Adviser audits; there is a better way

What’s in a name? A lot. Take ‘adviser audits’, for example. Many licensees arrange for a compliance professional to visit each of their advisers once a year in order to help the licensee meet its regulatory obligations. These visits are often known in the industry as adviser audits.

The term ‘audit’ literally means to examine, to check or to investigate, and report. In this context, it suggests a process of picking up gaps in an adviser’s compliance regime and reporting back to the licensee.

I prefer the term ‘adviser reviews’. This less formal name better lends itself to a process whereby the compliance professional not only looks back over the adviser’s files but also works together with the adviser to develop a way forward.

Legal underpinnings and other considerations

Whichever term you use to describe visits to your advisers and whatever happens during those visits, the main aim of any such visit is to assist the licensee to meet its statutory obligations.

These obligations are set out in section 912A of the Corporations Act 2001. The most directly relevant to reviews (or audits) are:

> 912A(c) — take reasonable steps to ensure that authorised representatives comply with the financial services laws;

> 912A(d) — have available adequate resources (financial, technological and human resources) to … carry out supervisory arrangements; and

> 912A(f) — ensure that representatives are adequately trained, and are competent, to provide the financial services authorised to be provided under the licence.

Further, 912E provides for surveillance checks by the Australian Securities andInvestments Commission (ASIC).

Perhaps the formality of these obligations and the prospect of surveillance by the regulator are what have led to common use of the term ‘audit’ for adviser visits in the financial services industry.

The legislation is not prescriptive about how a licensee meets its obligations.

For instance, there is no statutory requirement compelling licensees to conduct an annual compliance audit of advisers.

In deciding how to meet its statutory obligations, a prudent licensee will pay close attention to the various statements of ASIC, since it is ASIC that, for all practical purposes, is the policeman.

ASIC’s views are made known in a variety of ways including: policy statements and guidelines (now collectively called ‘regulatory guides’); answers to frequently asked questions; media releases and its views expressed in enforceable undertakings.

A prudent licensee will also take into account industry practice. In any action for negligence, industry practice is important objective evidence about what actions are expected of a reasonable licensee.

ASIC statements relevant to a consideration of an approach to adviser reviews include:

> licensees are expected to have adequate measures, processes and procedures in place to monitor, supervise and train representatives as part of their overall compliance arrangements (RG164.59); and

> the resources and arrangements in place must be appropriate having regard to the nature, scale and complexity of the licensee’s business (also RG164.59).

The question then arises as to the frequency of reviews.

In 2001, ASIC released a report titled “National Life Insurance Disability Campaign”. Although the report was pre-Financial Services Reform the regulator did consider the supervision of agents by their principals, finding that reviews ranged from two per year to one review every three years. ASIC stated in its final report that one review every three years was inadequate.

Taking all of these matters into account, we think that the following conclusions are reasonable:

> adviser reviews form an important part of a licensee’s supervisory and compliance arrangements;

> the type and regularity of review and the manner in which it is conducted are not mandated and can be decided upon by the licensee. The review process must be sufficient to satisfy the test that reasonable steps are being taken to ensure that the advisers are complying with the financial services laws and are competent to provide the financial services; and

> the nature and manner of the reviews should be adequate having regard to the nature, scale and complexity of the licensee’s business.

Using adviser reviews to reach goals

In our view, adviser reviews conducted by or on behalf of a licensee should be part of an overall compliance strategy, not isolated, stand-alone events.

In this way, they are fundamentally different from, say, a surveillance audit conducted by ASIC. They have a different purpose. A surveillance audit is to check whether a licensee is complying with its obligations at a point in time with a view to possible enforcement action. A licensee’s adviser review on the other hand, should be more of a strategy for achieving compliance.

Perhaps a major reason for frustration at the ineffectiveness of the more traditional approaches with adviser audits has been a failure to recognise this fundamental difference.

An appreciation of this difference enables a fresh view to be taken to the development and implementation of an adviser review process.

At Compact — Compliance & Corporate Training, a solution has been developed that is proving to be very successful in achieving the aims of the stakeholders (the licensee and the adviser) as well as the person conducting the review.

Obviously, a licensee will have an eye on costs and will want to get the most out of any review process. A prudent licensee should, in our view, be looking at its adviser activities at least once every 12 to 18 months.

If the review process developed also involves effective one-on-one training and that such training counts towards professional development, then clearly a number of issues can be addressed very cost effectively.

While the supervisory obligations are the foundation on which the review process stands, it is, however, the training and instructing aspects of the review that will emerge as the major benefit to the licensee and its advisers.

A review may focus on two or three important aspects of compliance rather than a ‘tick box’ approach covering off all compliance issues. Many of these issues tend to be procedural anyway and can therefore be the subject of a ‘set and forget’ approach for longer periods.

This leaves the reviewer the freedom to focus on more specific and relevant matters from a risk management perspective. For instance, a review might:

> examine a number of adviser files to ensure that the adviser has a reasonable basis for the advice;

> consider whether any advice to switch or replace an existing product is justified and properly documented; and

> look at whether or not the proper disclosures have been made in relation to remuneration and conflicts of interest.

Time taken in the review to discuss privately these issues with direct relevance to the adviser’s files is a very powerful training tool. The adviser can also raise compliance matters of which they are unsure without fear of enforcement or judgemental action.

In the event that a breach is identified in a review, then action can be taken immediately to modify the behaviour that gave rise to the breach. This will go a long way to ameliorating the effects of the breach.

Many advisers who are comfortable with the strategies they put forward to their clients struggle to effectively document them. Some rely on paraplanners to prepare Statements of Advice (SOA). Others prepare the SOAs themselves. Either way, heavily-templated financial software is extensively used, which presents its own set of issues for consideration and guidance.

What an adviser review might look like

An adviser review might, as well as including a review of particular client files, include a one-on-one training session with some basic advice process coaching. Adviser strengths can also be considered as, after all, one would wish to encourage things that are being done well.

More important is the necessity to change adviser behaviour in respect of any weaknesses. One-on-one coaching is the most effective and proactive way to achieve this.

The ideal compliance activities are those that build and maintain a compliance culture in which the licensee’s authorised representatives are self-motivated to conduct business in a compliant way.

We believe this coaching approach is more conducive than the ‘traditional’ adviser audit because, if introduced properly, the licensee, the reviewer and the authorised representative will be collaborating in achieving a shared goal.

This type of review also has implications for the qualifications of the reviewer. The reviewer needs to be someone who has a good understanding of the advice process and, in particular, the reasonable basis of advice requirement. In other words, is the reviewer competent to identify where recommendations are not appropriate?

The reviewer needs to be able to get a gut feel about the adviser’s approach to doing business and to whether or not they understand what is required by the Corporations Act 2001.

More importantly, however, the reviewer also needs to relate to the advisers and to be accepted by them as someone who has something to offer their business. Only in this way is an adviser likely to be persuaded to adopt different practices if the need arises.

Features of a review plan

Features of a review plan will include:

> goals of the licensee (and to some extent of the advisers and the reviewer);

> adviser training and adviser reviews targeted towards the achievement of these goals;

> adviser input will be included when preparing a review plan and, in this way, advisers will take ownership of the process;

> matters covered during each individual review and each resulting report will depend upon the overall goals that are set for the plan. However, the guiding principles will be that the report is to be bite-sized (eg, four pages long), focused, and contain clear recommendations in relation to any breaches;

> adviser reviews will take place once a year, with the whole range of compliance issues to be covered over, say, a three-year period;

> in addition to coaching that takes place during the review process, training sessions will be held for groups of advisers, targeting common issues that emerge from the reviews;

> advisers will be informed well in advance of their review and will be aware of the goals and purpose of the review;

> the duration of the review should be no more than half a day;

> a report summarising the outcomes of the reviews conducted since the Compliance Committee’s last meeting should be provided to the licensee’s Compliance Committee, together with suggested remedial actions; and

> a comprehensive review of the process should be conducted to measure whether the goals have been met and to provide a needs analysis for the next period.

Over a period of time, this more targeted approach to compliance should take less of the compliance manager’s time and be more effective in achieving a compliance culture through behavioural change.

It does, however, carry with it the short-term risk that some compliance items that would be covered by a comprehensive ‘checklist’ approach to every review, will not be checked in any 12-month period.

We believe that the risks associated with this can be minimised by a careful targeting of issues of substance rather than form. Matters of form may be dealt with in other ways and will, in any event, be picked up at some time in future stages of the review plan, provided that the plan is properly prepared.

Coaching compliance

Compliance is about effective business processes that work for the business, but that also comply with the adviser’s and the licensee’s legal obligations.

The aim is to have compliance happening automatically. That, in our view, should be the general approach to adviser reviews. We see the approach being more that of a business coach wearing compliance glasses than an auditing or policing role.

This is the most positive and cost effective way of achieving an embedded compliance culture within an organisation. It extols and encourages appropriate behaviour while changing that behaviour which is inappropriate, through individual guidance and education.

Frank Smith is a consultant with Compact — Compliance & Corporate Training.