Simplicity + Certainty = Confidence
monitor screenshots


Your information is securely held, communications are safely encrypted. Our fully encrypted backups occur often and regularly. Flexible and secure user password security.



Fast interfaces, user experience and reporting through the latest database design and web technology. User management tools aide efficient processes



Uncluttered user interfaces, multiple browser tab access, effortless data links. Our user-friendly and easy to learn user interface means no steep learning curve. Logical data entry flow with what you expect where you expect.



You select the modules you use and customise to your needs. You control your reports' content, you tailor your installation to suit your businesses needs



We support the global standards on Risk Management (ISO 31000) and Compliance (ISO 19600) and APRA SSP 220



One stop for all of your risk and compliance office needs. View completed and incomplete controls. Retain all your controls and records in the one accessable data base

How it Works

Feature diagram

CRS Certus becomes your record of your risks, risk profile, risk mitigators, obligations, responsible managers and staff, policies and procedures. It holds your proof of control execution. It facilitates recording and managing issues, incidents and complaints. CRS Certus can be interrogated to deliver reports on all data it holds in a format your audience needs.


Full risk management system. Customisable risk register. Multiple entity ratings support. Links to mitigating controls and issues register. Risk appetites tied to strategic objectives. Risk tolerance triggers and questionnaire system.


Record obligations. Link to legislative or regulatory sources. Reconcile obligations with business controls


Document business controls. Link to risks and obligations. Assign responsibilities to managers. Automatically generate controls self-assessment questionnaires. Managers alerted when questionnaires are ready, complete within CRS Certus


Controls response assessment navigation. Record testing results. Full audit records of resolution and further action. Directly load adverse responses into Issues Register.


Capture incidents originating from within CRS Certus and reported by your business. Customise incident categories. Workflow management. Assign activities. Capture reportability assessment, related documents and developments.


Customise complaint categories. Seamless flag as incidents, breaches or risk mitigation controls failures.


Breach register with regulator reporting assessments. Personal dealing approvals and register, gifts & benefits, training, conflicts of interest, relatedy party, legal documents, administrative documents, publications, office holder registers amongst others.


Email alerts issued out of the system directed to your defined positions. Customisable email content and triggers. Email service log validates that communications are sent.

Policies & Procedures

Policies and procedures library. Alert users to new content to review within CRS Certus. Capture user confirms of access and understanding of policies and procedures. The library becomes your single point of truth.


Flexible reporting to PDF and XLS(X). Customisable report content, period and presentation, tailored and relevant for the audience. Reports returned immediately. Aides regulatory enquiry, annual audit, demonstrates the control you have over your business

Consultancy and Outsourced Management

In addition to providing CRS-Certus as a software service, we provide consulting and outsourced management services. These services are available separately from CRS-Certus.

We can help to:

  • Operationalise your risk and compliance management system.
  • Workshop your risks.
  • Build Controls.
  • Document your regulatory obligations.
  • Implement incident/complaints reporting.
  • Document your policies & Procedures

Compliance & Risk Services Pty Ltd has been providing risk and compliance management solutions for businesses for over 10 years.

Our speciality in financial expertise

We have particular experience with financial Australian financial institutions such as Australian Financial Services Licensee, APRA regulated entities, Australian Credit licensees and AUSTRAC reporting entities.

  • Australian Financial Services ('AFS') Licence applications and licence variations
  • RSE licence applications
  • AFS Licence compliance reviews
  • Managed investment scheme registrations
  • Draft compliance plans
  • Draft Product Disclosure Statements ('PDS')
  • PDS due diligence
  • MDA contracts
  • Provide outsourced compliance management
  • Anti-money laundering & counter terrorism financing ('AML/CTF') programs
  • Independent reviews of AML/CTF programs
  • External Compliance Committee members
  • Temporary compliance staff placements
  • Risk management frameworks
  • Local agent for foreign licensees
  • Technical and product advisory services
  • Responsible manager training

Our values and ideals


We are experienced risk and compliance management practitioners experienced in developing and operating risk and compliance management systems.
CRS-Certus is developed through our experience as risk and compliance management practitioners.

In-house programming team

Our programming team is retained in-house. We believe that the partnership of practitioner and programmer provides a strength that few competitors may match.

Secure IT architecture and backups

Our system uses contemporary database design, programming languages, and hardware. We have implemented a constant backup regime using offsite encrypted storage.


We have provided services to over 200 clients over the globe. We have acted as topic experts under ASIC enforceable undertakings, engaged as experts in litigation and ASX disciplinary reviews.


ASIC's Corporate Plan to 2023
By Adam Bold at 13/09/2019
Update on information to be entered into the Financial Advisers Register (FAR)
By Terry Dalziel at 26/08/2019
Whistleblower policies - draft ASIC Regulatory Guide
By Murray Jones at 23/08/2019
Relief for amending registered schemes’ constitutions in particular circumstances
By Murray Jones at 23/08/2019
Update: Recognition of Prior Learning undertaken through a Professional Body / Financial Adviser Examination
By Terry Dalziel at 08/08/2019
Design and Distribution Obligations and Product Intervention Powers
By Malina Zhuang at 31/07/2019
Proposed changes to ASIC's Internal Dispute Resolution requirements
By Gerald O'Byrne at 28/05/2019
Whistleblower Reforms
By Malina Zhuang at 26/02/2019
Financial Planners and Advisers Code of Ethics 2019 Determination issued by FASEA
By Terry Dalziel at 25/02/2019
FASEA FPS001 Education Pathways Policy
By Terry Dalziel at 25/02/2019
Financial Adviser Standards & Ethics Authority – work and training professional year standard
By Terry Dalziel at 19/02/2019
FASEA Examination Policy (FPS 006)
By Terry Dalziel at 13/02/2019
FASEA Continuing Professional Development Policy (FPS 004)
By Terry Dalziel at 13/02/2019
ASIC Industry Levy Invoices Issued
By Gerald O'Byrne at 31/01/2019
AFS Licence applications - new information requirements
By Gerald O'Byrne at 14/01/2019
AUSTRAC updates its Compliance Report questions for 2018
By Gerald O'Byrne at 01/11/2018
Significant update to ASIC's funds management industry guides
By Murray Jones at 02/08/2018
New Prices for ASIC Regulatory Services
By Gerald O'Byrne at 30/07/2018
Foreign financial services providers reform proposals: CP 301
By Gerald O'Byrne at 07/06/2018
Education requirements for existing advisers post 1 July 2018.
By Terry Dalziel at 20/03/2018
ASIC's Corporate Plan to 2023

ASIC releases its Corporate Plan for period to 2023

ASIC’s release of its corporate plan for the period to 30 June 2023 provides stakeholders some insight into areas where regulatory attention is expected to focus. Influenced by the Royal Commission findings, ASIC has articulated five key thematic drivers of harm and seven strategic priorities for ASIC’s regulatory focus.   AFSL holders may consider how ASIC’s priorities may impact their present and intended business and how robust are their processes and records management.

Possible Outcomes 

We see ASIC’s focus is on the quality of advice, that advice is provided in the recipients’ best interests using products that deliver the intended outcome and that licensees seriously consider consumer disputes. We see an ASIC with greater interest in taking enforcement action where it identifies misconduct, mis-selling and poor governance.  The days of Enforceable Undertakings may be limited.

We may see representatives of large financial institutions join the steady stream of individuals subject to ASIC enforcement action.  The Royal Commission identified opportunities, will ASIC act?  We expect any focus on phoenix companies to be applauded.

That ASIC sees the shift towards general advice having potential harmful outcomes, the distinction between general and personal advice may come under ASIC‘s attention together with testing licensees’ proper categorisation and maintenance of clients as wholesale.

ASIC’s agenda may drive up the cost and potential liability of providing personal advice to retail clients and cement the retreat of large institutions from the retail advice space.  This may conflict with government objectives that individuals build their retirement benefits for a self-funded retirement while opening opportunities for smaller advice firms to apply innovative solutions.

ASIC Thematic drivers of harm 

  1. Poor design and inappropriate sale of investment and insurance products
  2. Inappropriate sale of credit products and limited credit access for small business
  3. Conflicts of interest, lack of competition and structural challenges leading to poor conduct in financial markets
  4. Poor governance (board, executives, investors), poor culture, absence of professionalism and accountability
  5. ASIC’s regulatory actions failure to deter regulated entities’ misconduct

ASIC priorities 

  1. High-deterrence enforcement action, particularly where high deterrence value is seen or where vulnerable consumers are affected. Expect ASIC to more strongly communicate priorities, outcomes and performance.  
  2. Prioritise the recommendations of the Royal Commission.  Support key law reform and act on its referrals.
  3. Deliver as the conduct regulator for superannuation by taking decisive enforcement action, ensure trustees act in consumers’ best interests and treat them fairly and implement the Royal Commission’s superannuation recommendations
  4. Address harm in insurance, take enforcement action against mis-selling to vulnerable consumers, review product features and practices that raise concerns, take action on unfair contract terms and problems in claims handling
  5. Improve governance and accountability aims to hold individuals accountable for governance failures resulting in harm, address phoenix company directors and practitioners and conduct intensive supervision of key firms
  6. Protect vulnerable consumers from unfair treatment if facing hardship or where licensees’ irresponsible actions can have significant impact.   ASIC remains committed to its Indigenous Outreach Program helping Indigenous Australian better manage financial resources
  7. Addressing poor financial advice outcomes by mandating improved professionalism of financial advisors, targeting potential misconduct and harm arsing from the industry’s shift towards a general advice model and departure of larger institutions from personal advice

Access the plan at

Contact Us

Feel free to drop us a message if you have any questions or requests.

Or give us a call at

P: 03 9663 4456

and post us at

P.O. Box 18009
Collins Street East
Melbourne, VIC 8003

We're located at

Level 25, 360 Collins St
Melbourne, VIC, 3000