In a speech late last month, Therese McCarthy Hockey, an Executive Board Member at the Australian Prudential Regulation Authority (APRA), explained that the regulator will punish deficiencies in operational resilience and governance in the transition to the regulator's new prudential standard on operational risk management.
The new standard, CPS 230, sets out expectations for regulated entities to manage operational risks, including cyber and reputational risks, more effectively. While CPS 230 does not come into full effect until July 2025, APRA will assess entities' preparedness for the requirements throughout 2024. "Prudent boards should not be waiting until the new year to start thinking about how to meet their new commitments," Hockey said. "They need to move now."
This content is available to paid Members of Starling Insights.
If you are a Member of Starling Insights, you can sign in below to access this item.
If you are not a member, please consider joining Starling Insights to support our work and get access to our entire platform. Enjoy hundreds of articles and related content from past editions of the Compendium, special video and print reports, as well as Starling's observations and comments on current issues in culture & conduct risk management.
Join The Discussion
Sign in and be the first to comment.