AFSL misconduct explained: duties, investigations and enforcement outcomes

Australian Financial Services Licence (AFSL) holders operate within a tightly regulated framework designed to protect consumers and maintain confidence in Australia’s financial services system. The Corporations Act 2001 (Cth) (Corporations Act) imposes broad, principles-based obligations that apply to all financial services provided under the licence, regardless of size, business model or outsourcing arrangements. ASIC expects these obligations to be actively embedded in governance, supervision and day-to-day operations - not merely documented in policies.

Both AFSL holders and their Corporate Authorised Representatives (CARs) are subject to strict statutory duties designed to promote market integrity, consumer protection and trust in financial services. Breaches of these duties can result in significant civil, administrative and criminal consequences.

AFSL misconduct can expose licensees, CARs and directors to significant regulatory, financial and reputational risk. ASIC continues to take an assertive approach to enforcement, targeting failures in governance, supervision, risk management, and compliance with the Corporations Act. 

This page explains the key duties imposed on AFSL holders and their representatives, how misconduct is typically detected and investigated by ASIC, and the enforcement outcomes that may follow. It also explains why early, careful advice is important when an AFSL holder, CAR or director is dealing with suspected misconduct or ASIC engagement.

What is AFSL misconduct?

AFSL misconduct occurs when an AFSL holder or its representatives fail to comply with obligations imposed by the Corporations Act, ASIC regulatory guidance, licence conditions, or common law duties. It may involve a discrete contravention, repeated compliance failures, or broader shortcomings in systems, supervision and governance.

Common examples include:

  • Providing financial services without appropriate authorisation
  • Failing to act efficiently, honestly and fairly
  • Giving inappropriate or misleading financial advice
  • Inadequate supervision of CARs
  • Conflicts of interest not properly identified or managed
  • Mishandling client money or failing to maintain proper records

Alleged misconduct can arise from deliberate wrongdoing, systemic compliance failures, or negligent oversight.

Obligations of AFSL holders 

The core statutory obligations of AFSL holders are set out in section 912A of the Corporations Act.

AFSL holders must:

  • Do all things necessary to ensure financial services are provided efficiently, honestly and fairly
  • Comply with financial services laws
  • Maintain adequate risk management systems
  • Have adequate financial, technological and human resources
  • Ensure representatives are adequately trained and competent
  • Take reasonable steps to ensure CARs comply with the law
  • Have dispute resolution systems (IDR and AFCA membership)

Failure to meet any of these obligations may constitute a breach, even in the absence of consumer loss.

Obligations of corporate authorised representatives (CARs)

CARs act on behalf of the AFS licensee and are bound by both:

  • the authorisation agreement with the AFSL holder
  • applicable provisions of the Corporations Act (including section 912A)

Key obligations include:

  • Only providing services within the scope of their authorisation
  • Complying with financial services laws and ASIC guidance
  • Acting in the best interests of clients when giving personal advice
  • Avoiding misleading or deceptive conduct
  • Disclosing conflicts of interest
  • Following licensee policies, procedures and monitoring requirements

Importantly, AFSL holders are generally liable for the misconduct of their CARs, even where the conduct was unauthorised or concealed.

How AFSL misconduct is detected

AFSL misconduct can come to light through a range of channels, including:

Regulatory and external triggers

This may include:

Internal detection

AFS licensees are required to maintain internal reporting procedures to detect and manage breaches of the core obligations under the Corporations Act. 

A reportable situation arises where an AFSL holder or its representative has breached, or is likely to breach, a core obligation under the Corporations Act and the breach is significant, or where conduct involves gross negligence or serious fraud.  The breach reporting process involves: 

  • Identify and internally escalate the issue
  • Investigate and assess significance
  • Determine whether a reportable situation exists
  • Lodge a report via the ASIC Regulatory Portal
  • Complete remediation and prevent recurrence 

What an ASIC investigation might involve

Once misconduct is suspected, ASIC may commence a formal investigation under Part 3 of the ASIC Act.

Typical investigation steps

  • Issuing compulsory notices for documents and information (section 33 ASIC Act
  • Examining directors, officers, licensees or CARs under oath (section 19 ASIC Act)
  • Assessing compliance frameworks and supervision arrangements
  • Evaluating whether breaches were isolated or systemic

Possible outcomes of AFSL misconduct

The outcome depends on the severity, scale and intent of the conduct, as well as the response of the AFSL holder.

A breach of section 912A is a civil penalty provision and can attract civil penalty proceedings:

For individuals (including directors & officers):

The greater of:

  • 5,000 penalty units (currently about $1.65 million), or
  • Three times the benefit obtained or loss avoided

For Corporations (AFSL holders):

The greater of:

  • 50,000 penalty units (currently about $16.5 million),
  • Three times the benefit obtained or loss avoided, or 10% of the annual turnover (capped at 2.5 million penalty units

Other regulatory and enforcement outcomes may include:

  • No further action, where issues are minor and remediated
  • Infringement notices or administrative action
  • Licence conditions imposed, varied or suspended
  • Banning orders against individuals or CARs

While section 912A is enforced primarily as a civil penalty provision, related conduct, such as dishonesty, serious fraud or misleading conduct, may expose individuals to criminal prosecution under the Corporations Act or other legislation.

Managing and preventing AFSL misconduct

Effective prevention requires a proactive compliance culture, including:

  • Strong governance and leadership accountability
  • Clear delegation and authorisation frameworks
  • Regular compliance training for CARs and staff
  • Continuous monitoring and independent audits
  • Prompt breach identification, reporting and remediation
  • Encouraging internal escalation and whistleblower protections

ASIC expects AFSL holders to be active supervisors, not passive administrators.

AFSL misconduct carries serious legal, financial and reputational risks under the Corporations Act. Both AFSL holders and CARs must understand their respective obligations and the ways in which misconduct can arise, be detected and enforced. Robust compliance systems, effective supervision, and a culture of accountability remain central to meeting regulatory expectations and maintaining the integrity of Australia’s financial services industry.

How we can help

Our team advises AFSL holders and CARs in relation to compliance and licensing issues, through to prosecutions for offences under the Corporations Act.   

If you are an AFSL holder or CAR and are subject to an ASIC investigation, or have received a notice under the ASIC Act, contact us for assistance and advice.

 

Contact Gilshenan & Luton

Criminal Lawyers Brisbane