It’s a marathon, not a sprint - what lies beyond October 2021?

With so much effort spent focused on implementing the immense amount of imminent regulatory change, many financial services organisations are left considering, what comes next?  What does the world look like post-October 2021 and where should that effort be re-focused?

It’s no secret the volume of regulatory change coming down the pipeline for financial services organisations is vast.  In October alone, there are no less than six reforms going live which include the design and distribution obligations, restrictions on the unsolicited selling of financial products (hawking), a deferred sales model for add-on insurance products, reference checking and information sharing requirements for financial advisers and brokers, revised breach reporting requirements and internal dispute resolution.  And this is just the beginning, with further regulatory change on the horizon. 

While no-one could argue with the fact that these changes are positive for the industry and ultimately support fairer outcomes for consumers - for organisations implementing this change, the process has been complex, and firms have been left grappling with how to embed separate (but connected) pieces of regulation.

Think progress, not perfection

These reforms have typically been implemented in isolation, often due to the nuances provided across the individual provisions, or as result of the organisation’s preferred approach to project and/or change management.  In the rush for day 1 compliance, it can be difficult to see the wood for the trees, especially making sense of available opportunities for efficiency across the portfolio of change occurring.

Recognising the challenges faced by businesses in implementing this array of change, ASIC has acknowledged that a ‘transition’ period will be in place:

"ASIC will take a reasonable approach in the early stages of these reforms provided industry participants are using their best efforts to comply."¹

We consider it likely that ASIC will consider best efforts having regard to a number of factors including the nature, scale and complexity of a organisation’s business. Typically, in the context of regulation this means ASIC has higher expectations of larger organisations with more resources committed to regulatory change.

This should not encourage complacency – the fundamental expectation is for the whole industry to be compliant from day 1. 

This is not the end. It is not even the beginning of the end. But it is perhaps, the end of the beginning.

As everyone falls over the finish line on 5 October, the work, unfortunately, does not stop there.  Firms are now turning their mind to where to now and what next?  Here are some activities organisations can consider:

• Continue maturing beyond day 1 compliance – implementation activities won’t necessarily stop at the compliance commencement date. There will likely be further refinement required as the industry and regulators alike settle into the new regimes. Think about how you can demonstrate best efforts to comply and what further enhancements / efficiencies you can gain around optimising BAU activities (and the budgetary impacts of these decisions).  How could you streamline ongoing operating models, activities, monitoring and oversight to ensure ongoing compliance?
• Schedule a post-implementation review – when the dust has settled, establish a comprehensive end-to-end review of your regulatory change program to identify areas of further uplift and enhancement.  This is a good opportunity to consider lessons learned throughout this process and reflect on how you can approach future regulatory change.
• Consider the role of internal audit in ongoing compliance assessments – review your current internal audit plans to include relevant reviews on those areas noted above.  Take advantage of opportunities to streamline your internal audit program to ensure efficient coverage e.g. consider a review of anti-hawking and DDO together or undertaking a review covering complaints and breach reporting.
• Revisit accountabilities – look across your three lines of defence – are the new obligations being appropriately captured across your business?  Are there any areas of grey, gaps or overlaps in the new world that need to be addressed? For those organisations that are already subject to the Banking Executive Accountability Regime (BEAR), this will be a good opportunity to reaffirm responsibilities and reasonable steps in place to support compliance. For those organisations that will be captured under the Financial Accountability Regime (FAR), we suggest using this as a starting point to ensure there is end-to-end coverage of your operations, including as this pertains to the recent reform. 

There is nothing permanent except change

As the wise words of Heraclitus suggest – there is more to come.  This recent period of implementation, while it has been intense, is moving the industry in the direction we all want to go – improving outcomes for customers. But we know further change is inevitable. 

Being able to re-focus efforts from implementation to BAU management successfully, while considering the lessons learnt throughout this period, will stand firms in good stead to successfully manage future regulatory driven changes. 

^[1] ASIC Media Release, 12 August 2021, https://asic.gov.au/about-asic/news-centre/find-a-media-release/2021-releases/21-213mr-asic-s-approach-to-new-laws-reforming-financial-services-sector/