<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=525326041673025&amp;ev=PageView&amp;noscript=1">
Book a Demo

The Ultimate Guide to RG 271



The Australian Securities and Investments Commission (ASIC) has a new regulatory guide, RG 271. This new(-ish) guide replaces RG 165 and sets new obligations for the internal dispute resolution (IDR) processes of financial service businesses.

Introduced on October 5th 2021, it is essential that AFSL holders comply with the changes before the deadline.




Why you need to ensure you are compliant

RG 271 not only acts as a replacement for RG 165, but it's designed to deliver significantly improved outcomes for consumers. And, it has a much greater, more enforceable reach than the previous guide.

For financial services businesses, compliance with these requirements has now become imperative.

This is mostly due to the IDR Legislative Instrument that was created alongside RG 271. This has given ASIC the power to legally enforce certain sections of the guide.

Throughout the RG 271 document, there are ‘enforceable paragraphs’ which mean that if the requirements outlined in these are not met, ASIC can pursue civil action against the business to ensure compliance.

In fact, ASIC took civil penalty action against one of Australia’s most well-known names on the 6th of November 2023, due to non-compliance to 8 of these previously mentioned enforceable paragraphs.

Of course, legal action like this is never a good look for any business. But that will be the case for any found not complying with the new requirements.

If the new regulatory requirements are not adhered to, aside from the public besmirching, companies could face fines up to $11 Million.


Complaints Pro stays updated (1)




The changes...

RG 271 is a considerable step up from RG 165 and there are numerous IDR requirements and standards that have changed.

The guide itself contains a mammoth amount of information regarding these across its 57 pages, but to make it simple, we’ll give you the rundown of the most important changes that you need to be aware of.



  • 1 - A broadened definition of ‘complaint’ to include dissatisfaction expressed on social media
  • 2 - Shorter maximum deadlines for responses to complaints
  • 3 - Additional resourcing requirements
  • 4 - Requirements for firms to include written IDR notices
  • 5 - Identification of systemic issues
  • 6 - Processes to act in the best interest of the customer
  • 7 - ASIC Mandatory data reporting

Most importantly, we’ll look at some of the enforceable paragraphs, which you are legally required to follow.



The first major change that RG 271 poses is the broadening of the definition of Complaints.

The guide defines a complaint as:

[An expression] of dissatisfaction

However, the most important change here is that they specify that this includes posts about the institution on a social media channel or an account owned or controlled by the financial firm. (This is only when the post meets the above criteria and when the user is both identifiable and contactable).

These posts need to be handled in accordance with the rest of the IDR standards and requirements outlined in the guide.



RG 271 grants shorter maximum timeframes for financial institutions to respond to complaints.

For most complaints, this will be reduced to 30 calendar days from the previous 45 days, with some exceptions allowed if the matter is particularly complex and an ‘IDR delay notification’ has been submitted.

NOTE: This is one of the main paragraphs that was breached by a certain AFSL in ASIC’s first civil action case


There are also different timeframes for complaints relating to:

  • A traditional trusteeA traditional trustee
  • Superannuation trustees
  • Superannuation death benefit distributions
  • Certain types of credit

It’s important that these businesses are using an IDR system that can keep up with all of the variables, and make it as easy as possible for the team handling the complaints.

Overall, financial firms will need to look at any weaknesses in efficiency within their handling processes, as a result of the changes in time frame.



The resourcing requirements in RG 271 are perhaps one of the biggest changes for financial services businesses.

This enforceable paragraph requires that a business’s IDR process must have adequate and appropriate staff numbers, empowerment, training, materials and funding “so that it operates fairly, effectively and efficiently” with continual review.

For many businesses, this will prove to have a significant financial impact on their operations, as they try to budget in the funds required to provide this extra resourcing.

This will be particularly hard on businesses that do not have a complaints management system with all of the in-built features needed to quickly, simply and effectively respond to complaints without hiring additional staff.



Another requirement of RG 271 is to provide written IDR notices. If a complaint is not resolved by the end of the fifth business day, the financial institution must provide a written response to the complainant.

These need to include enough information for them to understand the final outcome, include the reasons for the decision and outline their right to escalate the matter to the Australian Financial Complaints Authority (AFCA) and how to do so.

A financial firm must provide a written IDR response, even where the complaint is closed by the end of the 5th business day, if:
  • The complainant requests a written response; or
  • The complaint is about:
  • Hardship;
  • A declined insurance claim;
  • The value of an insurance claim; or
  • A decision of a superannuation trustee.

These enforceable paragraphs tie in with the resourcing requirements, as businesses will need to ensure that there are sufficient and effective processes in place to enable staff to provide these notices.



The management of systemic issues is a particularly prominent change that businesses will need to continually keep an eye on.The management of systemic issues is a particularly prominent change that businesses will need to continually keep an eye on.

ASIC defines a systemic issue as "a matter that affects, or has the potential to affect, more than one consumer".

To comply with the new requirements, businesses must:

  • Set clear accountability for complaints handling functions
  • Encourage and enable staff to escalate any possible systemic issues they encounter in individual complaints
  • Consistently analyse complaint data sets to identify systemic issues
  • Promptly escalate possible systemic issues to appropriate areas within the firm for investigation and action
  • Report internally on the outcome of investigations, including actions taken, in a timely manner

These obligations have been put in place to identify and fix systemic issues early and prevent these matters being raised to external bodies, like AFCA.

ASIC also suggests that financial firms take action to identify any previous customers that may have been affected by these issues.



Section E of the Guide outlines the standards that should underlie Financial Institution’s management of the complaints and feedback they receive. RG 271 recommends that these are the principles that should be the basis for every business’s IDR process.

They include:
  • Top-level commitment to effective, fair and timely complaint management;
  • Enabling complaints;
  • Responsiveness;
  • Responsiveness;Objectivity and fairness;
  • Complaint management policies and procedures;
  • Data collection, analysis and internal reporting; and
  • Continuous improvement of the IDR process.

Within these, there are numerous enforceable paragraphs that ensure compliance with these standards.

Check out our blog ‘The IDR Standards Underlying RG 271’ for the full rundown.




This deserves a whole section on it's own. Read on to learn why ...




Mandatory data reporting to ASIC

Mandatory data reporting to ASIC has become one of the most time-consuming and expensive exercises required by AFSL’s since the release of ASIC RG 271.

Unfortunately, it’s also become one of the most crucial.

Businesses are required to report all of their complaints management data twice yearly. To do this, all complaints management data is required to be captured in ordinance with ASIC RG 271, as well as be changed into a specific required ASIC format.

However, what we have found is that companies aren’t necessarily completing the process in the order mentioned above. Rather, what they are doing is collating complaints management data that is not compliant to ASIC RG 271, converting it to the required format, and submitting it to ASIC.

When these reports are inevitably sent back and flagged as being non-compliant, what the company then does is manipulate the data in the report to be ‘compliant’. They send it back, and in their mind, the job is done.

But it’s actually not done.

The problem is that these reports aren’t a true reflection of these company’s complaints management data. These reports are coming back as non-compliant because companies are not handling complaints in compliance to RG 271, which means they are actually mistreating their customers.

When they ‘fix’ the report and send it back, what’s actually happening is data is being fudged in order to ‘tick the box’ of ‘compliance’.

So what does this mean for compliance?

Well, whilst companies might be eventually submitting a falsely  compliant report to ASIC, if these companies are ever audited by ASIC, their actual complaints management data and their reports will be completely different.

These discrepancies are what lead to ASIC taking civil action against AFSL holders.

NOTE: The AFSL holder that was found to be in breach of RG 271, and is currently having civil action taken against them by ASIC would have submitted a ‘compliant’ RG 271 report… but the report isn’t what makes you compliant.

In order to truly maintain compliance to ASIC RG 271…
And be able to create the mandatory ASIC report with the click of a button…
With no ‘clean up…

Companies need to ensure that their systems and processes have ASIC RG 271 compliance baked into them. This means that every action they take will be compliant because their system forces them to be.


Companies need


Businesses should start thinking about how to prepare for these upcoming changes now.

Considering that resourcing is an enforceable aspect of RG 271, companies in the financial services industry will need to ensure there is adequate staffing, training and authority in the IDR process.

This is designed to improve the experience for the customer and assist with the requirement to provide a written IDR response to the complainant. When it comes to it, this extra resourcing will be vital to ensuring that the mandatory data reporting to ASIC is complied with as well.




COMPLAINTS PRO: How To Get Compliant to ASIC RG 271

Building a software solution yourself, or updating the software you already have, is off the cards. To create or update your software in order to handle the complexity of ASIC RG 271, as well as keep it up to date with all future updates will be far too expensive.

In order to create a complaints management system that correctly enforces ASIC RG 271 every time, you need to be an expert in ASIC RG 271.

That’s why you need a software solution that has been purpose-built for ASIC RG 271 compliant Complaints Management, with the unique business rules and enforceable paragraphs built in.

Complaints Pro® by Causia® is the industry-specific complaint management and compliance software that will get you compliant (and keep you there).

Made in Australia, it is purpose-built for the Australian market that is specifically designed with built-in features to comply with every one of ASIC’s requirements. With everything you require at your fingertips, there won’t be any need to hire additional staff to meet resourcing requirements.

Plus, our software can be set up in as little as 1 week and takes just 15 minutes for anyone to get around it.


Complaints Pro - Infographics



Native RG 271 Compliance Out of the Box

  • RG 271 Compliance Built in, Out of the box
  • RG 271 Compliant, smart processes ensure that non-compliant data CANNOT go into the system
  • AFCA EDR Request Management

Self-Guided, Intuitive, Streamlined

  • Fail-Safe Processes that only show compliant and correct information/options
  • Maximum of 15 Minutes of Training Required for IDR and EDR teams
  • Single Source of Truth

Automated, RG 271 Compliant IDR Processes

  • Automatic IDR Timeframe Based Escalation
  • Automatic Complaint Acknowledgement
  • Automatic Escalation after 5 - Business Days

RG 271 Compliance Made Easy

  • Fully Compliant IDR Email Templates
  • ‘1 Button ASIC IDR Regulatory Report Generator’
  • Pre-Built IDR Response Templates
  • IDR Delay Notifications
  • ASIC Compliance Status Checker
  • Consumer Vulnerability Detection

Analytics and Reports

  • Detailed Reporting & Analytics
  • Advanced Analytics and Reporting
  • Drag & Drop Customisation for  Reports and Dashboards
  • Pre-Built Analytics Modules
  • RG 271 Data Analytics
  • RG 271 Health Analytics
  • Complaint Data

Intuitive Information Capture

  • Simple, self-guided capture forms. Your Frontline staff will need ZERO training, they just need to follow their nose, whilst RG 271 compliance is being enforced for them behind the scenes
  • Capture Lodged as Open and Lodged as Closed on First contact
  • Evidence Management
  • Capture Customer & third Party Complaints
  • Log Calls & Notes
  • Multi-Channel Complaint Capture

Workload Management

  • Role Based Privileges
  • Advanced Workload Tracking
  • Create & Assign To-Do’s
  • Configurable IDR Milestones

Tailored, Trusted, Refined

  • Fully Customisable Fields and Processes to your organisations requirements
  • Data backed up and Hosted in Australia, in Secure Salesforce Data Centers
  • Powered by Salesforce
  • CRM Integration Compatibility
  • Out of the box and ready to go

Uncover Crucial Business information

  • Root Cause Analysis

Uncover Crucial Business information

  • Send and receive Emails & SMS from Complaints Pro
  • Brand specific Email signatures


If you need to comply with RG 271 in the most efficient, simple, and compliant way possible, get in contact with the team at Causia™, or book a demo of Complaints Pro.




Related Articles