Skip to main content
FormaOS
ASIC + APRA + AUSTRAC Ready

Your AFS Licence Obligations. Governed.

ASIC, APRA, and AUSTRAC obligations mapped to named owners with immutable evidence. Every licence condition becomes a governed workflow.

Start Free TrialBook a Demo
AU-hosted infrastructure14-day free trialNo credit card requiredASIC-ready audit trail
app.formaos.com.au
Obligations Register
AFS Licence Obligations
4 Mapped1 At Risk1 Unmapped
ObligationStatus
General conduct obligationsMapped
Financial resource requirementsMapped
Breach reporting — s912DAt Risk
AML/CTF Program — Part AMapped
CPS 230 — Critical operationsUnmapped
IDR proceduresMapped
6 of 6 records
Live
The Compliance Gap

Why financial services compliance keeps you up at night

AFS licensees juggle overlapping regulators, shifting obligations, and board scrutiny — with tooling that was never built for the job.

AFS licence conditions not mapped to operational obligations

Licence conditions sit in legal documents while day-to-day operations run independently. Gaps between what your licence requires and what your team actually does remain invisible until an ASIC review surfaces them.

Breach register not maintained — s912D self-reporting missed

Without a centralised breach register, reportable situations under s912D are identified late or not at all. Self-reporting obligations carry strict timeframes, and missed deadlines compound regulatory risk.

AUSTRAC AML/CTF annual compliance report deadlines missed

The annual compliance report to AUSTRAC requires evidence of programme effectiveness across the year. Assembling that evidence manually from scattered systems creates last-minute scrambles and incomplete submissions.

Board unable to demonstrate oversight of compliance programme

Directors need to evidence active oversight of the compliance programme. Without structured board reporting, there is no documented trail showing the board received, questioned, and acted on compliance information.

APRA CPS 230 operational risk framework not operationalised

CPS 230 requires identification of critical operations, tolerance settings, and business continuity testing. Many organisations have the policy but lack the operational systems to track and evidence compliance.

Regulatory change management done manually with no tracking

When ASIC, APRA, or AUSTRAC issue new guidance or legislative instruments, changes are tracked via email threads and ad-hoc spreadsheets. There is no systematic way to assess impact, assign owners, or verify implementation.

Framework Coverage

Obligation coverage across every financial services regulator

Pre-built frameworks map your ASIC, APRA, AUSTRAC, and AFCA obligations out of the box. Each obligation links to an owner, evidence requirement, and review cycle.

Pre-built
Audit-mapped
Evidence-linked
300+
Obligations
General conduct obligations
Financial resource requirements
Organisational competence
Risk management systems
Dispute resolution (IDR/EDR)
Breach reporting and self-reporting
Client money and property handling
Disclosure and conduct obligations
How It Works

Three Steps to Audit-Ready

01

Map Your Obligations

Pre-built frameworks load your obligations automatically. Every requirement — mapped, named, and owned.

02

Govern With Evidence

Every obligation gets an owner, a deadline, and an immutable evidence chain. No more spreadsheets. No more scrambling before audits.

03

Prove Compliance Instantly

One-click audit-ready reports. Regulator visits, accreditation assessments, board reviews — export your evidence pack in minutes.

Built for Your Industry

Purpose-built for AFS licensees

Every feature is designed around the obligations, registers, and reporting that Australian financial services organisations actually need.

Feature 01

Obligations Register

Every ASIC, APRA, and AUSTRAC obligation mapped to licence conditions with regulation references, named owners, evidence requirements, and review schedules.

  • Pre-loaded obligation sets for AFS licence conditions
  • Regulation reference linked to each obligation (e.g. s912A(1)(a))
  • Named owner assignment with escalation paths
  • RAG status tracking — mapped, at risk, unmapped, breached
  • Scheduled review cycles with automated reminders
Obligations Register
General conduct — s912A(1)(a)
Head of Compliance
Financial resources — s912A(1)(d)
CFO
Breach reporting — s912D
Compliance Mgr
CPS 230 — Critical operations
COO
Feature 02

Breach Register

Centralised register for reportable situations under s912D with self-reporting workflow, days-since-detection counter, and immutable audit trail.

  • s912D reportable situation classification
  • Days-since-detection counter with regulatory deadline alerts
  • Self-reporting workflow — draft, review, lodge, confirm
  • Root cause analysis and remediation tracking
  • Immutable evidence chain from detection to resolution
Breach Register
BR-2026-041 — Client money shortfall
12 days
BR-2026-038 — Disclosure failure
28 days
BR-2026-035 — Training lapse
Resolved
BR-2026-029 — SOA deficiency
Resolved
Feature 03

Board Reporting Pack

One-click PDF generation with RAG compliance status, open breach summary, upcoming regulatory deadlines, and attestation-ready formatting for directors.

  • RAG status dashboard across all obligation categories
  • Open breaches with days outstanding and severity
  • Upcoming regulatory deadlines — next 30/60/90 days
  • Compliance programme effectiveness metrics
  • Director attestation and sign-off workflow
Board Reporting Pack
Overall compliance posture
94%
Open breaches
2 active
Overdue obligations
0
Next regulatory deadline
15 Apr 2026
Feature 04

AML/CTF Programme Tracking

Map AUSTRAC AML/CTF programme obligations across Part A and Part B, track annual compliance report requirements, and monitor suspicious matter reporting.

  • Part A and Part B obligation coverage dashboard
  • Customer identification procedure tracking
  • Ongoing customer due diligence monitoring
  • Annual compliance report deadline tracker with evidence assembly
  • Suspicious matter and threshold transaction reporting log
AML/CTF Programme
Part A — Customer ID
100% covered
Part B — CDD procedures
96% covered
Annual report
Due 30 Sep
SMR log
3 pending
Feature 05

AFCA Dispute Register

Track complaints from intake through resolution with AFCA notification workflow, resolution timelines, and systemic issue identification.

  • Complaint intake with categorisation and severity
  • Internal dispute resolution (IDR) timeframe tracking
  • AFCA escalation and notification workflow
  • Resolution timeline monitoring against regulatory requirements
  • Systemic issue identification and reporting
AFCA Dispute Register
DR-2026-118 — Fee dispute
IDR — Day 14
DR-2026-112 — Advice complaint
AFCA escalated
DR-2026-105 — Service delay
Resolved
DR-2026-099 — Disclosure query
Resolved
95+ routes206+ tables with RLSAU-hosted by defaultSOC 2 in progress
Boutique AFS Licensee
What they needed

Map all s912A obligations to named owners and maintain a breach register without hiring a dedicated compliance team.

What FormaOS delivers

Pre-loaded obligation register with RAG tracking, automated breach workflow, and board-ready reporting — run by a team of three.

Non-bank Credit Provider
What they needed

Demonstrate AUSTRAC AML/CTF programme compliance and prepare the annual compliance report without months of evidence gathering.

What FormaOS delivers

Continuous evidence capture across AML/CTF obligations with one-click annual report assembly and AUSTRAC-aligned audit trail.

Wealth Management Firm
What they needed

Provide directors with structured compliance oversight across ASIC, APRA, and AFCA obligations for board meetings.

What FormaOS delivers

Unified board reporting pack covering all three regulators, open breaches, upcoming deadlines, and attestation workflow.

Built for frameworks governed by

ASIC
APRA
AUSTRAC

Start Governing Financial Services Compliance Today

Join Australian organisations that trust FormaOS to maintain continuous compliance.

Starter
$159/mo

For small teams getting started with compliance.

Most Popular
Professional
$239/mo

For growing organisations with active compliance obligations.

Enterprise
$399/mo

For regulated enterprises with complex multi-framework needs.

Start 14-Day Free TrialTalk to a compliance specialist

AU-hosted · No credit card required · Cancel anytime · Your data never leaves Australia

Financial Services FAQ

Frequently Asked Questions

FormaOS includes pre-built obligation sets for key Regulatory Guides including RG 104 (AFS licence conditions), RG 132 (managed investment scheme compliance plans), and RG 259 (risk management systems for responsible entities). Obligations from each guide are mapped to named owners with evidence requirements and review schedules.