Advisers might be keeping pace with technology, but are they on top of the regulation that goes with it? Hope William-Smith finds out.
Consider closely the cross-section of legislative developments and reforms for financial planners and you would be forgiven if the compliance concerns around technology had slipped off your radar.
In an address at the recent Australian Securities and Investments Commission (ASIC) Annual Forum, chairman, Greg Medcraft said the regulator would stay ahead of the industry and utilise technology to clamp down on compliance.
“The way we monitor and regulate is increasingly data-driven,” he said.
“Community expectations have changed; so too have the expectations of the government and the regulator, and even the black letter law.
“While our vision remains the same, the way in which we are approaching regulation is transforming.”
The December introduction of ASIC RG 257 on the testing of fintech products and services with exemption from an Australian financial services licence (ASFL) left the door open for industry progression, but legal experts have said it would not affect business progression for traditional planners.
There were other technology concerns, and planners are susceptible to new legal traps.
Hall & Wilcox partner, Harry New, said regulation had not yet adapted alongside innovation, notably data analytics and the various forms of cognitive technology which powered the majority of solutions used by advisers.
Money Management asked financial service law firms and an Australian regtech what the top 10 common areas of regulatory and legal concern were, and broke down the nexus of technology, advice, and regulation.
ASIC RG 257
The Fold Legal managing director, Claire Wivell Plater, said the fintech ‘regulatory sandbox’ specified in ASIC RG 257, would not shake up traditional advice due to capped limitations.
“The sandbox is not an open slather for financial advisory businesses to operate without oversights or limits, it’s extremely limited in its ambit so it does not pose any threat to advisers at all,” she said.
“There is no relevance to standard financial advisers because it really only applies to innovative businesses, people who are developing new technologies who are better at providing financial services through technology.”
New said the legal crux with sandbox was taking disclosure, reduced compensation, and additional dispute resolution requirements into account.
“Clients must be advised that the fintech licensing exemption is being relied upon,” he said.
“This purpose of the relief is to provide fintechs with opportunity to demonstrate proof of concept without incurring regulatory costs of obtaining a license and establishing a compliance framework to comply with licensing conditions and obligations.”
INTEGRATION OF FOFA
Nearly three years after the implementation of the Future of Financial Advice (FOFA) reforms, Wivell Plater said advisers could trust technology solutions and recognise that through all the FOFA changes, it played a part in the agenda to maintain integrity in financial advice.
“The new technologies that are available have the same obligations to comply with the AFS legal requirements as advisers do and so long as they do their due diligence carefully, there should be no reason not to trust them,” she said.
Managing director of regtech firm GRC Solutions, Julian Fenwick pointed to conflicted remuneration, best interests duty and continued issues of conduct risk; advisers would need to be flexible and ensure a technology partner would not compromise legal obligations or align them to a third-party.
“Buyers of financial advice will have to assure themselves of adviser independence,” he said.
BEST INTERESTS DUTY
The potential lack of flexibility in technology solutions placed best interests duty compliance as a significant area of attention for the regulator.
“The concern has always been how fintech advisers can satisfy their best interests duty obligations where the technology applies a pre-defined set of criteria for each person’s specific circumstances,” New said.
“Pre-defined outcomes… might not take into account all relevant options.”
Wivell Plater said advisers had to ensure that technology solutions provided accessible, client-focused advice which increased trust.
“There are still perhaps a lot of advisers that have not grasped the significance of that duty, particularly in the requirements it has in relation to making sure advice is truly individually tailored for clients, and making sure the clients’ interested are prioritised,” she said.
“These are issues that I think we will see a lot more emphasis on from ASIC over the next year.”
“There will need to be changes on both the client and the adviser side for there to be any lasting and effective change.”
Vigilance was required around updates to ASIC and the Australian Prudential Regulation Authority (APRA) policy amendments, and would help advisers stay abreast of legal hurdles.
Fenwick drew attention to ASIC and encouraged advisers to look at discussions across the industry to pre-determine the direct effects of pending regulation for business.
“Planners and advisers should stick closely to their industry bodies; the recently mooted idea that ASIC will require banks to publicly report “significant” breaches of AFS licences within five business days is a good example of this,” he said.
“They should keep themselves informed as change comes through, whether legislative or attitudinal, and be prepared to seek assistance when required.”
The Financial Planning Association (FPA) last year proposed robo-advisers appoint independent actuaries to monitor automated advice.
Wivell Plater said advisers were skating on thin ice when it came to ensuring automated advice still provided client and situation accurate solutions.
“It’s not one size fits all, you can’t buy off-the-shelf technology, you have to customise it. They need to understand how it works very clearly,” she said.
“It’s a big undertaking to take on a technology provider and make sure they do their due diligence.”
Advisers would also need to comply with the triage process outlined in ASIC RG 000 to filter clients for whom robo-advice was not suitable. This would lessen the gap for error with robo, and further protect client information.
“Advisers need to make sure that their professional indemnity policies cover the potential risk of widespread loss across its entire database where the technology is flawed,” New said.
ALGORITHMS AND OUTSOURCING
Lack of specialist knowledge on algorithmic resources was a pitfall for unintentional non-compliance.
“Algorithms must be continually tested, documented and reviewed,” New said.
“They need people who understand the technology and algorithms used to provide the advice in order to establish and maintain appropriate risk-based compliance systems.”
Wivell Plater said compliant integration of outsourced technology was still a responsibility of the adviser.
“Advisers have to be fully proficient in planning, in strategy building, in investment modelling, and also in the legal requirements,” she said.
“They should very carefully look at what the technology provider is doing, who their client base has been and check whether they have been working with reputable businesses.”
‘Regtech,’ or regulatory technology, emerged as a major forerunner last year in financial services, and New said advisers had questions about check-ups on newly-implemented technologies and how they could be utilised for risk mitigation.
“The most common question from advisers is the extent to which they are regulated and the prospect of being audited in some way by ASIC,” he said.
“The biggest theme has been the place of compliance risk as part of enterprise risk and how technology can assist with compliance.”
New also warned advisers needed to be alert to ASIC’s more proactive observation of general compliance standards across the industry in recent months, which included reviewing of websites.
Fenwick touted regtech as a “plethora of niche solutions for solving difficult issues” and said specialist technology solutions helped contain risk.
“The thinking around open architecture and interoperability between systems will mean that there will be strong support for these niche solutions,” he said.
Medcraft said a new focus for ASIC would be to utilise regtech solutions to positively shift industry views on compliance.
“Dedication to compliance in firms could have an expanded education focus,” he said.
Medcraft said advisers needed to step up, as greater customer and investor control of high risk products heightened the risk of investor harm.
Wivell Plater recommended advisers check that both their systems, and those of their technology providers, were well protected against cyber-attacks which compromised privacy law.
“That’s an area that ASIC is becoming increasingly concerned about; if their security is not sufficiently good to ensure that’s not hacked… they should take reasonable measures,” she said.
“The bar on that is shifting all the time as hackers become more and more sophisticated.
“What is really important for advisers is to make sure that the cyber-security measures they have in place are more than reasonable.”
Technology was no substitute for professionalism, which meant planners needed to ensure their own competency was up to scratch.
“Advisers need to make sure that they have their own professional understanding – take responsibility for the advice that is delivered,” Wivell Plater said.
“Make sure that the way that those technologies are calibrated in order to do analytics and produce results is technically correct from a financial planning perspective.
“Use the technology as a means to make that more sufficient rather than as a substitute for the professionalism, the wisdom and the analysis of the adviser.”
Wivell Plater reminded advisers that it was their ASFL duty to safeguard themselves and maintain regular checks on technological services.
“ASIC expects that when you purchase or outsource any function critical to the services you are providing, you actually will do the vetting plus ongoing monitoring and supervision.”
“At the end of the day, professionalism starts and finishes with the adviser themselves.”
Fenwick said the use of technology was not a replacement for human competence and encouraged advisers to stay educated.
“There is a temptation to rely too heavily on new technologies… but with that comes a responsibility for increased oversight,” he said.
“Individual planners and small business should inform themselves of the risks before implementing these technologies.”