Follow TopicFollow Contributor Share Feedback
APRA to Punish Operational Resilience Failures

APRA to Punish Operational Resilience Failures

by Starling Insights

Starling Insights Editorial Board

Sep 08, 2023


In a speech late last month, Therese McCarthy Hockey, an Executive Board Member at the Australian Prudential Regulation Authority (APRA), explained that the regulator will punish deficiencies in operational resilience and governance in the transition to the regulator's new prudential standard on operational risk management.

The new standard, CPS 230, sets out expectations for regulated entities to manage operational risks, including cyber and reputational risks, more effectively. While CPS 230 does not come into full effect until July 2025, APRA will assess entities' preparedness for the requirements throughout 2024. "Prudent boards should not be waiting until the new year to start thinking about how to meet their new commitments," Hockey said. "They need to move now."

In this transition, APRA expects boards to focus on three key actions:

  • Putting the right governance arrangements in place;
  • Identifying critical operations and material service providers; and
  • Beginning to develop a new organizational mindset.

Throughout the process, governance will be a critical aspect of APRA's engagement with entities. The regulator will look to ensure the governance of the change management process is robust, as this will be essential to implementing the new standard successfully.

"APRA has delivered a longer than usual implementation period for our new standard on operational resilience given the scale of the change – now it's up to banks, insurers and super trustees to deliver on the new requirements," she concluded. "Should they fail to do so, don't be surprised to see APRA apply a little heat of its own."

Join The Discussion

See something that doesn't look quite right?

We strive to provide high quality and accurate content at all times. With that said, we realize that sometimes links break, new information becomes available, or there is something that you feel we may have missed.

If you see something that you think we should be aware of, we would love to hear from you. Feel free to drop us a note below and leave your name and contact info if you'd like to hear back from us.

Thank you for being a key part of the Starling Insights community!