"Failing to plan is a plan to fail": ASIC raises the bar for registered managed investment schemes' compliance plans

ASIC's recent review made for uncomfortable reading, revealing widespread deficiencies in the design, maintenance and monitoring of compliance plans for registered managed investment schemes. Commissioner Alan Kirkland's pointed remark, "Failing to plan is a plan to fail", is a clear warning to the sector. The review findings underscore the regulator's expectation that compliance plans must be more than boiler-plate documents, they must be tailored and risk-responsive tools that comprehensively address all relevant compliance obligations.

Compliance plans falling short

ASIC's review focused on the adequacy of the treatment of regulatory obligations in compliance plans, specifically with respect to reportable situation reporting, product design and distribution obligations (DDO), and internal dispute resolution processes and reporting. The findings show a widespread failure to adequately address the most important requirements across all three sets of obligations. Of particular concern were examples where plans failed to address DDO at all, suggesting that they hadn't been meaningfully reviewed in the last five years.

The scale and prevalence of the deficiencies identified, however, have also raised broader concerns about the overall quality of compliance plans in the managed funds sector. From the examples of "poor practice" described by ASIC, potential problem areas include:

• Overly generic or copied templates lacking scheme-specific detail;

• Poor integration of compliance plans with day-to-day risk management;

• Limited evidence of monitoring and testing, particularly in high-risk areas;

• Insufficient board and compliance committee oversight of plan effectiveness; and

• Failure to identify all relevant compliance obligations, and no evidence of review to adapt plans in response to regulatory changes, operational shifts or emerging risks.

With these issues sitting neatly at the intersection of accountability, risk governance and investor protection (all of which are key regulatory priorities for ASIC), the force of enforcement action is likely to be felt by those in the industry who do not respond in a way that meets the regulator's expectations.

Meeting the Standard

The legal obligation to maintain compliance plans is not new. Section 601HA of the Corporations Act 2001 requires REs to have in place compliance plans that set out adequate measures for ensuring the scheme operates in compliance with the law. Further, while the Corporations Act does not specify what constitutes adequate measures, ASIC does provide some helpful guidance in Regulatory Guide 132: Funds management: Compliance and oversight (RG 132), as to what it will look for in assessing a compliance plan and whether compliance controls address the compliance risks faced in operating the investment fund.

However, ASIC's most recent public statements clearly signal that when it comes to "adequate measures" it is taking a closer look at the quality of compliance plans, including whether these plans include all compliance obligations and set out adequate measures to address each obligation. Merely having a compliance plan in place is not sufficient; REs must be able to demonstrate that it is embedded and actively reviewed.

To align with ASIC’s expectations, REs should:

1. Conduct a detailed review of each scheme’s compliance plan to ensure it is tailored, current, and captures all relevant compliance obligations;

2. Assess whether plan obligations are being operationalised, including documentation of monitoring activities and escalation pathways;

3. Evaluate the role of the board and compliance committee, including frequency and substance of plan reviews;

4. Integrate compliance plan assurance into broader compliance and risk programs, including independent testing or third-party review;

5. Benchmark against peer practice, particularly for complex or high-risk schemes.