INSIGHT

Designing effective remediation programs

By Michelle Levy
Banking & Finance Financial Services Private Capital

In brief

ASIC issued Regulatory Guide 256: Client review and remediation conducted by advice licensees late last week. In short, RG 256 says an Australian financial services licensee's duty to provide financial services 'efficiently, honestly and fairly' means they have to take responsibility for the consequences of things going wrong. When what has gone wrong amounts to a systemic error relating to advice provided to retail clients, taking responsibility means a review and remediation conducted in a 'comprehensive, timely, fair and transparent' manner. Partners Michelle Levy and Malcolm Stephens and Associate Jonathan Gardner report.

How to address a systemic issue? 

ASIC does not prescribe the way a licensee should go about addressing a systemic issue but it does say that the licensee must:

  • start work as soon as it becomes aware of a systemic issue – not wait for a client to complain;
  • proactively seek out all clients who may be affected by the misconduct or compliance failure – it is the licensee's job to find all affected clients, and if it can't do so with certainty, the licensee may need to invite all clients to participate in the review;
  • remediate all affected clients for any loss or detriment suffered – remediate here pretty much means compensate for loss, including investment returns or, where that is not possible or reasonably practicable, to pay interest at the cash rate plus 6 per cent (that would seem to be a pretty good incentive to work out the actual loss); and
  • provide all clients with access to an external dispute resolution body so that they can complain about the decision made as a result of the review and remediation process.

As to what a systemic issue is – the Regulatory Guide refers to all the usual things: failure to provide advice in the best interests of the client, failure to give priority to the interests of the client, failure to adequately disclose relevant risks, failure to give key disclosure statements, and providing false or misleading statements. But a theme starts to emerge. ASIC says that advice should be reviewed 'according to the principles of the EDR scheme of which [the licensee is] a member'.

The Regulatory Guide points to the matters that an EDR scheme will take into account when considering a complaint, including legal principles, industry codes, practice guides and good industry practice. What isn't expressly referred to, but ASIC has separately referred to, is the licensee's values or customer promise. The discussion of EDR schemes in the Guide provides guidance on the principles to be applied in reviewing advice after the systemic issue has been identified. The Guide does not say that a failure to comply with industry codes, good industry practice or a licensee's values or customer proposition is itself a breach of law or misconduct. However, it is not hard to make the connection.

If a licensee's vision is, say, to 'satisfy our customers’ financial needs and help them succeed financially', a failure to do so is likely, in ASIC's view, to be misleading or deceptive and a failure to provide financial services efficiently, honestly and fairly.

What is a review and remediation?

ASIC says reviews and remediations will generally follow the same steps:

  • determining who are the potentially affected clients;
  • designing and implementing the process;
  • communicating with clients; and
  • providing external review if the client is not happy.

This seems pretty sensible and at least superficially straightforward. But there is a lot to be said about each step and the Guide does not provide a template for licensees to use whenever there is a systemic issue. And, in fairness, it would be difficult to do so because what has to be done will turn on the facts – which ASIC recognises. ASIC says what a licensee must do:

  • depends upon the type of misconduct or compliance failure;
  • can be scaled up or down, depending upon the size of the review and remediation; and
  • is able to be adapted to suit licensees of different sizes and different internal structures.

Nevertheless, there is likely to be a lot of common ground, especially with large-scale systemic issues. These may well require, according to ASIC:

  • advice reviews being conducted by people meeting the training and competence requirements in RG146, and peer reviews of the advice reviews to ensure consistency and fairness;
  • controls to ensure that conflicts of interest do not prejudice the review or remediation – conflicts need to be considered when appointing the reviewers and any independent experts;
  • the appointment of an independent expert to provide assurance about the governance of the review and remediation;
  • reporting to ASIC and the public;
  • the appointment of a consumer advocate to review the advice review process;
  • the offer of assistance to clients who wish to seek their own independent professional advice;
  • the waiver of monetary, time or other limits applicable to EDR-scheme jurisdiction; and
  • engagement with your EDR-scheme to agree documentation, timeframes and other requirements to address any subsequent complaints.

What might have to be reviewed and remediated may well evolve as the review identifies further issues and different classes of affected clients.

A plea for simplicity 

The Guide refers to simplicity in a number of places – ASIC says that the review and remediation process should be 'straightforward'. It should also be 'transparent'.

Communications with clients should also be 'straightforward and remove complexity where possible'. Licensees should not send 'dense or complex' correspondence and they should 'be clear and direct by using simple language', and 'prominently highlight .. the actions the client is required to take'.

It is hard to avoid the conclusion that ASIC is suspicious of complexity.

Conclusion

ASIC says that the aim of a remediation program is to place affected clients in the position they would have been in if the misconduct or other compliance failure had not occurred. It is hard to argue with this principle – if there is misconduct or a breach, it needs to be remedied and losses compensated. The much harder parts will be to work out when there has been misconduct (or other compliance failure) and the client's position if the misconduct had not occurred.