INSIGHT

Another step towards prudentially regulating conglomerate groups

By Michelle Levy
Banking & Finance Financial Services Insurance Private Capital Superannuation

In brief

The Australian Prudential Regulation Authority has taken another step towards implementing its prudential framework for the supervision of conglomerate groups. While it has made some new prudential standards that are specific to conglomerate groups and extended some of its existing standards to such groups, it has delayed the commencement of these changes pending the final report of the Financial System Inquiry and the Government's response to it. The Allens Financial Services Regulation team reports.

Summary of latest developments

The Australian Prudential Regulation Authority (APRA) considers a conglomerate group prudential framework to be necessary because of the 'contagion risk' faced by APRA regulated institutions within such groups. It is concerned that applying prudential regulation only at the individual institution level – be it a bank, a general insurer, a life insurer or a superannuation trustee – creates the danger of a supervisory 'blind spot' that allows risks to build up without remediation.

The threat of a supervisory 'blind spot' lies behind the much-discussed policy option canvassed in the interim report of the Financial System Inquiry (FSI) of establishing a mechanism 'to adjust the prudential perimeter to apply heightened regulatory and supervisory intensity to institutions or activities that pose systemic risks'. APRA's prudential framework for conglomerate groups constitutes a considerable expansion of the 'prudential perimeter' without any changes to the law.

The key new conglomerate group prudential standards address capital adequacy and risk exposures. The key existing standards that have been extended to conglomerate groups are CPS 231 Outsourcing and CPS 520 Fit and Proper. CPS 220 Risk Management and a revised CPS 510 Governance, both applicable to conglomerate groups, have previously been made (and commence on 1 January 2015).
APRA has identified the following companies as the heads of conglomerate groups to which its framework will apply:

  • AMP Limited;
  • Australia and New Zealand Banking Group Limited;
  • Challenger Limited;
  • Commonwealth Bank of Australia;
  • Macquarie Group Limited;
  • National Australia Bank Limited;
  • Suncorp Group Limited; and
  • Westpac Banking Corporation.

Significantly, APRA says that, as matters currently stand, the new group level capital adequacy standards would not require any of the affected conglomerate groups to raise additional capital, but nor is there any relaxation of the capital requirements for APRA-regulated entities because they are part of a conglomerate group.

The recently released new and extended standards commence on a date to be notified by APRA. APRA has also promised a 12-month transition period. As the FSI's final report and/or the Government's response could prompt APRA to revise the standards before they commence, the transition end-date might be some way off yet. It also begs the question as to why the standards have been made, as opposed to being kept in draft form at this stage.

In any event, this grace period will be good news for the boards of the head companies identified above, which will be required (among other things) to approve various new policies, to ensure (a charged word) that adequate systems and controls are in place (for example, to manage the risks) and to oversee (by board committee if appropriate) the application of the policies.

Further details of the changes are outlined below.

Governance

CPS 231 Outsourcing

The extent to which the requirements of CPS 231 will apply to 'non-APRA-regulated institutions' in a conglomerate group is not entirely clear. The standard applies to the head company. It then says: 'A requirement that is expressed as applying to the Head of a group is to be read as requiring the Head of a group to ensure that the requirement is applied appropriately throughout the group.' The meaning of 'applied appropriately' is unclear.

The head company must develop and maintain an outsourcing policy for the group and the policy must include a strategy for the outsourcing of material business activities that applies to all members of the group. The standard then says: 'Where a non-APRA-regulated institution of a group outsources business activities that are material to the group, the Head of the group must ensure that the outsourcing of those business activities is undertaken in a way that complies with the group outsourcing policy.' This muddies the waters further. It does not say the outsourcing must comply with the standard, just that it must comply with the group's policy.

However, APRA clearly thinks that the requirements in the standard, including the content requirements for material outsourcing agreements, will apply to agreements entered into by 'a non-APRA-regulated institution'. In its Response to Submissions, APRA notes that submissions identified that 'the extension of CPS 231 to outsourcing arrangements of non-APRA-regulated institutions would take time' and responded by saying: 'Where a … group has existing outsourcing arrangements that do not meet the requirements in CPS 231, the group will need to make the necessary changes at the next available opportunity, such as the next renewal date.' And yet, the standard contains no transitional arrangements of the kind that were included in the superannuation outsourcing prudential standard, SPS 231.

Finally, CPS 231 includes a new content requirement such that outsourcing agreements will now have to address 'the form in which data is to be kept and clear provisions identifying ownership and control of data', if they do not already do so.

CPS 520 Fit and Proper

Again, the extent to which the requirements of CPS 520 will apply to 'non-APRA-regulated institutions' in a conglomerate group is not entirely clear. The same issues identified above in relation to CPS 231 also arise in relation to CPS 520.

Again, APRA clearly thinks that the requirements in the standard, including the requirement for a fit and proper assessment, will apply to 'a non-APRA-regulated institution'. However, APRA also suggests that there will be cases where the requirements do not apply. In its Response to Submissions, APRA says: 'Where a non-APRA-regulated subsidiary has a minority interest shareholder that appoints representatives for which no fit and proper assessment has been undertaken, APRA expects the [head company] to implement additional controls to mitigate the additional risk to the group.' The basis in the standard for this qualification is not apparent.

Risk exposures

Under CPS 220 Risk Management, from 1 January 2015 a conglomerate group's head company will need to have systems for identifying, measuring, evaluating, monitoring, reporting, and controlling or mitigating material risks that may affect the group's ability to meet its obligations to depositors or policyholders. Further, the head company's board will be responsible for having a risk management framework that is appropriate to the size, business mix and complexity of the group.

Onto this broad obligation APRA now seeks to superimpose more detailed risk related responsibilities for conglomerate groups. These responsibilities will be to prepare and maintain policies that allow such groups to 'identify, measure, monitor, evaluate, report and control or mitigate' (the same arsenal of verbs wielded in CPS 220):

  • aggregate risk exposures to counterparties or asset classes where the exposure could result in material loss (3PS 221 Aggregate Risk Exposures); and
  • material risks arising from intra-group transactions and exposures (ITEs), such as the risk of sharing back-office systems within a group, or getting services from a group member (3PS 222 Intra-group Transactions and Exposures).

The cumulative effect of these prudential standards will, when they commence, be the regulatory equivalent of an architectural design on tracing paper, with each standard being laid upon the last to produce greater detail. This is not, of itself, a bad thing; but will require careful preparation of the risk management framework required by CPS 220, and the policies required by 3PS 221 and 3PS 222, to ensure that they are compatible. (A fourth 'sheet of tracing paper', the ASX Corporate Governance Council Principles and Recommendations, recommends that listed entities establish a sound risk management framework and periodically review the effectiveness of that framework. Compliance with the detailed APRA prudential standards could be expected to meet this recommendation; but again compatibility will be important.)

One requirement that affected groups are no doubt keeping an eye on is the requirement to conduct forward-looking scenario analysis and stress testing of the group’s material aggregate risk exposures and intragroup transactions and exposures (including the effect of changes in market conditions and key risk factors on these aggregate risk exposures and ITEs, and how these changes affect the group’s risk profile, capital strength and earnings). In March 2014, Citi failed a stress test (the US Federal Reserve considered its assessment of the risks posed by a sustained economic downturn inadequate), with the result that it was prohibited from raising its dividend or increasing its share buy-back. APRA reserves the power to apply a 'supervisory adjustment' if it thinks the group is exposed to significant levels of aggregate risks or ITEs – in other words it can require an adjustment to an affected institution's prescribed capital amount. Presumably it might seek to do so if stress testing revealed that levels of aggregate risk or ITEs posed a threat that required additional capital.

3PS 221 and 3PS 222 may be unlikely to change materially as a result of anything in the FSI's final report. The interim report noted that 'the [global financial crisis of 2008/2009] revealed the failure of both the boards and senior management of some international financial institutions to understand fully the risks their institutions were undertaking…. Recognition of the role boards and senior management play in fostering corporate culture and determining the risk appetite and behaviour of financial institutions is critical.' These prudential standards, and CPS 220, are a response to this failure.

Capital adequacy

The capital adequacy requirements for conglomerate groups are set out in 3PS 110 Capital Adequacy and 3PS 111 Capital Adequacy: Measurement of Capital. They tinker with the existing methods for calculating regulatory capital, rather than making any substantive changes. They are also reasonably prescriptive.

But it is unclear whether they will survive the FSI's recommendations and the Government's response. One of the options raised in the interim report is ring-fencing different parts of conglomerate groups, an idea that has been adopted in the United Kingdom and some other jurisdictions. This is one to watch and submissions can be made on the basis of these new standards.

3PS 110 Capital Adequacy

3PS 110 requires a Level 3 group to hold Level 3 Eligible Capital in excess of its Level 3 Prudential Capital Requirements (Level 3 PCR). In determining the Level 3 PRC, a Level 3 Head must take account of the full range of risk to which APRA beneficiaries are exposed. This is determined by calculating the sum of the capital required for each industry block as adjusted for any Level 3 Adjustment determined by APRA. The industry blocks are the:

  • ADI block;
  • general insurance block;
  • life insurance block;
  • superannuation block;
  • funds management block; and
  • other activities block.

Where an RSE licensee is also a responsible entity (RE), its activities are allocated across the superannuation block and the funds management block. Where an RE undertakes funds management outside the Level 3 group, the Level 3 group must internally allocate sufficient capital for the funds management block that adequately reflects the risks for the group of that activity. The Level 3 Eligible Capital required to cover the contribution of its non-APRA-regulated institutions may be held anywhere in the Level 3 group provided that capital is available to cover any shortfall in capital for the non-APRA-regulated institution in a timely manner.

3PS 110 sets out the method for calculating the required capital for each industry block, with changes from existing mechanisms largely to ensure consistency across the industry blocks.

Adjustments must be for each relevant industry block to eliminate ITEs at Level 3 with certain categories of ITEs not being able to be excluded from the determination of industry blocks' required capital, including market risk hedges, guarantees and credit derivatives between Level 3 institutions in the group, arrangements that are subject to an insurance risk charge or insurance concentration risk charge under the general insurance or life insurance prudential standards, and the investment of shareholder funds by a Level 3 institution with another institution in the group that conducts funds management activities. In assessing whether a securitisation SPVs meets the operational requirements for regulatory capital relief from a Level 3 perspective (and may be treated as being external to the Level 3 group) all securitisation exposures to the securitisation SPV from all Level 3 institutions in the group must be taken into account, with particular regard given to significant risk transfers.

And, finally, the Level 3 Head must have APRA's approval to any reduction in capital that would result in the group's Level 3 Eligible Capital being reduced.

3PS 111 Capital Adequacy: Measurement of Capital

3PS 111 sets out what capital is eligible to meet the capital adequacy requirements for Level 3 groups. In response to submissions, 3PS 111 treats certain minority shareholdings of members of the group held by third parties as eligible capital if the share capital would be included in Level 3 Eligible Capital had the shares been issued by the Level 3 Head.

In addition, 3PS 111 includes a number of adjustments to eligible capital:

  • to account for potential accounting mismatches in investment-linked policies; and
  • to ensure that life company assets are measured at fair value.

For the purpose of determining Level 3 Eligible Capital, APRA has not agreed to the request from certain submissions that the tax offsets framework be extended to allow retained earnings and accumulated other comprehensive income earnings values to be calculated on a gross of tax effects basis.