It’s that time of year again—annual audit season. At MDA Guru, we frequently receive questions from AFSLs with MDA authorisations about their audit obligations. A common comment we hear from these AFSLs is, “I don’t need an MDA audit because I use a regulated platform for my MDA.”

While this is partly correct, there’s more to the story. If your MDA is partnered with a regulated platform, you might rely on the platform’s audit when it comes to the annual MDA Investor’s Statement. The annual report must include a valuation as of June 30th, transaction summaries, and income and expense reports. This report should be distributed within 90 days of the end of the financial year. The regulated platform typically handles this, and the statement is usually accompanied by a link to the auditor’s opinion.

However, if your MDA doesn’t utilise a regulated platform, the MDA Provider is responsible for having their Annual Investor’s Statements audited, which must be accompanied by the auditor’s opinion.

The Audit Beyond the Investor’s Statement

An audit, however, isn’t limited to the annual Investor’s Statement. According to ASIC RG-179, an MDA provider must have and comply with documented compliance measures and arrange for an audit of these measures.

Specifically, RG-179.99 states:

The internal control procedures must be audited annually after the end of your financial year. You must arrange for a registered company auditor to audit and lodge with ASIC—together with your annual financial statements and auditor’s report under section 989B—a statement from the auditor about:

(a) whether you have met the requirement to document internal control procedures during the financial year to which the financial statements relate; and

(b) whether the documented internal control procedures have ensured, as far as is reasonably practicable, compliance with the ASIC Corporations (Managed Discretionary Account Services) Instrument 2016/968 and the Corporations Act at all times during the financial year.

Ensuring Your Auditor is Prepared

It’s up to the MDA AFSL to ensure that their company auditor is capable of performing this specific audit. Importantly, the audit of internal controls should be incorporated into the annual company audit.

The Importance of Well-Documented Processes

At MDA Guru and Assured Support, we recommend that MDA providers develop well-documented procedures and processes related to their MDA. This documentation is crucial not only for regulatory compliance but also for streamlining the audit process. When presented properly, comprehensive documentation can save time and reduce auditor fees, ultimately leading to a more efficient and cost-effective audit process.

Key Takeaways for AFSLs with MDA Authorisations:

• MDA Providers using regulated platforms may rely on the platform’s audit for the Investor’s Statement, but still need to ensure compliance with ASIC's internal control requirements.

• MDA Providers without regulated platforms are fully responsible for auditing their Annual Investor’s Statements and having them accompanied by an auditor’s opinion.

• Ensure your internal control procedures are documented, as required by ASIC RG-179.

• Engage a competent auditor who can perform the necessary audits as part of the annual company audit.

• Efficient documentation of systems and processes can save both time and money when working with auditors.

In conclusion, while having a regulated platform might simplify parts of the audit process, it’s essential to remember that the responsibility for meeting ASIC’s regulatory requirements still falls on the MDA provider. Ensuring you have well-documented procedures in place will not only help ensure compliance but also streamline your audit, saving you both time and money in the process.

If you would like to know more about how we can help you meet your compliance needs then please feel free to reach out to the fantastic professionals at Assured Support and MDA Guru. We are here to help.