ICA flags contradictions in APRA risk management
There are “inconsistencies” in the way the industry is required to manage risk, the Insurance Council of Australia (ICA) says in response to proposed changes to prudential standards.
Standards CPS220 and CPS510 have a different risk management requirement from CPS232 and CPS231, it says.
ICA wants the Australian Prudential Regulation Authority (APRA) to examine this.
“Specifically, we consider that an inconsistency in relation to materiality exists in the related paragraphs in CPS232 Business Continuity Management and CPS231 Outsourcing,” GM Policy, Risk and Disaster Planning Karl Sullivan says.
Under CPS220 and CPS510, non-APRA-regulated institutions must have safeguards against activities that are potential material risks or that contravene governance arrangements.
The opposite appears to be true with CPS232, which requires full compliance with governance policies whether or not the business activities pose material risk.
ICA also says the regulation that allows an external auditor and appointed actuary access to every board committee is “unnecessarily prescriptive” and warrants a new approach.
“The Insurance Council suggests that access to ‘all relevant board committees’ may be more appropriate,” Mr Sullivan said.