FAR (is) OUT

The FAR legislation is being prepared for introduction and passage in the 2021 Spring sittings of Parliament. We note that as at September 2023, the Financial Accountability Regime Bill 2023 was passed by both chambers of Parliament, and will be in effect for ADIs and NOHCs from 15 March 2024, and all other APRA-regulated entities from 15 March 2025.

Accountable persons (“APs”):

• As with BEAR and the FAR Proposal Paper, an AP may be accountable on the basis of holding multiple prescribed responsibilities (“PRs”) or positions, or by passing the ‘general principle test".
• Consistent with the FAR Proposal Paper, the Policy Proposal Paper on Prescribed Responsibilities and Positions extends the list of PRs under BEAR to emphasise the importance of managing non-financial risks and reflect the application of the regime to all APRA-regulated industries. However, the principle from BEAR remains – the regime intends to only capture an entity’s directors and most senior and influential executives.
• Whilst the regulators will not prescribe who should be registered to hold certain PRs or positions, the Paper does provide further guidance on who the PRs intend to capture.
• All PRs are required to be allocated and Senior Executives will be permitted to hold multiples PRs and/or positions across multiple accountable entities within the same group (and only one accountability statement will be required to be prepared for each individual).
• The ED is consistent with our expectations in that the end-to-end product responsibility. We note that as at September 2023, end-to-end product management is no longer a prescribed responsibility due to the perceived challenges outline above(arising from the Royal Commission recommendations and following APRA’s consultation) can be allocated to multiple individuals on a product (type) basis. However, where an accountable entity allocates this PR to multiple individuals on a product lifecycle / value chain basis, they will each be held jointly accountable for the end-to-end product responsibility in relation to that product or service. A broad interpretation of what ‘end-to-end’ means has been provided and includes: design, delivery, maintenance, remediation, linkages to IT & data, outsourcing and frontline staff incentives.

• Practically, as this responsibility is very broad, there are few organisations that are structured in a way where joint accountability here won’t exist. This will no doubt impact current ways of working and relationships at the executive level.
•  
• The standalone PR of setting incentives proposed in the January 2020 paper is now omitted from the ED, alongside PRs for underwriting and the investment function (for insurers). Additionally, the PR for management of a significant business division has been removed, with the PRs and positions Paper noting that the head of a significant business division would be expected to meet the general principle test. Lastly, a smaller subset of PRs and positions for NOHCs has been provided.
• As with the FAR Proposal Paper, there are still some practical issues (including areas of grey and potential overlap) with the new list of PRs and positions, including for example: product remediation being captured under the end-to-end product responsibility, but there also being a ‘standalone’ remediation responsibility; and the inclusion of hardship in the ‘standalone’ remediation responsibility, whereby hardship will often (in practice) reside in a separate area of an organisation to remediation.

Accountable entities:

• The FAR Proposal Paper and BEAR obligations required regulated entities’ subsidiaries to meet accountability obligations as if they too were regulated under the regime (although they were not subject to direct legal obligations under the regime). The language in the FAR ED has shifted from subsidiaries to ‘significant related entities’ resulting in a potentially broader application of FAR, to recognise that consumers tend to associate all related financial services with the main entity’s brand.
  • For entities other than Trustees, this will generally include a subsidiary that has a material and substantial effect on the accountable entity and the ED provides factors to consider when determining this.
  • For Trustees, a wider variety of entities may be captured, depending on the trustee’s operating structure and control relationships. This recognises the variety of structures in the industry. In particular, a connected entity of a Trustee (such as a general insurer or a controlled investment company) could have a material and substantial impact on the Trustee. This requires some careful attention and may lead to a larger AP group than first anticipated.
• Under FAR, there is no longer a classification of ADIs according to size. However, the notification obligations under FAR establish two categories of entity: enhanced and core. Each will be subject to the same obligations with the exception of core entities not being required to submit accountability statements and maps to the regulators. The FAR ED highlights that, where an accountable entity within a corporate group meets the enhanced notification threshold, all other accountable entities within that group (including any licensed NOHCs) will need to comply with the enhanced notification obligations irrespective of whether they meet the enhanced notification threshold.

The accountability obligations, both for entities and APs, remain substantially similar to those set out under BEAR and within the FAR Proposal Paper. However, there are two key deviations worth noting:

Taking reasonable steps to comply:

The FAR Proposal Paper included an additional obligation for APs to take reasonable steps to ensure that the entity complies with its licensing obligations. This has been changed in the ED to a requirement for APs to take reasonable steps to ensure that the accountable entity complies with a number of specified laws (including but not limited to: the Banking Act 1959, credit legislation, the Insurance Act 1973, the Superannuation Industry (Supervision) Act 1993 and the “financial services law” as defined in the Corporations Act 2001).

This requirement represents a change of focus for APs, who will now need to be confident that they understand each relevant provision, its impact on their area of responsibility and the measures taken by the entity to comply. This re-instils the importance of having a robust obligations register in place which maps compliance obligations to respective APs, and of providing APs with adequate education as needed.

2.Matters arising that would adversely affect prudential standing or reputation:

Both the BEAR and the FAR Proposal Paper included obligations for entities to prevent matters from arising that would adversely affect prudential standing or prudential reputation. The ED maintains this obligation, but extends ‘would’ to ‘would (or would be likely to)’ adversely affect prudential standing or prudential reputation.

While on the face of it, this appears to extend the existing obligation, it may not have significant implications in practice. The nature of the existing obligation, through reference to ‘would’, already contemplates the hypothetical, forward-looking view that inclusion of ‘would be likely to’ attempts to address. It remains to be seen whether this wording change is flagging an intention on the part of the regulators to take action where an AP has failed to act with the relevant foresight, even where no adverse impact has actually materialised.

Additional guidance on taking reasonable steps

The ED also provides additional detail on what amounts to taking reasonable steps to support proactive compliance by accountable entities and persons. In addition to existing provisions (covering governance, control, risk management, delegations and procedures for identifying and remediating problems), Treasury has also sought to include: 

• Taking appropriate action to ensure compliance; and
• Taking appropriate action in response to non-compliance or suspected non-compliance.

This is aligned to the approach that many organisations are already taking and is unlikely to prompt significant change.

As anticipated, significant civil penalties will apply to entities in breach of their obligations under FAR. The maximum penalty amount for a contravention is the greater of:

• 50,000 penalty units (currently $15.65 million);
• If the Court can determine it – the benefit derived or detriment avoided because of the contravention, multiplied by three; and
• 10 per cent of the annual turnover of the body corporate, but to a maximum monetary value of 2.5 million penalty units (currently $782.5 million).

However, there are some important departures from the FAR Proposal Paper:

• No civil penalties will be imposed on individuals for contravention of the accountability obligations (other than ancillary contravention);
• Accordingly, there is no express prohibition in the ED against the indemnification or insurance of APs (although the existing limitations on indemnification of officers in the Corporations Act 2001 will continue to apply); and
• Trustees will need to consider the interaction between FAR and the incoming prohibition against indemnification for certain penalties.

As expected, FAR will be jointly administered by APRA and ASIC, except for entities not licensed under the financial services laws or credit legislation (these will be regulated solely by APRA). Key points to note about the joint administration approach include:

• ASIC and APRA will be required to enter into an arrangement outlining their approach within 6 months of commencement – if they fail to do this, the Minister can put an arrangement in place;
• Certain powers, including disqualification, exclusions and extensions can only be exercised by prior agreement between ASIC and APRA;
• The regulators acknowledge that there is no ‘one size fits all’ approach to implementation of FAR and intend to engage with accountable entities before ‘go-live’;
• A single portal is expected to be maintained for notifications and queries in relation to FAR; and
• The regulators intend to release joint regulatory guidance prior to the commencement of FAR.

We recommend assessing the more material departures from the FAR Proposal Paper, including what is involved in understanding the newly framed accountability obligation for APs, the operation of and the overlap between proposed PRs. 

Consider the impact on other regulatory change items

Several of the PRs consider areas that are currently undergoing significant regulatory change. It will be important to consider whether the appointment of APs into these roles should be contemplated by existing implementation programs. By way of example:

• Dispute resolution (internal and external) responsibility, and its interaction with RG 271 on internal dispute resolution;
• Breach reporting responsibility, and its interaction with the revisions being made to RG 78 and the impending Hayne changes; and
• Client or member remediation programs (encompassing hardship considerations where relevant) responsibility, and its interaction with the revisions being made to RG 256.

Get your implementation programs started

For ADIs and their NOHCs, there is now less than 6 months to transition over to the new and changed requirements under FAR, or extend to entities not previously captured. We recommend starting now in order to be appropriately prepared for March 2024, and to overcome some of the nuances that weren’t contemplated under BEAR.

For all other APRA-regulated entities, experience tells us that the sooner you get started – the better. Ideally the organisation is operating in a FAR-ready state in advance of March 2025