs how you handle clients’ personal information.

What about duties beyond specific regulations?

It’s also important to remember that your obligations are not just statutory. Your business also operates under established legal principles, including:

• Common Law: This includes your duty of care to clients.
• Contract Law: This governs the agreements you have with your clients and suppliers.

How Does ASIC Apply These Obligations? The ‘Nature, Scale, and Complexity’ Principle

ASIC does not take a ‘one-size-fits-all’ approach to compliance. The regulator understands that a small, two-person advice practice has very different compliance needs than a large, multinational product issuer. Your compliance framework should be tailored to the specific risks and activities of your business.

This is known as the ‘nature, scale, and complexity’ principle.

According to ASIC’s Regulatory Guide 104, you are responsible for assessing your own business and designing compliance measures that are appropriate. For example:

• A small licensee with a few advisers and simple product offerings might have a straightforward risk management plan and a simple compliance register.
• A large licensee with complex operations, multiple business lines, and a large client base will need a much more sophisticated framework, including dedicated compliance staff, advanced monitoring systems, and extensive stress testing.

The key is to thoughtfully assess your business and build a proportional and effective compliance framework.

Why Is Documenting Your Compliance Measures So Important?

Documenting your compliance measures is vital because it’s how you prove to ASIC that you are actively meeting your obligations. A well-documented framework shows that your approach is deliberate and systematic, not accidental. If ASIC comes knocking, these documents will be your first line of evidence.

Your documentation should be a living part of your business, not a file that gathers dust on a shelf. It should clearly detail:

• Who is responsible for specific compliance tasks (e.g., the Compliance Officer, Responsible Managers).
• What the procedures are for key activities (e.g., onboarding a new client, managing a complaint).
• When these tasks and reviews will be performed (e.g., quarterly compliance meetings, annual policy reviews).
• How you will monitor, report on, and keep records of your compliance activities.

Good documentation provides clarity for your team and demonstrates a mature compliance culture to the regulator.

Are You Still Responsible if You Outsource Compliance Functions?

Yes, you are 100% responsible. While you can outsource certain tasks to third-party providers (like paraplanning, IT, or even compliance consulting), you cannot outsource your legal and regulatory responsibility as the AFS licensee.

ASIC is very clear on this point.

From a regulatory perspective, the actions of your outsourced provider are considered your actions. Therefore, you must have a robust vendor due diligence and management process in place. This includes:

• Thoroughly vetting any third-party provider before engaging them.
• Having a clear, written agreement that outlines their duties and your expectations.
• Regularly monitoring their performance to ensure they are complying with financial services laws on your behalf.

Remember, ‘the vendor did it’ is not a defence you can use with ASIC. The ultimate accountability always rests with you.

What Happens if You Fail to Meet These General Obligations?

Failing to meet any of the general obligations can trigger significant scrutiny from ASIC and lead to severe consequences. A breach in one area is often a red flag to the regulator that there may be deeper, systemic issues within your business’s compliance culture.

The potential consequences can range in severity, including:

• The imposition of additional, more restrictive conditions on your AFS licence.
• ASIC issuing an enforceable undertaking, which is a public commitment to rectify issues.
• The suspension of your AFS licence for a set period.
• In serious cases, the permanent cancellation of your AFS licence.

These general obligations are the foundation upon which your entire licence stands. Treating them with the seriousness they deserve is the best way to ensure the long-term health and success of your business.