In early March, APRA released a discussion paper that proposes 8 reforms to its current prudential standards and guidance concerning governance, including “fit and proper” responsible persons and conflicts of interest for banks, insurers and superannuation entities.
Submissions are requested by 6 June 2025. Reforms are not proposed to become operative until 2028.
APRA asserts that regulatory reform is necessary because 32% of regulated Tier 1 and Tier 2 entities[1] are operating outside APRA’s governance risk appetite. Whether that assessment requires regulatory reform at all is a fundamental question that must be considered. More particularly, whether APRA’s specific proposals will improve the governance of regulated entities should also be closely examined, especially where those proposals are duplicative or have been considered and rejected by other regulatory bodies.
There is a danger that over-regulation will dissuade investment in regulated entities and discourage talented people from choosing to join or remain with regulated entities, as we are observing in the publicly-listed sector. And it comes at exactly the time when another regulator, the Australian Securities & Investments Commission through its February discussion paper, is effectively seeking submissions on whether over-regulation is impacting the rise in private entity versus public entity investment.
APRA’s proposals on individual skills, independence and tenure in our view go too far. Here is our take on all 8 specific proposals:
The 8 proposals
1. Board skills and capabilities.
Require regulated entities to:
a. identify and document the skills and capabilities necessary for the board overall, and for each individual director
b. evaluate existing skills and capabilities of boards and individual directors
c. take active steps to address gaps through professional development, succession planning and appointments.
We expect that the main issue here will be the new focus on individual rather than collective skills and capabilities. A board functions as a collective decision-making body in which all directors are responsible for the decisions of the board. We have no issue with a requirement for minimum skills for directors, nor with boards identifying the skills and capabilities they require collectively, but identifying skills and capabilities “necessary for each individual director” risks making individual directors responsible for matters relating to their particular skills and capabilities, a trend that would ultimately make boards dysfunctional.
Our concern here is demonstrated by APRA’s statement that to address the “problem” of inadequate skills and capabilities at board level, boards should identify attributes that “include specific expectations for the chair, chairs of board committees and other individual directors”.
2. Fitness and propriety
Require regulated entities to meet higher minimum requirements to ensure fitness and propriety of their responsible persons.
Require SFIs, and non-SFIs under heightened supervision, to engage proactively with APRA on potential appointments.
It is clear from APRA’s commentary that it is seeking to have a greater involvement in the selection of directors of regulated entities. While there is presently a degree of informal consultation on appointments, we expect that submissions will suggest that APRA’s role should be limited to setting standards and monitoring compliance, rather than stepping into the shoes of boards and shareholders and influencing individual appointments. There is also a question how a requirement for consultation with APRA will affect the ability of regulated entities to comply with the rule to fill board vacancies in 90 days.
3. Conflicts management
Extend current RSE licensee conflict management requirements to banks and insurers so they are also required to:
a. proactively identify actual and potential conflicts of interest and duty
b. avoid or prudently manage conflicts
c. take remedial action when conflicts are not disclosed or managed properly.
Require regulated entities to consider perceived conflicts, in addition to actual and potential conflicts.
There is a real question as to whether this is necessary. CPS 220 already imposes conflict management requirements. Directors are already obliged to disclose material personal interests and related party transactions must be reported. The FAR regime requires accountable persons to take reasonable steps to protect the prudential reputation of regulated entities. And all regulated banks and insurers hold AFS licences that require them to manage conflicts of interest. We expect that almost all regulated entities will already have a conflicts management policy that includes “perceived” conflicts of interest.
The proposal to extend to banks and insurers the current requirement for RSE Licensees to disclose conflicts registers is unnecessary: management of conflicts is a matter for the board and publication is likely to create privacy issues.
4. Independence
Strengthen independence on regulated bank and insurance company boards by:
a. requiring that at least two of their independent directors (including the chair) are not members of any other board within the entity’s group
b. making minor amendments to the independence criteria, including extending the prohibition on directors who are substantial shareholders in a regulated entity or group from being considered independent, to include material holdings of any type of security
c. extending the current requirement for bank and insurer boards to have a majority of independent directors to include boards of entities with a parent that is regulated by APRA or an overseas equivalent.
Proposal 4(a) would be formalising an element of APRA’s current practice. The requirement for independent directors on the board of a regulated subsidiary of a NOHC who are not also on the NOHC board has some merit but also facilitates a divergence of strategy between a NOHC and its wholly-owned subsidiary that can create unnecessary dysfunction. This problem would be exacerbated if the proposal would require, for example, that the Chair of a regulated NOHC could not be a director of a regulated subsidiary, and the Chair of a regulated subsidiary could not be a director of the NOHC. Neither would be advisable on basic governance principles if there is to be a balance between the legitimate interests of shareholders in regulated groups and the particular interests of regulated subsidiaries: not every governance measure needs to assume a crisis scenario. And all directors, whether independent or not, are required to act in the interests of the entity of which they are directors. These proposals seem to assume that is not the case.
There are views about whether there is any justification to regard a director as “not independent” if the director is or is associated with a substantial shareholder such as an institutional investor that does not control the company and has no other connection to the company. It is certainly not a lack of independence from the regulated bank or insurer. Be that as it may, we can see no justification for extending this concept to directors who have, or are associated with entities that have, a “material” holding of non-voting securities in the regulated entity. It is not clear where this concern comes from. Does “material” mean having a value equivalent to the value of a 5% shareholding and how can that affect independence if the securities can’t be voted?
This type of regulation is also inconsistent with the widely-held view that directors should have “skin in the game”.
Proposal 4(c) is unclear. It seems consistent with Proposal 4(a) if it is limited to boards of banks and insurers, but would be unworkable if every subsidiary of those regulated entities was required to have a majority of independent directors.
5. Board performance reviews
Require SFIs to commission a qualified independent third-party performance assessment at least every three years which covers the board, committees and individual directors.
This recommendation accords with existing standard practice for listed Australian companies and is in line with the ASX Corporate Governance Principles and Recommendations. It also accords with existing APRA guidance for RSE licensees.
However, there should not be any obligation on regulated entities to implement all recommendations made by an independent reviewer.
6. Role clarity – the board
Define APRA’s core expectations of the board, the chair and senior management.
Provide additional guidance on which APRA requirements may be delegated to board committees and senior management.
APRA notes that boards spend too much time on operational issues, but that is in no small part driven by the fact that many APRA prudential standards impose obligations on boards that are more appropriately undertaken by board committees or senior management.
This recommendation will be welcome if it results in changes to prudential standards to remove these types of obligations from boards and allows them to focus on strategic matters, succession issues and efficient monitoring of the entity’s risk management and compliance obligations.
However, boards should retain the discretion to determine which matters are referred to board committees or delegated to management, and which matters are to be considered by the board, rather than being forced to refer or delegate matters.
7. Board committees
Extend the current requirement for bank and insurer boards to have separate risk and audit committees, to apply to SFI RSE licensees as well. Repeal this requirement for non-SFI banks and insurers, allowing flexibility for smaller entities.
Mandate that only full board members can be voting members of APRA-required board committees.
This recommendation is welcome, but should also include some flexibility for SFI RSE licensees depending on their board structures and board skills.
8. Director tenure and board renewal
Impose a lifetime default tenure limit of 10 years for non-executive directors at a regulated entity.
Require regulated entities to establish a robust, forward-looking process for board renewal.
This is the most controversial of APRA’s recommendations. Board tenure has been an issue in relation to assessment of independence for many years, and as APRA acknowledges, no other regulator anywhere in the world imposes a hard limit on tenure of directors.
APRA does not link this recommendation to independence but rather to whether long tenure affects a director’s ability to act in the best interests of the entity. We are not aware of any empirical evidence to suggest that tenure alone (rather than capture by a dominant CEO or persistent conflicts of interest) is detrimental to the ability of a director to discharge their fundamental duty, nor are we aware of any examples where long-tenured directors have been singled out for breaches of directors’ duties. Experienced directors may find the reason for this proposal offensive. APRA’s concession to these concerns, to permit case-by-case exceptions by applying to APRA, is not the answer to these objections.
In APRA’s Supervision Risk and Intensity Model guide, Tier 1 means individual entities that could have a large systemic impact and Tier 2 means individual entities that could have a systemic impact.
