by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
GRC Professional : GRC Summer 2012
Perkovic, General Manager, Colonial First State Advice Business. “We consider this an opportunity to strengthen our risk management framework and operating model, which supports our advisers and clients, and we are committed to delivering a program of continued improvement that will benefit our clients.” Identifying breaches Other organisations, whether as large as CFP or smaller, simpler businesses, can learn from witnessing what can go wrong even in companies with relatively strong risk management programs, says Lynch. “History suggests that any organisation can trip up at some point,” he says. “What they need most are robust systems and controls and a really good breach monitoring system. If they have a good structure in place, they are less likely to suffer reputational or financial damage as a result of one employee potentially going off-reservation.” A good program includes a robust system of random audits, Lynch says. It’s not possible to look over the shoulders of all advisers all of the time, but the business must be sure that the quality of fact finds and the ensuing recommendations are suitable and consistent. Random audits mean problems are likely to be picked up earlier and also send a message that the organisation is serious about its framework. It’s also essential to have a breach register in place and that staff are encouraged to use it. “Some organisations try to de-stigmatise this by referring to it as an ‘incident register’,” Lynch says. “That way there is no liability attached. It is confidential but all reports will be investigated. Staff should be encouraged to report issues and that, in turn, allows you to fulfil your obligations to the regulator.” Finally, it’s vital to keep up with regulatory change, Lynch says. “If you’re not aware of this change you can be easily caught out,” he warns. “There is so much happening in this space now, especially with the Future of Financial Advice reforms, that if you’re not abreast of that change then you could well find yourself being visited by ASIC. “If businesses have a robust framework in place, potentially supported by a software system that is linked in to the audit system and manages the flow of regulation and the flow of internal policies, then they are in a good space.” ••• How to review the effectiveness of your compliance programs ACI has a tool to help you review the effectiveness of your compliance program. The Compliance Performance Review Protocols are available for members to purchase from the ACI website: www.acigrc.com then click on ‘Tools & Resources’, then ‘Shop’ and ‘Publications, Reports & Tools’. The document takes you through 12 protocols in a step-by-step process to test your compliance program, and asks questions that you might not have thought about to ensure that nothing can slip through the cracks. AMP AMP Financial Planning accepted an enforceable undertaking from ASIC in 2006 following a surveillance operation that reviewed 300 files selected randomly from 30 AMP Planners. On that occasion, ASIC found flaws in the planners’ disclosure obligations and found that AMP’s website suggested the planners could consider a broader range of products than permitted. Orion Asset Management In December 2010, John Hartman was sentenced to a minimum of three years in prison for 25 insider trading charges committed while he was employed by Orion Asset Management Ltd. His insider trades netted him a profit of $1.6 million. ASIC noted that it acknowledged Orion’s full cooperation and assistance in this matter. Macquarie Bank In April last year, a former fund manager from Macquarie Bank was sentenced to 18 months’ jail for insider trading. Oswyn de Silva had set up a secret online account with a Singapore broking firm and had profited by $1.4 million from insider trading activities. Australian authorities were alerted to the activity by the Monetary Authority of Singapore in mid-2008. This appears to have been an isolated case rather than a failure of compliance systems, and ASIC publicly acknowledged the assistance of Macquarie Bank during its investigation. 13
GRC Spring 2011
GRC Autumn 2012