Not FAR off – the Financial Accountability Regime proposed implementation starting July 2022

Who will FAR apply to?

• The FAR will apply to:
  • ADIs
  • General insurers
  • Life insurers
  • Private health insurers
  • Registrable Superannuation Entities licensees
  • Licensed non-operating holding companies (NOHCs) of ADIs and general and life insurers
• Foreign entities that "operate a branch in Australia" will also be subject to FAR but only in relation to the operations of its Australian branch. Although not a new concept under banking law, the proposed legislation leaves open the interpretation of "operates a branch in Australia".
• Accountable entities will be required to ensure their significant related entities comply with certain obligations under FAR. The concept of significant related entities will replace "subsidiaries of ADIs" under BEAR. A subsidiary will be a significant related entity if it has a "material and substantial" effect on the accountable entity. Material and substantial effect is not defined in the proposed legislation however factors that may be taken into account include the nature, scale, interdependency and arrangements between the entities.
• Entities will be classified as either "core" or "enhanced" compliance entities, replacing the current small, medium and large ADI classifications under BEAR. This classification will dictate the scope of their compliance requirements. The enhanced compliance requirement will be based on a total assets test. Only enhanced compliance entities will be required to submit accountability statements and accountability maps and notify of material changes relating to them.

When will FAR commence?

It is proposed that FAR will replace BEAR and apply to:

• ADIs and their licensed NOHCs – from 1 July 2022
• Insurers, their licensed non-operating holdings companies and superannuation licensees – from 1 July 2023

What will be the accountability obligations of an entity?

Similar to BEAR, FAR will require accountable entities to take reasonable steps to:

• conduct its business with honesty and integrity, and with due skill, care and diligence;
• deal with the Regulator in an open, constructive and cooperative way;
• in conducting its business, prevent matters from arising that would (or would be likely to) adversely affect the accountable entity’s prudential standing or prudential reputation;
• ensure that each of its accountable persons meets their accountability obligations; and
• ensure that each of its significant related entities comply with the above obligations as if it were an accountable entity.

The key personnel obligations of an accountable entity under FAR will be to:

• ensure that the responsibilities of accountable persons cover all aspects of the operations of the corporate group and responsibilities prescribed by FAR;
• ensure its accountable persons are registered and not acting as an accountable person if they have been disqualified by the Regulator;
• comply with any directions issued by the Regulator; and
• take reasonable steps to ensure that each of its significant related entities comply with the key personnel obligations as if the significant related entity were an accountable entity.

Who will be an accountable person?

• FAR is intended to capture the directors and senior executives who have responsibility relating to a prescribed responsibility or position in the entity or in a significant related entity. The prescribed responsibilities and positions for all types of entities would now be set out in the Minister rules which will be consulted on separately.
• Based on the Exposure Draft, prescribed responsibilities and positions for insurers will also include senior executives with responsibility for management of the entity's:
  • actuarial function; and
  • claims handling function.
• For superannuation licensees, prescribed responsibilities and positions will also include senior executives with responsibility for the management of the entity's:
  • member administration operations;
  • investment function;
  • financial advice service (if any); and
  • insurance offerings.
• For Australian branches of foreign accountable entities, prescribed responsibilities and positions will also include:
  • senior executives with responsibility for the conduct of all activities of the Australian Branch of the foreign ADI, Category C insurer or Eligible Foreign Life Insurance Company (EFLIC) (this is most likely the Head of Branch or Country);
  • Senior Officer Outside Australia (as defined under CPS 510) for an Australia branch of the foreign ADI or Category C Insurer;
  • persons responsible for oversight of an EFLIC as a member of the Compliance Committee (as defined under CPS 510); or
  • Agent in Australia of a Category C insurer (as defined in CPS 510).

What will be the accountable person's obligations?

The obligations of accountable persons will be to conduct the responsibilities of their position as an accountable person:

• by acting with honesty and integrity, and with due skill, care and diligence;
• by dealing with the Regulator in an open, constructive and cooperative way; and
• by taking reasonable steps in conducting those responsibilities to prevent matters from arising that would (or would be likely to) adversely affect the prudential standing or prudential reputation of the accountable entity; and
• by taking reasonable steps in conducting those responsibilities to ensure that the accountable entity complies with any of the following that applies in relation to the accountable entity:
• the FAR Act;
• the Banking Act 1959;
• the credit legislation (within the meaning of the National Consumer Credit Protection Act 2009);
• the Financial Sector (Collection of Data) Act 2001;
• the financial services law (within the meaning of section 761A of the Corporations Act 2001);
• the Insurance Act 1973;
• the Life Insurance Act 1995;
• the Private Health Insurance (Prudential Supervision) Act 2015;
• the Superannuation Industry (Supervision) Act 1993; and
• any regulations or other instruments, directions or orders, made under a law mentioned above.

What will be the breach notification obligations of an accountable entity?

• Both core and enhanced compliance entities will need to notify the Regulator when it reasonably believes that:
• the accountable entity has breached its accountability obligations or key personnel obligations; or
• an accountable person has breached its accountability obligations.
• The timing for notification is proposed to be extended from 14 days to 30 days. The obligation is only on the accountable entity.

Who has to prepare accountability statements and maps?

• Only enhanced compliance entities will be required to submit accountability statements and maps to the Regulator. Only material changes need to be notified (compared with all changes under BEAR).
• The Explanatory Materials to the proposed legislation indicates that corporate groups will be able to submit one accountability statement covering all the group executive's areas of responsibilities and one accountability map that covers all accountable entities within the group.

What are the deferred remuneration obligations?

• The deferred remuneration obligations will remain largely the same as under BEAR.
• Accountable entities and their significant related entities will be required to defer at least 40% variable remuneration (for example, bonuses and incentive payments) for each of their accountable persons for a minimum of four years, if the variable remuneration is above $50,000.

What powers of enforcement will the Regulator(s) have?

The Regulator(s) will have powers to:

• issue directions of a wide nature including requiring entities and/or their significant related entities to do or refrain from doing certain things or to make changes to the entity or its significant related entity's systems, business practices or operations;
• issue a direction to reallocate responsibilities – previously this only applied if APRA was of the view that the current allocation of responsibilities gave rise to a prudential risk, this has been extended to include risks of significant and systemic non-compliance with certain laws;
• investigate the entity or a significant related entity, if it believes an entity or an accountable person has contravened a provision of FAR. The Regulator can also require the production of books and information;
• examine persons in relation to an investigation;
• disqualify individuals from being accountable persons;
• accept enforceable undertakings; and
• seek an injunction including by consent.

What penalties will apply for a failure to comply?

• In alignment with the Strengthening Corporate and Financial Sector Penalties regime which increased maximum penalties within the financial sector from March 2019, the maximum penalties for an entity under the FAR have been increased compared with BEAR to the greater of:
• 50,000 penalty units (currently $11.1m)
• 3x the benefit derived and detriment avoided because of the contravention, as determined by the Court
• 10% of annual turnover of the body corporate, to a maximum of 2.5m penalty units (currently $555m)

No individual civil penalties, however certain provision of the Regulatory Powers (Standard Provisions) Act 2014 apply such that individuals may have accessorial liability.

Will FAR have extra-territorial application?

Yes, FAR will apply to conduct both in and out of Australia. Conduct outside of Australia that will be captured includes for example, the conduct of:

• accountable persons (including accountable persons of foreign accountable entities) who ordinarily reside overseas or temporarily travel outside of Australia for work; and
• the Senior Officer Outside Australia for an Australian branch of the foreign ADI or Category C insurer.