Australian Prudential Regulation Authority signals greater regulatory proportionality focus in upcoming Corporate Plan as operational risk standard nears commencement

The Australian Prudential Regulation Authority (APRA) used a chair speech to outline how it is recalibrating the balance between prudential safety and the regulatory burden, indicating its next Corporate Plan will place greater emphasis on proportionality, competition, efficiency and contestability while continuing efforts to simplify and streamline requirements, particularly for smaller institutions. APRA pointed to its latest stakeholder survey, where 97 per cent of regulated entities agreed APRA’s supervision benefitted their industry and 93 per cent believed it strengthened their own company, but only a little over two-thirds thought the regulator consistently struck the right balance between safety and other objectives. It argued that rising uncertainty, including geopolitical risks, limits the scope to wind back long-standing capital and liquidity resilience, and highlighted non-financial risks as an area where firms see the greatest threats. Cyber risk, geopolitical risk and operational risk were identified as the top three concerns in the survey, with APRA noting its 2019 information and cyber security prudential standard, the commencement of a new prudential standard on operational risk management in two weeks, and a recent uplift in requirements around information security and robust authentication controls following criminal breaches affecting multiple superannuation funds. APRA said the forthcoming Corporate Plan will set its priorities for the next 12 to 18 months.