Column1 |
Column 2 |
Insurance key function |
An accountable person has responsibility for the Insurance Key Function in Column 1 if they have actual or effective senior executive responsibility for management or control of the whole of, or a significant or substantial part or aspect of, the applicable key function as described in this Column 2 |
1. Capital management |
Capital management function, including the Internal Capital Adequacy Assessment Process, stress testing, capital buffers and capital instruments. |
2. Conduct risk management |
Conduct risk management, including the identification and monitoring of the risk of inappropriate, unethical or unlawful behaviour on the part of the accountable entity’s management or employees. |
3. Data management |
Data management, including data strategy, data architecture, data management framework and governance, data quality and issue management, and data risk management, including the state of data controls and data privacy. |
4. Financial and regulatory reporting |
Financial and regulatory reporting function, including the preparation of statutory financial reporting, financial market disclosures (where relevant), and regulatory data collections, to relevant regulators including APRA and ASIC. |
5. Hardship processes |
Hardship policies, procedures and practices for responding to and managing consumers experiencing financial difficulty (not limited to any specific remediation activity). |
6. Insurance risk management |
Product design, development and distribution, reserving and pricing functions including: framework, strategy, policies, procedures, assessment, pricing targets and tolerances, and any other related aspects.
Note: This key function is different from the ‘Product design and distribution obligations’ key function in that this relates to managing insurance risk of the entity (i.e. issues/matters that may impact the financial soundness of the insurer and reporting and governance thereof).
|
7. Operational risk management |
Operational risk management function, including:
- maintaining the operational risk management framework and operational risk management strategy;
- identifying, assessing and managing operational risk and compliance;
- state of operational risk controls;
- evaluation of operational risk profile against board risk appetite;
- business continuity; and
- service provider risk management.
|
8. Product design and distribution obligations |
The various activities involved in complying with the product design and distribution obligations.
Note: The product design and distribution obligations and the product origination key functions are related but may be distinguished as follows—The product design and distribution obligations involve ongoing monitoring of products and product governance arrangements, throughout the lifecycle of the product; the product origination obligations are concerned with specific obligations at the time the consumer acquires the product.
|
9. Product origination |
Product origination obligations that relate to financial products—including obligations relating to disclosure, contract formation and insurer representations. |
10. Recovery and exit planning and resolution planning |
Recovery and exit planning function, including governance arrangements, trigger frameworks, recovery and exit options, scenario analysis, assessment of recovery capacity, and communication strategy.
Resolution planning function, including assisting APRA in identifying any critical functions, assessing the feasibility of resolution options, and removing barriers to the execution of a resolution plan. |
11. Reinsurance management |
Reinsurance functions including reinsurance strategy, management and administration. |
12. Scam management |
The entity’s policies, procedures and practices designed to prevent and mitigate consumer loss from scams and fraud, and to respond to incidents of scams and fraud and consumers who have been affected by such incidents. |
13. Technology management |
Technology management, including technology strategy, lifecycle management of technology used, state of technology controls, information security, disaster recovery, technology operations and infrastructure (including management and maintenance of business and technology applications). |
14. Training and monitoring of relevant representatives and staff |
Training and monitoring of staff and representatives providing financial products or financial services or engaging in activities on behalf of a licensee. This includes training on mandatory continuous education on a product, service or activity. |
15. Underwriting |
Underwriting function including:
- establishing, maintaining and developing underwriting manuals, policies and procedures including compliance;
- maintaining underwriting standards consistent with established policy;
- resourcing of the underwriting function; and
- delegation and authorities; and
- budgeting and forecasting.
|
16. Whistleblower policy and process |
Implementation and monitoring of the entity’s whistleblower policy and processes. |
|
|