When ASIC reviews your licence, will your RM file reflect real leadership or just surface-level compliance?

Holding the title of Responsible Manager (RM) under an Australian Financial Services Licence (AFSL) isn’t just a formality. It’s a role under increasing scrutiny, especially in small licensees where governance lines blur and resources are stretched.

What exactly should an RM be doing, documenting, or overseeing? What can you delegate, and what must you stay close to? And what does ASIC actually expect from you, not just at appointment, but day to day?

This article unpacks the practical reality of being an RM in a small AFSL. Not the textbook version, but what it looks like in real life — with limited resources, competing priorities, and a regulator that’s dialling up expectations.

Why the Role Feels So Vague and Why That’s a Risk

In larger institutions, RMs often sit within defined governance structures: with legal, compliance, audit, and risk functions around them. But in small licensees, those structures don’t always exist, or the same person wears multiple hats.

That makes the RM role harder to define in practice, and it’s why confusion is common:

• How involved do I need to be in compliance meetings?
• Is signing off on a breach register enough?
• What if I’ve delegated file reviews, am I still responsible?

These aren’t abstract concerns. If a regulator reviews your licence, they’ll want to see real evidence that the RM has been actively involved, not just technically qualified.

What You Must Personally Do

There are responsibilities no RM can outsource. These are the core elements that ASIC sees as essential:

• Maintaining your own competence – through tailored CPD that aligns directly with the authorisations you oversee
• Participating in compliance decisions – especially around breaches, conflicts, complaints, and adviser conduct
• Setting the tone – in how you talk about compliance, how seriously issues are treated, and what gets prioritised
• Exercising judgment – reviewing advice processes, interpreting rules, and challenging the status quo when needed

Setting the tone isn’t just about policies, it’s about presence. If the RM treats compliance as a tick-box exercise, others will follow. But if they challenge advice, ask hard questions, and prioritise governance, that tone cascades through the business. Culture starts at the top, and in small licensees, that often means it starts with you.

What You Can Delegate But Still Need to Oversee

Delegation is not only allowed, it’s often essential in small licensees. But delegation doesn’t remove responsibility. It shifts execution — not ownership.

Tasks you might delegate:

• Keeping compliance registers updated
• Scheduling or completing regular file reviews
• Drafting or maintaining internal policies
• Administering CPD tracking or training sessions

Even when delegated, these areas require RM-level awareness. For example, if someone manages complaints, you still need to know what types of complaints are coming in, and whether they signal a deeper issue. Delegation is operational; your role is oversight.

What You Need to Document

Documentation is key to demonstrating RM engagement. You don’t need to produce reams of paperwork, but you do need a consistent paper trail that shows you’re aware of, and involved in, core governance areas.

Think about maintaining:

• Professional standing — Certificates, CPD logs, training records
• Compliance involvement — Meeting minutes, decisions or challenges raised, notes showing your participation
• Supervision and oversight — File review sampling, follow-ups on issues raised, documented challenges to advice or conduct
• Registers — Breach, complaint, and incident registers, with your sign-off or queries noted

This kind of documentation doesn’t just satisfy ASIC, it helps clarify your role internally, too. It separates what’s been delegated from what you’re still across.

ASIC doesn’t just assess your qualifications. It looks at what you knew, what you did, and how you led.

A Role of Judgment, Not Just Tasks

The Responsible Manager role isn’t defined by a checklist. It’s defined by judgment: your ability to identify risks, influence decisions, and demonstrate that the licensee is being well-managed.

And ASIC knows that. In recent reviews and enforcement actions, the focus has shifted toward what RMs knew, did, or failed to do. Not just whether their résumé ticked the competency boxes. ASIC has the authority to take administrative action against RMs, including banning them, if they believe an RM hasn’t adequately met their obligations.

That’s why clarity matters. Not just to protect your licence, but to support good governance.

Making the RM Role Work in Real Life

If you’re an RM in a small licensee, clarity is your best defence. Understand what must be decided, what can be delegated (with oversight), and what must be documented.

The role can feel murky, especially when you’re juggling it with other business priorities. But with a clear framework around your core duties and how to evidence them, the RM role becomes manageable, not mysterious.

And more importantly, it becomes a meaningful contribution to a well-run advice business, not just a name on a licence.

Ask yourself: If ASIC walked in tomorrow, what would they find? A file that merely ticks boxes, or one that tells the story of a well-governed licensee?