Earlier this week, the Australian Prudential Regulation Authority (APRA) released an information paper looking at their ‘intensified’ approach to governance, culture, remuneration and accountability or (GCRA).
The paper’s release comes in response to failings by APRA-regulated entities that have led to a loss of public trust.
According to the paper, “Despite often being described as ‘non-financial’ in nature, a failure to identify and mitigate weaknesses in GCRA issues can undermine the financial and operational resilience of a regulated entity.”
APRA’s focus on non-financial risks came to the fore recently with findings from the regulator’s inquiry into the CBA and also on the self-assessments conducted by other APRA-regulated entities that indicated more work needs to be done.
According, to the report on the self-assessments, four key themes or issues had been uncovered:
Despite similarities to the findings of APRA’s prudential inquiry into CBA in 2017, it seems PRA-regulated entities still reject the notion that any such similarities have since led to poor outcomes for consumers.
Yet, according to APRA’s information paper released, “They have, however, generally rejected the notion that the cultural traits of complacency, insularity and collegiality underpinning the Prudential Inquiry findings are prevalent.”
Similarly, the same information paper highlighted that the self-assessments were ‘a bit thin’ when it came to drawing links between senior management and remuneration and that there were no new findings when it came issues surrounding risk culture.
A month after the paper’s release, APRA Commissioner John Lonsdale said, “As a result of the self-assessments, we have intensified and more-precisely targeted our supervision of entities. And in some cases, we are considering imposing additional capital requirements due to the materiality of the weaknesses identified.”
Lonsdale added, “That’s the thing about non-financial risks: left unaddressed, the consequences become distinctly financial in nature. In the wake of the Royal Commission, our major banks have seen their profits eroded by the cost of remediating aggrieved customers and upgrading or putting in-place systems to stop it happening again.”
In the GRC Professional Podcast and Culture Bites special episode where we spoke with Human Synergistics International’s David Byrum, Byrum told the GRC Professional that if the self-assessments had only probed deeper, they might have exposed deeper systemic challenges.
Professor Elizabeth Sheedy from Macquarie University’s Business School also spoke to the GRC Professional about the implications of the APRA report on self-assessments:
GRC Professional Magazine
The report highlighted that, while some used the self-assessment to look critically at their processes, others took more of a ‘tick the box’ approach. Why, after seeing regulators with increased powers, more resources and clearly stated enforcement priorities, would companies not take culture, governance and accountability more seriously?
Professor Elizabeth Sheedy
In many cases, they honestly think they are taking these issues seriously! But as explained above, Avoidance means lots of problems don’t get reported upward and dealt with. Also, many organisations do culture assessments that paint an unrealistically-favourable impression. The methodologies used by many consultants are poor to say the least—e.g. using survey instruments that lack evidence of validity and reliability, conducting culture assessments in the context of a staff engagement survey, running culture surveys that are invitational rather than anonymous—that is, every person has a unique link so people feel pressured to give a favourable rating.
Consultants are brought in to do culture assessments but often, the consultants find it hard to convey bad news about organisational culture. It is far easier to keep a client by giving them positive news! Even if the consultant is brave enough to present a negative report, the client will often ignore it or find ways to justify it—yet more evidence of Avoidance!
For-profit firms are under huge pressure from shareholders to keep the profits rolling in. Taking these matters (culture, governance, accountability) really seriously would have negative consequences for profits, at least in the short-term. That is the underlying problem/conflict.
The intensive approach
APRA’s information paper recommends strengthening the prudential standard, sharpening supervisory practices, and that best practices in the GCRA will be shared publicly.
Such an enhanced approach will also acknowledge a partnership with the Australian Securities and Investments Commission (ASIC), which has also been taking a closer look at the non-financial risk performance of their own regulated entities.
This table the has been taken from APRA’s governance, culture, remuneration and accountability report.
According to the report:
APRA considers a full-scale Prudential Inquiry similar to that conducted for CBA as being at the highest intensity end of the scale for addressing GCRA issues. They will be an important tool that APRA can utilise when the circumstances warrant such an approach. They are most likely to be targeted at cases where issues have been identified that are serious, complex and potentially indicative of systemic GCRA problems within the regulated entity that have, or could, diminish the prudential standing of the entity. Depending on the willingness of the entity concerned to cooperate with APRA, consideration will also be given to the use of APRA’s formal investigation powers to undertake such reviews.