Family

๐–๐ก๐š๐ญ ๐๐จ๐ž๐ฌ ๐ข๐ญ ๐ฆ๐ž๐š๐ง ๐ญ๐จ ๐›๐ž ๐š๐ง ๐€๐ฎ๐ญ๐ก๐จ๐ซ๐ข๐ฌ๐ž๐ ๐‘๐ž๐ฉ๐ซ๐ž๐ฌ๐ž๐ง๐ญ๐š๐ญ๐ข๐ฏ๐ž, ๐Ÿ๐ซ๐จ๐ฆ ๐š ๐œ๐จ๐ฆ๐ฉ๐ฅ๐ข๐š๐ง๐œ๐ž ๐ฉ๐ž๐ซ๐ฌ๐ฉ๐ž๐œ๐ญ๐ข๐ฏ๐ž?

An Australian financial services licensee may appoint โ€˜authorised representativesโ€™ to provide specified financial services on its behalf. Acting as an AR can be a cost effective way of operating a financial services business although most insurers require their MGAs & TPAs to hold their own AFSL. This is due to the risk that the AR presents to the insurer’s Licence. AR networks continue to be used within the Insurance Broking community however due diligence & compliance monitoring is being strengthened. There are regulatory requirements for appointing ARs & notifying ASIC. There are also rules & limitations in appointing sub-authorised representatives. Notification requirements also apply in respect of when an AR ceases to be authorised. These requirements should be captured in the Licenseeโ€™s compliance manual. In addition, the Licensee, if a subscriber to the GI Code or Insurance Brokers Code, will also have Code obligations in respect of the conduct of its ARs (GI Code see Parts 3-5 & Brokers Code see Part 8). Generally, the Licensee is responsible for the training, competency & conduct of its ARs & therefore should have a Monitoring & Supervision Program in place. This benefits & protects both the Licensees & Authorised Reps business. ๐‘ถ๐’ƒ๐’๐’Š๐’ˆ๐’‚๐’•๐’Š๐’๐’๐’” ๐’๐’‡ ๐’‚๐’ ๐‘จ๐’–๐’•๐’‰๐’๐’“๐’Š๐’”๐’†๐’… ๐‘น๐’†๐’‘๐’“๐’†๐’”๐’†๐’๐’•๐’‚๐’•๐’Š๐’—๐’† In addition to meeting the obligations of the Licensee, ARs have a number of independent obligations, including: Be appointed in writing as an Authorised Representative of the Licensee ; Not hold out that they have an AFS Licence. In this regard, the AR should include their AR number & disclose the relationship with the Licensee in all business documents & on their website; Provide disclosure documents (FSG, PDS) as required when the General Insurance Products are provided to Retail clients; Provide details of remuneration in an FSG; Keep records of insurance transactions; Comply with hawking prohibitions (retail clients) & misleading & deceptive conduct provisions; Ensure they act within the scope of authority given; & Comply with Product design & distribution requirements & TMD (when financial services are provided to retail clients). ๐˜ผ๐™ช๐™ฉ๐™๐™ค๐™ง๐™ž๐™จ๐™š๐™™ ๐™๐™š๐™ฅ๐™ง๐™š๐™จ๐™š๐™ฃ๐™ฉ๐™–๐™ฉ๐™ž๐™ซ๐™š ๐™˜๐™ค๐™ข๐™ฅ๐™ก๐™ž๐™–๐™ฃ๐™˜๐™š ๐™ข๐™š๐™–๐™จ๐™ช๐™ง๐™š๐™จ It follows from the above, that the best practice is for the Authorised Representative to have its compliance measures captured in a Compliance Manual. The Manual should be tailored to the ARs business model & way of working & dovetail with the Licenceeโ€™s compliance requirements. Speak to me if you are an Authorised Representative requiring assistance with your compliance requirements or if you are an AFS licensee requiring assistance with your AR monitoring & supervision program.
Read more

๐—–๐—ฎ๐—ป ๐˜†๐—ผ๐˜‚ ๐—บ๐—ฒ๐—ฎ๐˜€๐˜‚๐—ฟ๐—ฒ ๐˜๐—ต๐—ฒ ๐—ฐ๐—ผ๐—บ๐—ฝ๐—น๐—ถ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—ฟ๐—ถ๐˜€๐—ธ ๐—บ๐—ฎ๐˜๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐—ผ๐—ณ ๐˜†๐—ผ๐˜‚๐—ฟ ๐—ผ๐—ฟ๐—ด๐—ฎ๐—ป๐—ถ๐˜€๐—ฎ๐˜๐—ถ๐—ผ๐—ป?

APRA has mandated an insurerย to undertake a risk remediation program & has increased its capital requirements in response to concerns about its risk governance. APRAโ€™s decision follows a prudential review that identified significant weaknesses in the insurer’s risk governance, risk management & compliance practices. These included capability & capacity weaknesses in the risk function, ineffectiveness of the โ€œthree lines of defenceโ€ model, & weak risk reporting. The review also revealed unclear accountabilities and responsibilities across the business, & overall, an immature risk culture. Given the heightened prudential risk arising from the identified weaknesses, APRA has also imposed an additional $50 million capital requirement in the form of an operational risk charge. ๐™ˆ๐™š๐™–๐™จ๐™ช๐™ง๐™ž๐™ฃ๐™œ ๐™˜๐™ค๐™ข๐™ฅ๐™ก๐™ž๐™–๐™ฃ๐™˜๐™š ๐™ง๐™ž๐™จ๐™  ๐™ข๐™–๐™ฉ๐™ช๐™ง๐™ž๐™ฉ๐™ฎ There are many benefits in measuring compliance risk maturity: Identification of gaps & weaknesses in your compliance arrangements; A prioritised action plan to close out gaps by adopting a risk-based approach; Enables the allocation of resources (including human, technology & financial) to those areas of strategic, customer or regulatory importance; Provides transparent criteria to benchmark progress & facilitate board reporting; & Enables different maturity levels to be set as targets for each of the 4 components. ๐™ƒ๐™ค๐™ฌ ๐™ฉ๐™ค ๐™˜๐™ค๐™ฃ๐™™๐™ช๐™˜๐™ฉ ๐™–๐™ฃ ๐™–๐™ฃ๐™–๐™ก๐™ฎ๐™จ๐™ž๐™จ ๐™ค๐™› ๐™˜๐™ค๐™ข๐™ฅ๐™ก๐™ž๐™–๐™ฃ๐™˜๐™š ๐™ง๐™ž๐™จ๐™  ๐™ข๐™–๐™ฉ๐™ช๐™ง๐™ž๐™ฉ๐™ฎ (๐™ž๐™ฃ ๐™ฉ๐™๐™š ๐™ž๐™ฃ๐™จ๐™ช๐™ง๐™–๐™ฃ๐™˜๐™š ๐™ž๐™ฃ๐™™๐™ช๐™จ๐™ฉ๐™ง๐™ฎ) Step 1 –ย there are 4 components or categories that are assessed from a compliance risk perspective – (1) governance, (2) process & procedures, (3) people and (4) systems & reporting. A compliance review is conducted to determine the firm’s current state against each of these components; Step 2 –ย the current state is assessed as either ‘basic, evolving, established, advanced or optimised’. Pre-agreed criteria is used to describe each phase of maturity enabling a robust conversation to take place so that a realistic current state is determined. The current state is plotted on the matrix for each category; Step 3 –ย recognising the cost-benefit trade-off, the board sets the desired level of risk maturity to be achieved over a defined period for each component. For example, the Board may set a target that within 18 months: systems will be ‘Advanced’ while people will be ‘Optimised’. This enables a strategic allocation of resources & a plan that can be shared with key stakeholders; Step 4 –ย actions are developed, cost & approved to achieve the target level of risk maturity for each of the 4 components; Step 5 –ย Progress to plan is monitored & included in board reporting. Please contact me if you would like to explore the compliance reviews & risk maturity assessments I provide.
Read more

๐—”๐—ฟ๐—ฒ ๐˜†๐—ผ๐˜‚ ๐—ฎ๐—ป ๐—จ๐—ป๐—ฑ๐—ฒ๐—ฟ๐˜„๐—ฟ๐—ถ๐˜๐—ถ๐—ป๐—ด ๐—”๐—ด๐—ฒ๐—ป๐—ฐ๐˜†, ๐—–๐—น๐—ฎ๐—ถ๐—บ ๐—ฆ๐—ฒ๐—ฟ๐˜ƒ๐—ถ๐—ฐ๐—ฒ ๐—ฆ๐˜‚๐—ฝ๐—ฝ๐—น๐—ถ๐—ฒ๐—ฟ ๐—ผ๐—ฟ ๐—œ๐—ป๐˜€๐˜‚๐—ฟ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—•๐—ฟ๐—ผ๐—ธ๐—ฒ๐—ฟ? ๐—”๐—ฟ๐—ฒ ๐˜†๐—ผ๐˜‚ ๐—ฝ๐—ฟ๐—ฒ๐—ฝ๐—ฎ๐—ฟ๐—ฒ๐—ฑ ๐—ณ๐—ผ๐—ฟ ๐—–๐—ฃ๐—ฆ ๐Ÿฎ๐Ÿฏ๐Ÿฌ?

APRA Prudential Standard CPS 230 ‘Operational Risk Management’ comes into force July 2025. CPS 230 applies to APRA-regulated insurers (including both local insurers & Category C insurers) however there are indirect or downstream impacts on Underwriting Agencies, Claim Managers (Service Suppliers) & Insurance Brokers. These impacts arise in respect of insurers’ critical operations & material service providers. ๐™˜๐™ง๐™ž๐™ฉ๐™ž๐™˜๐™–๐™ก ๐™ค๐™ฅ๐™š๐™ง๐™–๐™ฉ๐™ž๐™ค๐™ฃ๐™จ An APRA-regulated entity must maintain its critical operations within tolerance levels through severe disruptions & manage the risks associated with the use of service providers (para 12 CPS 230). For an insurer, claims processing is a critical operation unless the insurer can justify otherwise. ๐™ˆ๐™–๐™ฉ๐™š๐™ง๐™ž๐™–๐™ก ๐™จ๐™š๐™ง๐™ซ๐™ž๐™˜๐™š ๐™ฅ๐™ง๐™ค๐™ซ๐™ž๐™™๐™š๐™ง๐™จ An APRA-regulated entity must, at a minimum, classify a provider of the following services as a material service provider, unless it can justify otherwise: for an insurer (general, life, private health): underwriting, claims management, insurance brokerage & reinsurance (p50) ๐˜”๐˜ข๐˜ฏ๐˜ข๐˜จ๐˜ฆ๐˜ฎ๐˜ฆ๐˜ฏ๐˜ต ๐˜ฐ๐˜ง ๐˜ด๐˜ฆ๐˜ณ๐˜ท๐˜ช๐˜ค๐˜ฆ ๐˜ฑ๐˜ณ๐˜ฐ๐˜ท๐˜ช๐˜ฅ๐˜ฆ๐˜ณ ๐˜ข๐˜ณ๐˜ณ๐˜ข๐˜ฏ๐˜จ๐˜ฆ๐˜ฎ๐˜ฆ๐˜ฏ๐˜ต๐˜ด An APRA-regulated insurer must: Maintain a comprehensive service provider management policy (p47); Identify & maintain a register of its material service providers & manage the material risks associated with using these providers (p49) & submit the register to APRA on an annual basis; Before entering into or modifying a material arrangement undertake due diligence assessing the financial & non-financial risks (p53) Maintain a formal legally binding agreement covering the matters listed in p54 (a) – (g); Monitor the arrangement (p58); Meet the APRA notification requirements (p59); & Have the arrangements reviewed by its internal audit function (p60). ๐™Ž๐™ค ๐™ฌ๐™๐™–๐™ฉ ๐™™๐™ค๐™š๐™จ ๐™ฉ๐™๐™ž๐™จ ๐™ข๐™š๐™–๐™ฃ ๐™›๐™ค๐™ง ๐™ข๐™–๐™ฉ๐™š๐™ง๐™ž๐™–๐™ก ๐™จ๐™š๐™ง๐™ซ๐™ž๐™˜๐™š ๐™ฅ๐™ง๐™ค๐™ซ๐™ž๐™™๐™š๐™ง๐™จ? Material service providers who are well prepared for the impacts of CPS 230 will achieve a competitive advantage in their partnering with insurers. Providers of material services must: Incorporate the requirements of CPS 230 into their risk & compliance arrangements including referencing APRA’s Prudential Practice Guide (CPG 230); Engage early with insurer(s) to understand the insurer(s) project plan in respect of timeframes & any unique requirements they have; & Arrange for a compliance review in early 2024 (due diligence) to fully understand the impact of the proposed changes to ensure a seamless transition to the new arrangements. Do not hesitate to contact me to assist in being prepared for the impacts of CPS 230 on your business.
Read more

๐— ๐—ฎ๐—ป๐—ฎ๐—ด๐—ถ๐—ป๐—ด ๐—–๐—ผ๐—บ๐—ฝ๐—น๐—ถ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—ฒ๐—ณ๐—ณ๐—ฒ๐—ฐ๐˜๐—ถ๐˜ƒ๐—ฒ๐—น๐˜† & ๐—ฒ๐—ณ๐—ณ๐—ถ๐—ฐ๐—ถ๐—ฒ๐—ป๐˜๐—น๐˜† – ๐—ฑ๐—ฒ๐˜€๐—ถ๐—ด๐—ป๐—ฒ๐—ฑ ๐˜๐—ผ ๐—ฝ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜

A common issue I observe when reviewing risk & compliance frameworks is the absence of a logical flow. Risk & compliance should be managed in a systematic manner ensuring that nothing is missed & no gaps emerge. The purpose of compliance is to protect. Protect the business, its people, stakeholders & customers. To do this, all component parts must work in sync. ๐™๐™๐™š ๐™˜๐™ค๐™ข๐™ฅ๐™ค๐™ฃ๐™š๐™ฃ๐™ฉ๐™จ ๐™ค๐™› ๐™– ๐™จ๐™ฎ๐™จ๐™ฉ๐™š๐™ข๐™–๐™ฉ๐™ž๐™˜ ๐™–๐™ฅ๐™ฅ๐™ง๐™ค๐™–๐™˜๐™ ๐™ฉ๐™ค ๐™ง๐™ž๐™จ๐™  & ๐™˜๐™ค๐™ข๐™ฅ๐™ก๐™ž๐™–๐™ฃ๐™˜๐™š 1. What you do & how you do it. Within the insurance industry, the services & products you provide & on whose behalf, determine the need for you to be APRA authorised, AFS Licensed, Authorised Rep, Code subscriber, Distributor, Service Supplier etc. This in turn shapes your risk profile. Unpacking what you do & how you do it, is always the starting point in any risk & compliance framework. 2. Governance Roles & responsibilities: whose doing what, who provides oversight & the mechanics of ‘doing & oversight’, is the next step & creates an environment within which business can be safely conducted & layers of protection. 3. Risk management Understanding your risks & managing those risks [in 6 simple steps] within the boundaries of the firm’s risk appetite provides an internal mechanism for decision-making. 4. Licence management For AFS Licensees, I call out licence management as a separate component. Your Licence, is, after all, your ticket to play [including any Authorised Reps]. 5. Material obligations. AFS Licence, APRA authorisation, Code & AFCA membership, Binder & Authorised Rep Agreements, Distribution & Claim service supplier arrangements all create obligations. These obligations must be identified. You can’t manage what you don’t know. Depending on the size of the firm, I include the key control(s) within the obligations section. I find its best to have a single source of truth [manual] rather than multiple referenced documents. 6. Obligations management This sets in place a systematic approach to managing the obligations including the sources of new/amended obligations & how these are incorporated into the framework. 7. Control testing A control that is not tested (design & operational) is no control. 8. Monitoring & supervision This extends to staff & AR’s & forms another layer of protection. The M&S needs to be independent, fit-for-purpose & risk-based. 9. Reporting Data from risk & compliance registers, control testing, monitoring & supervision provides an indication of the health of the compliance system. 10. Incident & breach management Things do go wrong. The quicker they are identified the less harm caused. ๐™๐™ž๐™จ๐™  & ๐™˜๐™ค๐™ข๐™ฅ๐™ก๐™ž๐™–๐™ฃ๐™˜๐™š ๐™–๐™จ๐™จ๐™ž๐™จ๐™ฉ๐™–๐™ฃ๐™˜๐™š Contact me to understand how a systematic approach to risk & compliance protects your business, people & customers.
Read more

๐—ฃ๐—ฟ๐—ผ๐˜ƒ๐—ถ๐—ฑ๐—ถ๐—ป๐—ด ๐—ณ๐—ถ๐—ป๐—ฎ๐—ป๐—ฐ๐—ถ๐—ฎ๐—น ๐˜€๐—ฒ๐—ฟ๐˜ƒ๐—ถ๐—ฐ๐—ฒ๐˜€ – ๐—š๐—ฒ๐—ป๐—ฒ๐—ฟ๐—ฎ๐—น ๐—œ๐—ป๐˜€๐˜‚๐—ฟ๐—ฎ๐—ป๐—ฐ๐—ฒ ๐—ฎ๐˜‚๐˜๐—ต๐—ผ๐—ฟ๐—ถ๐˜€๐—ฎ๐˜๐—ถ๐—ผ๐—ป๐˜€

Financial services laws are designed to protect consumers. The 1st layer of protection is the need to hold an AFS Licence. Unless you are an AR of a Licensee or can rely upon an exemption you need to hold an AFS Licence to provide general insurance financial services: ๐™‡๐™ž๐™˜๐™š๐™ฃ๐™˜๐™š ๐™–๐™ช๐™ฉ๐™๐™ค๐™ง๐™ž๐™จ๐™–๐™ฉ๐™ž๐™ค๐™ฃ๐™จ The 3 authorisations relevant for GI are: 1 Providing financial product advice, this may be restricted to general product advice; 2. Dealing in general insurance products by: Issue, apply for, acquire, vary or dispose of; and/or Apply for, acquire, vary, or dispose of on behalf of another. 3. Provide a claims handling & settling service. to Retail &/or Wholesale clients. ๐™’๐™๐™–๐™ฉ ๐™–๐™ช๐™ฉ๐™๐™ค๐™ง๐™ž๐™จ๐™–๐™ฉ๐™ž๐™ค๐™ฃ ๐™™๐™ค ๐™ฎ๐™ค๐™ช ๐™ฃ๐™š๐™š๐™™? APRA-regulated insurers – although authorised by APRA to carry on insurance business in Australia, insurersย require an AFS Licence when providing financial services unless relying upon the Wholesale client exception. Insurers generally need all 3 authorisations although dealing is limited to the issuing authority & the claims authorisation does not include representing a person making a claim. Underwriting Agencies – depending on their binder/agency agreement will generally require the same authorisations as insurers. If the MGA places the business in the open market (ie not under a binder) they will require the dealing authorisation ‘on behalf of another’. Insurance brokers – require financial product advice & dealing on behalf of another authorisation only. Brokers can rely on the claims exemption provided they arranged the contract of insurance or are acting under a letter of appointment. Brokers also require the Licence condition permitting them to use the restricted terms associated with insurance broking. TPAs – will require the same claim authorisations as insurers, as the TPA acts on behalf of insurers as an ‘Insurance claims Manager’. Claimant Intermediaries act on behalf of insureds & will require a Claims authorisation limited to making a recommendation; assisting & representing a person making a claim. Claim Service Suppliers & insurance fulfilment providers, acting on behalf of insurers, generally do not require a licence as they can rely on exemptions. In these cases it’s necessary to examine the authority they have from insurers/MGA. ๐™’๐™๐™–๐™ฉ ๐™๐™–๐™ฅ๐™ฅ๐™š๐™ฃ๐™จ ๐™ž๐™› ๐™ฎ๐™ค๐™ช ๐™ฅ๐™ง๐™ค๐™ซ๐™ž๐™™๐™š ๐™›๐™ž๐™ฃ๐™–๐™ฃ๐™˜๐™ž๐™–๐™ก ๐™จ๐™š๐™ง๐™ซ๐™ž๐™˜๐™š๐™จ ๐™ฌ๐™ž๐™ฉ๐™๐™ค๐™ช๐™ฉ ๐™– ๐™‡๐™ž๐™˜๐™š๐™ฃ๐™˜๐™š? It is an offence to provide financial services without a licence (or acting as an AR or relying on an exemption). It is also an offence to hold out that you hold an AFS Licence if you do not. Ensuring that you hold the correct AFS Licence authorisations & conditions is critical when providing (or intending to provide) financial services in Australia.
Read more
Press ESC key to close search