The FAR is near for insurers: Financial Accountability Regime Bill introduced into Parliament

What is FAR?

FAR is the Federal Government’s response to recommendations from the Hayne Royal Commission to extend BEAR to registrable superannuation entities and regulated insurers.

The proposed Bill extends similar BEAR-like accountability requirements to these entities, but replaces the current regime. The proposed Regime will apply to regulated entities and their directors and senior executives in the banking, superannuation and insurance industries, and is intended to improve operating culture and governance through increased transparency and strengthened accountability requirements.

Unlike BEAR, FAR will be administered by APRA and ASIC. Joint guidance is expected shortly on how compliance with the Regime will be enforced by the Regulators.

When will the Regime commence?

The Regime will have a staggered application. The Regime is proposed to take effect for the banking sector from the later of 1 July 2022 or six months after the commencement of the Regime, which is expected by the end of the year. For regulated insurers and superannuation entities, the proposed commencement date is the later of 1 July 2023 or 18 months after commencement of the Bill.

This timeline is unchanged from the timeline put forward during the consultation period of the Draft Bill.

What are the key obligations under FAR?

The Regime proposes to impose four core obligations on regulated entities in the banking, insurance and superannuation industries, known as accountable entities (defined below):

Accountable entities

The obligations under the Regime apply to all accountable entities. In the insurance sector, accountable entities are:

• general insurers;
• authorised non-operating holding-companies of general insurers;
• life companies;
• registered non-operating holding companies of life companies; and
• private health insurers.

Significant Related Entities (SREs) of insurers may also be affected by the Regime. SREs are subsidiaries of an accountable entity who have a material and substantial effect on the accountable entity. A relationship between an accountable entity and SRE will be ‘sufficiently material and substantial’ if the business activity of the SRE has the potential if disrupted to significantly impact on the accountable entity or relevant group’s business operations or ability to effectively manage risks. A range of factors are set out in the Bill to assist determine whether an entity is an SRE.

Accountable persons

A key feature of the Regime is the concept of an ‘accountable person’. Accountable entities are required to determine who within their organisation is an accountable person.

An ‘accountable person’ is someone who holds a position in the accountable entity or SRE with actual or effective senior executive responsibility for the management or control of the accountable entity, or a significant or substantial part of the accountable entity or relevant group’s operations. An ‘accountable person’ also includes a person who holds one or more of the prescribed responsibilities or positions listed in the ‘rules’ made by the Minister. These rules are yet to be released.

As was the case under the Draft Bill, for foreign accountable entities in the insurance sector, the accountable persons’ responsibilities will relate to the Australian branch of the entity, rather than the entity as a whole.

The Bill introduces a new obligation on accountable persons to take ‘reasonable steps’ to prevent matters from arising that would or likely result in a material and significant breach of financial sector laws relevant to their area of responsibility. The Bill sets out a non-exhaustive list of what amounts to taking ‘reasonable steps’.

The Regulator (the Regime will be jointly administered by ASIC and APRA) will keep a register of all accountable persons. The Bill also confers power on the Regulator to disqualify someone from being an accountable person of an accountable entity, as well as to direct an entity to reallocate responsibilities of an accountable person to address prudential risks or systemic risks of non-compliance.

What are the consequences for non-compliance?

If an accountable entity breaches its FAR obligations, it may be liable for a civil penalty of up to the maximum of either 50,000 penalty units; three times the value of the benefit derived or detriment avoided; or the lower of 10 per cent of the entity’s annual turnover and the amount equal to 2.5 million penalty units per contravention.

What should insurers do to prepare for FAR?

Given the introduction of FAR has been anticipated for some time, insurers may have commenced or prepared plans to review their existing risk, governance and compliance frameworks.

As the implementation of BEAR demonstrated, substantial investment in resources and time across the business, the Board and senior executive teams was required to prepare for compliance with accountability requirements. Insurers still have time to undertake the necessary changes to their frameworks and processes, but experience shows those who engage early in the process will be best placed to ensure complete implementation in the required timeframe.

Insurers should consider the following actions to ensure readiness for implementation of FAR:

• conduct a whole of business mapping exercise to develop a clear picture of responsibilities and delegations across all operations of the business. This must include an analysis of group and entity level functions, outsourced arrangements and governance. Insurers need to be alive to the likely requirements of the Regime, including accountability for end-to-end product lines, which may create horizontal accountabilities across business units that do not neatly align with the entity’s internal governance arrangements;
• identify ‘accountable persons’ within the business and engage with those persons to ensure that roles and responsibilities are clearly understood and so that, where relevant, accountability statements and maps can be prepared;
• implement a ‘reasonable steps’ framework to ensure that the entity and accountable persons are able to demonstrate at all times compliance with the Regime. Appropriate systems and documentation should be developed and robustly built into existing risk management and governance arrangements, including processes for reporting, review and ongoing oversight;
• review and implement changes to remuneration arrangements with ‘accountable persons’ as required. FAR offers an opportunity for the organisation to consider its remuneration structure holistically to not only ensure compliance with Prudential Standards and the FAR, but also to ensure incentives align with the organisation’s values and appropriate consumer outcomes. Changes will need to be adopted through revised remuneration policies, employment roles and performance review arrangements (including scorecarding);
• build a breach notification system for the FAR, which allows for internal reviews of matters that may be reportable to the Regulators, appropriate escalation and review arrangements that takes into account the seniority of stakeholders involved, and the potential serious organisational and personal consequences of breach reporting decisions; and
• implement a training schedule for staff on FAR requirements. Consideration will need to be given not only to training accountable persons, but also staff engaged in governance, risk and compliance arrangements around the FAR. All staff will need to be alive to reporting obligations.

We will continue to keep you updated on the progress of the Bill and any further amendments to the Regime.