media release

IR 04-24 ASIC clarifies audit and procedural requirements

Published

The Australian Securities and Investments Commission (ASIC) today clarified the auditing and other procedural requirements for investor-directed portfolio services (IDPS) and IDPS-like schemes by amending Class Order [CO 02/294] that relates to IDPS, Class Order [CO 02/296] that relates to IDPS-like schemes and Class Order [CO 02/295] that relates to nominee and custody services.

IDPS and IDPS-like schemes

An IDPS is a service for acquiring and holding investments that generally involves custody arrangements and consolidated reporting to investors. The service is typically marketed as a master fund or wrap account.

At the end of the financial year of an IDPS, the operator is required to give each client an annual investor statement and an annual statement prepared by a registered company auditor. Similar provisions are required of responsible entities of IDPS-like schemes.

Summary of amendments to the class orders

The main amendments to the class orders are:

  • definitional changes;
  • clarification of the auditing requirements and procedures, including where there are multiple operators or different auditors associated with the operation of an IDPS;
  • prohibition of disclaimers and exclusion clauses; and
  • other changes to the definition of ‘regular savings plan’ and the concept of ‘giving’ and ‘sending’ documents.

The following attachment provides a more detailed summary of these key amendments to the class orders.

End of release

Download a copy of the amending class orders:

  • [CO 04/606] amends [CO 02/294] Investor directed portfolio services
  • [CO 04/607] amends [CO 02/295] Nominee and custody services
  • [CO 04/608] amends [CO 02/296] Investor directed portfolio-like services provided through a registered managed investment scheme

Attachment to Information Release 04/24

The main amendments to the class orders are:

Definitional changes

(a) ASIC has introduced some changes to the terms used in the class orders to provide greater clarity and certainty. These include:

  • The term annual report has been replaced with annual investor statement
  • The term auditor’s opinion – dealing with a client’s annual report – has been replaced with auditors statement
  • The term audited statements of the custodian is now referred to as reports prepared by the custodian and which have been independently audited
  • The definition of accessible securities has been changed
  • The definition of distribution reinvestment plan has been changed
  • The definitions of new disclosure financial products, new product disclosure provisions, and old Corporations Act have been deleted
  • The definition of operator has been changed to recognise the situation post FSR transition
  • New terms such as full service operator, back office operator and client contact operator have been introduced to distinguish the activities of different operators which may be involved in operating an IDPS. The full service operator usually does all the functions of the IDPS, including the preparation of all annual investors statements, quarterly reports or information made electronically accessible and gives or makes the information accessible to clients of the IDPS. A back office operator may initially prepare a part or all of the content of the annual investor statement, quarterly reports or information made electronically accessible and gives the information to another operator – i.e. the client contact operator who only makes the information available to the client.
  • The concept of full service operator, back office operator and client contact operator does not apply to an IDPS-like scheme given that an IDPS-like scheme has only a single responsible entity, not multiple operators.

Auditing requirements and procedures

(b) The amending class order for IDPS clarifies the auditing requirements and the opinions and statements that the registered company auditor must provide in relation to the relevant function of the IDPS operator. Under the amendments, in broad terms, a registered company auditor must:

  1. provide an audit opinion as to whether or not internal controls and other procedures of the relevant IDPS operator and other persons acting on behalf of the relevant operator were suitably designed and operated effectively in all material respects to ensure that the annual investor statements, quarterly reports and any information that is made accessible electronically are not materially misstated;
  2. provide an audit opinion as to whether the aggregate of assets, liabilities, revenue and expenses for the relevant IDPS financial year have been properly reconciled to the corresponding amounts shown in the reports prepared by the custodian which have been independently audited; and
  3. provide an auditor’s statement as to whether or not the auditor has any reason to believe that any annual investor statement, quarterly report or information accessible electronically is materially misstated.

The amending class order for IDPS-like schemes imposes broadly similar auditing requirements and opinions and statements in relation to the function of the responsible entity of the scheme.

(c) Under the class order amendments and in recognition of the different activities and functional responsibilities of the different operators (in the case of an IDPS and auditors:

  1. different operators (in the case of an IDPS) may choose to use a different auditor;
  2. the auditors will have the option of issuing one report for all of the matters in (b) above or separate reports for each of the opinion and statement mentioned in (b);
  3. the auditors, in formulating their audit opinion may consider any alternative procedures adopted by the IDPS operator to address any deficiencies in the design or operation of established internal controls and other procedures.

(d) For an IDPS, there is a difference between the reports of the auditors for the back office operator and client contact operator in that:

  1. in the case of a client contact operator, the auditors may restrict the scope of their report to the security and data integrity aspects of the operators’ systems to ensure that the information provided by the back office operator is given to clients, and
  2. in the case of the back office operator (who may be responsible for preparing the annual investor statement) the scope of their report need not include the processes of the client contact operator to pass on the information to the clients.

Disclaimers and exclusion clauses

(e) Auditing reports and statements must not contain any disclaimers designed to avoid or reduce responsibility to a client of the IDPS (or members of the IDPS-like scheme as the case may be) from relying on the report.

Other changes

(f) The definition of regular savings plan has been amended slightly to allow flexibility for regular acquisitions of investments to be made. Similarly, the definition of an IDPS-Guide has been amended to allow the use of multiple documents that taken together should contain all the required information set out in CO 02/294.

(g) The concept of giving or sending documents to a person in relation to electronic mail has been clarified.