Monday 22nd September 2025
No more discussion: REs and managed funds must act on ASIC’s compliance-plan review
ASIC has uncovered widespread failings in the compliance frameworks of responsible entities (REs) overseeing nearly $1 trillion in managed funds. Firms have seen the report, and there's no longer any excuse for inaction – because retail investors are exposed.
It is now three months since the Australian Securities & Investments Commission (ASIC) published its significant report on the compliance plans of Responsible Entities (REs) and managed funds, on 2 June 2025. The report identified widespread deficiencies, placing a clear onus on all impacted Australian Financial Services Licensees to undertake immediate remedial action, with a specific focus on obligations like Reportable Situations (RG 78), Product Design & Distribution (RG 274), and Internal Dispute Resolution (RG 271).
For firms that have yet to act decisively, the time for review has passed; the focus must now be on implementation and evidence of uplift.
Here are five critical actions that impacted firms should have completed or have well underway.
1. Comprehensive gap analysis and compliance plan uplift
The first step should have been a detailed gap analysis of the existing Compliance Plan against the expectations outlined in ASIC’s report and RG132. The review highlighted that many plans were outdated, failing to incorporate critical regulatory changes from October 2021. A Compliance Plan must be a dynamic framework, actively maintained to reflect the current regulatory environment, not a static document.
2. Detailed mapping of regulatory obligations
ASIC’s findings pointed to a common failure in identifying all compliance obligations and mapping them to specific controls. The report noted that design and distribution obligations (DDO) requirements were particularly deficient, with about 40 per cent of reviewed plans failing to address them at all. The framework must now demonstrate a clear and verifiable link between each regulatory obligation and its corresponding control measures.
3. Assignment of responsibilities and measurable monitoring
Ambiguity in roles and responsibilities is a key regulatory concern. The Compliance Plan must now clearly delineate the functions or officers responsible for both performing controls and monitoring their effectiveness – noting ASIC’s view that these roles should be separate. Furthermore, monitoring methodologies must be objective, with verifiable outputs and defined frequencies, replacing vague terms like “periodically” with specific schedules.
4. Robust governance and board reporting
The report identified significant weaknesses in the flow of compliance information to the board. To rectify this, REs should have implemented formal reporting protocols. These reports must be substantive, moving beyond summary statements to provide a thorough analysis of control effectiveness, key metrics, trend data, root-cause analyses and detailed member impacts, including any remediation.
5. Detailed record-keeping and audit trails
Effective compliance is underpinned by meticulous record-keeping. ASIC found many plans lacked specificity, suggesting only “significant” complaints would be retained. Best practice, now essential, requires detailed records for all compliance activities, including near-misses and incidents that may not trigger formal reporting. For complaints, this includes the substance of the issue, responsible officers, fund impact, systemic error analysis and full resolution details to create a comprehensive audit trail.
ASIC has clearly signalled its intent to escalate its regulatory response to the issues identified in its report. Proactive measures are therefore not just a tick-box exercise, but essential to demonstrate robust governance and mitigate regulatory risk.
However, as recent commentary from ASIC and APRA leadership indicates[1], the regulatory focus also includes a push for greater efficiency and cyber-resilience.
At MIntegrity, we specialise in assisting REs and managed funds to build compliance frameworks that are not only compliant today but are resilient and efficient for tomorrow.
Getting your house in order now is not just about avoiding enforcement action. It is an opportunity to build a smarter, more streamlined compliance framework that reduces long-term costs and strengthens operational resilience against future threats. The window for remedial action is closing.
Amanda Mark is co-founder and co-CEO of MIntegrity, which was established in 2013 to help AFSL holders and market participants in their understanding of and compliance with regulatory obligations.
[1] https://www.financialstandard.com.au/news/asic-apra-outline-regulatory-reform-opportunities-179809795?utm_medium=email&utm_source=WildebeestNewsletter
