These reforms have typically been implemented in isolation, often due to the nuances provided across the individual provisions, or as result of the organisation’s preferred approach to project and/or change management.  In the rush for day 1 compliance, it can be difficult to see the wood for the trees, especially making sense of available opportunities for efficiency across the portfolio of change occurring.

Recognising the challenges faced by businesses in implementing this array of change, ASIC has acknowledged that a ‘transition’ period will be in place:

We consider it likely that ASIC will consider best efforts having regard to a number of factors including the nature, scale and complexity of a organisation’s business. Typically, in the context of regulation this means ASIC has higher expectations of larger organisations with more resources committed to regulatory change.

This should not encourage complacency – the fundamental expectation is for the whole industry to be compliant from day 1. 

As everyone falls over the finish line on 5 October, the work, unfortunately, does not stop there.  Firms are now turning their mind to where to now and what next?  Here are some activities organisations can consider:

• Continue maturing beyond day 1 compliance – implementation activities won’t necessarily stop at the compliance commencement date. There will likely be further refinement required as the industry and regulators alike settle into the new regimes. Think about how you can demonstrate best efforts to comply and what further enhancements / efficiencies you can gain around optimising BAU activities (and the budgetary impacts of these decisions).  How could you streamline ongoing operating models, activities, monitoring and oversight to ensure ongoing compliance?

• Schedule a post-implementation review – when the dust has settled, establish a comprehensive end-to-end review of your regulatory change program to identify areas of further uplift and enhancement.  This is a good opportunity to consider lessons learned throughout this process and reflect on how you can approach future regulatory change.

• Consider the role of internal audit in ongoing compliance assessments – review your current internal audit plans to include relevant reviews on those areas noted above.  Take advantage of opportunities to streamline your internal audit program to ensure efficient coverage e.g. consider a review of anti-hawking and DDO together or undertaking a review covering complaints and breach reporting.

• Revisit accountabilities – look across your three lines of defence – are the new obligations being appropriately captured across your business?  Are there any areas of grey, gaps or overlaps in the new world that need to be addressed? For those organisations that are already subject to the Banking Executive Accountability Regime (BEAR), this will be a good opportunity to reaffirm responsibilities and reasonable steps in place to support compliance. For those organisations that will be captured under the Financial Accountability Regime (FAR), we suggest using this as a starting point to ensure there is end-to-end coverage of your operations, including as this pertains to the recent reform.