The Conduct of Financial Institutions (COFI) regime will fundamentally change how financial services providers are judged by regulators. Instead of focusing mainly on whether firms complied with detailed rules, the framework shifts the emphasis towards whether firms can demonstrate fair customer outcomes in practice.
Under the COFI framework, the Financial Sector Conduct Authority is expected to look beyond technical compliance and assess whether governance structures, remuneration models, conflicts management, product design, and business culture actually support fair treatment of customers. The implication for FSPs is that procedural compliance alone will no longer be enough if business models or incentive structures produce poor outcomes.
Moonstone Compliance says COFI signals a clear move away from a prescriptive, rules-based model towards a principles- and outcomes-based approach. COFI is intended to consolidate conduct requirements currently spread across sectoral legislation, including the Financial Advisory and Intermediary Services Act.
In April 2026, the Minister of Finance gave notice of the COFI Bill’s introduction in Parliament, although the Bill itself was not attached. References below therefore relate to the 2020 draft version of the Bill.
From box-ticking to outcomes
According to Moonstone Compliance, the draft framework suggests the FSCA’s supervisory approach will become broader and more proactive. Rather than focusing mainly on isolated breaches or complaint-driven enforcement, supervision is expected to extend to areas such as product design, target markets, governance arrangements, incentive structures, culture, and conduct risk indicators.
In practical terms, this means the Authority may increasingly ask not only whether the correct disclosures, policies, and processes existed, but whether customers were treated fairly, whether products were appropriate for their intended market, and whether incentives encouraged suitable conduct.
This outcomes-based philosophy runs through virtually every aspect of the draft legislation.
Licensing becomes part of conduct supervision
COFI does not remove the requirement for financial institutions to be licensed, and the FSCA retains its powers under the Financial Sector Regulation Act to grant, refuse, suspend, or withdraw licences.
What changes is the structure and potentially the regulatory significance of licensing. COFI introduces an activity- and sub-activity-based licensing model, often described broadly as a “single licence” framework. Although the practical impact may be limited for some FSPs, larger institutions conducting multiple regulated activities are likely to feel the change more acutely.
Importantly, licensing under an outcomes-based framework may become more closely connected to governance effectiveness and conduct outcomes. Under the draft, existing licences are expected to be converted into equivalent COFI authorisations over a transitional period, but the framework also gives the FSCA broader supervisory tools where governance weaknesses or conduct concerns emerge.
The message is that licensing may increasingly be viewed not merely as an administrative authorisation, but as part of ongoing conduct supervision.
Governance and accountability move to the centre
The strongest expression of COFI’s outcomes-based philosophy may be its treatment of governance and accountability.
Under FAIS, accountability has traditionally centred heavily on key individuals and compliance processes. COFI broadens this significantly through the concept of “key persons”, extending accountability to individuals who materially influence governance, risk management, culture, and compliance. That includes governing-body members, senior management, and heads of control functions.
The draft framework links governance effectiveness directly to conduct outcomes. Fit and proper requirements are expected to apply on an ongoing basis, and failures in governance may have direct regulatory consequences, including remedial action, licence conditions, or other supervisory steps.
COFI also makes clear that governance cannot exist only on paper. Financial institutions are expected to demonstrate that policies are implemented effectively and support fair customer treatment, market integrity, and trust in the financial sector.
In effect, governance arrangements become evidence of whether fair outcomes are embedded in the business rather than simply documented in compliance manuals.
Remuneration and conflicts: disclosure may no longer be enough
The shift from rules-based to outcomes-based regulation is particularly evident in COFI’s approach to remuneration and conflicts of interest.
Under the current FAIS framework, remuneration is regulated largely through detailed rules and permitted payment categories. If payments comply with the rules and are properly disclosed, they are generally treated as acceptable.
COFI adopts a different philosophy. Remuneration is assessed against broader principles such as proportionality, alignment with fair customer outcomes, consistency with corporate culture, and the preservation of market integrity. This means that even technically permitted remuneration structures could still be problematic if they encourage behaviour that produces poor customer outcomes.
The same applies to conflicts of interest. Under an outcomes-based framework, disclosure is no longer necessarily a safe harbour. Firms are expected not only to disclose conflicts, but to identify, manage and mitigate conflicts arising from their business models, governance structures, incentive arrangements and culture.
This reflects a broader regulatory shift: conduct risk is no longer treated solely as an adviser-level issue, but as something embedded in institutional structures and decision-making.
Representatives and fit-and-proper requirements
COFI retains several familiar FAIS mechanisms, including natural person representatives, representative registers and the debarment framework.
However, the draft also signals tighter scrutiny of representative structures and ongoing suitability. Juristic representatives may not act for institutions authorised to perform discretionary investment management activities, while fit and proper requirements appear likely to apply more broadly and on a continuing basis.
Again, the emphasis shifts from once-off technical compliance toward ongoing evidence that firms and individuals remain suitable to deliver fair outcomes.
Transformation enters the conduct framework
COFI also incorporates transformation more directly into conduct regulation. The draft requires financial institutions to have, implement and maintain transformation plans under the Broad-Based Black Economic Empowerment Act, bringing transformation within the FSCA’s supervisory framework and linking it to licensing and ongoing oversight.
Smaller FSPs are still in scope
Although COFI applies proportionately, smaller FSPs should not assume the framework is aimed only at large institutions. The draft still expects smaller firms to demonstrate fair outcomes, accountability and effective governance, even if this is done in a simpler and less formalised way.
Proportionality, in other words, does not mean exemption.
Preparing for the direction of travel
Aspects of the COFI framework may still change once the Bill is formally introduced and debated. But, as Moonstone Compliance notes, the draft already provides a strong indication of the FSCA’s regulatory direction.
For many FSPs, the challenge may ultimately be about demonstrating that their governance, incentives, culture, and business models genuinely support fair customer outcomes. That is the central logic running through the draft legislation.
The implications of the COFI Bill will be the focus area of Moonstone Compliance’s Regulatory Update Webinar in July. Details about the webinar, including how to register, will be announced soon.
