Following on from the Australian Securities & Investments Commission’s (ASIC) Report 482 Compliance Review of the Retail OTC Derivative Sector, ASIC has increased its scrutiny on Australian Financial Services Licence (AFSL) Holder’s outsourcing arrangements. ASIC expects that AFSL Holders have documented legal agreements in place with all external service providers connected with the provision of financial services.
ASIC has clarified that where AFSL Holder’s outsource any functions that are material to the provision of financial services, formal legal agreements should be in place that document the provision of service and the terms of the agreement between the two parties. This is especially important where AFSL Holders engage the services of related entities based overseas.
ASIC outlines its stance on outsourcing functions that relate to the provision of financial services in its Regulatory Guide 104. ASIC recognises that AFSL Holders outsource functions that are pivotal to the provision of financial services but states that the AFSL Holder remains responsible for the outsourced services. Where an AFSL Holder outsources functions that relate to the provision of financial services, ASIC expects that the AFSL Holder:
- has documented processes in place to ensure that appropriately qualified external service providers are engaged;
- monitors the performance of external service providers on a regular basis; and
- has procedures in place to deal with breaches caused by the external service provider.
Interestingly, ASIC seems to be following the UK’s Financial Conduct Authority (FCA) general outsourcing requirements which are far more prescriptive. The FCA stipulates that regulated firms, when engaging external service providers to provide outsourced functions critical to the provision of the licensed services, must continually take steps to avoid operational risk. The FCA also requires regulated firms to identify, manage, monitor and report risks of the proposed outsourced function and reiterates that the regulated firm retains responsibility of the services even where it is outsourced. ASIC seems to be holding AFSL Holders to the same outsourcing standards as FCA regulated firms.
ASIC’s media release entitled 16-134MR Ikon rectifies client trust accounts and improves disclosure demonstrates ASIC’s increased scrutiny of outsourced arrangements and ensuring they are appropriately documented. ASIC found that Ikon (Australia) Pty Ltd (Ikon) failed to adequately disclose to clients where functions where outsourced to its overseas related entities.
AFSL Holders are encouraged to review their outsourcing arrangements and implement formal legal agreements with external service providers if they are not already in place.