How can we help?

Search for answers or browse by topic.

How do I prepare for an ASIC review before it happens?

Direct Answer

Prepare for an ASIC review by keeping your records, registers, advice files, policies, monitoring reports and issue-management evidence current before ASIC asks for them. You should be able to show how your compliance framework operates in practice, not just produce documents that describe what should happen.

The detail

ASIC reviews are harder when preparation only starts after an information request arrives.

By that point, teams often scramble to locate advice files, breach assessments, complaint records, training evidence, Responsible Manager minutes, policy reviews and remediation updates. The problem is not always that the work was not done. Often, the problem is that the evidence is incomplete, inconsistent or spread across too many systems.

Good preparation means treating ASIC readiness as part of normal compliance management. Your business should be able to explain:

  • what obligations apply
  • who owns each compliance process
  • how risks are monitored
  • what issues have been identified
  • what actions were taken
  • how management and Responsible Managers exercised oversight
  • where supporting evidence is stored.

ASIC may assess whether your compliance arrangements work in practice, including governance, monitoring, reporting, remediation and accountability arrangements.

For example, if ASIC asks about adviser supervision, you should be able to produce more than a supervision policy. You should have file review results, adviser coaching notes, training records, escalation decisions, action items and evidence that issues were followed through to completion.

A better way to manage this

A better approach is to build a standing ASIC readiness process.

Where configured, [complyᵉ] can help centralise compliance obligations, tasks, registers, monitoring outcomes, incidents, actions and evidence. This makes it easier to see what is complete, what is overdue and what may need attention before an external review occurs.

The goal is to reduce last-minute reconstruction. Your compliance system should already contain the records needed to support your response.

Practical guidance

  • Maintain current registers for breaches, complaints, conflicts, incidents, training, risks and remediation.
  • Test advice files and key controls regularly, rather than waiting for an audit.
  • Review whether policies reflect actual business practices.
  • Record management decisions, Responsible Manager oversight and escalation steps.
  • Prepare key staff to explain how compliance processes work in practice.

Common mistakes

  • Preparing only after ASIC makes contact. This creates pressure and increases the risk of incomplete responses.
  • Relying on policies without evidence. ASIC will usually want to see how processes operate, not just how they are documented.
  • Ignoring overdue actions. Open issues can suggest weak oversight if they are not tracked and escalated.
  • Keeping evidence in personal inboxes. This makes it harder to produce a clear and reliable response.

See how [complyᵉ] helps you stay ASIC-ready with organised records, clear ownership and evidence-based oversight.

Talk to us