A focus on executive accountability
Senior management across the financial services sector are to be held to account in an enhanced supervisory regime to be overseen by both APRA and ASIC.
The Banking Executive Accountability Regime (BEAR) legislation in its current form covers all Authorised Deposit-taking Institutions (ADIs) and their subsidiaries and will hold even more weight as a result of the findings from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry, of which the Final Report has been released. The legislation defines an ‘Accountable Person’ (AP) and requires the development of an ‘Accountability Statement’ for each AP, an ‘Accountability Map’ for the organisation, and remuneration requirements. The legislation also includes a requirement to undertake but does not define ‘reasonable steps’.
The extension of the BEAR beyond APRA regulated ADIs follows the expanded scope of the Senior Managers & Certification Regime (SMCR) in the UK. It reinforces the principle that those who are in senior management positions within Australia’s financial institutions are to ultimately be held accountable for the performance of their responsibilities. It remains to be seen within what timeframe the implementation of the extended regime will occur.
Individuals and organisations with individual accountability obligations should leverage lessons learned both locally and overseas. The experience in the UK demonstrates that the regime itself, and the outcomes of subsequent enforcement action, may take several years to crystallise. Given the findings in the Final Report, resistance to the individual accountability obligations may expose the institution to increased risk, and set a tone internally and externally within APRA regulated financial services institutions that doesn’t encourage the changes now required.
There are ‘no regrets’ activities that can be started. Taking stock of how accountabilities and responsibilities are currently structured and whether they are consistently documented in key artefacts (such as terms of reference, frameworks, role descriptions and KPIs) are logical first steps. Identification of gaps, overlaps and inconsistencies in the institution’s approach to accountability can then be considered. The time frames for the extension of individual accountability to superannuation, insurance, and other areas of the financial service sector are yet to be locked down. However, experiences with BEAR would suggest that early mobilisation is prudent.
Many institutions will have undertaken a self-assessment of governance, accountability and culture following APRA’s Prudential Inquiry into the Commonwealth Bank of Australia. Typically, the self-assessments have identified the need for enhancement in the design and implementation of the three lines of defence, risk management framework, improvement of non-financial and conduct risk management (including addressing the “should we” question), and the nexus between remuneration and sound risk management. These enhancements will support institutions taking an accountability led approach. Specific recommendations in the Final Report expanding the application of the accountability obligations to product and customer outcomes, such as identifying an individual responsible for the design, delivery and maintenance of all products, will sharpen the organisations customer focus and create potential to mitigate conduct risk through increased accountability.
As part of BEAR, senior management must demonstrate reasonable steps in exercising accountabilities, including, but not limited to, compliance with all legal and regulatory obligations. Improving the alignment between responsibility (what an individual is accountable for), and authority (the outcomes an individual is able to control) will improve transparency and remove friction in many organisations. The ‘no regrets’ actions outlined above go some way to achieving this and improving culture.
Clear accountability across senior management sends a strong message that they and their institution is focused on governance. Where accountability is clear and cascaded through the organisation to middle management and their direct reports, significant improvement in the culture, transparency and performance will be achieved. A lack of clear accountability can foster an environment of a lack of ownership for outcomes and inhibit curiosity, which may result in complacency and constructive challenge. This is not the accountable, customer outcomes focused and risk conscious mindset that will enable organisations to navigate increased scrutiny and thrive. Senior management who lead their employees and embrace the challenges and opportunities of individual accountability will set the tone for change.
APRA and ASIC will require organisations to clearly document individual accountabilities. APRA’s engagement with ADIs during the BEAR implementation would suggest that there will be a minimum set of specific responsibilities that they will want to see, allocated amongst senior managers. However, clear articulation of individual accountabilities forms only part of the picture. Having signed-up to specific individual accountabilities, senior managers will need to ensure that the governance and operational mechanisms of the institution clearly document reasonable steps aligned to their accountabilities. If they do not, the senior manager faces the risk that, in the event of an issue, they will not be able to provide evidence to a regulator that they effectively discharged their accountabilities and may therefore be exposed to financial penalties and may be barred from holding senior positions in the financial services industry.
Ultimately, the extension of BEAR will provide institutions with clarity on who is accountable for what, and set clear expectations on behaviours and performance objectives. Taking action now will mitigate the potential long tail of further customer detriment, remediation and associated financial and reputational risks. The multiple benefits of role and organisational clarity, increased understanding of conduct risk and the implementation of remuneration arrangements linked to defined accountabilities, create the opportunity for senior management and the organisation to be ready for the post Royal Commission landscape.
Top three quick facts on this topic
- BEAR to be extended beyond ADIs, first to Registrable Superannuation Entities (RSEs) then to insurers and others in the sector.
- Twin supervision of the BEAR by APRA and ASIC. ADIs that have, or are in the process of implementing BEAR need to consider whether they have adequately dealt with product and customer relates implications of this extension.
- Extending BEAR aligns to the governance, culture and accountability themes that emerged in APRA’s Prudential Inquiry into the Commonwealth Bank of Australia.
Top five implications for clients in this sector
- Accountability will be a core requirement in the organisation and management arrangements.
- Changing culture and a greater awareness of customer’s interests is support by improved accountability.
- Lessons can be learned from the experienced of ADIs implementing BEAR and the UK’s experience implementing the SMCR.
- Implementing BEAR is inextricably linked to organisational culture, the tone from the top, and remuneration and reward.
- No regret activities can already commence to start developing an accountability led culture.
Read more about the Royal Commission on the KPMG NewsRoom.