APRA steps up call to act on non-financial risks

  • By Christine St Anne

APRA deputy chair John Lonsdale has stepped up his calls for the industry to address non-financial risks, warning that if “left unaddressed, the consequences become distinctly financial in nature”. 

Speaking at the 2019 Actuaries Summit in Sydney on Monday, Lonsdale said APRA will be introducing a new cross-industry standard for actuaries in the insurance sector on “the most material matters”. 

“My message today is that this influence cannot be confined to traditional financial risks, given the substantial damage to prudential soundness that can arise from the poor management of non-financial risks.”

Here he acknowledged the report that APRA released recently regarding the findings of 36 self-assessment of banks, insurers and super funds

In particular, he noted that the key finding was the addressing non-financial risks was weak and now the prudential regulator is contemplating additional capital requires to ensure those weaknesses are addressed. 

“That’s the thing about non-financial risks: left unaddressed, the consequences become distinctly financial in nature,” the deputy chair said.

“In the wake of the Royal Commission, our major banks have seen their profits eroded significantly by the cost of remediating aggrieved customers and upgrading or putting in place systems to stop it happening again.”

He added that the four major banks have already collectively spent or set aside nearly $7 billion and that number is likely to rise further. 

Indeed, failing to adequately manage risks relating to anti-money laundering and counter-terrorism financing laws saw our largest bank fined $700 million by AUSTRAC. 

Added to this, he also noted that the Banking Executive Accountability Regime (BEAR will soon be expanded to cover insurance and superannuation

“Not only does this regime make boards and executives (including – potentially – senior actuaries) more accountable for their individual performance, companies themselves face penalties for failing to meet their obligations under the BEAR, or whatever threatening-sounding acronym is created for the insurance and super sectors. 

“In short, the consequences of failing to properly identify, assess and mitigate risks, especially non-financial risks, are higher and potentially more expensive than they have been for many years.

In an obvious play on words, Lonsdale said it was time to “act-uary”, calling on the actuarial industry to more judicious in their role. 

While the CPS 320 standard will in part help drive this new approach, Lonsdale said APR wants actuaries to broaden their thinking about what constitutes a financial risk into areas such as culture, governance, remuneration and consumer outcomes. 

In short, the consequences of failing to properly identify, assess and mitigate risks, especially non-financial risks, are higher and potentially more expensive than they have been for many years

“This applies not only to Appointed Actuaries, but all actuaries, and across all APRA-regulated industries,” he said. 

Going forward, Lonsdale provided an update on APRA’s focus on the management of non-financial risks. 

Its new Information Security prudential standards, CPS 234 to tackle the risk of cyber-attacks will come into effect in July and Lonsdale signaled that APRA will be releasing updated guidance in this area.

He said that APRA has also stepped up its supervisory focus on the management of climate risk and intends to review its cross-industry governance and risk management standards this year “to ensure they encourage a sharper focus on non-financial risks”. 

In the Royal Commission front, Lonsdale said that the regulator continues to gather evidence on each of the 12 referrals to APRA and “we expect to be able to make an assessment on the merits of further action in coming months”.