ASIC has finalised its guidance on the provision of digital financial product advice and the key matters digital advice providers need to consider to ensure they meet their Australian financial services licencing obligations
ASIC has finalised its guidance on the provision of digital financial product advice (the automated provision of financial product advice using algorithms and technology without the direct involvement of a human adviser) after consultation with the industry.
The guidance reinforces that digital advice providers must hold an Australian financial services (AFS) licence (or be authorised under another licensee’s AFS licence) to provide personal or general advice and outlines a number of key requirements that are unique to digital advice providers operating under the AFS licensing regime, including:
- Have at least one responsible manager: to maintain their organisational competence, all digital advice licensees will need to have at least one responsible manager who meets the training and education requirements of ASIC RG105. Responsible managers will not be able to rely on experience only to demonstrate their competence. Existing AFS licensees will be given a grace period until the end of February 2017 to ensure they meet this requirement.
- Have adequate human resources to understand and review digital advice: digital advice providers will need to ensure that at least one person within their business understands the technology and algorithms that are being used, including the rationales, risks and rules behind the algorithms and has appropriate skills to review the digital advice generated by algorithms to ensure the advice is legally compliant.
- Monitor, test and adequate security measures: thorough testing of the algorithms in accordance with a documented test strategy must be undertaken on a regular basis. Any changes made to algorithms should be retained by the digital advice provider for seven years. In addition, digital advice providers will need to assess their cyber security using recognised frameworks, such as the National Institute of Standards and Technology Cybersecurity Framework.
- Have a ‘kill-switch’ for digital advice: if an error with an algorithm is detected, and that error is likely to result in client loss and/or a breach of the AFS licensing regime, digital advice providers must suspend the provision of digital advice until the error is rectified.
- Best interests duty and scaled advice: as there is no individual providing the personal advice to the client, the best interests obligation falls on the AFS licensee. The scope of the digital advice being offered to clients needs to be made clear and be presented in a way that facilitates client engagement and understanding. Digital advice providers should also adopt a filtering process to ensure that the advice being offered is appropriate to the client. For example, if a client seeks advice on an area outside the scope of the digital advice being offered, the client should be ‘filtered’ out.
The extent of the measures expected to be put in place by digital advice providers to meet the AFS licensing requirements will depend on the nature, scale and complexity of the digital advice business.
With many Australian start-ups developing digital advice models, the release of ASIC’s guidance in Regulatory Guide 255 it timely and sits well with ASIC’s recent focus on technology and innovation. Undoubtedly, further questions about the application of the AFS licensing regime to digital advice, not addressed in ASIC’s guidance, will arise in the future. Examples of this may include the development of alternative procedures for collecting client information to satisfy the best interests duty.