APRA and ASIC publish their Corporate Plans for 2021-25

In August 2021, both APRA and ASIC published their Corporate Plans, outlining their strategic priorities over the next four years.

Understandably, the COVID-19 pandemic has featured in both Corporate Plans as an immediate priority, particularly in terms of risk management and economic and business recovery across industries. Longer priorities consider the evolving financial landscape, including the impacts of digitisation.

What do regulated entities need to know?

To develop an appropriate strategy for how to manage relationships with regulators, regulated entities will need some knowledge and understanding of what APRA and ASIC have outlined in their plans. These Corporate Plans provide insight into each regulator’s strategic priorities and key focus areas over the next four years.

This blog summarises the strategic themes and priorities stated in the regulators’ Corporate Plans, shared focus areas and expectations for APRA and ASIC regulated entities.

APRA’s Corporate Plan for 2021-25

APRA’s updated Corporate Plan for 2021-25, published on 26 August 2021, was developed as required under paragraph 35(1)(b) of the Public Governance, Performance and Accountability Act 2013.

In setting its Corporate Plan, APRA has considered internal factors such as its resources, funding, workforce and technology, as well as several external and internal environmental factors, including:

Community and government expectations
COVID-19 pandemic
Evolving financial landscape
Industry-specific factors – across banking, insurance, and superannuation

Strategic themes and objectives

APRA’s latest Corporate Plan is based around the strategic theme of ‘protected today, prepared for tomorrow’. APRA states that in its core prudential supervision role, it remains committed to ‘protecting the Australian community today’ but as a forward-looking supervisor, must also ‘prepare for tomorrow’. The updates to the regulator’s Corporate Plan adopt a wider perspective by not only addressing the immediate concerns of the pandemic but also other factors shaping the financial sector.

“While our strategic priorities may change over time, our core purpose remains constant: to ensure the financial system remains stable, efficient and competitive, and the financial interests of Australians are protected,” – APRA Chair Wayne Byres.

Looking at part one of its strategic theme for the next four years – protecting the Australian community today – APRA intends to:

Preserve the resilience of banks, insurers and superannuation funds, with a continuing focus on financial strength; cyber risks; governance, risk-culture, remuneration and accountability; and implementing the Government’s Your Future, Your Super reforms;
Modernise the prudential architecture to ensure it is effective and accessible, less burdensome for entities, and more adaptable to the rapidly evolving financial sector, including digitisation; and
Better enable data-driven decision-making by continuing to invest in and embed data as a core enabler for achieving APRA’s purpose and strategy. This includes delivering its new data collection infrastructure, ‘APRA Connect’, expected to go live in September 2021.

Within the second part of its strategic theme – preparing for tomorrow – APRA aims to:

Increase its understanding of, and ability to respond to, the impact of new financial activities and participants, such as technological innovations and new business models that do not fit traditional regulatory approaches;
Help find solutions to important challenges, such as superannuation retirement income products, insurance accessibility and affordability, and the financial risks of climate change; and
Adopt the latest regulatory tools, techniques and practices in areas such as specialist regulatory services, enforcement actions, transparency and resolution.

ASIC’s Corporate Plan for 2021-25

ASIC’s Corporate Plan 2021-25 was published together with its new Statement of Intent, outlining how ASIC will achieve its strategic objectives, carry out its functions and exercise its powers in discharging responsibilities.

As mentioned in the opening pages of the Corporate Plan, the document outlines ASIC’s priorities over the next four years to deliver on its vision to achieve a fair, strong and efficient financial system for all Australians.

To help shape its strategic and supporting actions, ASIC examines key trends in the regulatory environment. Those key trends currently include financial system health and corporate resilience in light of the pandemic, vulnerable customers with increased cyber exposure, and the use of technology.

“ASIC has an important role to play in promoting economic recovery and confidence in the financial system, especially in the face of the ongoing pandemic.” – ASIC Chair Joe Longo

Strategic priorities

ASIC’s Corporate Plan is based on several strategic priorities directing its focus in the short to medium term:

Promoting economic recovery – including through better and more efficient regulation, facilitating innovation, and targeting regulatory and enforcement action to areas of greatest harm;
Reducing risk of harm to consumers exposed to poor product governance and design, and increased investment scam activity in a low-yield environment;
Supporting enhanced cyber resilience and cyber security among ASIC’s regulated industries, in line with the government’s commitment to mitigating cyber security risks; and
Driving industry readiness and compliance with standards set by law reform initiatives (including the Financial Accountability Regime, reforms in superannuation and insurance, breach reporting, and the design and distribution obligations).

Actions

To deliver its strategic priorities, ASIC’s actions over the next four years will focus on:

Changing behaviours to drive good consumer and investor outcomes – by working with the Government and other regulators, engaging actively with stakeholders and providing clear guidance and communication to help businesses comply. Immediate cross-industry priorities include the Financial Accountability Regime, design and distribution obligations, breach reporting, and hawking prohibitions.
Acting against misconduct to maintain trust and integrity in the financial system – by continuing to pursue misconduct particularly in relation to vulnerable consumers, dedicating resources to address the most serious and harmful types of misconduct.
Promoting strong and innovative development of the financial system – by focusing on supporting economic recovery, creating a dedicated internal unit to identify and implement changes to how ASIC administers the law, and consulting with the Government and Treasury on policy-related functions. Immediate cross-industry priorities include cyber resilience and management of cyber risks and developing an effective supervisory approach with APRA for dual-regulated entities.
Helping Australians to be in control of their financial lives – by working with Treasury to support the development of policies that empower Australians to make confident and informed financial decisions, and supporting and engaging with small businesses to better understand their short-term and long-term challenges and needs.

Shared areas of focus

Though the Corporate Plans and underlying objectives of APRA and ASIC remain separate, the two regulators are aligned on several of their strategic priorities. The Corporate Plans for 2021-25 reveal a few shared focus areas, including:

Economic recovery – APRA will focus on the development of credible recovery plans for the banking and insurance sectors. Promoting economic recovery is also stated as one of the four strategic priorities listed by ASIC.
Cyber resilience – APRA plans to continue its focus on strengthening cyber resilience across the Australian financial system, with its 2020-2024 cyber security strategy already underway. ASIC also highlight cyber resilience as a key external and internal priority for 2021-22.
Improving accountability and governance – both regulators will work together with the Government to extend the Financial Accountability Regime across all banks, insurers and superannuation trustees. This includes establishing administrative and business processes and procedures and liaising with the industry to help prepare for the transition.
Increased collaboration – working with other regulators and stakeholders, domestically and internationally, to enhance coordination, share information and improve investigative capabilities.
Investing in capabilities and infrastructure – both APRA and ASIC plan to continue investing in people, technology and operational infrastructure to strengthen their capabilities and deliver their purpose well.

Expectations for APRA and ASIC regulated entities

A more coordinated approach to regulation between APRA and ASIC is expected, particularly for dual-regulated entities such as authorised deposit-taking institutions, insurers and superannuation funds. Improved collaborative efforts between the regulators and additional investment in resources is likely to also improve the effectiveness of their oversight and supervisory efforts. That means the regulators may identify and address instances of non-compliance in a more targeted and efficient approach compared to their previous approaches. Entities need to be prepared for greater levels of engagement with the regulators, including gathering information and supporting evidence to demonstrate compliance in a timely manner.

Regulated entities can also expect APRA and ASIC to sharpen their focus on monitoring governance as they seek to improve accountability and transparency in the industries they regulate. The regulators will be looking at how entities deal with accountability at the leadership level and throughout the organisation, including greater emphasis on developing strong risk culture.

For example, ASIC has proposed to build on the progress of its Corporate Governance Task Force through several projects:

Targeted governance reviews of select companies to assess shortcomings in culture, governance and accountability;
Reviewing a sample of whistleblower policies of companies as part of a whistleblower program assessment; and
Assessing whether disclosures in corporate governance statements are effective and meaningful.

APRA has also indicated increased attention to governance issues by:

Sharpening its supervisory focus on superannuation trustee board capabilities and governance practices to ‘maintain financial system resilience’;
Developing a tool to benchmark trends in risk culture through a new risk culture survey;
Continuing risk culture and governance deep dives among the larger financial institutions; and
Working with government to extend the FAR to all APRA-regulated entities.

To avoid being caught on the wrong foot, we encourage regulated entities to undertake a review of their governance frameworks and gap analysis of their regulatory compliance obligations to identify any areas of weakness or non-compliance. This should be followed by an action plan to address any identified gaps and other activities to prepare for regulator requests and demonstrate compliance.

How Hall Advisory can help

Hall Advisory’s core services include organisation-wide independent assessments and implementation of governance, accountability, culture and regulatory compliance frameworks. To help you meet the heightening expectations of APRA and ASIC as outlined in their Corporate Plans and due to recent regulatory changes, our service offering includes:

Independent assessment of frameworks against regulatory requirements to identify any gaps in compliance
Developing strategy and implementation plans to help close identified gaps and demonstrate compliance
Regulatory stakeholder communications