Do boards have a blind spot when assessing their own effectiveness?

AICD's head of Advocacy Louise Petschler discusses APRA's report on governance, culture and accountability following the banking Royal Commission.

Some weeks ago the Australian Prudential Regulation Authority (APRA) released an information paper on self-assessments of governance, accountability and culture. It noted a “wide variation in the quality of the self-assessments”. While most institutions recognised the opportunity to critically examine their own organisation, some institutions viewed it as an “exercise for APRA rather than an opportunity to drive improvement”.

The regulator poses the question: do boards and senior management have a blind spot when it comes to assessing their own effectiveness? It intends to test this further. As a result, APRA-regulated entities will receive greater regulatory attention through revised prudential standards and some organisations will see increased supervisory scrutiny of their institutions along with remediation requirements. APRA commented that while many organisations learned from its weighty report on the CBA Prudential Inquiry, they have “generally rejected the notion that the cultural traits of complacency, insularity and collegiality” are relevant to them.

APRA has reiterated that boards and management are ultimately responsible for addressing weaknesses in their institutions and that it will be holding them to account. Over the next 12 months, it will strengthen prudential expectations and increase supervisory intensity on these issues. Further, APRA has signalled it may require organisations to hold additional capital as a risk buffer where it is not satisfied that issues identified in self-assessments are being resolved in a satisfactory and timely manner.

Areas needing improvement as identified in the report include: non-financial risk management; accountabilities — which are not always clear, cascaded nor effectively enforced; risk culture — which is not well understood, and therefore may not be reinforcing desired behaviours; and, self-assessments on both remuneration — especially the effectiveness of frameworks as a whole, not just design, and culture — where many institutions struggled to either evidence or articulate their assessment of culture. APRA will now consider further targeted thematic reviews required to drive improvements in governance, accountability and culture in the financial services sector.

APRA forward policy agenda

Throughout 2019, APRA will revise its prudential standards that apply across the financial services sector to reflect the findings of its own inquiries and the Royal Commission (including those findings relating to executive remuneration and non-financial risk management) — and now, presumably, the findings related to self-assessments.

In particular, APRA will review the broad governance and risk management processes — set out in CPS 220 Risk Management and CPS 510 Governance — to ensure they remain fit for purpose. Notably, the regulator has stated that expectations of boards and senior management may well need to be articulated more clearly.

APRA has also said that it will review the relative emphasis on non-financial risks and the use of concepts such as “risk appetite” in CPS 220 and risk-specific prudential standards to ensure they are aligned.

As at the time of writing, APRA is expected to shortly release for consultation a revised prudential standard on remuneration to better align remuneration, prudent risk management and long-term financial soundness. APRA chair Wayne Byres has indicated publicly that close consideration is being given to a cap on the level of financial metrics used to decide long-term incentives, and has floated the possibility of a 50 per cent split between financial and non-financial metrics. APRA’s new remuneration standard will obviously have significant implications for APRA-regulated entities and their approach to setting remuneration. For listed entities in particular, this may reshape engagement with investors and proxy advisors.

At the same time, work is being done on integrating the Banking Executive Accountability Regime (BEAR) legislative requirements with the broader prudential framework, as well as consulting on updates to the existing fit and proper requirements set out in CPS 520. An active policy agenda for APRA foreshadows a period of close consultation and implementation for the financial services sector. The AICD will be closely engaged on board-level matters — including supporting the important distinction between the role of the board and management, especially in large, complex organisations, and will keep members updated.