RG255 should apply to all advice businesses
The corporate regulator's guidance on digital advice, RG255, surrounding expectations for digital advice licensees should be equally applied to existing financial advice businesses, Holley Nethercote lawyers believe.
The law firm's partner, Paul Derham, and lawyer, Matthew Twomey, said the Australian Securities and Investments Commission's (ASIC's) guidance was only specified to "digital advice licensees".
"The funny thing is that they're making this statement about expectations to digital advice licensees but most financial planners in Australia rely on cloud hosted software providers such as Xplan, Coin, and Midwinter — I think this standard should equally apply for existing businesses," Derham said.
"What we're saying is the reality is that all financial planners that have cloud-based software that they are using to deliver their advice and in fact one really common form of cyber security breach is third party cyber security breach that a regulated business relies on.
"ASIC sets out all these expectations about cyber security and information security and we think it should probably apply to all financial advisers because of the way they're actually structured."
Derham noted ASIC's August report on enforcement outcomes that stated: "We will take appropriate enforcement action by accepting enforceable undertakings or issuing infringement notices where we identify wrongdoing — for example, where disclosure by companies and issuers provides insufficient information on cyber threats".
"That's ASIC saying ‘we expect businesses to warn their customers about cyber threats' and that's a totally new angle and we've never seen that before from ASIC," Derham said.
"So for financial advisers this could mean warning your clients in your FSG [financial services guide] that they may suffer a loss if there's a cyber-attack or if their email address is compromised. In the same way they may suffer a loss or disruption in services if the licensee is subject to a cyber-attack. So there's this disclosure piece that is completely new."
Twonmey said their firm was advising their clients to talk with their internet services providers and software providers to check against standards that have been set out.
Recommended for you
Underestimating the cost of insurance by almost $75k in a Statement of Advice is among multiple reasons that a relevant provider has faced action from the FSCP.
Over half of wealth management clients in Asia-Pacific say they are looking for more advice in investment and financial planning services, according to EY, and may switch or add new providers to achieve this.
As artificial intelligence continues to reshape how the advice industry operates, Adviser Ratings unpacks which areas advisers are using the technology to improve the client experience.
Insignia Financial has appointed the former APAC head of a global asset manager to its board.
