Posted: 19 Jul. 2021 15 min. read

FAR (is) OUT

What you need to know

After a long wait, the Financial Accountability Regime (“FAR”) is here! To be precise, Treasury has released the Exposure Draft Legislation (“ED”) (together with the Draft Explanatory Materials, Information Paper on Joint Administration, and Policy Proposal Paper on Prescribed Responsibilities and Positions). Key points to note are summarised below.

When does FAR come into effect?

The FAR legislation is being prepared for introduction and passage in the 2021 Spring sittings of Parliament. Following this:

  • For ADIs and NOHCs: Go-live is proposed to be the later of 1 July 2022, or 6 months after the commencement of the Act; and
  • For other APRA regulated entities: Go-live is proposed to be the later of 1 July 2023, or 18 months after the commencement of the Act.

This includes general insurers, authorised NOHCs of a general insurer, a life company, a registered NOHC of a life company, a private health insurer or an RSE licensee (“Trustee”). Noting, the minister may declare classes of bodies corporate.

Who is captured by FAR?

Accountable persons (“APs”):

  • As with BEAR and the FAR Proposal Paper, an AP may be accountable on the basis of holding multiple prescribed responsibilities (“PRs”) or positions, or by passing the ‘general principle test'.
  • Consistent with the FAR Proposal Paper, the Policy Proposal Paper on Prescribed Responsibilities and Positions extends the list of PRs under BEAR to emphasise the importance of managing non-financial risks and reflect the application of the regime to all APRA-regulated industries. However, the principle from BEAR remains – the regime intends to only capture an entity’s directors and most senior and influential executives.
  • Whilst the regulators will not prescribe who should be registered to hold certain PRs or positions, the Paper does provide further guidance on who the PRs intend to capture.
  • All PRs are required to be allocated and Senior Executives will be permitted to hold multiples PRs and/or positions across multiple accountable entities within the same group (and only one accountability statement will be required to be prepared for each individual).
  • The ED is consistent with our expectations in that the end-to-end product responsibility (arising from the Royal Commission recommendations and following APRA’s consultation) can be allocated to multiple individuals on a product (type) basis. However, where an accountable entity allocates this PR to multiple individuals on a product lifecycle / value chain basis, they will each be held jointly accountable for the end-to-end product responsibility in relation to that product or service. A broad interpretation of what ‘end-to-end’ means has been provided and includes: design, delivery, maintenance, remediation, linkages to IT & data, outsourcing and frontline staff incentives.
    • Practically, as this responsibility is very broad, there are few organisations that are structured in a way where joint accountability here won’t exist. This will no doubt impact current ways of working and relationships at the executive level.
  • The standalone PR of setting incentives proposed in the January 2020 paper is now omitted from the ED, alongside PRs for underwriting and the investment function (for insurers). Additionally, the PR for management of a significant business division has been removed, with the PRs and positions Paper noting that the head of a significant business division would be expected to meet the general principle test. Lastly, a smaller subset of PRs and positions for NOHCs has been provided.
  • As with the FAR Proposal Paper, there are still some practical issues (including areas of grey and potential overlap) with the new list of PRs and positions, including for example: product remediation being captured under the end-to-end product responsibility, but there also being a ‘standalone’ remediation responsibility; and the inclusion of hardship in the ‘standalone’ remediation responsibility, whereby hardship will often (in practice) reside in a separate area of an organisation to remediation.

Accountable entities:

  • The FAR Proposal Paper and BEAR obligations required regulated entities’ subsidiaries to meet accountability obligations as if they too were regulated under the regime (although they were not subject to direct legal obligations under the regime). The language in the FAR ED has shifted from subsidiaries to ‘significant related entities’ resulting in a potentially broader application of FAR, to recognise that consumers tend to associate all related financial services with the main entity’s brand.
    • For entities other than Trustees, this will generally include a subsidiary that has a material and substantial effect on the accountable entity and the ED provides factors to consider when determining this.
    • For Trustees, a wider variety of entities may be captured, depending on the trustee’s operating structure and control relationships. This recognises the variety of structures in the industry. In particular, a connected entity of a Trustee (such as a general insurer or a controlled investment company) could have a material and substantial impact on the Trustee. This requires some careful attention and may lead to a larger AP group than first anticipated.
  • Under FAR, there is no longer a classification of ADIs according to size. However, the notification obligations under FAR establish two categories of entity: enhanced and core. Each will be subject to the same obligations with the exception of core entities not being required to submit accountability statements and maps to the regulators. The FAR ED highlights that, where an accountable entity within a corporate group meets the enhanced notification threshold, all other accountable entities within that group (including any licensed NOHCs) will need to comply with the enhanced notification obligations irrespective of whether they meet the enhanced notification threshold.

What obligations do those captured by FAR have?

The accountability obligations, both for entities and APs, remain substantially similar to those set out under BEAR and within the FAR Proposal Paper. However, there are two key deviations worth noting:

  1. Taking reasonable steps to comply:

The FAR Proposal Paper included an additional obligation for APs to take reasonable steps to ensure that the entity complies with its licensing obligations. This has been changed in the ED to a requirement for APs to take reasonable steps to ensure that the accountable entity complies with a number of specified laws (including but not limited to: the Banking Act 1959, credit legislation, the Insurance Act 1973, the Superannuation Industry (Supervision) Act 1993 and the “financial services law” as defined in the Corporations Act 2001).

This requirement represents a change of focus for APs, who will now need to be confident that they understand each relevant provision, its impact on their area of responsibility and the measures taken by the entity to comply. This re-instils the importance of having a robust obligations register in place which maps compliance obligations to respective APs, and of providing APs with adequate education as needed.

2. Matters arising that would adversely affect prudential standing or reputation:

Both the BEAR and the FAR Proposal Paper included obligations for entities to prevent matters from arising that would adversely affect prudential standing or prudential reputation. The ED maintains this obligation, but extends ‘would’ to ‘would (or would be likely to)’ adversely affect prudential standing or prudential reputation.

While on the face of it, this appears to extend the existing obligation, it may not have significant implications in practice. The nature of the existing obligation, through reference to ‘would’, already contemplates the hypothetical, forward-looking view that inclusion of ‘would be likely to’ attempts to address. It remains to be seen whether this wording change is flagging an intention on the part of the regulators to take action where an AP has failed to act with the relevant foresight, even where no adverse impact has actually materialised.

Additional guidance on taking reasonable steps

The ED also provides additional detail on what amounts to taking reasonable steps to support proactive compliance by accountable entities and persons. In addition to existing provisions (covering governance, control, risk management, delegations and procedures for identifying and remediating problems), Treasury has also sought to include: 

  • Taking appropriate action to ensure compliance; and
  • Taking appropriate action in response to non-compliance or suspected non-compliance.

This is aligned to the approach that many organisations are already taking and is unlikely to prompt significant change.

How have penalties and indemnification changed?

As anticipated, significant civil penalties will apply to entities in breach of their obligations under FAR. The maximum penalty amount for a contravention is the greater of:

  • 50,000 penalty units (currently $11.1 million);
  • If the Court can determine it – the benefit derived or detriment avoided because of the contravention, multiplied by three; and
  • 10 per cent of the annual turnover of the body corporate, but to a maximum monetary value of 2.5 million penalty units (currently $555 million).

However, there are some important departures from the FAR Proposal Paper:

  • No civil penalties will be imposed on individuals for contravention of the accountability obligations;
  • Accordingly, there is no express prohibition in the ED against the indemnification or insurance of APs (although the existing limitations on indemnification of officers in the Corporations Act 2001 will continue to apply); and
  • Trustees will need to consider the interaction between FAR and the incoming prohibition against indemnification for certain penalties.

How will joint administration operate in practice?

As expected, FAR will be jointly administered by APRA and ASIC, except for entities not licensed under the financial services laws or credit legislation (these will be regulated solely by APRA). Key points to note about the joint administration approach include:

  • ASIC and APRA will be required to enter into an arrangement outlining their approach within 6 months of commencement – if they fail to do this, the Minister can put an arrangement in place;
  • Certain powers, including disqualification, exclusions and extensions can only be exercised by prior agreement between ASIC and APRA;
  • The regulators acknowledge that there is no ‘one size fits all’ approach to implementation of FAR and intend to engage with accountable entities before ‘go-live’;
  • A single portal is expected to be maintained for notifications and queries in relation to FAR; and
  • The regulators intend to release joint regulatory guidance prior to the commencement of FAR.

What’s next?

Respond to the consultation (quickly!)

Interested parties are invited to comment on the ED by 13 August 2021.

  • Public consultation on the transitional and consequential provisions is expected to commence in August/September; and
  • Public consultation on the list of PRs and positions and the enhanced notification thresholds is expected to commence in September/October.

We recommend assessing the more material departures from the FAR Proposal Paper, including what is involved in understanding the newly framed accountability obligation for APs, the operation of the end-to-end product management responsibility and the overlap between proposed PRs. 

Consider the impact on other regulatory change items

Several of the PRs consider areas that are currently undergoing significant regulatory change. It will be important to consider whether the appointment of APs into these roles should be contemplated by existing implementation programs. By way of example:

  • End-to-end product responsibility, and its interaction with the Design and Distribution Obligations (noting the operational difficulties in reconciling these);
  • Dispute resolution (internal and external) responsibility, and its interaction with RG 271 on internal dispute resolution;
  • Breach reporting responsibility, and its interaction with the revisions being made to RG 78 and the impending Hayne changes; and
  • Client or member remediation programs (encompassing hardship considerations where relevant) responsibility, and its interaction with the revisions being made to RG 256.

Get your implementation programs started

For ADIs and their NOHCs, there is now less than 12 months to transition over to the new and changed requirements under FAR, or extend to entities not previously captured. We recommend starting now in order to be appropriately prepared for 1 July 2022, and to overcome some of the nuances that weren’t contemplated under BEAR.

For all other APRA-regulated entities, experience tells us that the sooner you get started – the better. Ideally the organisation is operating in a FAR-ready state in advance of 1 July 2023.

If you have any questions or comments in the meantime, please feel free to reach out.

Visit our Accountability Regime homepage here and read more about the key requirements of FAR here.

Get in touch

Rosalyn Teskey

Rosalyn Teskey

Partner, Audit & Assurance

Rosalyn is a partner in Deloitte's Melbourne office in the Governance, Regulation and Conduct practice. She specialises in supporting firms to design and assess frameworks to treat customers fairly, including the development of conduct, product governance, sales practices and complaints handling frameworks.

Caroline Hodkinson

Caroline Hodkinson

Partner, Audit & Assurance

Caroline is a Partner in Deloitte’s Sydney office in the Governance, Regulation and Conduct practice. She has over 15 years’ experience as a governance specialist and lawyer in financial services, having worked with major banks, superannuation trustees and responsibility entities. Caroline’s key areas of practice are corporate governance, regulatory compliance and corporate conduct.

More about our authors

Erin Kerr

Erin Kerr

Senior Manager, Audit & Assurance

Erin is a Senior Manager in Deloitte’s Melbourne office in the Governance, Regulation and Conduct practice. She specialises in supporting clients across the financial services sector in designing, implementing and reviewing frameworks, policies and procedures focused on preventative conduct and promoting good customer outcomes. Erin’s key areas of practice are accountability regimes and regulatory change.

Georgia Amery

Georgia Amery

Senior Manager, Audit & Assurance

Georgia is a Senior Manager in the Governance, Regulation and Conduct practice based in Brisbane. She specialises in supporting clients across the financial services sector in designing, implementing and reviewing frameworks, policies and procedures focused on preventative conduct and promoting good customer outcomes.