Meaningful information, not just data

Data is in abundance these days. Companies are hungry for even the most mundane data points in a quest to glean insights to transform customer experience and product offerings. While many organisations are challenged with how to turn this data into usable insights, it’s clear that ASIC remains ready to welcome data with open arms. 


True to their 2017-2020 data strategy, ASIC is preparing to receive large quantities of standardised, searchable data sets from regulated entities thanks to prescriptive requirements in impending legislation (e.g. RG 271’s complaints data pilot, reportable situation form supporting RG 78). Recent notices have also shifted away from ‘Please explain’ language to targeted data requests, further feeding ASIC’s ravenous data repository. In recent years there have been numerous examples of ASIC’s data-driven approach to information gathering leading to ASIC gleaning insights that may have taken some in the industry by surprise. Reverse mortgages, add on insurance sales, breach reporting and the labelling of cash funds to name a few. 


Although ASIC’s full analytics capability is yet to be revealed, entities big and small are scrambling to configure existing systems or implement entirely new systems to produce all the different data requirements to achieve compliance and enhance their own capabilities.  However, it may be time to take a step back and consider the following points on data. 

All data provided to ASIC is fair game

In their data strategy, ASIC outlines that ‘Where regulated entities already provide substantial amounts of data to us and other regulators, we endeavour to make better use of this data.’ It’s of course too early to tell how enthusiastic ASIC will be with this. However, the intent may well be to use analytical tools across historic data to identify long-running trends, previously undetectable non-compliance, and to support extensive multi-year investigations. While there’s little that can be done about retracting any previously submitted data, this should act as a reflection point for future submissions. The ‘Just give them everything and they can work out what they need’ approach is a tempting, quick option but is certainly now (more than ever!) ill-advised. Likewise, the ‘inundate them with data’ approach should continue to be avoided. 

Don’t be the last to know

It’s always a bad look when an outsider finds problems in a business, especially when the outsider is a regulator and the problem is non-compliance or conduct harmful to end customers. Without investing in analytics resources and capabilities that routinely interrogate and analyse data, businesses risk the possibility that the regulator will uncover an issue that the business itself has not, leading to the inevitable scramble to create an analysis to demonstrate why there is no issue or to demonstrate that it’s all under control. Ideally businesses will invest in the capability to be the first to detect any potential areas of non-compliance or harmful conduct and to self-correct. The data will be there thanks to the new requirements, but it won’t turn itself into information.

It’s not all about the numbers

Nothing beats the tangible, objective facts, particularly when it’s a number or percent. The eye seems to be drawn to them as an easy representation of an often-complex issue. Customers impacted, dollar value of loss, complaints per product. These are examples of actual requirements but providing or receiving this data alone does not ensure compliance with the form or spirit of regulations. 


Looking at the requirements under the Design and Distribution Obligations (DDO) for example, issuers and distributors need to take ‘reasonable steps’ to help ensure that a product reaches the intended customer. Part of these reasonable steps include having appropriate processes and controls in place at the distribution stage. If you’re a product issuer this means understanding the systems and controls in place at the distributors that are selling your products (RG274.146). Data (complaints, significant dealings) might get you part of the way. But even if data does make it to you from all the parties in the distribution chain, and if you analyse it frequently and meaningfully, it still remains a lagging indicator of potential issues within the distribution chain and is no replacement for proactive and meaningful distributor monitoring


There’s no doubt that data is the way of now. But it’s important to remember that data can have inherent limitations and is only useful when converted to information. is an accountant by trade and at heart (really) and loves turning numbers into information. Talk to Candace, or about how PX Partners can help you with finding meaningful information in your business. 



Why trees?

We are surrounded by talking forests. Within them, trees are involved in dramatic fights for survival as they rescue one another from danger, share vital nutrients and communicate.  If you’ve seen our website and LinkedIn page, you may have noticed our heavy use of tree imagery. Today, we’d like to explain why. 

Trees have a marvellous yet little known talent 

Imagine a plague of insects ripping through the forest. Did you know the air is rife with trees calling for help? At first, we didn’t believe trees could talk either. It turns out that trees communicate and share resources to strengthen the entire forest. Carbon and essential nutrients are pumped across the forest network to support trees at risk of death. Young saplings also struggle to survive on their own when growing in dark areas of the forest. Older trees offer a lifeline by pumping sugar through their own roots into the youngs’.


Trees are not lonely. Underneath the soil there is noisy chatter and relationship developing. Trees of other species may negotiate alliances or form symbiotic relationships, and trees of the same species form communal bonds.


In times of danger trees emit distress signals across the entire forest so that other trees can prepare. This communication increases their chance of survival during times of disease, droughts and insect attacks and strengthens the entire forest.

What’s the science?

These fascinating insights are based on the ecologist Suzanne Simard’s 30 yearlong research project conducted in Canadian forests.  Simard found that trees possess hair like roots which connect and form expansive fungal networks. These pathways form a communication channel and mechanism to exchange nutrients. ‘Hub trees’ act as mothers to encourage the sharing of resources when trees are in danger or young saplings need support, strengthening the entire forest. You can learn more on her TED Talk ‘How trees talk to each other’.


We were also intrigued by the research of German forester, Wohlleben, author of ‘The Hidden Life of Trees’ as described in this article by Richard Grant.  Wohlleben discusses how chemical and hormonal electrical signals which replicate animal nervous systems allow trees to talk. Trees also communicate through pheromones and other scents released in the air, such as when a giraffe is munching on tree leaves. These scents lead to other trees protecting themselves through pumping leaves with tannin, which can kill even large herbivores.

Like trees, we share

We were inspired by what goes on underneath forest soils. Through sharing knowledge and resources the entire forest is strengthened. This resonates with our core purpose of innovating governance, risk and compliance to benefit everyone. And we mean, everyone.


For our clients, our knowledge is our asset and we openly share it to make it our clients advantage. Trees are a true representation of ‘strength in numbers’ and demonstrate how an entire ecosystem can benefit from the sharing of resources. We are deliberate and relentless about bringing our real-life practitioner experience to everything we deliver for clients.


For our community, we know that, like trees, our existence is not lonely. We aim to do our part to protect, promote and progress those around us.


We decided that we wanted to have an impact from day one. So since the inception of PX Partners, 10% of profits are directed to charities and social enterprises which support and strengthen our community and environment. We prioritise working with First Nations suppliers, source in a way which minimises environmental impact and donate our knowledge and time pro bono to organisations who share our values.

Trees have reminded us that we are responsible for giving back to the world just as it gives to us. And the world gives a lot.


More information on our approach to corporate social responsibility is available in ‘PX for Good’.


Conduct – the evolving landscape

In the aftermath of Covid-19, what are the main conduct considerations in financial services, and how do we need to evolve as compliance professionals to meet these new challenges?

Listen to this webinar hosted by the International Compliance Association to hear Tanushree Dabral and other with leading industry professionals discuss the ever-changing landscape for conduct.


What’s the conduct and regulatory focus for the recovery?

Hear Jon O’Keeffe of PX Partners speak to ausbiz about conduct and regulatory themes as our economies reopen and we embrace innovation.

We’re slowly but surely moving out of the pandemic, but the changes that came with it are permanent, particularly for industry and workplace environments.

As we get closer to the light at the end of the tunnel, what key regulatory considerations should businesses be discussing?


Distributor oversight: the hidden part of the iceberg

30 March 2021


Distributor selection and monitoring is a vital part of achieving meaningful compliance with the Design and Distribution Obligations. In this post we shine a light on what this means for firms.  


We all know how we got here. And why. The 2014 Financial System Inquiry found that the current regime for financial products was inadequate for consumer protection because it relied too heavily on disclosure, general advice and financial literacy. In response, the government introduced the Design and Distribution Obligations (DDO) and Product Intervention Powers (PIP) in 2017. More than ‘a few’ banking and financial advice scandals and a Royal Commission later, DDO and PIP legislation were passed in April 2019 with PIP coming into effect immediately. The extended deadline for DDO is looming with the industry working frantically to achieve compliance by 5 October 2021. ASIC has publicly stated that it expects meaningful compliance from day one.


From our observations, the industry is laser focussed on documenting target market determinations (TMD). And understandably so. Product issuers must make TMDs public, providing a visible sign of compliance with one aspect of DDO.


But let’s be clear – it is only one aspect. DDO is much more than a TMD.


The disclosure trap

The current focus on TMDs is understandable. Firstly, one has to start somewhere. And starting by defining the target market for each product is a good place to begin work. Secondly, the mandatory content in the TMD will tease out thinking in a number of other areas such as distribution conditions and review triggers. Thirdly, not having a TMD means the product cannot be sold and non-compliance will be visible to the market. Lastly, and this is the one to watch out for, writing a document is in our collective comfort zone. The financial services industry has been seeking to achieve compliance through disclosure for years. The machinery in firms for putting a public-facing document in place is well oiled. (ICYMI: ASIC’s research has shown that disclosure and warnings can be ineffective in influencing consumer behaviour and in some instances can contribute to consumer harm.)


However, the TMD is not a disclosure document. Albeit mandatory, it is just one of the documented outputs of the internal interrogation of product design and distribution through the lens of achieving sound consumer outcomes. The TMD is the visible tip of the iceberg under which must lie robust and documented internal processes, systems and controls that come together to achieve compliance with DDO.


Know your distributors

At first, this seems so obvious that it doesn’t need to be said. But across the financial services and credit industry in Australia, the extent to which financial product issuers and credit providers seek to know their distributors varies. As does the power / influence dynamic. In our view, this aspect of DDO compliance could prove to be the most challenging because, in many cases, it represents a step change in the relationship. Plans for data gathering and oversight should be an early part of DDO planning. We recommend that product issuers start engagement with distributors now rather than further down their implementation plans.


What do we mean by “know your distributors” (KYD) and how this is part of DDO? ASIC has been clear that DDO is a principles-based regime that is focussed on having appropriate arrangements (governance, systems, controls) in place to ensure product design and distribution leads to sound consumer outcomes. ASIC has also been clear that the selection and monitoring of distributors forms part of a product issuers reasonable steps obligations. In RG274 ASIC provides that:


[w]e will consider the steps that an issuer has taken in conducting due diligence in the selection of distribution channels, methods and distributors. Reasonable steps will generally include making an assessment of the capacity of the distributor to comply with the distribution conditions imposed and meet its own obligations as a distributor. We consider that relevant factors would include an assessment of the distributor’s resources, internal controls, past conduct, experience with the target market and competence to distribute the financial product to the target market.


What does it mean to assess the distributor’s internal controls? A useful reference point, especially for product issuers that also self-distribute, is to consider what processes and controls they have in place internally to ensure the product is sold as intended and then assess whether the distributor has similar controls in place. This could include controls and processes in relation to product, sales and compliance training, scripts / conversation guides, setting of key performance indicators (KPIs) and appropriate use of incentives. Global firms can also learn from their overseas counterparts who may have implemented KYD and distributor oversight programs for the rollout of MiFID II in Europe or the SFC’s product governance requirements in Hong Kong.


In some segments of the industry, this will be a paradigm shift especially where the product issuer / distributor relationship is one where distributors are seen less as business partners and more as valued clients. In these segments there may be a tension as product issuers look to achieve their reasonable steps obligations without ‘troubling’ distributors.


Get the conversation started now

Our strong advice for product issuers and distributors is to get the conversation on information sharing / reporting (e.g. complaints) and distributor oversight started now. Don’t wait until the TMD template is finalised – product issuers should engage with distribution partners and work through the real life practical scenarios and use cases around information sharing. This ensures that the end solution not only achieves compliance for both parties, but ensures that compliance supports end-consumer outcomes. Technology will have to play a key role in providing a lower risk, less manual and more cost effective outcome for issuers and distributors alike.


Six months to go. Watch out for the iceberg.


Update 16 September 2021:

PX Partners has launched a solution that benefits product issuers and distributors by reducing the time, cost and pain often associated with distributor monitoring and due diligence. Go to KYD’s website to learn more and ask for a demo. In the meantime, you can follow us on our LinkedIn. has extensive experience supporting firms in Australia and overseas with distribution oversight and is happy to share her experience. 


The compelling case for outsourcing GRC

31 December 2020


As some light appears at the end of the tunnel with the development of a vaccine for the coronavirus, businesses are beginning to reflect on the lessons learned from the crisis. At PX Partners, we have been listening to our clients and others as they tell their stories from the pandemic. Generally speaking, business have found novel and creative ways to get things done. And this question really resonated with us: How best to get things done?


Upending of traditional business and operating models was underway before the pandemic took hold. But the pace has accelerated with incredible outcomes. Established industry players have struggled as new participants have disrupted business models and challenged traditional thinking. It is not just a competition for market share but a fight for survival in some cases. It is mind blowing that Tesla’s market capitalisation is larger than the nine largest carmakers combined. And the rally in the Airbnb share price following its recent listing means that it is now more valuable than the collective of the seven largest US hotel chains (figures as at December 2020).


This is a time for thinking differently. But where to from here?


Play to your strengths
Accept that you cannot be excellent in all things. This acceptance will serve you well. By leveraging specific expertise in supporting core business activity, centres of excellence are developed. Support actors can invest in systems, process and people to continually improve without diverting funds from business growth initiatives as these are the business growth initiatives. Clients benefit from best practice and benchmarking.


The traditional model of having an office which organised people into different teams to perform functions has been challenged by COVID. Less people to organise allows the firm to focus on its core activities.


Do you need a problem solved or do you need an FTE?
It can be a natural instinct to throw bodies at problems. But are they the bodies needed when the dust settles? Since the Global Financial Crisis there has been much investment in governance, risk and compliance (GRC) resourcing. But it is now obvious that there is more to be done in how these functions operate efficiently and effectively. Traditionally, firms have always been comfortable outsourcing distribution, operations and legal services but until recently, less so with GRC. At the same time, businesses are faced with growing uncertainty on many fronts – technological disruption, growing community expectations, regulatory and political scrutiny to name a few.


To meet this uncertainty successfully, GRC teams must be more elastic with the ability to dynamically augment capability when required. Having the right people at the right time enables success; and what is “right” can change tomorrow.


Quantify the cost
The impact of COVID-19 has proven that employees don’t need to physically be in an office to achieve the same or even greater levels of output. Outsourcing of non-core functions reduces payroll costs while bringing the benefit of having qualified experts available with a pool of resources. This is especially relevant in times of stress when more may be required at short notice, such as when the early impacts of the COVID-19 pandemic were being felt by businesses.


When considering the right mix of resourcing, it is important to consider the cost of an employee is not limited to a salary but extends to all the related costs such as recruitment fees, superannuation contributions, insurance, benefits, training, desk space and technology. So, in reality, the ongoing cost of an employee can be multiples of a base salary.


The insource / outsource trade off
A common argument used against outsourcing is the perceived loss of control. Tightly drafted agreements with suppliers, clear service level agreements and measurable performance indicators put paid to that argument. Meaningful reporting from service providers in a standardised format makes for more efficient and impactful management and Board meetings. Issues are easily identified and actions quick to implement.


Outsource the ‘people risk’. There is much time spent by managers dealing with the disruption caused by turnover in teams, including difficult performance conversations, resignations, recruitment and induction. Time is better spent on revenue generating activities.


By having access to a pool of outsourced on-demand talent, firms can dynamically augment their workforce without the need to hire additional full-time employees. In addition to management time, this saves on fixed overheads.


Security of data
The ability of businesses to stand up remote and virtual models to continue business as usual operations has been incredible. There is now an opportunity to build on that success by further exploring options to support business growth by identifying core and non-core functions. Selecting partners with industry leading technology platforms and Software as a Service (“SaaS”) to provide support to non-core functions can enhance rather than detract from the technology security risk profile of a business.


Applying this to your GRC capability
A survey carried out by PX Partners in November 2020 found that over 90% of senior executives see a shortage of governance, risk and compliance (“GRC”) practitioners as ‘limiting business success’. In addition, 94% agreed that accessing variable or scalable GRC teams would ‘better support their business’.


Some small – medium sized firms may have real need for a senior compliance resource (Head of / CCO level) at the management table day in and day out to provide advice. But when the compliance function is a (senior) 1-person-band, this resource can be underutilised by spending time on ‘compliance hygiene’ activities such as maintaining policies and monitoring obligations. These firms could benefit from outsourcing core, ongoing GRC activities and benefit from the scale and benchmarking an outsourced GRC provider can offer.


Boutiques and start-ups often give functional GRC responsibility to their CEO or COO. These firms may not require, or cannot justify hiring, a senior GRC resource. A frequent mistake is to hire too junior for an environment where quick decisions and exercise of experienced judgement are vital (with no “committee” to hide behind!). A solution is to engage an outsourced CRO who can provide the judgment and advice required but without the FTE cost. Distinct from a consultant, this outsourced CRO benefits from a pan industry view but retains an ongoing and deep relationship with the firm and proactively helps identify risks and opportunities from within. is keen to hear more stories of learnings for business from the experience of the pandemic in 2020. Please reach out to discuss.


PX Partners supporting clients with GRC

Hear Jon O’Keeffe and Tanushree Dabral speak to ausbiz about PX Partners and the power of the practitioner experience when it comes to supporting clients with GRC solutions.

Post the Royal Commission there has been pressure on the regulators to step up, we’ve seen that with the unprecedented level of action that ASIC has taken; AUSTRAC has come out swinging. In the clients we’re speaking to now, people are more concerned than they’ve ever been before.

Watch the full video here:


In honour of the humble checklist

10 November 2020


In this post we shine a spotlight on the unassuming, seemingly unsexy checklist and why it is a powerful tool for reducing errors by dealing with the limitations of our brain.


Whether you’re launching a rocket, flying a Boeing, or building a skyscraper, checklists have become an essential ingredient for error reduction and have been proven to literally save lives. Books and a podcast (which is the source of inspiration for this piece!) have been devoted to lauding the checklist.


Even experts need checklists

Checklists are at their most powerful when they are used by experts. They mitigate the mental bias in humans where repetitive activities become routine, leading to the risk that small, but critical, steps are missed.

A case study and modern rebirth story about the power of the checklist is the story of the Flying Fortress. The 1935 crash of this Boeing aircraft was caused by the pilots forgetting to unlock the elevator before take off resulting in the aircraft pitching upward. The pilots were unable to level off and the aircraft crashed. The US military insightfully responded to the event not with additional training, but with a tool that would be instrumental in changing aviation safety – the checklist.

The military recognised that providing more training to expert pilots would not address the root cause of the error. The pilots involved in this crash were highly trained, highly experienced and competent. They were so experienced and sure of what they were doing that they missed routine steps. This is the exact situation where the checklist is a hero.

Atul Gawunde, author of The Checklist Manifesto, speaks of a study he conducted that involved developing a basic surgical checklist. He was motivated to conduct this study after examining data that indicated that the major cause of disability or death in surgical patients was related to a problem where the answer was known, however not executed upon. Gawunde finds that only a small percentage of disability or death in surgical patients was due to a problem where the answer was unknown. The failure was in the execution, not the knowledge. Gawunde and his team developed a basic surgical checklist and trialed it with surgical teams in 8 cities around the world. The average reduction in complications was 35 percent. The reduction in deaths was 47 percent.

The steps in the surgical checklist were elegant in their simplicity; Has the patient confirmed their identity and the procedure prior to the induction of anaesthesia? Has the surgical team introduced themselves to one another by name and role before making an incision? These small steps may be obvious and easily overlooked. A checklist helps to ensure these small, important steps occur each and every time.


Involve the experts

Checklists are most effective when they are designed and implemented in parallel with the teams who will be using them to ensure they are practical.

Anaesthesiologist Peter Pronovost, upon seeing the number of people dying from infections despite existing checklists, sought to understand the root causes for non-compliance at John Hopkins Hospital in Maryland. While the existing checklist required medical staff to use PPE, alcohol swabs and drapes, a key pain point he identified was that supplies were stocked in eight different places adding precious time to operation preparation. Medical teams were choosing timeliness over managing an “invisible” risk of infection that may not manifest.  Supplies were located to a centralised and accessible cart and replenished regularly. This action saw checklist compliance improve from 30% to 75%.


Culture matters

In his book, Peter Pronovost identified that a power dynamic was also impacting checklist adherence. Doctors did not want to be called out for not following agreed procedures in the operating theatre and nurses were reluctant to challenge the doctors they were working with. Pronovost brought the teams together to agree one central principle – ensuring patient safety and care. In getting this buy-in and addressing culture, checklist compliance increased from 75% to 98% and infection rates more than halved.

Gawunde’s research identified similar cultural considerations. Introducing surgical checklists was only part of the solution, another part was understanding the culture of the workplace. Differing approaches were taken by hospitals in Ottawa and South Carolina. In Ottawa the checklist was mandated by law with hospitals attesting that they had followed the checklist. A change management program was not put in place. The result was little improvement in patient death outcomes. In South Carolina extensive consultation was undertaken including one on one sessions to ensure teams understood why the checklist was being implemented and encouraging hospitals to make the checklist their own. South Carolina hospitals involved in the program saw a 22% reduction in patient deaths.


The makings of a good checklist

A good checklist should:

  • Focus on the areas or processes where mistakes occur most frequently;
  • Be chunked into 5 to 9 steps;
  • Be designed by the teams that use them – not administrators or control functions that could them unnecessarily lengthy and unusable; and
  • Use succinct, direct, even terse, language.


The learnings from the experiences of Pronovost and Gawunde are equally relevant outside of the medical sector. Again, culture comes to the fore when seeking to manage risk. And an agreed shared purpose helps underscore the importance for all members of the team. The local environment and context need to be understood.  With changes in business practices and advancements in technology, it is worthwhile remembering the humble checklist still has pride of place when it comes to managing risk. is an avid fan of the checklist and has applied the pervasive rigour of PX Partners to support clients with framework & control design and implementation. 


Controls are Queen

3 October 2020 


High profile headlines have seen organisations such as Westpac, NAB, State Street and ME Bank face scrutiny as they tango with Australian regulators over compliance failures while negotiating findings and unprecedented financial penalties. This leaves no doubt that ASIC, AUSTRAC and APRA have become more probing and are baring their teeth in response to community expectations and outcomes of the Royal Commission into financial services.  


As we reflect on these cases, it’s not difficult to see patterns in these varied situations (even if you aren’t the visual type!). Common threads are clear across the shortcomings identified in the provision of financial advice, management of home loan redraw facilities, regulatory reporting of International Funds Transfer Instructions (IFTIs) and transaction monitoring.  


In the case of Westpac, technology resource constraints and the loss of key subject matter experts  without proper handover to BAU impacted successful implementation of the 2009 IFTI program. The impact would be felt years down the track when Westpac identified that it had underreported 19.5m IFTIs to AUSTRAC from 2013 to 2018 within the required 10-day timeframes (and not met record keeping obligations in relation to some of these transactions).  


AUSTRAC also alleged that typologies and guidance around potential indicators of child exploitation risk was not implemented by Westpac in a timely and effective manner resulting in inadequate transaction monitoring for 262 customers. 


In 2014, ME Bank descoped planned migration of loans from its legacy core banking platform due to complexities and system issues and introduced an interim manual control to  monitor, recalculate and load correct available funds for home loan customers. This became a critical control that failed in 2015 resulting in some customers having accessed redraw funds taking their loan balance above the amortisation curve. The control failure and resulting issue was undetected by ME Bank until 2019. 


After NAB transferred customers to its MLC direct business, superannuation fund members continued to be charged fees despite not having a financial adviser from 2013 to 2019. The fee for no service impacted 200,000 customers. This in combination with defective product disclosure statements saw ASIC allege that NAB had not acted efficiently, fairly or honestly and slap the Bank with a $57.5m fine 


Hindsight is a wonderful thing but there are several important learnings that organisations should pay heed to. 


1. Invest now, or pay later  

In all of these cases control and compliance failures were caused by seemingly simple technology system changes with unintended consequences, deprioritised data migration or incomplete customer migration activities. Upstream and downstream impacts of these changes to complex plumbing and associated risks were not fully mapped outunderstood or risk accepted by senior management. Appropriate post implementation reviews were also not undertaken to ensure changes had been adequately and completely executed. 

There is no better example of the consequence of poor change management than the $1.3bn fine that Westpac has agreed to pay – surpassing CBA’s penalty as the largest fine in corporate history. This is leaderboard no organisation wants to be at the top of.  

Meaningful investment in rigorous controls requires resources – people, time, money. Investing now will save a world of pain later.  


2. Controls are Queen  

Yes, you read right – have you ever played chess? At the core of all these scenarios is poor control design and execution. Controls are the bread and butter of managing operational risk, so much so that we are seeing the emergence of Chief Controls Officers in large organisations. Manual controls are reliant on people to provide checks and balances, day in and day, consistently and completely. When that manual control becomes critical control, the expectation is that people will execute it perfectly. Each and every time. This is where things start to unravel. Manual controls are generally not sustainable in the long- term, particularly where the reliance extends for years as it has in all these cases.  

For critical controls it is important that rigorous controls assurance exercise is undertaken to periodically and independently review these controls and assess whether they are both designed and operating effectively and adequately managing the risk. This controls assurance exercise must be performed by those competent in the process they are reviewing. Transparency is important and a reliance on critical manual controls should have Senior Management visibility as it is tantamount to accepting heightened risk.  


3. Everyone is accountable for CX  

Customer centricity or customer experience (CX) is no longer a concept owned by marketing teams. It should be embedded in an organisation’s systems, processes, conduct and cultureWhen ME Bank identified the error with amortisation of amounts available for redraw on home loan facilities, its remediation program saw adjustments made to approximately 21,000 customer home loan redraw facilities before informing customers of its action. In a meeting with ME Bank prior to this occurring ASIC had called out that clear, transparent, timely and effective customer communication is a key inclusion to a client customer remediation program.  

In charging customers fees for services never provided, NAB acknowledged that it was unprofessional and wasn’t putting customers first. They garnered Commissioner Hayne’s intense scrutiny at the Royal Commission who commented that its internal investigation and its negotiations with ASIC appeared primarily directed to minimising the amount that NAB would have to refund to customers.  

While Westpac’s IFTI issue was substantial, its alleged failure to adequately identify and manage the smaller population of customers linked to child exploitation has seen significant reputational damage and judgement from its customers and the community.    


These examples show that regulators are not being reticent to take enforcement action for technical compliance issues. The numbers speak for themselves. Take State Street being fined $1.24m for omitting to send 99 IFTIs  


Some controls are under pressure in the COVID-19 remote working environment where, for example, they have historically relied upon original signatures or similar. The remote working response invoked in response to COVID-19 has forced the hand of some firms to improve the operation of controls through better use of technology or elimination of redundant controls. 


We are now in an environment where compliance breaches, self-reported or not, can attract a barrage of parallel investigations by multiple regulators, shareholder dissatisfaction and class actions. Executives and Board Chairs are not immune to the aftermath of failures by the organisations they steer and face remuneration impacts, job loss and scrutiny by their customers and community. If that isn’t reason enough, the financial burden of remediation, additional resourcing demands and financial penalties show it just makes good business sense to invest in compliance expertise and get it done right the first time, with the customer at the centreThere is after all something in that old adage – measure twice and cut once. would love to hear your comments on this piece or to chat further about how PX Partners brings pervasive rigour to support clients with governance, framework design and remediation work.


What’s in a name?

27 September 2020


Good customer outcomes are premised on the right information, the right structures and the right controls being in place. In this post, we look at product names and the importance of being true to label. 


“Ollie? James? Something Gaelic? 

Nobody can spell or pronounce Gaelic names. And we don’t know that we’re having a boy. 

And on it went.  

The last few months at home has been filled with conversations like this. Choosing baby name is tough. Made tougher when one party is convinced it’s a boy and the other a girl. Watch this space.  Not long to go. 


So, it was interesting to see that we weren’t alone with our struggle. ASIC has had a well-publicised engagement with the funds management sector regarding names. Cash? Cash Plus? Short term? Balanced? Conservative? Though I’m sure the path to resolution for affected issuers will be quite a bit different to the resolution of our little family squabble!


We understand that ASIC began this review at the end of 2019 and was driven by concerns at the Regulator that investors could be exposed to misleading promotion when seeking better returns in a period of low interest rates and market volatility. ASIC found that some investment products in the market were being spruiked as ‘cash’ or ‘term deposit’ like but were, in fact, much higher risk products.  


This action from ASIC and associated media statements have led to some interesting reflections at PX Partners. What initially appears to be a straightforward piece of regulatory action on product labelling has caused us to look deeper, at some more fundamental product governance questions. 


Who decides the name?  

Different organisations have different ways of approaching it. We know of one who made it a competition amongst employees at their office. Ultimately, the responsibility sits with the Board or governance authority who approves issuing of the disclosure document. The Due Diligence Committee plays a critical role. As does the Product Manager and Compliance team. But have we paid enough attention to naming in the past? And what about the passage of time? A fund name in 2000 may have been very much in vogue, in line with regulator and community expectations. But its 2020. We have had a Royal Commission in to misconduct in financial service. Times have changed. Have the labels moved with the times? 


Does it matter? 

It does. The funds industry relies on advisers, gatekeepers and Approved Product Lists (APLs) to help retail investors navigate their options.   

Screening of funds and bucketing of investment options is a well-established practice in the funds industry in Australia. Those with responsibility for categorising different investment products pay more attention to what is ‘under the hood’ than simply relying on the label. 

But, that being said, many retail investors do not rely on financial advisers and are choosing investment products themselves. ASIC has ‘called time’ on disclosure reliance with their research indicating that only 20 out of 100 people read disclosure documentsThis means it is critically important for responsible product issuers to be transparent with their product labels 


What is required of product issuers 

The answer is the same to most questions faced by the industry – do the right thing, be transparent and care about your customer outcomes. In this case – if you’re not running a cash fund, then don’t call it a cash fund.  

From the Regulators perspective, this matter goes to some fundamental obligations – are you being misleading and deceptive? Are you providing financial services efficiently, honestly and fairly?  


What action is needed now 

This depends on the maturity of your product governance framework. If you have not started work on your firm’s response to the new design and distribution obligations yet, it is time! 

Product governance is a broad framework which spans disclosure, labels, operations, customer outcomes, target market, distribution channels, marketing, investments, risk and everything in between. Management and Boards should be asking:

  • Is our product lifecycle or governance framework documented? Is it clear where accountabilities lie?
  • Is it broad and encompassingAre product names reconsidered when offer documents are being updated? Do we have representation from across the business to ensure all views are heard?
  • Do periodic product reviews check back to the original business case or intention of the product? Is the investment strategy of the product materially the same? Is it still being sold in line with how it was intended to be sold? 
  • Has the product take-up been in line with expectations? If not, is this because it isn’t meeting customer needs?  


While Juliet might’ve argued that names should not matter, recent regulatory action serves as an important reminder that they do. would appreciate any (helpful!) baby name suggestions and would be happy to chat more about how PX Partners supports clients through regulatory change and interactions.