ASIC’s $40M CFD Enforcement: Action & Accountability for Issuers

Introduction 

The Australian Securities and Investments Commission (ASIC) has reshaped the regulatory landscape for Contracts for Difference (CFD) providers, securing nearly $40 million in refunds for investors after a sector-wide review. This significant penalty marks a critical shift from a focus on disclosure-based compliance to a new era of outcomes-based regulation. This action, underpinned by obligations in the Corporations Act 2001 (Cth), demonstrates that ASIC is now prosecuting based on actual client harm and systemic compliance failures, rather than just the completeness of documentation.

For CFD brokers and their senior management, this enforcement is a clear signal that the era of “tick-box” compliance is over. This guide moves beyond foundational definitions to provide essential, strategic guidance on navigating this new environment. It focuses on the operational failures that led to this penalty—such as breaches of the Product Intervention Order (PIO) and widespread non-compliance with Design and Distribution Obligations (DDO)—and outlines the concrete actions firms must now take to manage their regulatory risk.

Interactive Tool: Check Your Risk of ASIC Enforcement & Penalties

ASIC’s Legal Framework for CFD Enforcement

The Obligation to Act Efficiently Honestly & Fairly

Under section 912A(1)(a) of the Corporations Act 2001 (Cth), Australian Financial Services Licence (AFSL) holders have a general obligation to provide their services “efficiently, honestly and fairly.”

ASIC’s recent enforcement actions signal a significant shift, interpreting this “fairness” requirement through the lens of actual client outcomes rather than procedural compliance.

Consequently, the regulator now argues that business models producing systemic and significant retail client losses fail to meet this objective standard, regardless of the disclosures provided.

This approach means that high loss ratios among retail clients can be used as evidence of a breach. ASIC’s focus on client outcomes demonstrates that practices leading to unfair results may contravene this core obligation, particularly when they involve:

• Locking clients into higher costs.
• Exposing them to inappropriate risks.

Design & Distribution Obligations (DDO)

The DDO, outlined in Part 7.8A of the Corporations Act 2001 (Cth), form the statutory foundation for ASIC’s consumer-centric regulatory approach. Commencing in October 2021, this regime requires financial product issuers to design products that are appropriate for a specific class of consumers and to take deliberate steps to ensure they are distributed to that intended audience.

A key requirement of the DDO is the creation of a Target Market Determination (TMD). This public document must:

• Describe the class of consumers for whom the product is likely to be appropriate, considering their objectives, financial situation, and needs.
• Specify any conditions or restrictions on how the product is distributed.
• Outline events or circumstances that would trigger a review of the TMD.

ASIC’s review of the CFD sector revealed widespread non-compliance, with many issuers creating TMDs that were too broad or poorly defined, failing to prevent the distribution of high-risk products to unsuitable retail clients.

The “Reasonable Steps” Obligation: Sections 994E & 994F

Within the DDO framework, sections 994E and 994F of the Corporations Act 2001 (Cth) impose a “reasonable steps” obligation on both issuers and distributors.

This requires them to implement measures that are reasonably likely to result in product distribution being consistent with the TMD.

Importantly, ASIC’s enforcement actions have made it clear that passive documentation is insufficient to meet this standard.

The regulator is now focused on the operational effectiveness of these steps, meaning firms must actively enforce their TMDs through robust systems and controls. ASIC’s findings highlighted that many firms failed to take reasonable steps by relying on inadequate measures, such as:

• Utilising weak onboarding questionnaires.
• Lacking any real-time monitoring capabilities.

Furthermore, section 994F requires distributors to notify the issuer of any “significant dealing” that is inconsistent with the TMD, a process closely linked to formal breach reporting and reinforcing the need for active monitoring.

Key ASIC Guidance: RG 274 & RG 227

While not legally binding, ASIC’s Regulatory Guides (RG) provide critical insight into the regulator’s interpretation of the law and its compliance expectations. For CFD providers, two guides are particularly important:

• RG 274 offers detailed guidance on the DDO, explaining ASIC’s expectations for constructing TMDs, setting meaningful distribution conditions, and establishing processes for ongoing monitoring and review.
• RG 227 specifically addresses over-the-counter CFDs, remaining relevant for its guidance on client suitability, risk disclosure, and leverage by outlining seven disclosure benchmarks intended to help retail investors understand the risks associated with these complex products.

Core Failures: Margin Discounting & TMD Breakdowns

Margin Discounting as a Distribution Failure

ASIC’s enforcement action highlighted that offering ‘margin discounts’ is not merely a pricing strategy but a significant distribution failure.

Specifically, more than half of the CFD sector was found to be contravening ASIC’s PIO by offering these discounts to retail clients with opposing long and short positions. As a result, this practice artificially lowered the initial margin required, which ultimately encouraged clients to build excessively leveraged positions.

While appearing beneficial, these discounts often led to increased funding costs for investors, which could erode potential profits and increase the risk of liquidation. Consequently, ASIC views these incentives as a breach of the obligation to act efficiently, honestly, and fairly under section 912A(1)(a) of the Corporations Act 2001 (Cth).

Furthermore, margin discounting constitutes a failure in distribution controls by:

• Attracting clients who may not meet the intended risk profile.
• Undermining the overall integrity of the TMD.

TMDs: The Gap Between Paper & Practice

A critical failure identified by ASIC was the significant gap between documented compliance and operational reality.

Many CFD issuers had TMDs that existed on paper but were not effectively implemented in practice, leading to widespread non-compliance with the DDO. Consequently, this shortfall was particularly evident in their flawed client onboarding processes.

ASIC’s review found that many issuers used weak onboarding questionnaires that failed to screen out clients for whom CFDs were inappropriate. For example, in its action against eToro, ASIC alleged the screening test was wholly inadequate and very difficult to fail.

Key issues identified across the sector included:

• Allowing applicants unlimited re-attempts to pass compatibility tests.
• Providing prompts that guided applicants toward the “correct” answers.
• Failing to ask questions that genuinely assessed a client’s understanding of leverage, volatility, and risk.

These practices ultimately rendered the screening process ineffective, allowing distribution to occur outside the intended target market.

Furthermore, most issuers were found to have no real-time monitoring of client trading outcomes, meaning there was no system to check if the product was actually reaching the appropriate audience or causing harm.

Misalignment of Product Risk & Client Outcomes

ASIC’s enforcement actions are increasingly driven by the stark misalignment between the high-risk nature of CFD products and the consistently poor outcomes for retail clients.

This reflects a broader regulatory shift from focusing on disclosure to prioritising actual consumer harm. Ultimately, the underlying statistics underscore the extent of this misalignment and the severe detriment suffered by investors.

In the 2024 financial year, the data revealed significant investor detriment:

• 68% of retail CFD investors lost money, with total net losses exceeding $458 million (a figure that includes $73 million in fees).
• For certain high-risk products like options CFDs, the loss rate was as high as 85%.

Strategic Compliance Actions for CFD Firms

Rebuild TMDs Around Actual Client Behaviour

A TMD must be a dynamic, data-supported document rather than a static compliance paper. Consequently, ASIC’s enforcement actions show that a “set and forget” approach to your TMD is a breach of your obligations.

Therefore, firms need to shift from theoretical client profiles to TMDs built on actual client trading behaviour and loss metrics. To align with regulatory expectations, your firm should:

• Use empirical client trading data to define and validate risk segments within your TMD.
• Ensure the criteria for including or excluding clients are operationally enforceable through your systems.
• Establish review triggers based on real behavioural outcomes, such as client loss metrics, not just periodic calendar reviews.
• Correlate client loss data with TMD review triggers to demonstrate that the product is reaching the intended sophisticated audience.

Redesign Incentives That Drive Misaligned Distribution

Promotional incentives, particularly margin discounts, are viewed by ASIC as a distribution control failure, not just a pricing strategy. Because these practices can attract clients from outside the intended target market, they ultimately undermine the protections of ASIC’s PIO.

In fact, more than half of the CFD sector was found to be contravening the PIO by offering margin discounts for hedged positions. As a result, your firm must immediately audit its trading platforms and margin calculation engines.

Specifically, any mechanism that reduces the initial margin required from retail clients below the prescribed ratios must be disabled. This includes addressing the following practices:

• Disabling mechanisms that net off notional values of opposing long and short positions.
• Restructuring incentives to avoid undermining product risk profiles.
• Ensuring promotional offers do not increase the likelihood of client capital erosion.

Implement Real-Time Distribution Controls

The requirement to take “reasonable steps” under the DDO necessitates a move from simple onboarding checks to continuous, real-time monitoring of client outcomes. Furthermore, a one-time questionnaire is insufficient to ensure distribution remains consistent with the TMD over the client lifecycle.

Firms must implement systems to track “red flag” indicators of consumer harm in real-time. These indicators should include:

• High leverage utilisation rates by retail clients.
• The frequency of margin calls and automatic liquidations.
• Client tenure and churn rates, particularly rapid loss of funds followed by account closure.
• Net loss positions relative to the client’s deposited funds.

When these metrics exceed defined risk thresholds, your firm must have a documented process to intervene, whether by suspending marketing to that client, making direct contact, or offboarding them.

Strengthen Evidence for “Reasonable Steps” 

To defend against regulatory scrutiny like AFSL audits and investigations, CFD providers must build a defensible audit trail that proves the operational effectiveness of their distribution controls. This involves documenting not just policies, but also decision-making processes, control testing, and the outcomes of those controls.

Additionally, the obligation under section 994E of the Corporations Act 2001 (Cth) requires more than just having a TMD on paper. Strengthening your evidence involves:

• Maintaining complete and accurate records of all decisions related to your TMDs and their reviews, including the reasons for those decisions.
• Documenting the rationale behind your controls, the effectiveness of those tests, and your responses to any adverse signals or data.
• Creating auditable data lineage that tracks information from the trading engine through to regulatory reporting, ensuring accuracy and integrity.

Align Governance & Product Risk

Effective corporate governance requires that board and senior management oversight reflects the high-risk profile of CFDs, a core component of effective risk management. Consequently, there must be clear accountability for client outcomes, shifting the firm’s priority from aggressive client acquisition to robust retention and protection frameworks.

To achieve this alignment, senior leadership should:

• Elevate distribution controls and product risk metrics within board-level oversight frameworks.
• Require regular reporting on TMD performance, including data on client loss ratios and the effectiveness of onboarding filters.
• Ensure there is clear accountability for product governance, with responsibilities for client outcomes clearly defined for Responsible Managers and other senior executives, which underscores the importance of the AFSL responsible manager recruitment process.

ASIC’s Enforcement Signals for 2026 & Beyond

The Shift from Disclosure to Active Intervention

ASIC’s enforcement actions signal a fundamental change in its regulatory approach, moving from a focus on disclosure to one of active intervention. Consequently, the regulator is no longer satisfied with firms simply providing comprehensive disclosure documents.

Instead, it is now focused on actual client outcomes and is prepared to intervene directly in the following areas to prevent consumer harm:

• The initial product design phases.
• The ongoing product distribution processes.

This shift means that ASIC is prosecuting cases based on the real-world impact of financial products on consumers, rather than just the completeness of paperwork. Furthermore, the regulator expects firms to demonstrate that their products and distribution strategies lead to fair outcomes, indicating that “tick-box” compliance is no longer sufficient.

This proactive stance shows that ASIC will use its full suite of powers to:

• Actively address misconduct across the financial sector.
• Reduce the risk of significant detriment to retail investors.

Increased Scrutiny on High-Risk Retail Products

CFDs continue to be a major priority for ASIC due to the significant potential for retail client harm. The high loss rates associated with these products underscore the regulator’s concerns.

Specifically, during the 2024 financial year, the data revealed:

• That 68% of retail CFD investors lost money.
• A loss rate as high as 85% for particularly high-risk products like options CFDs.

This focus on high-risk products is one of ASIC’s key supervisory priorities for 2025-26. Furthermore, ASIC’s PIO for CFDs is set to expire on 23 May 2027.

To determine the future of these restrictions, the regulator has announced it will:

• Directly engage with the industry in 2026.
• Use the findings from its recent review to inform its proposals.

Beyond Documents: Deeper Reviews of Distribution Systems

Future ASIC reviews will go beyond examining policy documents and will test the operational effectiveness of a firm’s distribution controls. The regulator is now focused on how systems and processes work in practice to ensure products are distributed to the correct target market.

Consequently, surveillance will increasingly involve a deep dive into the functional effectiveness of a firm’s compliance architecture, where ASIC will scrutinise key operational components, including:

• The design and effectiveness of client screening tools and onboarding questionnaires.
• The use of data analytics to monitor client behaviour and outcomes.
• The integrity of regulatory reporting systems.

The proceedings against eToro, which focused on the inadequacy of its screening test, exemplify this approach.

Conclusion 

ASIC’s enforcement actions, culminating in nearly $40 million in refunds, have fundamentally shifted the regulatory landscape for CFD providers from disclosure-based compliance to a focus on actual client outcomes and operational effectiveness. This new era demands that firms move beyond paper-based TMDs and passive controls, instead implementing data-driven product governance, real-time monitoring, and robust systems to prevent consumer harm from high-risk products.

In this heightened regulatory environment, reframing compliance as a strategic function is essential for managing commercial risk and ensuring sustainability. To navigate these complex changes, contact AFSL House’s lawyers to develop a defensible compliance framework tailored to your business and ensure your practice meets the regulator’s evolving expectations.

Frequently Asked Questions