ASIC and APRA release updated Corporate Plans: climate, cyber and super key priorities

In late August 2023, ASIC and APRA released their latest Corporate Plans setting out their key priorities. High on both regulators’ agendas are the areas of climate change, cyber security and superannuation.

ASIC

ASIC’s external priorities for 2023-2027 include:

• Product design and distribution, including reducing the risk of harm to consumers of financial and credit products caused by poor product design, distribution and marketing.
• Sustainable finance through proactive supervision and enforcement of governance and disclosure standards, including greenwashing.
• Retirement decision-making, with a focus on superannuation products, managed investments and financial advice. Core strategic projects include a review of trustee transparency; surveillance of trustee’s oversight of advice fee deductions; monitoring of underperformance notifications; surveillance of internal dispute resolution practices; review of the implementation of the retirement income covenant; surveillance of insurance in superannuation; and undertaking a refresh of the supervision of self-managed superannuation fund (SMSF)’s auditors.
• Technology risks, including managing cyber-risk, addressing scams and harm arising from crypto assets, supervising the ASX’s implementation of the CHESS replacement, and reviewing artificial intelligence (AI) and machine-learning practices.

Core strategic projects that cut across a number of these priorities include:

• implementing the recently legislated Financial Accountability (FAR) regime;
• supporting compliance with the breach reporting regime which commenced 1 October 2021;
• enforcement against misleading or deceptive conduct and misinformation in relation to investment products and high-risk property schemes;
• review of whistleblower programs;
• supporting the establishment of a Compensation Scheme of Last Resort (CSLR); and
• finalising and implementing the Indigenous Financial Services Framework.

APRA

APRA’s key priorities over the next year (2023-2024) include:

• addressing system-wide risks and ensuring fit-for-purpose macroprudential policy settings;
• strengthening operational resilience, including cyber resilience;
• managing climate-related financial risks, including undertaking a Climate Vulnerability Assessment for general insurers (in 2022 this was undertaken by Australia’s five largest banks) and embedding climate risk in APRA’s approach to supervision; and
• improving superannuation transparency, including in respect of investment performance.

Importantly, in respect of climate, APRA committed to using existing and new data to prepare and develop insights for emerging issue and best practice. Given the amount of data, methodology and capability gaps in climate, guidance from the regulator will be welcome, particularly considering the expected commencement of mandatory climate reporting from 1 July 2024. See this article on what is being proposed on mandatory climate reporting, and this article which summarises the AICD’s policy position on the proposal.

Implications for directors

As has been the case for some time, non-financial risks, including cyber and climate, remain front of mind for regulators. These focus areas mirror those on many board agendas. See the AICD and CSCRC Cyber Security Governance Principles and the CGI Australia website for more information.

In respect of climate, ASIC in particular has been active in enforcing greenwashing risk, having undertaken 35 enforcement actions in the period 1 July 2022 to 31 March 2023 and commenced three civil penalty proceedings, including an action brought in August 2023 against Active Super. With community and investor expectations continuing to rise, we can expect to see further enforcement activity and heightened scrutiny of corporate disclosures. For more detail on ASIC’s greenwashing enforcement, see this AICD article.

Following various reviews of superannuation fund performance and disclosure practices and intense market competition, the sector continues to be a regulatory priority for regulators. With the sector continuing to grow in scale and economic importance, directors of super funds can expect a high degree of regulator and stakeholder attention going forward.