AFSL holders: the s 912A general obligations explained

What section 912A requires, in brief

Section 912A of the Corporations Act 2001 (Cth) sets out the core "general obligations" that every holder of an Australian Financial Services (AFS) licence must comply with on an ongoing basis. The headline duty, in s 912A(1)(a), is to do all things necessary to ensure the financial services covered by the licence are provided "efficiently, honestly and fairly". The remaining paragraphs add obligations around managing conflicts of interest, complying with financial services laws, maintaining adequate resources and competence, training and supervising representatives, having risk-management systems, and providing dispute resolution.

These obligations are not one-off entry conditions met at licensing. They are continuing duties, and the regulator — the Australian Securities and Investments Commission (ASIC) — treats a failure to meet them as a serious compliance breach that can support licence conditions, suspension, cancellation or civil penalty proceedings.

Who section 912A applies to

Section 912A applies to all AFS licensees, regardless of size or the type of financial services authorised. That includes:

• Financial advisers and advice licensees
• Fund managers, responsible entities and wholesale-only managers
• Insurance product issuers and distributors
• Stockbrokers, market participants and dealers
• Limited AFS licensees (for example, accountants providing limited advice)
• "Licensee for hire" or authorised-representative arrangements, where the licensee remains responsible for the conduct of its representatives

The obligation attaches to the licensee as the legal entity. Outsourcing a function, or authorising a corporate authorised representative, does not transfer the s 912A duty — the licensee remains accountable for services provided under its licence. ASIC has successfully pursued licensees whose business model was essentially to "rent out" their licence without adequate oversight.

These duties sit within the broader financial services regime, and overlap with design and distribution obligations, the financial-adviser conduct rules, and breach-reporting requirements.

The substance of the s 912A(1) obligations

Section 912A(1) is a list of distinct but related obligations. In substance, a licensee must:

• Provide services efficiently, honestly and fairly (the central conduct standard)
• Manage conflicts of interest through adequate arrangements
• Comply with the conditions on its AFS licence
• Comply with the financial services laws generally
• Take reasonable steps to ensure its representatives comply with the financial services laws
• Maintain adequate resources — financial, technological and human — to provide the services and carry out supervisory arrangements (with some exceptions, such as APRA-regulated bodies)
• Maintain the competence to provide the services, and ensure representatives are adequately trained and competent
• Have a dispute resolution system (internal dispute resolution plus membership of the Australian Financial Complaints Authority) where retail clients are involved
• Have adequate risk-management systems (again with carve-outs for certain prudentially regulated entities)
• Comply with any other obligations prescribed by the regulations

Read together, these paragraphs require a licensee to have a functioning compliance framework — documented arrangements, monitoring, supervision and remediation — not merely good intentions.

"Efficiently, honestly and fairly": the headline duty

The phrase in s 912A(1)(a) is deliberately broad, and the courts have confirmed it should be read as a single, compendious standard rather than three separate tests. Conduct can breach the duty even if it is not dishonest in a criminal sense — inefficiency or unfairness alone can be enough.

Key points drawn from the case law and ASIC guidance:

• The standard is assessed against what a reasonable person in the financial services industry would expect.
• "Honestly" is not limited to fraud; it extends to conduct that is not "up to standard", including gross carelessness or a failure to act with care and diligence.
• "Efficiently" goes to the adequacy of systems, resources and processes — including, increasingly, cybersecurity and operational resilience. ASIC has argued that inadequate cyber-risk management can itself contravene s 912A.
• "Fairly" picks up the balance between the licensee's interests and those of its clients.

Because the duty is open-textured, it is frequently the lead allegation in ASIC enforcement, often paired with more specific breaches.

Timing, breach reporting and consequences

The s 912A obligations are continuous — they apply every day the licence is held, not just at application. There is no grace period for falling below the standard.

A breach of s 912A can also trigger separate reportable-situation (breach reporting) obligations. Significant breaches, and reasonable grounds to suspect them, must generally be reported to ASIC within the statutory timeframe — see our note on ASIC breach reporting under RG 78 for the reporting mechanics. The general obligations and the breach-reporting regime work together: failing to provide services efficiently, honestly and fairly is one of the things that may need to be reported, and a failure to report can be a further breach.

Potential consequences of contravening s 912A include:

• Additional or varied licence conditions imposed by ASIC
• Suspension or cancellation of the AFS licence
• Civil penalty proceedings (certain paragraphs of s 912A are civil penalty provisions; do not rely on a specific maximum figure without confirming the current amount with ASIC)
• Enforceable undertakings and remediation programs
• Reputational and AFCA-related exposure

What licensees should do

Practical steps to evidence compliance with s 912A:

• Document your compliance framework. Maintain current policies covering conflicts, supervision, training, dispute resolution and risk management, and show they are actually operating.
• Resource the business properly. Keep evidence that financial, human and technological resources are adequate for the scale and complexity of the services — including IT and cyber resilience.
• Supervise representatives. Have a monitoring and supervision program for authorised representatives and staff, with audit trails.
• Manage conflicts actively. Identify, record and control conflicts; "controlling and disclosing" is the expected approach, with avoidance where conflicts cannot be managed.
• Maintain IDR and AFCA membership where you deal with retail clients, and track complaints data for systemic issues.
• Review risk-management systems regularly and scale them as the business changes.
• Integrate breach reporting so that s 912A failures feed into the reportable-situations process promptly. For the broader entry and continuing requirements, see AFSL general obligations (s 912A).

Common pitfalls

• Treating s 912A as a set-and-forget licensing condition. It is a continuing duty; systems that were adequate at licensing can fall short as the business grows.
• "Licence for hire" without oversight. Authorising representatives or corporate authorised representatives without genuine supervision is a well-litigated failure point.
• Under-resourcing compliance and technology. Thin compliance teams, manual monitoring and weak cybersecurity have all been cited in s 912A actions.
• Confusing disclosure with conflict management. Disclosing a conflict does not, by itself, discharge the obligation to have adequate conflicts arrangements.
• Reporting failures. Identifying a s 912A problem but not escalating it through the breach-reporting process compounds the original breach.
• Relying on uncertain figures. Penalty amounts and indexed thresholds change; always verify current figures against the legislation and ASIC guidance rather than older summaries.