This article was written by Samantha Carroll (Practice Director- Governance, Compliance & Regulation) of Ash St Legal & Advisory in January 2020 and has been reproduced with permission. This article is for general information only and should not be relied upon without first seeking advice from an appropriately qualified professional.
The much anticipated proposed regulatory model for extending the BEAR to RSEs and Insurers was released by Treasury on 22 January 2020. The Proposal Paper, sets out the Government’s proposed approach to implementing Recommendations 3.9, 4.12, 6.6., 6.7 and 6.8.
We take a look at what impacted institutions should be across, key takeaways including timeline and our thoughts on the approach taken by Treasury.
While it was expected that the regime would be extended to other prudentially regulated entities such as RSEs and Insurers, it is important to note, the reforms go further than this and there are a number of changes which will impact ADIs who have previously implemented the BEAR.
Access the Proposal Paper
A useful summary of key changes is provided in Annexure A of the Proposal Paper. Some of the key takeaways we have noted are as follows:
- the Financial Accountability Regime (FAR) moves away from the tiered approach of small, medium and large, previously set out in BEAR, to two primary categories:
- Core Compliance Entities (<$10b assets for ADIs and RSEs and <$2b for Insurers), and
- Enhanced Compliance Entities (>$10b assets for ADIs and RSEs and >$2b for insurers).
- those entities which fall into the Core Compliance Entities category do not have to submit accountability maps and statements to APRA and ASIC (but are otherwise captured by the FAR obligations) unless reclassified by APRA and ASIC
- there are new particular responsibilities which have been introduced which will apply to existing ADIs who have previously implemented the BEAR, presumably plugging some of the gaps which were perhaps experienced in the first round of implementation of this regime. These include new particular responsibilities for the senior executive, responsibility for dispute resolution, remediation programs, product responsibility, services responsibility, setting incentives and breach reporting
- new categories of particular responsibilities have also been added that are specific to foreign branches and RSE licensees
- the timeframe for interim appointments to be registered with APRA is expected to be extended from the current 28 days to 90 days which will alleviate some of the administrative issues experienced with the present tighter timeframe
- penalties which apply to entities under BEAR are to be changed from the current framework where penalties are tiered according to the size of an entity to a penalty framework which more closely aligns to other legislative regimes where the “greater of” 50,000 penalty units, 3x benefit derived or 10% of annual turnover will be applied
- civil penalties have been introduced for individual accountable persons which mimic the enhanced civil penalties which were introduced under the Corporations Act. Under the proposed reforms, individuals could be liable to pay the greater of $1.05m (5,000 penalty units) or 3x the benefit derived (as is the case with the BEAR, individuals cannot be indemnified for this potential exposure by the entity)
- a new “non-objections power” for APRA will allow it to veto appointment or reappointment of directors or senior executives which can be exercised at the time the individuals are registered with APRA
- breach notification requirements have been extended from a breach of accountability obligations under the current regime to include breaches of key personnel obligations also.
As the general preference by APRA seems to be that only one senior executive is nominated for each particular responsibility, allocation of some of the new particular responsibilities could be challenging for some of the new categories such as the new particular responsibilities which cover remediation and breach reporting which often have multiple areas responsible for different aspects of remediation and breach reporting in practice.
While specific responsibilities have been added for RSE licensees, it is surprising that a similar specific category was not added for insurers, where actuarial responsibility and claims management responsibilities do not appear to have been captured.
Core Compliance Entities which have previously developed an accountability framework may no longer be required to submit Accountability Statements and Maps based on the proposed reforms. While the reduced administrative burden will be appreciated, many ADIs have already invested resources in developing their Maps and Statements which were required to be submitted to APRA under the BEAR. Impacted entities will need to consider whether they continue to maintain their Accountability frameworks if the changes proceed as proposed. While there may no longer be a requirement to submit this documentation to APRA, the accountability obligations remain and therefore there is considerable merit in maintaining a robust Accountability framework to manage these obligations.
No timeline for implementation was specified in the Proposals Paper and it is noted the Government will release a timeline for consultation in due course. Submissions on the Proposal Paper are due on 14 February 2020.