Our latest insights

Currently, the higher education section is experiencing an evolving risk landscape. As the sector faces mounting pressures – from staff wellbeing to cyber threats – resilience is no longer optional. So how can leaders prepare for the next wave of challenges?

Embed ESG risks into strategy and culture to drive sustainability beyond compliance.

Global Internal Audit Standards (GIAS), it aims to improve and clarify both mandatory requirements and recommended guidance for the Internal Audit function, in turn improving the quality of Internal Audit across the industry.

The explosion of artificial intelligence (AI) tools such as ChatGPT and Google Gemini (formerly Bard), has created a shift in mindset across all industries. The Internal Audit sector has considerable upside in leaning into this technology both in using AI and reviewing the use of it.

Workplace fraud is a serious and costly issue that can impact organisations across different sectors and regions – and is becoming increasingly relevant as cost-of-living pressures rise.

We recently sat down with NSW Club leaders to discuss Environmental, Social, and Governance (ESG) considerations on the Club industry in the short to medium term. The International Sustainability Standards Board (ISSB) has now released their standard on Sustainability, and Treasury has sent a draft policy on how the standards will be adopted in Australia. Although there is no set guidance at this stage, it is most likely Clubs will need to adopt this standard in FY26.

The current cost of living crisis compounded with salaries not keeping up with inflation has created a climate in which the fraud triangle can emerge. Internal Audit programs are a valuable tool that can be used to assess and report this.

CPS 230 requires regulated entities to consider service disruption from a different perspective. Working backwards through a scenario, entities must identify the harm that a disruption may cause to its customers or the broader financial system, then take active measures to prevent it (operational risk) and recover from it (operational resilience).

On 10 November, APRA released their insights from their latest risk culture survey in an Insight, “No room for complacency on bank risk culture”. This survey was rolled out to 18 ADIs in late 2021. APRA’s analysis included matters for ADIs to consider, however in our experience these could equally be applied to insurers and Registerable Superannuation Entity Licences (RSELs).

APRA has released draft Prudential Standard CPS 230 Operational Risk Management for comment. CPS 230 will replace CPS 231: Outsourcing and CPS 232: Business Continuity, and the sector specific standards HPS 231, SPS 231 and SPS 232. What is operational resilience? Operational risk management analyses and defines risks associated with people, processes, and systems. Operational resilience defines the approach to managing operational risks.

On 3 November 2021, the High Court of Australia handed down a landmark decision, ruling that the “backpacker tax” imposed on a UK national who was deemed to be an Australian tax resident was in breach of the non-discrimination clauses in the Australia-UK Double Tax Agreement.

The office of Local Government has proposed new minimum standards for risk management and internal audit.