top of page
3LINES Logo

It's Been a Wild Ride

What a year. 2025 has been one of those seasons that somehow felt six months long and six years long at the same time.


Between school runs, daycare drops, the usual family chaos, and trying to remember which bag has three separate lunchboxes and which one has laptop… we’ve kept pushing 3Lines Platform forward, helping clients navigate what has honestly been one of the most relentless periods of regulatory change we’ve seen.


But there have been some real highlights too:


✨ Attending the ASIC Forum and hearing first-hand where their 2026 enforcement emphasis is heading.


✨ Sponsoring the Financial Advice Association Australia (FAAA) Congress, which was an incredible chance for Eloise Somerford and Julia Vojkovic to reconnect with advisers, licensees and fellow RegTech founders who are tackling these challenges head-on.


And somewhere between the flights, the late nights and the weekend work sessions, we pulled together something a bit different (in the spirit of Spotify).


🎧 2025 Wrapped.

The year that was.

As we moved through 2025, AFSLs were operating in a landscape defined by sharper regulatory expectations and increasing scrutiny across governance, adviser capability and operational resilience.

 

ASIC’s thematic reviews and enforcement priorities make it clear that licensees must not only have strong frameworks in place but be able to evidence how they work in practice.

 

The year was characterised by uplift, in systems, documentation and oversight. Particular focus was on cyber resilience, adviser competency, managed account governance, complaints handling and emerging product risks.


Cyber Security - Increased Regulatory Expectations

Cyber resilience remains one of ASIC’s highest priorities, with a strong focus on governance, incident readiness and third-party oversight. AFSLs must demonstrate that controls are tested, monitored and aligned to their risk profile.

  • Conduct a documented annual cyber risk assessment and remediate identified gaps at both practice and licensee levels.

  • Test your incident response plan and record outcomes, learnings and action items.

  • Review all outsourcing and technology arrangements to ensure cyber obligations are clearly defined and monitored.


Adviser education - 31 December 2025 deadline

Existing providers who do not meet the qualifications standard by 1 January 2026, face being ineligible to provide advice after 31 December 2025. To prepare, AFSLs should:

  • Make sure the FAR is fully up to date - verify against the ASIC dataset.

  •  Where relying on the experienced-adviser pathway, ensure declarations and 10-year experience evidence are complete and validated.

  • If an adviser does not meet the education standards, they must cease from the register on 31 December 2025.m the register on 31 December 2025.


Offshoring - Heightened Oversight and Evidence

With more AFSLs using offshore administration and support functions, ASIC is emphasising the need for strong governance, clear service-level expectations and visibility over risks that may arise from overseas operations.

  • Maintain documented due diligence for all offshore service providers at both practice and licensee levels.

  • Ensure oversight arrangements, monitoring processes and escalation steps are clearly defined.

  • Record regular performance reviews and evidence how risks are being managed.


SMA Governance - ASIC Kicks Off Its Spotlight on SMAs

ASIC’s focus on SMAs aims to identify gaps in suitability, disclosure and investment governance. AFSLs using managed accounts must ensure their oversight structures are robust and that advice processes align to client needs.

  • Refresh SMA governance documentation, including investment committee oversight and model review cycles.

  • Review advice files to ensure client-specific suitability reasoning is clear and defensible.

  • Validate SMA fee, disclosure and portfolio parameters against regulatory expectations.


ASIC’s SMSF Review - Report 824

Report 824 has placed renewed attention on SMSF advice quality, documentation and the need for clear justification where SMSFs are recommended. AFSLs must ensure advice processes reflect ASIC’s expectations for suitability and transparency.

​​

  • Refer and refocus back to INFO274 in providing SMSF advice.

  • Where other business associations are relevant (e.g. accounting or SMSF administration), ensure conflicts are appropriately assessed and managed.

  • Ensure advice documents adequately address the basis of your advice and specific consideration is given to the matters raised in ASIC’s Review.


What's on the horizon?

Looking ahead to 2026, AFSLs can expect a continued tightening of regulatory expectations, with several significant reforms already flagged for implementation.

 

The expansion of the AML/CTF regime, rising evidence standards, and growing focus on AI governance signal a shift toward more structured, technology-enabled and auditable compliance frameworks.

 

Next year will require licensees to prepare early, strengthen internal controls and ensure they can demonstrate clear oversight of emerging risks and new regulatory obligations.


It really has been a wild ride… and the best is still ahead.

bottom of page