What directors can learn from the major banks' self-assessments

Self-assessment reports from the major banks should be a must read for all boards following the banking Royal Commission.

The major banks’ self-assessment reports are a must-read for boards. That’s the view of former Australian Shareholders’ Association CEO Judith Fox MAICD who resigned at the end of August to become CEO of the Stockbrokers and Financial Advisers’ Association. Her comments follow the July release of Westpac’s self-assessment of its own culture, governance and accountability, instigated by the Australian Prudential Regulation Authority (APRA) last year.

National Australia Bank (NAB) released its report in November, but Australia and New Zealand Banking Group (ANZ) has not published its self-assessment, saying it’s up to the regulators to release it. APRA has made Westpac, NAB and ANZ put aside an additional $500m in capital until they have completed their planned remediation to strengthen risk management and closed gaps identified in their self-assessments. The Commonwealth Bank of Australia (CBA) was excluded because APRA applied a $1b add-on to CBA’s minimum capital following its prudential review of the bank last year.

APRA chair Wayne Byres said, “Australia’s major banks are well-capitalised and financially sound, but improvements in the management of non-financial risks are needed. This will require a real focus on the root causes of the issues that have been identified, including complexity, unclear accountabilities, weak incentives and cultures that have been too accepting of long-standing gaps... Their self-assessments reveal they have fallen short in a number of areas, and APRA is therefore raising their regulatory capital requirements until weaknesses have been fully remediated.”

The Westpac report, carried out by bank staff and consultants from Oliver Wyman, found its management of non-financial risks across all lines of defence remains generally less mature than its management of financial risks. Many of the report’s recommendations aim to fix this. The report identifies three frequently observed strands of Westpac’s “corporate DNA”:

1. A tendency to cultivate complexity with multiple frameworks and policies in place to deal with what are really common issues.
2. A tendency to privilege upfront conceptual work over execution and implementation, including a fading of focus as work proceeds from idea to action.
3. An imperative for safety, both at a company and employee level. Westpac’s near insolvency in the early 1990s reinforced this trait and drove a focus on management of financial risk, especially credit risk.

“The self-assessments are such useful lessons about governance and accountability,” says Fox. “Not only are they useful for investors, but incredibly useful road maps for the organisations themselves.”

Westpac Group CEO Brian Hartzer also describes the self-assessment as a valuable exercise. In an 11 July press release, he said, “We acknowledge the need to improve non-financial risk management and oversight and we are working to resolve the issues raised. Our board and senior executives are committed to addressing the shortfalls identified in the report and will continue to provide regular updates on our progress.”

The release noted, “Chief risk officer David Stephen is leading a program of work, overseen by the board, to implement the self-assessment’s recommendations. To date, around 20 per cent of the recommendations have been implemented.”

Notably, the recent APRA Capability Review, led by Graeme Samuel AC, recommended that APRA should embed the recent entity self-assessment process into a more intense supervisory approach to governance, culture and accountability risks, and build on the CBA Prudential Inquiry and entity self-assessments by making CBA-style prudential inquiries an ongoing part of its supervisory toolkit.

APRA has supported these recommendations, noting that issues of governance, culture, remuneration and accountability are priority areas for APRA. APRA has also noted that given the significant cost of CBA-style prudential inquiries the precise number of reviews will be dependent on overall resourcing.