Compliance Guide · Updated 18 May 2026
Plain-English guide to the Best Interests Duty in force since 1 January 2021 — what the duty requires under section 158LA, how the conflicts priority rule under Regulation 28HA operates, suitability under section 128, ASIC RG 273 guidance, and what must be in the file to defend a recommendation in an audit or AFCA dispute.
The three core obligations
Three legal provisions sit at the heart of Australian mortgage broker compliance. They overlap but each adds a distinct obligation — and the broker must satisfy all three on every file.
The Best Interests Duty (BID) was introduced into the National Consumer Credit Protection Act 2009 (NCCP) on 1 January 2021. Under section 158LA, a licensee or credit representative providing credit assistance in relation to a credit contract must act in the best interests of the consumer. The obligation is on the broker personally and on the licensee under whose authority the broker operates.
In practice
Regulation 28HA of the National Consumer Credit Protection Regulations 2010 requires that where there is a conflict of interest between the consumer and the broker (or related party), the broker must give priority to the consumer's interests. This is the operational rule for handling commission asymmetries, lender bonuses, ownership relationships, and referral arrangements.
In practice
The pre-existing suitability obligation under section 128 continues to apply alongside BID. Brokers must make reasonable inquiries about the consumer's financial situation, requirements and objectives, and take reasonable steps to verify the consumer's financial situation. The broker must then make a written 'not unsuitable' assessment of the proposed credit contract.
In practice
ASIC RG 273 — the four pillars
ASIC Regulatory Guide 273 sets out the regulator's expectations for how brokers should comply with the Best Interests Duty. The guide is structured around four practical pillars that map onto the file evidence you should hold.
Make sufficient inquiries to understand the consumer's individual circumstances. Verify the information using independent sources where reasonable. The depth of inquiry should be proportionate to the loan's complexity and the consumer's apparent sophistication.
The product or strategy recommended must be tailored to the specific consumer's circumstances and objectives — not a generic 'what we usually do'. Where multiple products could reasonably serve the consumer, the recommendation should reflect a comparison.
Identify any conflicts (commission differences between lenders, ownership relationships, white-label arrangements, referral fees). Manage them by prioritising the consumer's interests. Disclose them, but disclosure alone is insufficient.
Maintain a written, contemporaneous record of how the BID was discharged for each consumer. ASIC's clear position: if it isn't documented, it didn't happen. The file must defend the recommendation on its own without relying on the broker's memory.
Reasonable inquiries
The depth of inquiry is proportionate to loan complexity and consumer circumstances. As a guide, these are the categories every fact-find should cover.
Verification means independent evidence: payslips, tax returns, bank statements, credit reports. ASIC's position is that reliance on consumer self-statement alone is rarely sufficient.
The audit-defence file
The single best predictor of an audit pass is a clean, contemporaneous client file. These are the eight artefacts your file should always contain.
Complete record of consumer's financial situation, requirements, objectives. Dated, signed (or e-signed) by consumer.
Payslips, tax returns, bank statements, savings evidence, liability evidence (credit report). Dated within 90 days of submission.
HEM benchmark and actual-expenses reconciliation. Documented explanation where actual differs from HEM.
Evidence of comparison across the relevant lender panel — rate, features, fees, eligibility. Records why short-listed products were considered.
Written explanation of why the recommended product is in the consumer's best interests, with reference to their specific objectives.
Credit Guide, Credit Proposal, and any conflict disclosure (ownership, referral, commission asymmetry) signed by consumer.
Section 128 assessment in writing. Records why the proposed contract is not unsuitable for the consumer's circumstances.
Material communications with the consumer (file notes, emails, meeting notes). Critical for defending the recommendation in an audit or AFCA dispute.
Breach reporting + recordkeeping
The Reportable Situations regime under section 50A imposes a 30-day window from awareness to ASIC notification. Records under section 88 must be retained for seven years.
Since October 2021, the Reportable Situations regime (the renamed breach-reporting framework) requires credit licensees to report 'reportable situations' to ASIC within 30 days of becoming aware. A reportable situation includes significant breaches, likely-to-be-significant breaches, and gross negligence or serious fraud involving credit activities.
A core obligation breach is automatically significant if it triggers certain criteria: civil/criminal penalty exposure, civil-action grounds available to consumers, financial loss, or material impact on the licensee's ability to provide credit services. Best Interests Duty breaches reach the threshold quickly.
From identification, the licensee has 30 days to lodge the report. As a credit representative, your aggregator's compliance team needs to know within their internal SLA (often 5–10 business days) so they can investigate and lodge with ASIC on time.
Records of credit activities must be retained for seven years after the relevant credit activity. This includes BID evidence, fact-finds, verification documents, recommendations, and communications. Cloud storage with encryption and access control is the practical solution.
The auditor or AFCA officer reading your file won't remember the client's body language or your phone call. Write the recommendation rationale so it stands alone — what the consumer wanted, what you considered, why the recommendation serves their best interests.
A note saying “Lender X chosen” doesn't discharge BID. The file should show what you compared (3–5 products on rate, fees, features, eligibility) and why the shortlist matched the consumer's objectives. Most CRMs support a comparison-evidence template.
Commission asymmetries between lenders, white-label products owned by aggregators, and referral fee arrangements are all real conflicts. Under Reg 28HA, disclosure is the start, not the end. The file must show how you prioritised the consumer where conflicts existed.
Fact-find at month 1, settlement at month 4 — circumstances change. New baby, new job, new car loan. Update the file with refreshed inquiries close to submission to ensure the not-unsuitable assessment reflects current circumstances.
The Best Interests Duty was introduced into the National Consumer Credit Protection Act 2009 by Schedule 3 of the Financial Sector Reform (Hayne Royal Commission Response) Act 2020. The duty commenced on 1 January 2021 and applies to credit assistance provided on or after that date.
Suitability (s128) is a 'not unsuitable' test — the credit contract must not be unsuitable for the consumer. BID (s158LA) is a positive obligation — the broker must actively act in the consumer's best interests. Suitability is a floor; BID requires going beyond that floor. Both obligations apply simultaneously to mortgage brokers, and both must be evidenced in the file.
No. BID requires the broker to act in the consumer's best interests, considered holistically. A higher-rate product may be in the consumer's best interests if it offers features the consumer values (offset, redraw, fast settlement) that lower-rate alternatives lack. The documented rationale matters more than headline rate.
Where there is a conflict between the consumer's interests and the broker's interests (or a related party's), Regulation 28HA requires the broker to give priority to the consumer's interests. This applies to commission asymmetries between lenders, lender-aggregator ownership relationships, white-label products, and any referral or remuneration arrangement that could compromise objectivity.
Section 88 of the NCCP Act requires credit licensees to retain records of credit activities for at least seven years after the relevant credit activity. For mortgage brokers, this includes the fact-find, verification documents, comparison evidence, recommendation rationale, and signed disclosures. Most aggregators specify the same seven-year minimum in their compliance manuals.
BID is a civil-penalty provision under the NCCP Act. ASIC can pursue civil action with significant penalties for individuals and corporates. Civil action by affected consumers is also available. Practically, the most common consequences are AFCA determinations, aggregator-led remediation, loss of credit-rep authorisation, and — at the most serious end — ASIC enforcement action and banning orders.
OneBookPlus structures fact-find, verification, product comparison, and recommendation rationale into a single audit- defensible file — built around section 158LA, Reg 28HA, and section 128 obligations.
Last reviewed and updated: by Bishal Shrestha
About the author
Founder & CEO, OneBookPlus
Bishal has over a decade of experience in digital marketing, web development, and small business consulting across Australia. He has helped brokers build BID files that satisfy ASIC RG 273 — inquiries, conflicts priority, suitability, and section 88 recordkeeping.
More in this guide
8-step founder guide — ACL/credit rep, MFAA/FBAA, aggregator, PII, software stack, first clients.
Read →ReferenceAustralian Credit Licence vs becoming a credit representative under an aggregator's ACL — pros, cons, costs.
Read →ReferenceMFAA Code of Practice vs FBAA Code of Conduct, member benefits, professional development, fees.
Read →From the blog
Practical guides and explainers from the OneBookPlus blog, grouped by topic.
Practical invoicing advice for Australian freelancers — from setting payment terms and including your ABN to chasing overdue invoices and choosing the right accounting software.
Everything you need to know about professional invoicing — from what to include on an invoice, payment terms, chasing late payments, to choosing the right invoicing software. Works for any country.
An honest comparison of CRM software for Australian small businesses — what you actually need, what's overkill, and why an all-in-one platform often beats a standalone CRM.