Chapter 10
Commonwealth Financial Planning Limited:
ASIC's enforcement action
10.1
This chapter continues the consideration of the CFPL matter by assessing
the adequacy and effectiveness of ASIC's enforcement actions against individual
advisers and the organisation since 2010. In particular, this assessment
considers whether the enforceable undertaking from CFPL that ASIC accepted in
October 2011 was an appropriate and sufficient response to the misconduct at
CFPL, and whether it has led to positive changes in the way CFPL now conducts
its business.
Adequacy of ASIC's enforcement actions against individual advisers
10.2
There was some discussion in the course of the inquiry regarding the
enforcement actions ASIC took against individual CFPL advisers, and whether the
sanctions against these advisers were adequate given the severity of their
misconduct. Consideration was also given to whether the fact that only eight
advisers were subject to ASIC's enforcement action accurately reflected the
number of CFPL staff implicated in the misconduct. As noted in the previous
chapter, five advisers received bans of varying duration, and three provided an
enforceable undertaking removing themselves from the industry for a certain
period. While Mr Awkar and Mr Gillespie received permanent bans, Mr Nguyen was
only banned for seven years. Asked whether the seven-year ban imposed on Mr
Nguyen was adequate, ASIC responded:
I think the best way to respond to that is not to comment in
relation to one individual planner but the overall outcomes: the compensation
program, the eight—it is now up to eight—planners who have been banned in one
sense or another, the tens of millions of dollars that the Commonwealth Bank
has had to expend fixing its procedures, the entire new leadership and so on
and so forth. If you put all that together, we think it is a very important
outcome, allowing for the fact of those lessons that we have been talking about
in some detail that we could have done better.[1]
10.3
Asked if advisers other than those subject to ASIC enforcement action
might have been involved in misconduct, the CBA responded:
[O]nce issues were known and we did have a list of advisers,
the business actually did go back and review all of the advisers, and that came
up with a number of advisers that we did have concerns about. We then used an
independent accounting firm to help us determine any patterns and they used
some forensic techniques. That led to the total number of advisers that we did
have concerns about which was 19 and that included Nguyen and Awkar.[2]
10.4
The CBA told the committee that some of these cases remained under
review.
10.5
In its written submission, the CBA advised that in addition to the CFPL advisers
named in media articles and subject to ASIC enforcement action, CFPL had 'terminated
a number of other Advisers whose advice standards did not meet
the level required by the CFP'.[3]
Asked how many staff had left CFPL following the revelations of misconduct at
CFPL and subsequent ASIC enforcement actions, the CBA told the committee that:
...a number of people left the business over the period as part
of the change that we instituted in the business. Approximately 72 people in
total left the business either through resignation because they were not happy
with the way we were changing things or as a result of being terminated. A
number of those were planners. I think a total of 12 planners were terminated,
and another 11 planners resigned of their own accord. There were other staff
who also left as a result of that. There were other sanctions, but those are
the main ones, and that was part of the process of changing not only the people
but also the attitude within the business.[4]
The enforceable undertaking and change at CFPL
10.6
On 25 October 2011, ASIC accepted an enforceable undertaking
from CFPL. As the CBA explained in its submission, the undertaking 'required
CFP to assess the adequacy of its Risk Management Framework (RMF) against
generally accepted risk management standards. On completion of this assessment,
CFPL was required
to develop an Implementation Plan that would not only address deficiencies in
the RMF but also specifically address certain concerns raised by ASIC in the
[enforceable undertaking]'. These concerns were whether:
- There
have been adequate processes and controls in place to deal with ongoing risks
of noncompliance.
- Representative
misconduct has been dealt with in a consistent manner.
- Recurring
themes have been appropriately identified.
- Data
analysis processes and reporting capabilities allow for early detection of
advice process irregularities.
- There
have been adequate controls over client records.
- There
has been consistent application of CFP's complaints handling and internal
dispute resolution processes.[5]
10.7
The enforceable undertaking was announced by ASIC on 26 October 2011.
The media release provided the following explanation:
CFP has agreed to conduct a comprehensive review of its risk
management framework and legal and regulatory obligations regarding the
provision of financial services, financial advice and the monitoring and
supervision of its representatives...Under the [enforceable undertaking], CFP
will proceed to develop an implementation plan to address any unresolved
deficiencies identified by the assessment of its risk management framework. The
implementation of the plan will be the subject of review and ongoing reporting
to ASIC over the next 2 years by an independent expert (whose engagement is to
be approved by ASIC). Where a client is found to have been adversely impacted
by the conduct of a representative, CFP will consider the circumstances and
appropriately remediate the client.[6]
10.8
One of the issues addressed during the committee's consideration of the
CFPL matter was whether the CFPL enforceable undertaking had been effective in
driving improvements in the CFPL's business operations. Both the CBA and ASIC
argued that the enforceable undertaking had been successful in this regard; other
witnesses, however, contended that the enforceable undertaking was a weak and
poorly targeted response to the misconduct at CFPL, and that it had failed to bring
about the necessary changes in the way the business operated.
CBA on cultural and system changes
at CFPL
10.9
The CBA reported that as a result of the revelations of misconduct at
CFPL and the subsequent enforceable undertaking, it had 'significantly
transformed' its financial advice business, in terms of 'the management, the
culture, the processes and the business systems'.[7]
10.10
In its appearance before the committee, the CBA emphasised that the
'cultural change component was a very big piece of the change process' in its
financial advice business. The current executive general manager of the CBA's Wealth
Management division, Ms Marianne Perkovic, explained to the committee that a
key factor in this cultural change was a revision of remuneration structures at
CFPL:
The main driver of changing that culture was restructuring
the remuneration and also the KPIs of not just the planners but all of the
management within the advice business, up to my level as well. Two of the key
changes in that were gate openers across remuneration payment, firstly, for
risk culture and, secondly, for adherence to compliance. Each of those needs to
be met before any remuneration is paid to the adviser. And then we have moved
to a more balanced scorecard approach, where the focus is absolutely on quality
advice and quality advice measures for the advisers but also for people across
the business—so the managers of advisers as well.[8]
10.11
The CBA added that to drive cultural change in its financial advice
business, it had sought to encourage people within the business to 'speak up'
when they had concerns.[9]
The CBA also told the committee that there was no-one currently in the CBA's
wealth management advice leadership team who was in the team in 2010.
The bank added that none of the advisers 'who were found to have issues'
remained employed at CFPL.[10]
10.12
Whereas the CBA's financial advice business was previously under
Colonial First State, the CBA reported that the business now reported directly
to the CBA's Wealth Management division. This change, it suggested, reflected:
...the scale and importance of the business, and also addresses
any conflict or perception of conflict of interest with regard to Colonial
First State, so advice now is a stand-alone business.[11]
10.13
The CBA explained that it had implemented major changes in how its
compliance and risk management operations were structured in relation to CFPL.
It told the committee that whereas risk and compliance functions were
previously located within CFPL, parts of these functions were now located:
...outside of the business, as well as there being enhanced
risk and compliance inside the business, with an enhanced adviser insurance
team operating risk and advice solutions teams inside the business as well as
an enhanced focus on risk and compliance from outside the business, and an
independent organisation reporting to the [chief risk officer].[12]
10.14
One of the most blatant failures of the CFPL revealed in evidence was
its inadequate file management system. The CBA noted that a large proportion of
the discussion regarding CFPL's failures had focused on its poor file
management,
and that it recognised:
...it is very important to be able to have access to files and
we have spent $25 million putting in a document management system so that we
will be able to have online access to our files and file retention.[13]
10.15
The CBA also reported that it had made a substantial investment in its
IT infrastructure in order to develop an 'early warning system' to
facilitate investigation and compliance:
This [system] has factors like concentration risk, risk
profiles and generally the activity of the investment that is happening. These
systems allow us to immediately be notified if there are issues or concerns
across any of the investments of our customers and any behaviours across
advisers. So that system is our first point of call and is working; it has
worked in the business for coming up to 12 months now.[14]
10.16
The CBA has also implemented a IT system called Connect, which it claims
provides:
...a single view of the adviser, consolidated information
around that adviser—including their qualifications, their actions, their
clients and, importantly, particularly their customer complaints—so that we are
able, with the click of a button, to see all of that with regard to individual
advisers.[15]
10.17
In response to a question taken on notice, the CBA informed the
committee that whereas on 1 January 2008 CFPL had 15 staff employed in
compliance officer roles, as of 1 January 2014 there were 43 compliance
officers.[16]
Critics of the enforceable
undertaking and its impact
10.18
One former client of CFPL suggested that ASIC's decision to seek an
enforceable undertaking, rather than pursue court action against CFPL, was
indicative of ASIC's tendency to privilege the interests of CFPL over the
interests of CFPL clients. The submitter was of the view:
ASIC's willingness to accept enforceable undertakings instead
of taking Court action against CFP for breaches of legislation and reported
criminal activity, fraud and forgery, suggests preferential treatment and
protection of CFP over the actual victims of those crimes.[17]
10.19
Mr Morris explained that while the enforceable undertaking might have
brought CFPL 'up to current minimum industry standards', he was not convinced
that it had addressed the underlying problems at CFPL. He suggested that while
CFPL might well be complying with the enforceable undertaking, the problem
remained that:
...the subtleties that allow a place like CFP to operate are
not picked up in the [enforceable undertaking]. For example, at Commonwealth
Financial Planning one of the big problems was that because it is basically a
bucket shop and a sales channel, the overwhelming proportion of the advice that
I saw and most of the advice that Nguyen gave is what is called defined scope
advice. By narrowing the scope down to advice to invest in a certain product,
you basically wipe out all your duties to the client to take into account other
considerations. All you are going to do is invite them to invest in this
product and the [enforceable undertaking] does not address that problem.[18]
10.20
Mr Morris seemed to suggest that the changes implemented at CBA were a
case of 'too little, too late'; he argued it was unlikely these changes would
have addressed the underlying problems at CFPL:
[W]hat they have done is what they had to do and it has
probably taken the firm to where it should have been six years ago. To have
taken this long to put in an electronic system to store documents seems
incredible to me, particularly when a sister business of Commonwealth Financial
Planning had that system in place years ago. What they have done, I think, is
basically enough to address the Don Nguyen situation, but what remains is, I
think, symptomatic of broader problems in the industry, in that, although they
have changed their remuneration model, when you look at the detail of their
submission, they do not say that the bonus scheme is now based purely on
quality of advice. There is a reduced emphasis on sales volumes. I do not know
exactly what that means. I have a difficulty with any professionals with a
fiduciary duty where you are also making them salesmen. I think that is an
impossible conflict of interest to reconcile. As well, I have broader concerns
about vertical integration in the industry based on what I have seen at CFP and
what happened there.[19]
10.21
Assessing the enforceable undertaking within the context of ASIC's
overall handling of the entire CFPL matter, Mr Morris, argued that ASIC's
enforcement actions were designed more to disguise ASIC's incompetence than
punish CFPL/the CBA:
I submit that, as the ineffective regulator responsible for
the industry, ASIC has a fundamental conflict of interest in exposing the full
extent of the corruption and dishonesty of such a major institution such as
CFP/CBA; as that would in turn be such a damning indictment of their own
incompetence and abysmal failure in supervision that it must in turn have
implications for ASIC itself.
ASIC has therefore chosen to ignore the full extent of
CFP/CBA's malfeasance in favour of lauding itself for the easy wins of imposing
an Enforceable Undertaking and banning seven crooked planners—all of whom were
actually offered up by CFP/CBA rather than being caught by ASIC.[20]
ASIC's assessment of the impact of
the enforceable undertaking
10.22
ASIC told the committee that whereas the CICP lacked a 'clear
delineation' of what CFPL needed to do to satisfy ASIC's requirements, the
enforceable undertaking had been more rigorous in this respect. Pressed to
explain the differences between the CICP and the enforceable undertaking, ASIC
told the committee that the undertaking had stronger mechanisms for driving
cultural and system changes at CFPL:
It is that the CICP process did not involve a commitment to
change the remuneration structures. The underlying drivers of the bad culture
and the bad advice were not removed. At that stage it would have been a
difficult thing to require as part of a less formal, non-enforcement agreement
for those things to change, because they were the structures that were throughout
the industry. They were driving the culture of the entire industry. For an
informal agreement to say this firm rather than any other has to change its
remuneration when we did not have any backing from the law in terms of bans on
commissions or anything would have been a very difficult thing. I think that,
by the time we got to the [enforceable undertaking] with the serious threat of
investigation and legal action, that pushed them that extra step to start
changing those remuneration structures. I think that, in terms of really
changing things going forward, changing the culture and what drives the
planners within the firm was the big difference.[21]
10.23
ASIC told the committee that it appeared that positive changes had taken
place at CFPL:
We have seen a lot of progress in that respect. There is an
entirely new management and leadership team. There are different remuneration
structures, different management structures and so on and so forth.[22]
10.24
At the same time, ASIC acknowledged that change at CFPL remained, in
some respects, 'a work in progress'. In particular, ASIC noted that the CFPL still
needed to improve its breach reporting to ASIC, and indicated this remained an
area that ASIC would continue to monitor closely.[23]
The need for CFPL to improve its breach reporting to ASIC was, in fact, noted
in the final report from PricewaterhouseCoopers (PwC), the independent expert
appointed in respect to the enforceable undertaking. Specifically, the
independent expert report, which was provided to ASIC on 5 October 2013,
found that CFPL appears to take longer than the required timeframes to
determine whether issues and incidents within the business are significant and
therefore reportable to ASIC.[24]
Mr Kell underlined this issue at the public hearing on 10 April 2014:
I just wanted to note that one of the core problems that we
had with CFP was the adequacy of their breach reporting. Indeed, it remains an
ongoing issue. While most elements of the enforceable undertaking have been carried
out and implemented to our satisfaction, we are still requiring CFP to test the
effectiveness of their breach reporting procedures. We still have concerns in
that area, and that is an area where we are following up with them. We do take
that very seriously. It has not been an area where we have been happy with the
standard of the reporting.[25]
10.25
Asked if ASIC maintained that an enforceable undertaking was the best
mechanism to address CFPL's conduct, and whether it achieved what it was
intended to achieve, ASIC concluded:
We do believe the enforceable undertaking allowed us to make
much more wide-ranging changes at CFP than a more formal court based process
would have allowed for, including major changes to their compliance systems and
record keeping along the lines that we have just indicated. It is also worth
remembering that the penalties available to apply through a more formal court
process against CFP at the time this occurred were around $170,000...
...The key issue here is: have we in fact required or forced
CFP to make the sorts of changes that mean that it offers much higher quality
advice to its clients? That is really what we needed to achieve at the end of
the day to lift its game very dramatically. We think in many of those areas
that it has happened, and in some areas where we still have concerns there is
ongoing work. But that has been occurring within the framework of the [enforceable
undertaking], and I mentioned earlier breach reporting is one of those ongoing
areas.[26]
How independent was the 'independent
expert'?
10.26
There was also some discussion during the public hearing about whether
the independent expert appointed under the terms of the enforceable
undertaking, PwC, had a potential conflict of interest, given it also acts as
the CBA's auditor. The CBA rejected the idea that PwC had a conflict of
interest in its appointment as independent expert:
As auditors, PricewaterhouseCoopers have to be independent of
us. You may be aware that Sarbanes-Oxley requirements in the US drove a big
change in how auditors must be independent of the companies that they audit. So
PricewaterhouseCoopers have to maintain an arm's length from us in order to be
our auditors generally. When it comes to the actual [enforceable undertaking],
they and we and ASIC were comfortable that their independence as auditors
allowed them to be the independent expert in the case of the [enforceable
undertaking].[27]
10.27
Speaking more generally, the CBA told the committee that it was
confident in the rigour of the enforceable undertaking process and the role of
independent experts therein. In particular, the CBA emphasised that independent
experts appointed under the enforceable undertaking had a strong reputational
incentive to ensure they undertook their work in a diligent and properly independent
manner:
As you probably know, we have had other enforceable
undertakings. Our experience in each case has been that the scope of the
independent expert's role is very detailed, it is very clear what that role is,
and the independent expert is a party to those discussions, because the
independent expert obviously has to be satisfied that it can perform that
scope. In terms of the actual implementation, the independent experts that we
have dealt with, being major accounting firms, have their own reputation to
consider. It would be risky for them in the extreme to allow business at the
line management level to remain as it was and yet to report to ASIC that things
had changed. We have never experienced that. I am surprised to hear that it
exists, but it is certainly not reflective of the experience we have had at
all. We have found that our independent experts involved in the process have
been very active, have been quite prepared to speak out whenever things have
not been proceeding according to plan and have been quite open with ASIC about
that. We have encouraged that. I would find it curious if an independent expert
were prepared to run the risk of allowing things not to change and yet report
to ASIC that things have changed.[28]
10.28
ASIC told the committee that while it had the power of veto over the
CBA's choice of independent expert, it had been satisfied with PwC's
appointment. ASIC also noted that as part of the tender process, all tenderers
(including PwC) 'had to address issues around whether there were conflicts and
how they might be handled'.[29]
10.29
At the same time, Mr Medcraft and Mr Kell both acknowledged that PwC's
dual roles as auditor of CBA and independent expert under the CFPL enforceable
undertaking did raise questions about a potential conflict of interest:
Mr Medcraft: ...I think you make a good point, Senator; if
somebody is the auditor and they want them to be the independent expert,
essentially you should have a sceptical presumption about how they are going to
manage the independence issue, the potential conflicts of interest. There
should always be a presumption and questioning on this particular issue. I
think that is an important point.
Mr Kell: And I suspect that we would take a different
approach today compared to the approach we took back then.[30]
10.30
In addition to underlining issues regarding the integrity of the CFPL
enforceable undertaking process, these comments also raise broader questions
about the procedures around the use and appointment of independent experts in
enforceable undertakings. These broader questions are considered further in Chapter
17.
10.31
In the course of the discussion about the independent expert appointed
under the CFPL enforceable undertaking, the CBA was asked whether reports of
these experts should be made public. The CBA indicated it would have no
objection to such reports being made public, and that to do so would allow the
seriousness with which the CBA regards such matters to be 'appropriately
reflected in the full transparency of daylight'.[31]
As discussed further in Chapter 17, ASIC also indicated that it believes there
would be merit in making independent expert reports publicly available.[32]
Committee view
10.32
The committee notes the advice provided by the CBA and ASIC on the
important changes implemented at CFPL as a result of the enforceable
undertaking. Among the CBA's key assertions are that it has, in respect of CFPL:
-
expended millions of dollars to fix its procedures;
-
cleared out CFPL staff suspected or proven to have engaged in
wrongdoing;
-
installed an entire new leadership at CFPL;
-
significantly transformed its financial advice business; and
-
achieved a cultural transformation and now encourages people to
'speak up'.
10.33
If these changes have indeed taken place and produce the intended
result,
the committee should generally be satisfied that they will make future
compliance failures at CFPL less likely and, where compliance failures do
occur, more likely to be detected and addressed in a timely and effective
manner. The Future of Financial Advice (FOFA) reforms are also addressing some
of the previously identified problems in the financial advice industry that
were again exposed through the committee's examination of CFPL. In particular,
the requirement that advisers must act in the best interest of clients and the
ban on conflicted remuneration are improving standards and moving the industry
away from a sales-based culture. The committee does, however, note with some
concern that CFPL's breach reporting to ASIC continues to be deficient. The CBA
needs to address this issue as a matter of high priority. Furthermore, the
eleventh hour revelation about inconsistencies in CBA's evidence before the
committee, to be considered in Chapter 12, casts serious doubts about whether
the desired changes have taken root.
Navigation: Previous Page | Contents | Next Page