POWERED BY MOMENTUM MEDIA
Prudential Standard CPS 230 now in force, APRA warns super funds
Banks, insurers, and superannuation funds will be required to meet higher standards of operational risk management from today, with Prudential Standard CPS 230 now effective.
Cross-industry Prudential Standard (CPS) 230 Operational Risk Management aims to ensure that APRA-regulated entities are resilient to operational risks and disruptions.
It requires entities to effectively manage their operational risks, maintain their critical operations through disruptions, and manage the risks arising from service providers.
Under the key requirements of the standard, APRA-regulated entities must:
• Identify, assess, and manage their operational risks, with effective internal controls, monitoring, and remediation.
• Be able to continue to deliver their critical operations within tolerance levels through severe disruptions, with a credible business continuity plan (BCP).
• Effectively manage the risks associated with service providers, with a comprehensive service provider management policy, formal agreements, and robust monitoring.
APRA said the issue of operational resilience has taken on greater importance over recent years, as the financial system has become more interconnected and more dependent on digital technologies and service providers.
Recent geopolitical turmoil also increases risks such as cyber attacks and personnel risks associated with bad actors.
APRA member Therese McCarthy Hockey said CPS 230 will play an important role in financially protecting the community.
“Australians depend on banking to pay for goods and services, insurance helps us rebuild after a flood or fire and pay for vital medical treatments, while superannuation supports us to maintain a dignified lifestyle in retirement,” said Hockey.
“In an environment where one crashed server or ransomware attack could leave millions without access to these essential services, effective operational risk management is vital for financial stability and community wellbeing.”
The new standard requires entities to identify their own operational vulnerabilities and have plans to mitigate them while also having a detailed level of understanding and mitigation planning in relation to their most critical third-party service providers.
“This will require an entirely new mindset about where the boundaries of responsibility sit,” said Hockey.
Under the requirements, APRA also requires each entity to provide a list of its most material service providers, which will help APRA identify concentration risks across the financial services sector.
Over the past two years, APRA said it has worked closely with industry to help regulated entities prepare for the new standard. APRA has granted smaller, less complex entities an extra 12 months to meet some requirements.
Recommended for you
The super fund announced that Gregory has been appointed to its executive leadership team, taking on the fresh role of chief advice officer.
The deputy governor has warned that, as super funds’ overseas assets grow and liquidity risks rise, they will need to expand their FX hedge books to manage currency exposure effectively.
Super funds have built on early financial year momentum, as growth funds deliver strong results driven by equities and resilient bonds.
The super fund has announced that Mark Rider will step down from his position of chief investment officer (CIO) after deciding to “semi-retire” from full-time work.
TOP PERFORMING FUNDS
ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
DomaCom DFS Mortgage
76.97 3 y p.a(%)
2
Global X 21Shares Bitcoin ETF
76.46 3 y p.a(%)
3
UBS Solactive Global Pure Gold Miners UCITS ETF Dis USD
51.13 3 y p.a(%)
4
Global X GlobalX FANG+ ETF
45.15 3 y p.a(%)
5
Select Baker steel Gold Institutional
43.78 3 y p.a(%)
