Skip to content

  • Home
  • COVID-19 Guide
  • Podcast library
  • Client results
  • Expertise
  • News & Insights
  • People
  • Our DNA
  • Inclusion and Diversity
  • Join us
  • Contact Us
Home / NEWS & INSIGHTS / Insight / ASIC finalises guidance on risk management systems for responsible entities
Insight 29 March 2017

ASIC finalises guidance on risk management systems for responsible entities

WHO SHOULD READ THIS
  • Responsible entities who currently operate registered managed investment schemes.
  • It will also be of interest for responsible entities who do not currently operate any schemes and Australian financial services (AFS) licencees who operate unregistered schemes, IDPSs or MDAs.
THINGS YOU NEED TO KNOW
  • ASIC has released its long-awaited regulatory guide setting out its expectations of the systems and procedures responsible entities should have in place to meet their obligation to maintain adequate risk systems.
WHAT YOU NEED TO DO
  • If you are a responsible entity operating a registered scheme, you will need to review (and, if necessary, revise) your risk management system.
  • Operators of unregistered schemes, investor directed portfolio services (IDPSs) and managed discretionary accounts (MDAs), and other responsible entities should have regard to ASIC’s guidance.

Following extensive consultations under ASIC Consultation Papers 204 and 263, ASIC has finally released Regulatory Guide 259 Risk management systems of responsible entities (RG 259).

RG 259 is substantially in the same form as the draft regulatory guide attached to Consultation Paper 263. It provides specific guidance on ASIC’s expectations of what is required by responsible entities of registered schemes to comply with their existing obligation under s912A(1)(h) Corporations Act 2001 (Cth) to have adequate risk management systems in place.

Background

ASIC has previously provided guidance on risk management systems for all AFS licensees under Regulatory Guide 104 Licensing: Meeting the general obligations.

In light of the particular risks faced by responsible entities because of the nature of their business and the schemes they operate, ASIC has taken the view that responsible entities would benefit from additional guidance in relation to their obligation to have adequate risk management systems in place.

Although RG 259 only formally applies to responsible entities who currently operate registered schemes, ASIC considers that responsible entities who are authorised to, but do not currently, to operate any registered schemes, as well as AFS licensees who operate unregistered schemes, IDPSs or MDAs should also have regard to the requirements set out in RG 259.

Immediate compliance required – no transition period

As foreshadowed in Consultation Paper 263 there is no transition period and responsible entities are required to comply with RG 259 immediately. However, ASIC has indicated that it will adopt a facilitative approach for 12 months and not take action for breaches of RG 259 where a responsible entity can demonstrate it is taking steps to comply with RG 259.

Requirements set out in RG 259

Under RG 259, ASIC expects that responsible entities must have in place:

  • documented risk management systems
  • processes for identifying and assessing risks, and
  • processes for managing any identified risks,

which are appropriate for the nature, scale and complexity of the scheme or schemes they are operating.

A general summary of each of these requirements is set out below:

RequirementObligation
Establish risk management systemsResponsible entities should:
  • maintain documented risk management systems that address the matters outlined in RG 259
  • foster a strong risk management culture
  • take into account relevant industry, local and international guidance
  • include a liquidity risk management process, and
  • regularly review their risk management systems to ensure that they are current, relevant, effective and complied with, and if using an external service provide for risk management functions, regularly review the performance and ongoing suitability of the service provider.
Identify and assess risksResponsible entities should:
  • maintain one or more risk registers as part of their risk identification and assessment process
  • ensure that their risk management systems address all material risks
  • have consideration to certain factors listed in RG 259 when choosing methodologies for identifying and assessing risks, and
  • adopt appropriate methods to assess risks.
Manage identified risksResponsible entities should:
  • implement appropriate strategies for managing identified material risks
  • have adequately experienced staff regularly review and monitor identified risks
  • ensure regular reporting and escalation of issues to the board, risk committee and compliance committee as appropriate, and
  • ensure compliance with other relevant obligations as an AFS licensee.

ASIC has also set out additional good practice guidance under RG 259. These are not mandatory requirements but rather outline measures which can be adopted to enhance risk management systems and operate at a level above a responsible entity’s statutory obligations.

How McCullough Robertson can assist

Responsible entities will need to review and, if necessary, revise their risk management systems to ensure compliance with RG 259.

We can assist you to:

  • understand, in detail, the requirements under RG 259
  • determine whether your current risk management system meets the requirements under RG 259
  • review your risk management policy or policies to assess whether amendments are required to comply with RG 259, and
  • prepare amendments to your existing risk management policy or policies or draft new risk management documents to bring your risk management system into compliance with RG 259.

This publication covers legal and technical issues in a general way. It is not designed to express opinions on specific cases. It is intended for information purposes only and should not be regarded as legal advice. Further advice should be obtained before taking action on any issue dealt with in this publication.

About the authors

  • Tim Wiedman

    Partner

Sean Robertson, Consultant

Kathryn Morgan, Lawyer

In other news

New domain name Licensing Rules to come into effect in Australia from 12 April 2021

5 March 2021Insight

Tax administration lessons learnt from COVID-19 (and promptly forgotten)

24 February 2021Insight

Queensland’s new project trust regime to commence on 1 March 2021

15 February 2021BIF Act Amendment Series, Insight

McCullough Robertson strengthens its National Construction and Infrastructure team with key Partner hire in Brisbane

27 January 2021News

VIEW ALL NEWS & INSIGHTS

BRISBANE

Level 11, 66 Eagle Street
Brisbane QLD 4000
GPO Box 1855
Brisbane QLD 4001
Tel +61 7 3233 8888
Fax +61 7 3229 9949

 

GET IN TOUCH

    Contact form

    We handle your personal information in accordance with our privacy policy.

    sydney

    Level 32, MLC Centre
    19 Martin Place
    Sydney NSW 2000
    GPO Box 462
    Sydney NSW 2001

    Tel +61 2 8241 5600
    Fax +61 2 8241 5699

     

    GET IN TOUCH

      Contact form


      We handle your personal information in accordance with our privacy policy.

      melbourne

      Level 27, 101 Collins Street
      Melbourne VIC 3000
      GPO Box 2924
      Melbourne VIC 3001

      Tel +61 3 9067 3100
      Fax +61 3 9067 3199

       

      GET IN TOUCH

        Contact form

        We handle your personal information in accordance with our privacy policy.

        follow us

        CLIENT LOGIN

        newcastle

        Level 2, 16 Telford Street
        Newcastle NSW 2300
        PO Box 394
        Newcastle NSW 2300

        Tel +61 2 4914 6900
        Fax +61 2 4914 6999

         

        GET IN TOUCH

          Contact form


          We handle your personal information in accordance with our privacy policy.

          canberra

          Level 9, 2 Phillip Law Street
          Canberra ACT 2601

          Tel +61 2 6243 3699
          Fax +61 2 8241 5699

           

          GET IN TOUCH

            Contact form


            We handle your personal information in accordance with our privacy policy.

            © 2017 McCullough Robertson. Site map Disclaimer Privacy Policy Statement of Business Ethics Credit Reporting Policy

            X