Our latest insights

ASIC Commissioner Alan Kirkland outlines key regulatory priorities in the credit sector, focusing on responsible lending, dispute resolution, and protecting vulnerable consumers from misconduct.

In today’s fast-moving business landscape, Boards must take a strategic approach to governance. This article explores key priorities including regulatory compliance, cyber and AI risk, operational resilience, and navigating market volatility.

The Financial Accountability Regime (FAR) Bill 2023 marks a pivotal transformation in financial sector oversight, affecting all APRA regulated financial entities in the banking, insurance and superannuation industries as well as their significant related entities. Jointly administered by ASIC and APRA, the FAR will replace the Banking Executive Accountability Regime (BEAR), aiming to improve risk and governance cultures by imposing a strengthened responsibility and accountability framework for those financial institutions.

This week, the Australian Prudential Regulation Authority (APRA) finalised new requirements to Prudential Standard CPS 511 Remuneration, which will significantly impact authorised deposit-taking institutions (ADIs), insurers, and superannuation entities. This new standard requires APRA-regulated entities to publish details around their remuneration frameworks, design, governance, and outcomes. These changes come in an effort to create more transparency and improve risk management, in particular in the context of the poorly designed and executed remuneration frameworks exposed through the financial services Royal Commission.

CPS 230 requires regulated entities to consider service disruption from a different perspective. Working backwards through a scenario, entities must identify the harm that a disruption may cause to its customers or the broader financial system, then take active measures to prevent it (operational risk) and recover from it (operational resilience).

On 10 November, APRA released their insights from their latest risk culture survey in an Insight, “No room for complacency on bank risk culture”. This survey was rolled out to 18 ADIs in late 2021. APRA’s analysis included matters for ADIs to consider, however in our experience these could equally be applied to insurers and Registerable Superannuation Entity Licences (RSELs).

One of the most common ways of managing operational risk is through a system of effective internal controls. Control failures however can lead to events as varied as mis-selling, data breaches and underpayments – as such in APRA's Prudential Standard CPS 230 they have strengthened the focus on operational risk management. In this second series of our CPS 230 technical guides we provide an overview of some necessary elements to achieve strong operational risk management and why it is the foundation of operational resilience.

Last week the Australian Prudential Regulation Authority (APRA) released the key observations from its thematic review of related party outsourcing arrangements across a sample of 10 retail superannuation trustees with outsourcing contracts worth a combined $1.2 billion annually.

APRA has released draft Prudential Standard CPS 230 Operational Risk Management for comment. CPS 230 will replace CPS 231: Outsourcing and CPS 232: Business Continuity, and the sector specific standards HPS 231, SPS 231 and SPS 232. What is operational resilience? Operational risk management analyses and defines risks associated with people, processes, and systems. Operational resilience defines the approach to managing operational risks.

While COVID-19 presented a challenge to companies that few could have anticipated, it also acted as a catalyst. Companies were forced to review legacy structures to allow for more agile decision making, and to test their purpose and role in wider society. This report provides salient insights for Boards in Australia, as despite having a different Code in place that we report against, the key themes resonate with what we’re seeing here – purpose, culture, emerging risk management, stakeholder engagement, board effectiveness, remuneration, ESG, diversity and succession planning. It is also a strong indicator of what companies should be focusing on in the coming year.

Appropriate culture, governance systems and remuneration structures are critical to rebuilding trust in financial institutions and ensuring a resilient financial system. APRA, as the prudential regulator, plays a significant role in this through introducing new standards and its oversight regime.