On 10 December 2024, the Australian Securities and Investments Commission (ASIC) published an updated version of its Regulatory Guide 133, titled Funds Management and Custodial Services: Holding Assets. This updated Regulatory Guide 133, provides guidance to asset-holding entities under the Australian financial services (AFS) licensing framework. It outlines clear obligations and minimum standards for the custody and management of client assets, with a particular focus on security, operational integrity, and compliance. The guide also addresses the management of emerging asset classes such as crypto-assets, ensuring that custodial practices evolve alongside financial innovation.
ASIC has reissued this regulatory guide to reflect the latest developments and provide updated guidance for asset-holding AFS licensees. The targeted licensees include responsible entities of registered managed investment schemes and licensed providers of custodial services. This latest version of RG 133 supersedes the June 2022 guidance and introduces several revisions, which includes revised references to legislative instruments imposing financial requirements and the introduction of good practices for crypto-asset holders, such as the implementation of information security controls and enhanced risk management processes.
The guide discusses the importance of maintaining an adequate organisational structure to ensure the separation of client assets from other holdings. Custodians are expected to demonstrate staffing capabilities, including adequate training and risk management expertise, and must implement secure systems for asset management. Detailed compliance records must be maintained, evidencing adherence to these standards, with the objective of safeguarding clients’ interests and promoting operational transparency.
ASIC has placed particular emphasis on the obligations of entities engaging third-party asset holders. Custodians and responsible entities must ensure that any third-party engaged complies with minimum standards. This includes the establishment of legally enforceable agreements specifying terms for compliance, conflict management, and liability. Retail clients must also be informed about the custodial arrangements in place, with their rights and responsibilities clearly articulated. Custodians are required to monitor the compliance of these third parties on an ongoing basis and take immediate action to rectify any deficiencies.
A revised guide includes detailed provisions for managing crypto-assets. Recognising the unique challenges posed by these digital currencies, the guide mandates measures to mitigate associated risks such as market volatility, cybersecurity threats, and operational vulnerabilities linked to crypto exchanges. Custodians holding crypto-assets must ensure these are segregated from their own holdings, held on trust for clients, and recorded in a manner that is auditable and transparent. Agreements with clients must outline liability provisions and provide full disclosure of the risks and safeguards involved, and independent audits are required to verify compliance with these enhanced standards.
The guide also offers limited relief for custodians managing omnibus accounts, allowing for the consolidation of client assets under certain conditions. An omnibus account is a type of financial account that consolidates the holdings of multiple clients into a single account. This account is typically maintained by a financial intermediary, such as a custodian, broker, or asset manager, and is used to streamline the management of assets for multiple clients. Custodians must demonstrate that appropriate safeguards are in place to protect individual client holdings within these accounts. The relief measures are contingent upon strict adherence to trust and segregation requirements, ensuring that client assets remain identifiable and protected at all times.
To further support compliance, the guide details reporting and record-keeping requirements. Custodians must maintain comprehensive documentation of all client assets, including transaction histories, valuations, and compliance records. These records should be retained for a specified duration and made available for audits or client inquiries. Reporting obligations also extend to periodic certifications of compliance and timely communication of any material changes to custodial arrangements.
ASIC has discussed the importance of business continuity planning to ensure custodial services remain operational in the face of disruptions. Custodians must establish and maintain reasonable contingency arrangements to address potential interruptions. Confidentiality is also a central requirement, with custodians expected to protect client information while complying with legal and regulatory disclosure obligations.
ASIC aims to enhance client confidence in custodial services while ensuring that custodians are equipped to manage the complexities of modern financial assets, including crypto-assets.
(Source: https://asic.gov.au/regulatory-resources/find-a-document/regulatory-guides/rg-133-funds-management-and-custodial-services-holding-assets/, https://asic.gov.au/about-asic/news-centre/news-items/asic-reissues-regulatory-guide-133-on-funds-management-and-custodial-services/?altTemplate=betanewsroom)
