APRA s Perspective on Financial Services Risk Management Tom Karp Executive General Manager Supervisory Support APRA 1
OVERVIEW APRA & its Regulation/Supervision Approach APRA Requirements for Risk Management APRA s Experience with Financial Services Risk Management Concluding Thoughts 2
APRA & its Supervision Approach Australia s Prudential Regulator Prudential Function only ASIC does Market Conduct Integrated covers Banking, Insurance & Superannuation 580 staff Without Banking, Insurance, Superannuation divisions Regulation/Supervision Approach Directors & Senior Management primarily responsible for entity s Financial Soundness & Prudent Risk Management APRA can only Promote Prudent Behaviour Does not pursue Zero Failure Objective Low Failure Incidence but not impede Efficiency or Innovation Principles-based Requirements for Sound Prudential Outcomes Some Detailed Rules & Prudential Practice Guides License, Monitor, Persuade & (if necessary) Enforce Assess Current & Emerging Risks in entities to Pre-empt risks to Beneficiaries, or ultimately minimise Beneficiary Loss in failures Need High Calibre & Experienced Supervisory Staff 3
APRA s Risk Management Requirements Broad Behavioural Requirements Should be similar across all industries Governance Boards, Committees Fit & Proper Risk Management Governance Aiming for similar across industries Requires a Risk Management Framework (RMF) Risk Management Function Notify APRA if Risk Profile changes significantly Business Plans Capital Management Plan Compliance Declaration to APRA Risk Specific Requirements Credit, Market, Insurance & Operational Risk 4
Risk Management Framework (RMF) Described in a Risk Management Strategy (RMS) Approved by Board Identify which Risks in business need Managing Describe how Risks are Assessed, Interrelate & Aggregate Describe how Risks are Measured, the Confidence around Measurement & how Risk are Monitored, including the Information Systems used Clearly state the entity s Appetite for each Risk & how each Risk will be Mitigated or Controlled so the Residual Risk is within the entity s Appetite Describe Control Procedures & how growing concerns with particular Risks, or breaches of controls are to be Communicated, Escalated & Resolved Describe When, How & by Who the RMF is Reviewed 5
APRA Experience - Banking Credit Risk Major Risk & Generally well managed Market Risk Small in Total Risk, Outlier Problems can be Large & Reputationally Damaging Operational Risk only recently being Managed in a Structured & Disciplined way Liquidity Risk APRA allowed liquidity crisis plan as alternative to minimum liquid assets plans not serious enough APRA commenced review of liquidity requirements late 2006 Credit Market problems in 2 nd half 2007 exposed shortcomings Crisis scenarios need to be more severe & include market disruptions Basel II Implementation Taken a few years to get Advanced Banks accredited Management use & control of Models more crucial than Models 6
APRA Experience General Insurance New Requirements from mid 2002 - post HIH collapse Standard for Actuarial Valuation of Insurance Liabilities with Prudential Margin Risk-based Capital stronger Incentive for Good Risk Management Insurance Risk, including Risk Concentration (eg Cat Exposure) Investment Market Risk Asset Credit & Concentration Risks (eg reinsurance recoverables) No specific Operational Risk capital charge Required RMS & Reinsurance Management Strategy (REMS) Re-licensed all insurers Initially more compliance in Form than Substance Some resistance, at best Begrudging Acceptance APRA Supervision since focussed on substance of risk management More Recently better Actual Risk Management by Insurers APRA detail reduced, but RMS & REMS still required & aligned with Strategic & Business Plans Directors more supportive as APRA requirements give better insight to their business, especially from Actuary s Financial Condition Report 7
APRA Experience Life Insurance Significant Changes in 1995 Realistic Insurance Liability Valuation & Financial Reporting Regime Integrated with Solvency & Capital Adequacy Requirements Adverse Mortality, Morbidity & Expense Assumptions Resilience Reserves to survive Economic Shocks Asset Reserves to cover likely write downs when in difficulty Reserve to cover Expenses when moving into run-off mode New Business Reserve Industry needed much convincing at the time Since 1995 No substantial problems, even through difficult investment markets Better understanding of profitability by product line A few emerging problem companies easily identified early enough for effective APRA intervention Recent APRA changes more to harmonise broad risk management requirements with those for General Insurers 8
APRA Experience - Superannuation Regime prior to mid 2006 Funds simply Registered with APRA Almost no Capital Requirements APRA Supervision focussed on operational issues & trustee duties Required to have Investment Strategy often vague & easily met Since 1 July 2006 All Trustees must be Licensed by APRA Fit & Proper; RMS for Trustee Operations; RMP for each Fund operated Existing Trustees had to be licensed in 2 yr window ending 30 Jun 06 Most received in last 6-9 months Major Consolidation in Industry Initially much Form over Substance APRA Supervision now focused on identifying where substance lacking & persuading (or if necessary enforcing) improved risk management 9
Concluding Comments Risk Management now as Important as Capital Well-targeted Risk-based Capital Requirements provide Strong Incentives for Good Risk Management Good Risk Management Needs The Right People Know the Business Experience with Downturns/Problems Character & Fortitude to be Forthright & Steadfast in face of Criticism The Right Culture Risk Aware & properly set Risk Appetite Committed to have entity Managed within RMF & the set Risk Appetite Encourage Bad News to travel upwards faster than Good News Make examples of Bad Risk Managers even if they achieve profits Numbers, Financial Results & Balance Sheets Important People & Behaviour As Important Wrong People/Behaviour quickly damage healthy & profitable entity 10
Reference Material - www.apra.gov.au Banking APS 112, 113 & 220 & related AGNs Credit Risk APS 114, 115 Operational Risk APS 116 Market Risk APS 117 Interest Rate Risk in the Banking Book APS 120 - Securitisation APS 210 & related AGNs Liquidity APS 220 Large Exposures APS & PPG 231 Outsourcing APS 232 - Business Continuity Management APS 240 Risk Management for Credit Card Activities APS 510 & APG 510 Governance APS & APG 520 Fit & Proper 11
Reference Material - www.apra.gov.au General Insurance GPS 220 & GPG 200 Risk Management GPS 222 & related GGN Business Continuity Management GPS 230 & GPG 245 Reinsurance Management GPS & PPG 231 Outsourcing GPS 310 - Audit & Actuarial Reporting & Valuation GPS & GPG 510 - Governance GPS & GPG 520 - Fit & Proper GPG 220 Credit Risk GPG 230 Operational Risk GPG 240 Insurance Risk GPG 250 Balance Sheet & Market Risk 12
Reference Material - www.apra.gov.au Life Insurance LPS 220 & LPG 200 Risk Management LPS & PPG 231 Outsourcing LPS & LPG 232 Business Continuity Management LPS 310 - Audit & Actuarial Requirements LPS & LPG 510 - Governance LPS & LPG 520 - Fit & Proper LPG 230 Operational Risk LPG 240 Life Insurance & Reinsurance Risk LPG 250 Asset & Liability Management Risk LPG 260 Conflicts of Interest under Section 48 13
Reference Material - www.apra.gov.au Superannuation SGN 110.1 Fit & Proper SGN 120.1 Risk Management SGN 130.1 Outsourcing Circulars 1 Custodian Requirements I Series Member Dealings II Series Trustee Responsibilities covers investments III Series Requirements on Funds IV Series - Auditors All Industries PPG 233 Pandemic Planning & Risk Management 14