Beware that regulation does not provide sufficient relief to avoid the breach reporting obligation and Civil Penalties.
The Financial Advice Association of Australia (FAAA) has confirmed that they have received communications from the Australian Securities and Investments Commission (ASIC) regarding breach reporting for clients who have signed an ongoing fee consent form without an account number. This may have occurred when clients were opening new investments/platforms and had signed the form before a new account number had been issued.
What You Must Do:
- Some platforms are re-issuing forms to affected clients on behalf of the advisers. However, if the platform has not advised you, you need to contact your clients directly and have them sign a new consent form that includes the client’s account number. This applies to clients from 10 January 2025 to the present.
- You must lodge a Breach Notice if you have any clients who have signed an ongoing fee consent form that didn’t have an account number. Please see further information below in the FAAA Notification.
Recommendation:
Lodge a report as soon as possible, but before 5 September 2025.
Background: FAAA Notification
In early June, ASIC announced a limited no-action position for advice fee written consents that did not include account numbers (this does not apply to advice fees paid from basic deposit products or credit cards). ASIC has now confirmed that any consent forms previously signed without an account number are required to be reported to ASIC as a breach, which can be done through ‘group reports’ related to the same issue.
Importantly, it is your licensee who is responsible for reviewing, assessing, and lodging breach reports. Ensure you notify your licensee immediately if any platforms provide client data to you (the adviser) directly.
ASIC Instructions for Reporting Client Consent Breaches:
ASIC’s no-action position in relation to missing account numbers from fee consent forms does not extend to an AFS licensee’s obligations to lodge breach reports. While ASIC has said that it will not take action for certain breaches of the law, licensees are still breaching the law, and we expect breach reports to be lodged.
ASIC anticipates that there will be situations where there are multiple breaches relating to the same conduct and same root cause and has provided relief to allow licensees to group reports where this is the case. If further breaches are identified, the licensees can then provide an update to ASIC within 90 days.
Further Clarification: Sections 962S and 962Z – Civil Penalty
AIC Solutions reached out to Phil Anderson, FAAA, General Manager, Policy, Advocacy and Standards, regarding the unaddressed Civil Penalty provision under Section 962S and 962Z for further clarity.
In recent regulatory developments, there has been ongoing discussion regarding exemptions available under Section 962S and their impact on breach reporting obligations for financial advice providers. While the current regulation does provide an exemption for Section 962S, which addresses ongoing fee arrangements, it is essential to highlight that this relief is not comprehensive.
One critical area that remains unaddressed is Section 962Z—a Civil Penalty provision—which continues to be enforceable. The ASIC relief granted does not extend to Section 962Z, nor does the breach reporting regulation provide any exemption for it. As a result, licensees and advisers must remain vigilant about their ongoing breach reporting obligations concerning this section.
It is also essential to note that, according to current interpretation, fixed-term agreements are expected to be exempt from these specific requirements. This is because fixed-term agreements are not classified as ongoing fee arrangements, and thus fall outside the scope of Sections 962S, 962T, and 962Z. This distinction may provide some practical relief for advice providers who predominantly operate under fixed-term engagement models.
FAAA has engaged directly with ASIC to clarify these points, and the feedback received confirms that, at present, the exemption framework does not negate the need for breach reporting regarding Section 962Z.
Call to Action:
Whether you’re navigating complex compliance requirements or seeking greater peace of mind, investing in internal audit coaching or engaging an independent auditor can be a strategic advantage, not just a regulatory compliance measure. If your business is ready to strengthen its audit processes, uncover hidden risks, or validate your internal controls with an expert second opinion, now is the time to act. Contact our compliance team today to explore tailored internal audit support or consultation with an experienced independent auditor at [email protected]
Further resources:
- ASIC’s guidance on how to submit a reportable situation: How to submit a reportable situation
- Regulation exemption for Section 962S: https://www5.austlii.edu.au/au/legis/cth/consol_reg/cr2001281/s7.6.02a.html
- The Civil Penalty provision under Section 962Z is not exempt as a result of the above breach reporting regulation: https://www5.austlii.edu.au/au/legis/cth/consol_act/ca2001172/s962z.html
- ASIC’s no-action position regarding missing account numbers from fee consent forms does not remove an AFS licensee’s obligation to lodge breach reports: no-action position
- If additional breaches are discovered, licensees can provide an update to ASIC within 90 days—see RG 78110-116 for details.
