This article was co-authored with Daniel Corban.
On 28 October 2021, the Financial Accountability Regime Bill 2021 (Bill) was introduced into the House of Representatives to establish the much anticipated Financial Accountability Regime (FAR or the Regime). If passed, the Bill will expand and replace the current Banking Executive Accountability Regime (BEAR) under the Banking Act 1959 (Cth) and extend BEAR-like accountability requirements to registrable superannuation entities and regulated insurers.
The Bill follows the draft bill for the Financial Accountability Regime 2021 (Draft Bill) (see our update here), released for public consultation in July. Although substantially similar to the Draft Bill, the Bill is not identical. Notably, the Bill provides regulators with the additional power to publically disclose information of accountable persons from its register of accountable persons when in the interests of public accountability and transparency.
In this update, we provide an overview of the key measures in the Bill and what this means for insurers.
What is FAR?
FAR is the Federal Government’s response to recommendations from the Hayne Royal Commission to extend BEAR to registrable superannuation entities and regulated insurers.
The proposed Bill extends similar BEAR-like accountability requirements to these entities, but replaces the current regime. The proposed Regime will apply to regulated entities and their directors and senior executives in the banking, superannuation and insurance industries, and is intended to improve operating culture and governance through increased transparency and strengthened accountability requirements.
Unlike BEAR, FAR will be administered by APRA and ASIC. Joint guidance is expected shortly on how compliance with the Regime will be enforced by the Regulators.
When will the Regime commence?
The Regime will have a staggered application. The Regime is proposed to take effect for the banking sector from the later of 1 July 2022 or six months after the commencement of the Regime, which is expected by the end of the year. For regulated insurers and superannuation entities, the proposed commencement date is the later of 1 July 2023 or 18 months after commencement of the Bill.
This timeline is unchanged from the timeline put forward during the consultation period of the Draft Bill.
What are the key obligations under FAR?
The Regime proposes to impose four core obligations on regulated entities in the banking, insurance and superannuation industries, known as accountable entities (defined below):
# |
Obligation |
Requirements under obligation |
1. |
Accountability obligations |
Accountable entities are required to take reasonable steps:
- to conduct their business with honesty and integrity, with care, skill and diligence and in a manner that prevents an actual or likely adverse impact on its prudential standing and reputation;
- to deal with APRA and ASIC in an open, constructive and cooperative way; and
- to ensure its accountable persons comply with their accountability obligations.
|
2. |
Key personnel obligations |
Accountable entities are required to nominate senior and influential executives to be responsible for all areas of their business operations.
Generally, accountable entities will be required to register accountable persons with the Regulator before they occupy the role as an ‘accountable person’. There are certain exceptions for accountable persons filling temporary or unforeseen vacancies, appointed as directors at general meetings and for new industry entrants. |
3. |
Deferred remuneration obligations |
Accountable entities are required to:
- defer at least 40 per cent of the variable remuneration of their accountable persons for a financial year for a minimum of 4 years (e.g. bonuses and incentive payments). The deferral period under the Bill is intended to be consistent with the provisions of APRA’s prudential standard to regulate remuneration in regulated industries (Prudential Standard CPS 511 Remuneration); and
- reduce their variable remuneration for non-compliance with accountability obligations.
The deferred remuneration obligations do not apply to accountable persons whose variable remuneration for a financial year is less than $50,000 (or any other amount listed in the Minister’s ‘rules’, yet to be released). |
4. |
Notification obligations |
Accountable entities are required to provide the Regulator with particular ‘core’ information about their business and accountable persons. Generally, this is required within 30 days of the event occurring.
There are two additional notification events to those under BEAR:
- where an accountable entity has reasonable grounds to believe it has breached its key personnel obligations; and
- where a material change occurs to information on the register of accountable persons about an accountable person.
Additionally, entities above a certain threshold are required to prepare and submit accountability statements and accountability maps. This threshold for compliance will be determined by the Minister in ‘rules’ yet to be released. |
|
|
|
Accountable entities
The obligations under the Regime apply to all accountable entities. In the insurance sector, accountable entities are:
- general insurers;
- authorised non-operating holding-companies of general insurers;
- life companies;
- registered non-operating holding companies of life companies; and
- private health insurers.
Significant Related Entities (SREs) of insurers may also be affected by the Regime. SREs are subsidiaries of an accountable entity who have a material and substantial effect on the accountable entity. A relationship between an accountable entity and SRE will be ‘sufficiently material and substantial’ if the business activity of the SRE has the potential if disrupted to significantly impact on the accountable entity or relevant group’s business operations or ability to effectively manage risks. A range of factors are set out in the Bill to assist determine whether an entity is an SRE.
Accountable persons
A key feature of the Regime is the concept of an ‘accountable person’. Accountable entities are required to determine who within their organisation is an accountable person.
An ‘accountable person’ is someone who holds a position in the accountable entity or SRE with actual or effective senior executive responsibility for the management or control of the accountable entity, or a significant or substantial part of the accountable entity or relevant group’s operations. An ‘accountable person’ also includes a person who holds one or more of the prescribed responsibilities or positions listed in the ‘rules’ made by the Minister. These rules are yet to be released.
As was the case under the Draft Bill, for foreign accountable entities in the insurance sector, the accountable persons’ responsibilities will relate to the Australian branch of the entity, rather than the entity as a whole.
The Bill introduces a new obligation on accountable persons to take ‘reasonable steps’ to prevent matters from arising that would or likely result in a material and significant breach of financial sector laws relevant to their area of responsibility. The Bill sets out a non-exhaustive list of what amounts to taking ‘reasonable steps’.
The Regulator (the Regime will be jointly administered by ASIC and APRA) will keep a register of all accountable persons. The Bill also confers power on the Regulator to disqualify someone from being an accountable person of an accountable entity, as well as to direct an entity to reallocate responsibilities of an accountable person to address prudential risks or systemic risks of non-compliance.
What are the consequences for non-compliance?
If an accountable entity breaches its FAR obligations, it may be liable for a civil penalty of up to the maximum of either 50,000 penalty units; three times the value of the benefit derived or detriment avoided; or the lower of 10 per cent of the entity’s annual turnover and the amount equal to 2.5 million penalty units per contravention.
What should insurers do to prepare for FAR?
Given the introduction of FAR has been anticipated for some time, insurers may have commenced or prepared plans to review their existing risk, governance and compliance frameworks.
As the implementation of BEAR demonstrated, substantial investment in resources and time across the business, the Board and senior executive teams was required to prepare for compliance with accountability requirements. Insurers still have time to undertake the necessary changes to their frameworks and processes, but experience shows those who engage early in the process will be best placed to ensure complete implementation in the required timeframe.
Insurers should consider the following actions to ensure readiness for implementation of FAR:
- conduct a whole of business mapping exercise to develop a clear picture of responsibilities and delegations across all operations of the business. This must include an analysis of group and entity level functions, outsourced arrangements and governance. Insurers need to be alive to the likely requirements of the Regime, including accountability for end-to-end product lines, which may create horizontal accountabilities across business units that do not neatly align with the entity’s internal governance arrangements;
- identify ‘accountable persons’ within the business and engage with those persons to ensure that roles and responsibilities are clearly understood and so that, where relevant, accountability statements and maps can be prepared;
- implement a ‘reasonable steps’ framework to ensure that the entity and accountable persons are able to demonstrate at all times compliance with the Regime. Appropriate systems and documentation should be developed and robustly built into existing risk management and governance arrangements, including processes for reporting, review and ongoing oversight;
- review and implement changes to remuneration arrangements with ‘accountable persons’ as required. FAR offers an opportunity for the organisation to consider its remuneration structure holistically to not only ensure compliance with Prudential Standards and the FAR, but also to ensure incentives align with the organisation’s values and appropriate consumer outcomes. Changes will need to be adopted through revised remuneration policies, employment roles and performance review arrangements (including scorecarding);
- build a breach notification system for the FAR, which allows for internal reviews of matters that may be reportable to the Regulators, appropriate escalation and review arrangements that takes into account the seniority of stakeholders involved, and the potential serious organisational and personal consequences of breach reporting decisions; and
- implement a training schedule for staff on FAR requirements. Consideration will need to be given not only to training accountable persons, but also staff engaged in governance, risk and compliance arrangements around the FAR. All staff will need to be alive to reporting obligations.
We will continue to keep you updated on the progress of the Bill and any further amendments to the Regime.