A financial firm’s regulatory compliance responsibilities differ depending on the services it provides. However, one constant for every Australian Financial Service License (AFSL) holder is the requirement to meet the general obligations under Section 912A(1) of the Corporations Act 2001

Section B of Regulatory Guide 104, released by the Australian Securities and Investments Commission (ASIC), establishes that, depending on the nature, scale and complexity of the business, licensees are permitted to outsource the management of these obligations. However, the AFSL holder will always remain responsible for compliance. The same is true when licensees appoint Authorised Representatives (ARs) or Corporate Authorised Representatives (CARs). 

Some AR/CARs may be treated as onsite employees while others are completely external. However, no matter the setup, the final responsibility always rests with the AFSL holder. A licensee’s general obligations include oversight over the financial services the AR/CARs have been authorised to provide.

These compliance obligations demand two critical elements in the context of AR/CAR oversight: supervision and monitoring. Here’s how to do both to ensure outsourced compliance efforts fulfil AFSL obligations.


Laying the groundwork for success

According to ASIC’s Regulatory Guide 105, meeting organisational competence obligations includes ensuring Responsible Managers (RMs) are fit and proper people. Licensees must also demonstrate that they perform appropriate checks at every step when authorising and onboarding ARs/CARs. 

This means that successfully supervising and monitoring AR/CAR compliance begins from the very first step: onboarding any AR/CAR. Firms need a robust due diligence process when onboarding to ensure qualifications, references, police checks, ASIC register checks and reviews have all been completed before finalising a formal relationship. 

These efforts should include a thorough evaluation of the proposed financial services the AFSL holder is granting the AR/CAR and that the AR/CAR is competent to provide them. However, it’s equally important for AFSL holders to ensure their own teams include competent RMs or supervisory staff, as these individuals will monitor and supervise the AR/CAR’s financial services. An RM must have the necessary skills and experience which includes having day-to-day oversight, being able to perform that supervision and being able to demonstrate it to regulators.

Although robust due diligence procedures are the first step, there should also be a strict procedure for AR/CAR onboarding. For example, the AFSL holder must ensure the AR/CAR business is ready to provide the authorised financial services with the correct policies, procedures and resources, including documentation such as Financial Services Guide (FSG) or Statement of Advice (SOA) templates. Both parties are also required to know and understand what it means to operate under an AFSL.


Improving compliance frameworks

An AFSL holder is expected to have its own compliance and risk framework in place to operate their AFSL business. However, this framework may not naturally align with the scale or complexity of the AR/CAR business. That means it’s vital to review and improve the underlying plans for compliance for the AR/CAR.

First, a licensee must establish whether the AR/CAR has its own policy structure in place. If so, the parties must work together to ensure both frameworks align. If not, the AR/CAR will generally use and refer to the AFSL holder’s existing compliance policies and procedures. Either way, both parties should align to ensure they’re collectively meeting the general obligations under the AFSL.

Next, the licensee will need to ensure the AR/CAR has its own supervision and monitoring throughout its business. This must include a review of obligations, including:

  • Complying with the AFSL holder’s licence conditions.
  • Adhering to the AFSL general obligations.
  • Maintaining up-to-date, fit-for-purpose policies and procedures.
  • Hiring and retaining an appropriate number of skilled resources. 

It’s up to the licensee to ensure the AR/CAR has clear expectations — not just in terms of its responsibilities, but in the types of supervision it will be subject to. Will the AFSL holder be high-touch and present in the AR/CAR business, or will they rely on robust and comprehensive reporting from the AR/CAR? How will both parties manage the necessary resources, including human and technological, and ensure everyone is meeting their obligations?

There’s no one right answer here. Instead, the licensee will need to consider which approach works best for the company’s nature, scale and complexity. It’s also important to take the AR/CAR into account, as decisions in this area can and should be influenced by different working styles and requirements. This also means that the best approach can change over time, particularly as the business of the AFSL holder or the AR/CAR grows or offers new services to consumers.


Building better relationships

Ultimately, relationships between AFSL holders and AR/CARs cannot be built on trust alone. While some level of understanding should exist, licensees can’t rely on AR/CARs to do the right thing. This isn’t necessarily because the latter is unreliable, but because the former must take responsibility for everything, intentional or not. For this reason, oversight and monitoring are necessary to ensure the AFSL holder knows both they and the AR/CAR are meeting their general obligations. 

In the same vein, it’s important to recognise that concrete evidence is key. Licensees can’t rely on informal undocumented meetings, unreviewed reports or unrecorded monitoring. After all, even a small, unintended mistake could lead to serious consequences — including fines, licence conditions, enforceable undertakings and reputational damage.

For example, in 2022, ASIC initiated civil penalty proceedings against wholesale licensee Lanterne Fund Services, citing risk and compliance failures. ASIC outlined several issues with the firm’s approach to AR/CAR management, including:

  • Failure to identify and assess risks, including those related to AR/CARs.
  • Did not have enough RMs with sufficient time to conduct their supervision.
  • Reliance on AR/CAR self-assessments to identify risks.
  • Dependence on an outdated Compliance Manual that omitted AR/CAR obligations.
  • Lack of skill and competency assessments and training for AR/CARs.


Tips for AR/CAR supervision and monitoring

How do you maintain a good relationship with an AR/CAR without relying entirely on trust? Here are a few tips we’ve uncovered from working with AFSL holders over the years:

  • Have an AR/CAR register that outlines authorisations and tracks any amendments.
  • Maintain an AR/CAR supervision framework, including all relevant policies and procedures.
  • implement robust contracts outlining expectations and authorisations.
  • Avoid cookie-cutter approaches, as all AR/CAR businesses are unique and your agreements, monitoring and supervision should be adaptable.
  • Perform ongoing reviews, covering both AR/CAR obligations and other areas of risk for each AR/CAR.
  • Regularly analyse resources and organisational competence for both your AFSL business and each AR/CAR business.

Are you an AFSL holder working with AR/CARs? Contact us today to find out how to protect yourself and meet your obligations while getting the most out of this relationship.

Image by pressfoto on Freepik

Back to Blog