Last month, ASIC released Regulatory Guide 255, Providing digital advice to retail clients. Digital advice is also known as robo-advice or automated advice and uses algorithms and technology to deliver automated financial product advice without the direct involvement of a human adviser.
1. You need a licence to give robo-advice
Just because the advice is not given by a human doesn’t mean you are unregulated. You need an Australian financial services licence (AFSL) to give financial product advice, unless you’re an authorised representative of a licensee or you fall under an exemption.
Giving information is not the same as giving advice, and doesn’t require a licence.
You are only giving advice if the communication is a recommendation or a statement of opinion (or a report of either of these things) that is intended to (or can reasonably be regarded as being intended to) influence a client in making a decision about a particular financial product or class of financial product (or an interest in either of these).
2. Your licensee must have a responsible manager
Even though robo-advice is not given by a human adviser, ASIC says a digital advice licensee must have at least one responsible manager who meets the training and competence standards set out in ASIC’s Regulatory Guide 105, Licensing: Organisational competence.
If you are an existing licensee but don’t already have a qualified responsible manager, you have until February 2017 to get one.
3. Be adequately resourced
Like all financial services licensees, a robo-advice licensee must have adequate financial, technological and human resources.
As a technology based provider, adequate technological resources are especially important. You need technological resources to maintain client records and data integrity, protect confidential and other information needs, with adequate capacity for future operations.
You can outsource functions but that doesn’t relieve you of responsibility.
ASIC expects you to have information security arrangements that you assess against frameworks such as the NIST Framework for improving critical infrastructure cybersecurity.
As for your human resources, you should have people in your business who understand the technology and algorithms used to provide the advice and who are able to review the digital advice.
4. Regularly test your algorithms and review the robo-advice
ASIC expects you to regularly monitor and test the algorithms that underpin the robo-advice. This will include:
- System design documentation clearly setting out the purpose, scope and design of the algorithms;
- A documented test strategy;
- Processes to manage changes to an algorithm, including controlling, monitoring and keeping records describing any changes made;
- Reviewing and updating algorithms if there are factors that may affect their currency;
- Controls and processes to suspend giving advice if an error within an algorithm is detected (if it is likely to result in client loss or breach of the Corporations Act);
- Adequate resources to monitor and supervise the performance of algorithms through an adequate and timely review of the advice provided (which needs to be more than a “tick a box” review); and
- An internal sign-off process to ensure that these steps have been followed.
5. Have compensation arrangements
If clients suffer loss, you must have adequate compensation arrangements. Normally this means an adequate level of professional indemnity insurance having regard to the nature of your business and potential liability for compensation claims. As a robo-adviser you potentially have a greater exposure because of the volume of advice you are able to generate with a technology based adviser.
6. Further steps when offering scaled personal advice
Robo-advice can be personal advice or general advice. Personal advice takes into account the client’s objectives, financial situation or needs.
Advice will also be personal if a reasonable person might expect the adviser to have considered these factors. Personal advice is known as “scaled advice” when it’s limited in scope.
ASIC’s minimum expectations for scaled personal digital advice are that you should:
- Explain to the client from the outset what advice is being offered and what is not being offered;
- Require clients to actively demonstrate that the advice they seek is within the scope of what you are offering;
- Inform the client at key points in the advice process about the limitations and potential consequences of the scope of advice;
- During the advice process, inform the client about key concepts and the relevant risks and benefits;
- Filter out clients if the advice being offered is not appropriate for them, or they want other advice;
- Inform the client about upfront and ongoing costs of the advice before it is given or implemented, and how they can withdraw before advice is given or costs incurred;
- Explain the dispute resolution processes available for complaints; and
- Explain why the client is likely to be in a better position if they follow the advice.
Patrick Dwyer is a legal director at Dwyer Harris, a corporate and financial services law firm.
