An independent chief risk officer and the establishment of a board risk committee are all things general insurers will have to implement next year as APRA attempts to improve risk management in the industry.
The news was delivered to delegates at the Institute of Actuaries of Australia Summit by APRA member Ian Laughlin on Monday.
From 1 January, 2014, a CRO who is independent from business lines, the finance function and other revenue-generated capabilities should be appointed. They must not be the CEO, the chief financial officer, appointed actuary of head of internal audit.
APRA has also proposed the establishment of a board risk committee that provides non-executive oversight of the implementation and on-going operation of the institution’s risk management framework. The committee must be chaired by an independent director who is not the chair of the board.
“APRA is increasing the attention it gives to both risk governance and risk culture, and in the process further developing our thinking and supervisory activities,” Laughlin said. “Effective risk governance is a fundamental requirement for high quality risk management.”
“What we now intend to do is to gradually increase the attention we give to risk governance. This means that we will be paying more attention to risk governance in our prudential reviews and in our interaction with boards and the CEO.
“APRA needs to form a view of the quality of an institution’s risk governance and its risk culture. We then need to factor this into our supervisory activities, and influence the board and management as required.”
As a result, Laughlin said, the regulator will “enhance our interactions with boards” and this will “include occasional less formal meetings with chairs of the board and the risk committee, as well as continuing our meetings with the full board”.
“We intend to rely heavily on the board’s own assessments of both risk governance and risk culture, and so we will be strongly encouraging boards to form firm views and understandings of each.
“To help the board assessment and to necessary change, we intend to pose a series of questions for consideration by the board. Some of these will help address the formal requirements in our prudential standards for assessing the board’s performance relative to this objective.”
Some of the questions it might ask the board if the remuneration and KPIs consistently support and drive the desired risk culture; and if it is satisfied with the quality of the institution’s risk governance.
In concluding his speech, Laughlin added: “Senior management and risk management should ask themselves how they can help the board effectively consider and address the issues raised today.”
The proposal forms part of APRA’s proposed cross-industry prudential standard: ‘Prudential Standard CPS 220 Risk Management’.
Parties can have their say on the package of reforms by responding to the consultation by 5 July 2013.