Financial Services in Focus – Issue 81

By Vince BattagliaPhilip Hopley and Georgia Francis

In this edition, we outline Treasury’s consultation on changes to the Corporations Act to provide AFCA jurisdiction to hear superannuation matters, the finalisation of APRA’s reforms to strengthen recovery and resolution planning, IOSCO’s report on digital assets and much more.

Click on each heading below to read more about each of these areas: superannuation, insurance, financial markets, banking and other financial services regulation.

APRA determines reporting standards following Superannuation Data Transformation Phase 1 minor amendments

On 29 May, APRA determined nine updated reporting standards following its response to consultation on minor amendments to reporting standards introduced under Phase 1 of the Superannuation Data Transformation project on 3 March.

The nine updated reporting standards are:

The amendments to the nine Reporting Standards clarify investment option reporting and expenses reporting, reduce the frequency of reporting for some requirements and increase the time for the submission of data for some requirements.

APRA publishes updates to FAQs on Superannuation Data Transformation

On 24 May, APRA published four additional frequently asked questions (FAQs) and two updates to existing FAQs for the Superannuation Data Transformation project.

Treasury consults on changes to the Corporations Act to provide AFCA jurisdiction to hear superannuation matters

On 23 May, Treasury released for consultation the Treasury Laws Amendment (Measures for Consultation) Bill 2023: AFCA jurisdiction to hear superannuation matters (the Bill).

This Bill was introduced in response to the full Federal Court’s decision in MetLife v Australian Financial Complaints Authority [2022] FCAFC 173, which held that AFCA did not have jurisdiction to hear complaints relating to superannuation unless the complaint was specifically listed in section 1053(1) of the Corporations Act.

The Explanatory Memorandum to the Bill notes that this was not the original policy intent of section 1053(1).

The Bill updates the Corporations Act to expand AFCA's jurisdiction so that:

  • complaints specifically listed in section 1053 will be treated as superannuation complaints and will be subject to the additional provisions set out in Part 7.10A, Division 3; and
  • other complaints relating to superannuation will be able to be heard in AFCA's non-superannuation jurisdiction.

Consultation closes 16 June.

APRA provides updates on the Superannuation Data Transformation Phase 2 Roadmap

On 19 May, APRA published a letter to all registrable superannuation entity (RSE) licensees regarding updates to the roadmap for consultation on reporting standards under Phase 2 of the Superannuation Data Transformation project.

According to APRA’s letter, APRA now intends to commence formal consultation on proposed reporting standards for investments and RSE and RSE licensee profile in November (previously planned for May). APRA will also continue to engage with superannuation industry stakeholders on the overall timeframes for consultation and implementation of reporting for the remaining topics and will provide further communications as needed.

AFCA publishes systemic issues insights report

AFCA published a report called 'Systemic issues insights report' for quarters 1 and 2 of the 2022-23 financial year.

The report sets out recent case studies, findings and key insights from a range of systemic issues cases across the financial services industry.

APRA responds to consultation on minor amendments to insurance reporting framework

On 6 June, APRA released a letter detailing the finalised reporting standards for insurers impacted by the introduction of the Australian Accounting Standards Board 17 Insurance Contracts. The letter responds to APRA's consultation on minor amendments to 24 insurance reporting standards, to improve their usability and remove any ambiguity that could lead to inaccurate reporting by industry.

APRA releases report on the National Claims and Policies Database

On 10 May, APRA released a report on the policies and claims data that APRA collects in its annual National Claims and Policies Database.

The report supports one of the objectives in APRA’s Corporate Plan 2021-2025, which is to help find solutions to current challenges in the financial services industry by providing insights on the affordability of public and product liability, professional indemnity and directors and officers insurance.

ASX releases a response to Market Management Consultation

On 23 May, ASX released a paper ‘Response to ASX Market Management Consultation 3: ASX Testing Uplift, Environments and BCP (Paper) in response to feedback on its Market Management Consultation 3: ASX testing Uplift, Environments and BCP (Consultation 3). Consultation 3 was the final ASX consultation in response to ASIC Report 708 ASIC’s expectation for industry in responding to a market outage. The Paper summarises the responses received to Consultation 3 and confirms ASX’s approach in response.

Following the feedback and analysis of the Consultation 3 responses, ASX will now propose to:

  • increase the number of Business Continuity Plan (BCP) events to two per year;
  • incorporate new scenarios into BCP testing to include an ALC Customer Network failure and CANCEL_ONLY session state functionality;
  • develop an improved capability to simulate ‘production-like’ transaction profiles during BCP and IWT events;
  • communicate more prescriptive test plans for BCP and IWT events including expectations on customers;
  • continue to collaborate with AMOs on industry testing including scenarios and alignment of dates to minimise risks and impacts on costs and resourcing;
  • investigate simulating large trading days in the Customer Development Environments (CDE);
  • extend hours of availability for Exchange Traded Options in the CDE; and
  • investigate provisioning of a Signal B feed in the CDE (currently available in CDE+ only).

ASX updates eligibility criteria for the CHESS Replacement Partnership Program

On 18 May, ASX announced it has updated the proposed eligibility criteria for the CHESS Replacement Partnership Program, to incorporate industry feedback.

The eligibility criteria now take into account whether an entity is developing multiple applications that will connect and interact with the CHESS replacement solution.

These changes are in addition to an earlier adjustment to the criteria that would include stakeholders undertaking major internal development work to prepare their systems and operations for CHESS go-live.

APRA provides further details about the ADI centralised publication

On 31 March, APRA released a letter to all authorised deposit-taking institutions (ADI) providing further details about the data items, including data confidentiality, in its new ADI centralised publication.

APRA publishes its response to consultation on proposed amendments to the minimum capital requirements for PPF providers

On 19 May, APRA released a response to consultation on its proposed amendments to the minimum capital requirements for purchased payment facilities (PPF) providers.

In APRA’s response, APRA outlined the proposed amendments to Prudential Standard APS 610 Prudential Requirements for Providers of Purchased Payment Facilities (APS 610), which are aimed at aligning capital requirements for PPF providers more closely with the broader capital framework for other APRA-regulated industries.  

APRA has updated APS 610 by incorporating the amendments. The updated APS 610 will commence upon registration on the Federal Register of Legislation, which APRA intends in early June.

ASIC reminds subscriber to ePayments Code that updated ePayments Code will take effect

On 2 June, ASIC issued a media release advising subscribers to the ePayments Code (Code) that the updated Code takes effect from 2 June. This follows a 12-month transition period to allow subscribers time to get ready for, and ensure compliance with, changes providing clarity on a number of existing protections for consumers.

Updates to the Code relate to:

  • extending the Code to payments made using the New Payments Platform;
  • compliance monitoring and data collection;
  • mistaken internet payments;
  • unauthorised transactions;
  • complaints handling; and
  • facility expiry dates.

APRA clarifies expectations on use of multi-factor authentication

On 26 May, APRA published a letter to all APRA-regulated entities on the importance of using multi-factor authentication (MFA). In its letter APRA notes that MFA is one of the most effective controls an organisation can implement to prevent an adversary from gaining access to a device or network and accessing sensitive information.

According to APRA’s letter, APRA expects APRA-regulated entities to review the coverage of MFA in their operating and technology environments. Where gaps in the coverage of MFA have the potential to materially affect, financially or non-financially, the entity or the interests of depositors, policyholders, beneficiaries or other customers, APRA would consider this to be a material security control weakness, and under paragraph 36 of CPS 234 would require an entity to notify APRA.  

APRA plans to review CPS 234 in due course.

Government consults on proposed financial institutions supervisory levies for 2023-24

On 25 May, Treasury released for consultation a discussion paper, ‘Proposed Financial Institutions Supervisory Levies for 2023-24’.

This paper, prepared in conjunction with APRA, seeks submissions on the proposed financial institutions supervisory levies for the 2023‑24 financial year.

Consultation closes 9 June.

APRA finalises reforms to strengthen recovery and resolution planning

On 18 May, APRA published a letter to all APRA-regulated entities to advise of its release of the following final prudential requirements and guidance for recovery and resolution planning:

The finalisation of CPG 190 follows the release of CPS 190 earlier this year. CPS 190 requires entities to develop and maintain credible plans that set out how they would restore their financial resilience (‘recovery’) or exit regulated activity in an orderly manner (‘exit’) before becoming non-viable. CPS 190 will come into effect from 1 January 2024 for banks and insurers, and from 1 January 2025 for RSE licensees. APRA will be engaging with entities on their approach to implementation ahead of the effective dates.

CPS 900 introduces new requirements for entities to support APRA in the development and maintenance of bespoke resolution plans. CPS 900 will formally come into effect from 1 January 2024, and will be implemented on an entity-by-entity basis, as applicable.

IOSCO issues consultation report on regulation of digital assets

In May 2023, the board of the International Organization of Securities Commissions (IOSCO) released a consultation report called Policy Recommendations for Crypto and Digital Asset Markets’.

The report states that it proposes 18 policy recommendations that IOSCO plans to finalise in early Q4 this year to support greater consistency with respect to regulatory frameworks and oversight in its member jurisdictions, to address concerns related to market integrity and investor protection arising from crypto-asset activities.  It also states that the proposed recommendations are principles-based and outcomes-focused and are aimed at the activities performed by crypto-asset service providers.

You can read more about this IOSCO report in our earlier article.

ACCC publishes scams fact sheet

On 16 May, the ACCC published a fact sheet outlining ways for stakeholders and consumers to protect themselves from scams.

You can read the fact sheet on the ACCC website.

ACCC announces setup of National Anti-Scam Centre

On 15 May, the ACCC announced that it would be using funding allocated to it in the Federal Budget to complete the setup of the National Anti-Scam Centre (NASC) over the next two years.

This includes a technology build for $44 million which will enable the NASC to:

  • receive a report of a scam from any institution (private or government) and centralise this intelligence;
  • distribute data to those who need it most (such as banks to freeze an account, telcos to block a call and digital platforms to take down a website or account); and
  • analyse and act on the trends sourced from this data to disrupt scams and educate Australians.

The NASC will be phased in from 1 July, with capability, including data-sharing technology, to be built over the next three years.

This article was written with the assistance of Laurice Aziz and Sogand Shamsaria, Law Graduates.


You might be also interested in...

Financial Services | 11 May 2023

Financial Services in Focus – Issue 80

In this edition, we outline ASIC’s review of how investment product issuers are meeting the DDO, the Attorney-General’s proposed reforms to Australia’s AML/CTF regime, and much more.

Financial Services | 26 Apr 2023

AML/CTF tranche two: a massive leap – consultation timetable, finally

Far-reaching changes to Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime have been proposed in a Consultation paper released by the Attorney-General’s Department.