Australian insurers are struggling to implement the new regulations in the financial services sector – such as new governance, risk, and compliance (GRC) obligations, according to Xceedance.
The Federal Government's Financial Sector Reform (Hayne Royal Commission Response) Bill 2020 has introduced new regulations, including provisions for financial services industry codes of conduct to be enforceable, with breaches attracting civil penalties.
The new bill coincides with the Australian Securities and Investments Commission's (ASIC) regulatory guide 271 (RG 271) Internal Dispute Resolution (IDR), and insurers must be compliant by October 05, 2021.
Xceedance claimed that the new obligations, including legislation that followed the financial services Royal Commission and RG 271, are posing severe compliance risks and high costs for some insurers.
“The regulations are well-founded. However, there is significant effort required to onboard new GRC solutions or modify legacy core systems to ensure compliance, and RG 271 is just the tip of the iceberg,” said Stephen Browne, the vice president and country manager at Xceedance.
RG 271 requires insurers to leverage technology and data analytics to improve the IDR process, including:
Browne pointed out that insurers' chief risk officers and IT departments need assistance to improve organisations' compliance.
Madeleine Mattera, a partner at the National Head of Financial Services with Grant Thornton Australia, agreed that the significant reform agenda promulgated by ASIC, the Australian Prudential Regulation Authority (APRA), and the Federal Government after the royal commission creates GRC challenges.
“There was a regulatory hiatus during the COVID-19 pandemic, but it's now returned to normal, and the gloves are off,” Mattera said.
She urges insurers to make managing change a core competency as she expects the trajectory of regulatory reforms to continue.
“It must be budgeted and capability allocated to the three lines of defence – customer-facing personnel who need the skills and technology for compliance, a robust risk management framework, and sound audit and assurance functions. Financial institutions need systems and controls in place to maintain their social licence to operate,” she said.