The Plan is clear in emphasising the promotion of confidence and stability in the financial system as well as positive financial outcomes to protect members, depositors, policyholders and the community as a whole.
The Plan brings to the forefront key considerations for financial services entities including ongoing geopolitical uncertainty, cyber security threats, rising interest rates, and increased prevalence of climate related risks.
The challenges considered in the Plan result in an ever-present need for organisations to continue to focus on operational and financial resilience, crisis management, and enhanced stress testing. The Plan provides a strong indication of where organisations should focus their efforts and invest in order to respond to risks effectively and contribute to a more resilient financial system.
Risks are heightened in the current environment due to cyberattacks and the interconnectedness of the financial system, as well as reliance on third-party service providers. With CPS 230 Operational Risk Management effective from 1 July 2025, financial services organisations are expected to focus on addressing identified control weaknesses, business continuity and third-party risk management as well as utilising non-financial risk data to improve operational risk management practices.
Climate related financial risks
APRA will look to embed climate risk in the SRI model which will require ongoing supervisory assessment of this issue. Expectations have increased in this area due to the impact of climate change on certain assets, income streams and risk impacting the risk profile of regulated entities.
Key industry considerations
- Responding to the current environment requires applying a forward-looking approach to risk management and considering what’s around the corner (emerging risks).
- Organisational resilience including risk culture and governance with sharp accountability remains critical.
- Embedding change effectively following risk transformation programs.
- Implementation of the Financial Accountability Regime (recently passed by Parliament on 5 September 2023).
The priority for Banks should be on continuous review of emerging risks with a sharp focus on cyber, third-party risks, and uplift with respect to CPS 234 and non-financial risks.
The focus on liquidity and interest rate risk is paramount to getting the basics right and responding to current environmental challenges (with respect to higher interest rates and inflationary pressures), as well as funding risks.
The impact of natural disasters, supply chain disruptions and skills shortages on the cost of insurance is a key challenge.
Focus on operational resilience for Private Health Insurers with a focus on cyber and third-party supplier risks.
Supporting improved outcomes for members (reduced fees, better products) with enhanced focus on strategic management, governance and investment management.
Focus expected on SPS 515 Strategic Planning Member Outcomes and SPS 530 Investment Governance with respect to liquidity management, stress testing and asset valuation by trustees.
We can expect to see a more data driven approach by APRA in identifying system-wide risks and emerging risks, including risk-based supervision, enforcement and resolution. A proactive approach to considering the key issues in the Plan will be important to achieving compliance with new standards and delivering better outcomes for consumers.