Interim Strategy: Operate as Corporate Authorised Representative (CAR) of a licenced entity while AFSL/ACL applications are processed (est. 4–12 months). Broker-first hybrid model generates revenue during licensing period.
Responsible Manager Requirements
ASIC requires at least one Responsible Manager (RM) per AFSL with:
Minimum 5 years relevant financial services experience in the past 10 years
RG 105 qualifications (Diploma of Financial Planning minimum for advice; relevant qualifications for each authorisation)
Fit and proper person assessment (RG 2)
Capacity to discharge obligations (not a nominal appointment)
Capital / Financial Resource Requirements
Licence Type
Net Tangible Assets (NTA)
Additional Requirements
AFSL — General Advice
$50,000
Adequate cash resources
AFSL — Personal Advice
$150,000
Professional Indemnity insurance
AFSL — Custodial
$10,000,000 or 10% of AUM
Audited financial statements
ACL — Credit Provider
$2,000,000+
Based on credit volume
RSE Licence
$5,000,000
APRA operational risk capital
2. Corporations Act 2001 — Financial Services
Part 7.7 — Financial Services Guide (FSG)
An FSG must be provided to retail clients before or when a financial service is provided (s941A–942C). Under the Delivering Better Financial Outcomes (DBFO) Act 2024 amendments (effective Jan 2025), AFS licensees can satisfy FSG obligations by publishing on their website.
Associations or relationships that may influence advice
Not yet implemented
Pending
Complaints handling procedure
DisputeResolutionNotice component
Implemented
Compensation arrangements
Not yet implemented
Pending
Part 7.9 — Product Disclosure Statement (PDS)
A PDS must be given to a retail client before the product is issued or sold (s1012A–1012C). The PDS must be up-to-date and can be provided electronically under ASIC Instrument 2025/447.
PDS Requirement
App Implementation
Status
PDS must be provided before acquisition
ProductDisclosureNotice on marketplace cards + application flow
Implemented
PDS links accessible on product pages
"View PDS" links on every product card
Implemented
Supplementary PDS for material changes
URL-based — updatable without app release
Architecture Ready
Short-form PDS option
Not yet implemented
Pending
Section 949A — General Advice Warning
When providing general advice to a retail client, the provider must warn that the advice does not consider the client's personal objectives, financial situation or needs.
Requirement
App Implementation
Status
General advice warning on all recommendation screens
Displayed at top of application flow, bottom of marketplace sections
Implemented
Section 992A — Anti-Hawking
Unsolicited offers of financial products to retail clients are prohibited. Products must only be offered in response to a request by the client.
Requirement
App Implementation
Status
Products shown at user's request (not pushed)
Anti-hawking text: "You have chosen to view these products. This information is provided at your request."
Implemented
No unsolicited push notifications for product offers
Product notifications not implemented
Compliant (no push marketing)
3. National Consumer Credit Protection Act 2009 (NCCP)
Credit Guide (s126–128)
A Credit Guide must be provided as soon as practicable when it becomes apparent a credit contract may be entered. For digital applications, this must be accessible before the application begins.
Requirement
App Implementation
Status
Credit Guide provided before credit assistance
CreditGuideNotice component shown at step 0 of mortgage applications
Implemented
Credit Guide link accessible
"View Credit Guide" link on mortgage product cards
Document URL points to goodmoney.com.au — content pending
Placeholder URL
Key Facts Sheet (Schedule 5, NCCP Regulations)
Lenders with websites must enable consumers to generate a personalised Key Facts Sheet for standard home loans. Failure to provide is a criminal offence + civil penalty (up to $220,000/breach).
Requirement
App Implementation
Status
KFS available on website / in-app
KeyFactsSheetNotice component with "View Key Facts Sheet" link
Implemented
Personalised comparison rate based on consumer's loan amount
Not yet implemented — requires dynamic KFS generation
Pending
KFS must include: interest rate, comparison rate, monthly repayments, total cost, fees
Make reasonable inquiries about requirements and objectives
Application form collects loan purpose, term, LVR preferences
Implemented
Take reasonable steps to verify financial situation
Basiq Open Banking integration provides verified transaction/balance data
Implemented
Assess that credit is "not unsuitable"
Best Interest recommendation engine checks suitability
Partial — needs formal unsuitability assessment
Provide written assessment on request
Audit trail in ProductContext generates assessment reasoning
Partial — needs formal document generation
Cooling-Off Period — Credit Contracts
Important: Cooling-off rights do NOT apply to credit contracts (home loans) under the National Credit Code. The app correctly distinguishes this — mortgage applications show "No Cooling-Off Period — Credit Contract" while insurance/super show 14-day notices.
Comparison Rate Schedule (Schedule 2, NCCP Act)
Any advertisement or disclosure of a credit interest rate must include a comparison rate calculated in accordance with Schedule 2. The comparison rate is based on a secured loan of $150,000 over 25 years.
Requirement
App Implementation
Status
Comparison rate displayed alongside interest rate
Disclaimer on mortgage tab references comparison rate basis
Partial — needs calculated comparison rate per product
Warning about comparison rate limitations
"WARNING: This comparison rate is true only for the examples given..." text on mortgage tab
Implemented
4. Design and Distribution Obligations (DDO)
Part 7.8A of the Corporations Act 2001 (commenced 5 October 2021). Applies to all financial products offered to retail consumers. Governed by ASIC Regulatory Guide 274 (RG 274).
Target Market Determination (TMD)
Obligation
App Implementation
Status
TMD must be prepared before product is first offered
TMD URLs defined in compliance.ts for each product category
Placeholder — TMD documents pending
"View TMD" link accessible to consumers
"View TMD" links on all product cards and in application flow
Implemented
Consumer must acknowledge TMD before acquisition
TargetMarketNotice component + mandatory TMD checkbox in application form
Implemented
Review triggers defined in TMD
Not yet implemented — requires TMD document content
Pending
Distribution conditions and restrictions
Best Interest recommendation engine restricts unsuitable recommendations
Implemented
Distributor reporting obligations to issuer
ProductContext tracking logs comparisons and applications
Partial — needs formal reporting
Issuer vs Distributor Obligations
Where Good Money manufactures its own products, it is both issuer AND distributor. Both sets of obligations apply. Where distributing third-party products, Good Money is a distributor only and must comply with the issuer's distribution conditions.
5. Privacy Act 1988 — Australian Privacy Principles
"Your data stays on your device" notice; data export not yet available
Partial
APP 13
Correction of personal information
Users can edit all data via Fact Find and setup screens
Implemented
Health Data — Special Considerations
Health data from wearables (Apple Health, Oura, Whoop, Fitbit, Garmin) is "sensitive information" under the Privacy Act. Collection requires explicit consent and can only be used for the stated purpose (insurance premium assessment).
Requirement
App Implementation
Status
Explicit consent for health data collection
Connect/disconnect buttons per platform; user-initiated only
Implemented
Purpose limitation (insurance pricing only)
Health data used for Health Score and insurance premium estimates
Implemented
Right to disconnect/delete health data
disconnectHealth() function per platform
Implemented
6. AML/CTF Act 2006 — AUSTRAC
As a provider of designated services (financial products, credit), Good Money must register with AUSTRAC and implement an AML/CTF program.
Obligation
Description
Status
Customer Identification (KYC)
Verify customer identity before providing designated services
Pending — requires ID verification integration
Transaction Monitoring
Monitor for suspicious transactions and report to AUSTRAC
Pending
Suspicious Matter Reports (SMRs)
Report suspicious matters within 24 hours (terrorism) or 3 days
Pending
Threshold Transaction Reports (TTRs)
Report cash transactions of $10,000+
Pending
AML/CTF Program
Written program covering Parts A (governance) and B (KYC)
Pending
Record Keeping
Retain records for 7 years
Pending
7. ASIC RG 221 — Facilitating Digital Financial Services Disclosures
Updated December 2025. Permits "publish and notify" method for electronic disclosures. No longer requires explicit client consent for digital delivery.
Key Requirements for Digital Delivery
Requirement
App Implementation
Status
Stable URLs for disclosure documents
Document URLs defined in compliance.ts (goodmoney.com.au/documents/)
Placeholder URLs
Documents accessible without login for initial access
Architecture supports public URLs
Pending — documents not yet hosted
Mobile-friendly format
App is mobile-first; all compliance text renders responsively
Implemented
Notification of document availability
In-app display of document links at point of need
Implemented
Record-keeping of notifications
ProductContext tracks when users view comparisons/applications
Partial
Paper copy available on request
Not yet implemented
Pending
WCAG 2.1 accessibility
AccessibilityContext provides font scaling; VoiceOver labels on key elements
Consolidates prior instruments (2015/647 and 2015/649). Allows publish-and-notify for PDS, FSG, SoA, periodic statements, and annual reports for managed schemes. Relaxes format requirements — no need to be "paper-like".
8. ASIC RG 271 — Internal Dispute Resolution
Requirement
Timeline
App Implementation
Status
Acknowledge complaint
1 business day (standard); 5 business days (certain complaints)
Industry self-regulation code administered by the Insurance Council of Australia. Key provisions include plain language requirements, claims handling timeframes, and vulnerability support.
Health Data for Insurance Pricing
Regulatory Risk: Using wearable health data for insurance pricing is novel in Australia. While life insurance uses health questionnaires, real-time wearable data for home/contents/motor insurance pricing has limited actuarial basis. Start as MGA on established insurer's paper (SWOT T8 mitigation). ASIC may require additional disclosure about how health data affects pricing.
10. Superannuation-Specific Regulations
Superannuation Industry (Supervision) Act 1993 (SIS Act)
Obligation
Description
App Implementation
Status
RSE Licence
Required to operate a superannuation fund
Not yet obtained
Pending (12–18 months)
MySuper compliance
Default option must meet MySuper requirements
Not yet implemented
Pending
Member outcome assessments
Annual assessment of member outcomes
Not yet implemented
Pending
Cooling-off (s1019B Corporations Act)
14 days from confirmation or 5th business day
CoolingOffNotice (super variant)
Implemented
Portability
Members can transfer their balance
Switch request generator for super rollovers
Implemented
APRA Prudential Standards
SPS 220 — Risk Management: Written risk management framework
SPS 232 — Business Continuity: Operational resilience plan
CPS 234 — Information Security: Cybersecurity requirements
CPS 230 — Operational Risk Management (effective 1 July 2025)
11. Electronic Transactions Act 1999
Provides legal validity for electronic communications and contracts. Key provisions for the app:
Provision
Description
App Implementation
Status
s8 — Validity of electronic transactions
Electronic form is valid if parties consent
Digital application and acceptance flow
Implemented
s9 — Writing requirement satisfied electronically
Electronic text satisfies writing requirements
All disclosures rendered as accessible text
Implemented
s10 — Signature requirement
Electronic signature acceptable with consent
Checkbox acceptance as electronic consent
Partial — may need stronger e-signature
s14A — Time and place of dispatch/receipt
Electronic record deemed received when accessible
In-app display at point of need
Implemented
12. Consumer Data Right (CDR) / Open Banking
Regulated under Part IVD of the Competition and Consumer Act 2010, administered by ACCC. Good Money uses Basiq as an intermediary for Open Banking access.
Requirement
Description
App Implementation
Status
CDR Accreditation
Required for direct access to consumer banking data
Using Basiq as accredited intermediary (ADI-level)
Implemented via Basiq
Consumer consent
Explicit, informed, and specific consent required
Basiq consent flow with redirect to secure consent page
Implemented
Data minimisation
Only collect data necessary for stated purpose
Basiq scoped to accounts, balances, transactions
Implemented
Consent duration and withdrawal
Consumer can withdraw consent at any time
Disconnect function for bank connections
Implemented
Data retention limits
Data must be deleted when no longer needed
Not yet implemented — requires data lifecycle policy
Pending
13. Anti-Hawking Provisions
Section 992A of the Corporations Act prohibits unsolicited offers of financial products. The 2021 reforms (Treasury Laws Amendment (Design and Distribution Obligations and Product Intervention Powers) Act 2019) strengthened these provisions.
Requirement
App Implementation
Status
No unsolicited offers of financial products
Products only shown when user navigates to product sections (user-initiated)
Implemented
Clear indication that viewing is user-initiated
"You have chosen to view these products" text on all marketplace sections
Implemented
No cold-call sales of financial products
No outbound sales features
Compliant
Push notification restrictions
No product-specific push notifications implemented
Compliant
Gamification Consideration: Happy Cash/Good Cash incentives linked to product applications could be scrutinised under anti-hawking if they constitute "inducement" to acquire financial products. Ensure incentives reward engagement/education rather than product acquisition specifically. The current design awards cash for completing applications (process) rather than for purchasing products (outcome).
14. Best Interest Duty — Financial Advice
Section 961B of the Corporations Act requires financial advisers to act in the best interest of the client when providing personal advice. The Levy Review (Quality of Advice Review) is expected to create new categories of "qualified advice" with lighter obligations.
"Best for you" recommendations based on user's financial data
Best Interest Duty, SoA, appropriate advice
Critical Risk: The app's recommendation engine uses personal financial data (from Fact Find and Open Banking) to generate personalised product recommendations with "Best for You" tags. This likely constitutes personal advice under s766B(3), triggering the full Best Interest Duty. Mitigations:
1. Frame all recommendations as general advice with appropriate warnings (current approach)
2. Ensure recommendation engine does not consider individual circumstances beyond product features
3. If personal advice, require human-reviewed Statement of Advice (SoA) before product acquisition
4. Monitor Levy Review outcomes for "qualified advice" pathway
App Implementation — Best Interest Framework
Feature
Implementation
Status
Best Interest scoring
ProductContext scores products; only recommends when score ≥ 65 + 2+ reasons
Implemented
Audit trail
RecommendationAuditEntry with timestamp, reasons, comparison details
Implemented
"Why we recommend this" transparency
Expandable audit trail on each product card
Implemented
General Advice Warning
Prominent amber warning on all recommendation screens
Implemented
Statement of Advice (SoA)
Not yet implemented — required if providing personal advice
Pending
15. Dual-Currency (Happy Cash / Good Cash) Compliance
The Happy Cash / Good Cash system mirrors VGW's Gold Coin / Sweeps Coin architecture. Key regulatory considerations:
Risk
Description
Mitigation
Status
Deposit-Taking
If ASIC/APRA determines Happy Cash constitute deposit-taking, an ADI licence is required
Happy Cash are prepaid service credits with no cash redemption — not deposits. Good Cash has expiry (12 months), variable rates, multiple earning triggers
Requires legal opinion
Stored Value Facility
ASIC may classify as a stored value facility under the Payment Systems (Regulation) Act 1998
Good Cash can only be redeemed against Good Money product costs (mortgage, insurance, super) — not converted to cash
Requires legal opinion
Financial Product
If Happy Cash is classified as a financial product, AFSL authorisation is needed for dealing
Structured as loyalty/rewards program, not an investment or payment instrument
Requires legal opinion
Gift Card Regulations
Australian Consumer Law gift card provisions (3-year minimum expiry)
Good Cash has 12-month expiry — this may need to be extended to 3 years if classified as a gift card
Requires legal review
GST Treatment
Purchase of Happy Cash may be a taxable supply under the GST Act
Seek ATO private ruling on GST treatment of coin purchases and cash redemptions
Pending
SWOT v2 — Threat T1: Regulatory reclassification of the dual-currency model is the most consequential risk. ASIC pre-application meeting and formal legal opinion from a top-tier firm (KWM, Allens, Herbert Smith Freehills) should be obtained before commercial launch. Plan B: operate without dual-currency as a standalone manufacturing fintech at $400M+ EBITDA.
16. App Feature Compliance Matrix
App Feature
Applicable Laws
Required Disclosures
Status
Product Marketplace Cards
Corporations Act s949A, s992A; DDO
General Advice Warning, PDS/TMD/FSG links, anti-hawking text
Implemented
Product Application Form
Corporations Act Part 7.9; NCCP (mortgage); Privacy Act APP 5