Page 1 of 2

Tony Featherstone is a Morningstar contributor and a former managing editor of BRW and Shares magazines.

The corporate regulator's risk-management review of the $1.8-trillion funds management sector attracted headlines this week.

Less considered was how the findings relate to smaller funds management groups around key-person risk and the use of external consultants.

ASIC's review of selected firms in 2011-12 was published in Adequacy of Risk Management of Responsible Entities.

ASIC assessed risk-management systems by firm size and complexity, and how selected responsible entities managed their financial, investment and liquidity risks.

ASIC said the firms it sampled "generally appeared to demonstrate compliance with their obligation as Australian Financial Services licensees to maintain adequate risk-management systems".

But it warned that improvements could be made - in particular for firms that are not part of the Australian Prudential Regulation Authority (APRA) regulated group.

An important finding was that firms categorised as small (operating less than 20 managed investment schemes) had risks around the loss of a key person, a potential over-reliance on external compliance and risk-management consultants, and limited understanding of residual risk.

Key-person risk can be a big issue for small funds management groups that are established by one or two core investment staff who are not easily replaced.

A potential threat is key staff dominating the organisation's agenda and over-riding risk-management systems.

ASIC said: "Such dominance may be problematic if it leads to decisions being made that would not be considered appropriate within a responsible entity's risk-management systems. We expect responsible entities to have in place appropriate strategies, such as business continuity or succession plans, to mitigate key-person risk."

ASIC suggested firms should consider their board and committee composition to help manage key-person risk and ensure risk controls are maintained.

An over-reliance on external risk-management in smaller firms received sterner commentary.

ASIC found a number of smaller firms were "heavily reliant" on risk-management and compliance consultants to develop, implement and monitor their systems.