In the ASIC Enforcement Review Taskforce’s third Position and Consultation paper (the Position Paper), ASIC has stated that it wants to apply a “fit and proper person” test to controllers of AFS and credit licensees, and their Responsible Managers (RMs). But we’ve looked at the fine print and it appears that ASIC’s proposed test is more onerous than APRA’s.
There are significant differences between APRA and ASIC’s approach
Under APRA’s Prudential Standard APS 520, authorised deposit-taking institutions (ADIs) must annually self-assess whether a Responsible Person is a fit and proper person. If the ADI believes that the Responsible Person no longer passes the test then they must self-report this to APRA.
In contrast, ASIC wants to personally assess whether the controllers and RMs of licensees are fit and proper people on a negative assurance basis. This means that controllers and RMs will only be acceptable to ASIC if it has no reason to believe the controller or RM is not a fit and proper person. To assist them the licensee will need to provide information about their controllers and RMs.
This is a much higher obligation than that currently imposed on APRA-regulated entities — a difference that isn’t warranted given the higher risks associated with ADIs and other prudentially-regulated entities.
These changes add unnecessary compliance
ASIC is already struggling under the weight of its compliance obligations, evidenced by our clients who are currently experiencing licence processing times between 6 and 12 months. If ASIC has to assess who controls a licensee, and then determine if they are fit and proper controllers, every time a change of control occurs, as well as assess RMs against this new standard, it will place a prohibitive burden on their resources.
We also estimate that each controller will incur between $1,500 and $5,000 for each change of control. This is because they will be required to show ASIC why there is no reason for them to not consider the controller fit and proper.
Self-assessment is the answer
The cost-benefit of these proposed changes just doesn’t add up.
It makes more sense for ASIC to introduce self-assessment, similar to that already in place for ADIs. This would avoid additional stretching of ASIC’s resources. ASIC could also go one step further, by requiring the self-assessment to be subject to review during a financial audit, in line with the process outlined in Prudential Standard APS 520.
In my next licensing post I’ll outline the proposed changes to the definition of control and explain how it may impact businesses.
If you have any concerns about any of these issues, please contact us.
Author: Jaime Lumsden