28 August 2015
To: All authorised deposit-taking institutions, general insurers and life companies
On 7 October 2014, APRA released a letter noting its intent to review the clarity of its requirements of boards in the prudential standards and supporting guidance materials. The letter noted that in conducting this review, APRA would seek to ensure that its requirements of boards are communicated in a way that clearly recognises the respective roles of the board and management1. The consultation closed on 30 November 2014. Ten submissions were received in response, four of which are non-confidential.
Submissions were widely supportive of the review and identified a number of areas for improvement in relation to the clarity of APRA’s board requirements. This letter summarises the key issues from submissions, responds to the main issues and outlines the process planned for the review.
Improvements to the language used to communicate APRA’s requirements
Submissions suggested that the use of certain language in prudential standards may create the impression boards are expected to assume responsibilities that would normally be assigned to management. For example, the phrase ‘the board and senior management’ is used widely across prudential standards. Submissions argued that this language creates ambiguity in relation to the actions a board is expected to take to meet its responsibilities, and may lead to the impression that the board and management are expected to have the same role.
APRA’s approach to supervision is built on the premise that the board and management are primarily responsible for an entity’s financial soundness and prudent risk management. With this in mind, APRA imposes various requirements and duties on boards, in addition to those that apply to all entities under the Corporations Act 2001. However, in meeting the additional obligations imposed under APRA’s prudential framework, APRA does not expect that the board will take on responsibilities that fall within the province of management under generally accepted practice. APRA therefore intends to review the clarity of its requirements of boards in the prudential standards, to ensure that the language used appropriately reflects the respective roles of the board and management.
Submissions stressed the importance of consistency in the language used to communicate requirements of boards. As an example, submissions noted that a number of similar requirements for the board to receive reports or information are communicated using a range of terms. Using a smaller set of terms across the prudential standards to communicate APRA’s requirements of boards was recommended. Consistency in the language, it was argued, would avoid the impression that variations in wording reflect differing levels of board responsibility across requirements. In future, APRA will therefore seek to use a narrower set of terms when describing requirements of boards. Variations in language will only be retained where there are strong reasons to do so.
Some submissions requested that APRA include further terms in its definitions standards2. In particular, submissions argued that it would be appropriate to define the term ‘ultimate responsibility’. However, the term ‘ultimately responsible’ is commonly used not just within APRA’s prudential standards, but also more widely in other guidance such as the ASX Corporate Governance Principles and Recommendations. APRA prefers in these circumstances to rely on the generally accepted definition rather than seek to create its own definition of the term.
Greater reliance on Prudential Standard CPS 220 Risk Management to describe board obligations
Submissions suggested that greater reliance can be placed on Prudential Standard CPS 220 Risk Management (CPS 220) to describe the obligations of the board, as an alternative to specifying board responsibilities in each prudential standard relating to specific types of risk. The prudential standards noted include credit risk (under APS 113), operational risk (under APS 115), market risk (under APS 116) and credit risk management policies and procedures (under APS 220). Submissions argued that the over-arching requirements of the board in respect of risk management in CPS 220 mean that the requirements of boards in these other standards can be removed. Although this feedback referred mainly to ADI prudential standards, it can also be extended to cross-industry and insurance prudential standards. For example, board requirements are contained in specific areas of risk including outsourcing and business continuity management, and reinsurance management for general insurers.
APRA agrees that, as a general principle, the requirements of boards set out in prudential standards should be aligned to board obligations under CPS 220 where appropriate and that duplication should be avoided. APRA will review the extent of responsibilities placed on boards in the areas identified in relation to risk management, to determine whether there are opportunities for greater reliance on CPS 220 without compromising the soundness of the prudential framework.
Some submissions suggested it is often unclear across APRA’s prudential standards when a board is able to delegate a matter to a board committee or management. It was suggested that APRA provide further clarity in this regard.
APRA has previously noted that where a board is assigned a specific responsibility under a prudential standard, the board is not able to delegate its responsibility for ensuring that matter is adequately addressed. The process followed, and the advice, input and support needed by the board to meet these responsibilities, remain a matter for the board to determine. If the board has been assigned specific responsibility for the matter in APRA’s prudential standard then, even after a board has referred certain functions to management, the board retains the responsibility to satisfy itself that the matter has been properly addressed.
The review process
Given the wide reach of this review, APRA will review the prudential framework over time and make amendments to prudential standards as opportunities arise. APRA anticipates that planned reviews will result in a reasonable proportion of the ADI, general insurance and life insurance prudential standards (that contain relevant board requirements) being reviewed over the next three years or so.
Submissions suggested a large number of specific changes to board requirements across a number of prudential standards. APRA appreciates the time and effort taken to provide this feedback. The specific issues have been captured and will be considered as part of the review process referred to above. Further opportunities to provide feedback will be available through subsequent consultations on any changes to prudential standards.
APRA will also apply the general drafting considerations noted in this letter as it reviews other materials in future. Although all submissions received through this consultation referred exclusively to prudential standards, the drafting considerations noted in this letter would apply equally to APRA’s guidance materials.
APRA thanks the industry respondents who have engaged with the consultation process to date. APRA intends to apply the general drafting principles noted in this letter as opportunities arise for APRA to make amendments to the existing suite of prudential standards and supporting guidance materials.
Entities are encouraged to speak to their responsible supervisor should they have any questions regarding APRA’s expectations of the board. APRA looks forward to ongoing engagement with industry as it seeks to ensure its prudential framework is robust, effective, and clearly communicated.
Executive General Manager
Policy and Advice
1 The letter is available here.
2 The definitions standards include Prudential Standard APS 001 Definitions, Prudential Standard GPS 001 Definitions, and Prudential Standard LPS 001 Definitions.