In March 2004, the Australian Prudential Regulation Authority (“APRA”) issued a consultation paper on proposed Fit and Proper reforms, with the context of:
· Aiming to protect beneficiaries of regulated institutions in the financial sector by enforcing sanctions regarding Responsible Persons;
· Providing a harmonised and equitable approach for various types of regulated institutions; and
· Responding to “increased focus, both domestically and internationally, on standards of conduct and the necessary degree of skill and competence for persons responsible for managing and advising financial institutions”, ensuring APRA’s requirements remained a reflection of best practice.
APRA subsequently issued and continues to enforce ‘Fit and Proper’ Prudential Standards CPS 520 and SPS 520 (“the Standards”). Prudential Standard CPS 520 applies for all:
· authorised deposit-taking institutions under the Banking Act 1959;
· life insurance companies under the Life Insurance Act 1995; and
· general insurance companies under the Insurance Act 1973.
Prudential Standard SPS 520 apples for all:
· Registrable Superannuation Entity (“RSE”) Licensees under the Superannuation Industry (Supervision) Act 1993.
In addition to other requirements, the onus is on organisations regulated under either standard (“regulated institutions”) to assess that individuals holding Responsible Persons roles are screened to ensure that they are Fit and Proper to be initially appointed to, and to continue to hold, this role.
What is a regulated institution required to do?
The Standards outline three main requirements for regulated institutions:
- Develop and implement a Fit and Proper Policy;
- Undertake checks to assess the fitness and propriety of Responsible Persons both prior to initial assessment and on an annual basis, ensuring individuals do not hold a Responsible Persons position unless assessed as Fit and Proper to do so;
- Report to APRA on assessment of Responsible Persons.
What should a Fit and Proper Policy cover?
APRA requires that a Fit and Proper Policy be included as part of the regulated institution’s risk management framework. This must be approved by the Board and communicated in a way that each Responsible Person understands the content and implications of the policy and that it is provided to any directors as soon as possible after nomination. The policy should outline the process that will be taken to assess Responsible Persons for fitness and propriety, including:
· Who will undertake the assessments;
· What information will be obtained regarding the individuals and how this will be handled;
· The assessment process that will be followed to determine whether an individual is Fit and Proper;
· Actions to be taken where a person is determined as not Fit and Proper for a Responsible Persons role;
· Obtaining consent from individuals to collect and use their personal information for the purposes of their Fit and Proper assessment, including provisions for APRA accessing this information;
· Documenting processes for Fit and Proper assessments for current and recently past Responsible Persons; and
· Whistleblowing provisions to allow individuals to report on instances where they believe a Responsible Person is not Fit and Proper.
Who is a Responsible Person?
A Responsible Person is defined by APRA based on the responsibilities and activities of the role and is generally an individual who is “responsible for the management and oversight of a regulated institution/RSE Licensee’s business operations”. Depending on the type of institution, a Responsible Person may hold a position as director, secretary, senior manager, appointed auditor, appointed actuary or other role where the activities undertaken as part of that role “may materially affect the whole, or a substantial part, of the business of the regulated institution or its financial standing”. It should be noted that individuals who are not employees of a regulated institution can also be Responsible Persons if they hold such a role.
When should background checking be undertaken?
The Standards outline that regulated institutions need to ensure a Fit and Proper assessment is completed prior to the individual holding the Responsible Person position. The only exception to this is where APRA has determined that the individual is a Responsible Person or as a result of a “resolution of members of the regulated institution”. Where exceptions exist, a period of 28 days from appointment is allowed for the assessments to be completed.
There are also allowances for interim appointments, where a regulated institution must take “reasonable steps” to assess the individual’s fitness and propriety prior to appointment, providing that a full Fit and Proper assessment is undertaken within 90 days and prior to permanent appointment. APRA also requires re-screening of Responsible Persons annually.
APRA reporting obligations
Regulated institutions are required to provide APRA with information on each Responsible Person, including: full name, date of birth, position and main responsibilities and a statement regarding whether the person has been assessed under the organisation’s Fit and Proper Policy.
Where there are role changes, regulated institutions have 28 days to provide updated information to APRA. Additionally, APRA is required to be notified if a regulated institution assesses that an individual holding a Responsible Persons role is not Fit and Proper to do so, including explanations and an action plan if the person is to remain in the Responsible Person position until resolved.
What types of background checks are required?
The Standards advise that Responsible Persons need to be assessed to ensure that they have the “appropriate skills, experience and knowledge, and act with honesty and integrity”. Although they outline that the checks undertaken for a Responsible Person should be customised to the specific competencies required for that particular role, the Standards mention general criteria in terms of assessing whether an individual is Fit and Proper. The specific background checks that can assist by assessing and measuring the candidate against each of these criteria are detailed below. There are additional, separate criteria for auditors.
Recommendations for Compliance
Background checking should be developed based on APRA’s guidance in the Standards regarding the aspects that need to be assessed for Responsible Persons. Additional background checks may apply for specific positions or depending on the background of the individual. This structure around Fit and Proper background checks can be achieved by adopting a standard APRA background check approach (for both initial screening and annual re-screening), with the consideration of optional add-on checks that can be selected on a case-by-case basis for certain roles (e.g. identity validation, watch lists check, international media check).
|Standard Guidelines||Background Checks||Aspect Assessed|
|APRA Compliance Background Checking|
|“Competence, character, diligence, honesty, integrity and judgement to perform properly the duties of the responsible person position”.||Police Check||Honesty, integrity & judgement|
|Overseas Police Check (if relevant)||Honesty, integrity & judgement|
|Manager Interview/Reference||Honesty, integrity & judgement|
|Qualification/Professional Validation (direct with awarding institute)||Competence|
|“Possesses the education or technical qualifications, knowledge and skills relevant to the duties and responsibilities” (Prudential Standard SPS 520 only).||Qualification/Professional Validation (direct with awarding institute)||Skills & qualifications|
|No disqualification under an applicable Prudential Act / SIS Act (defined as not being ”convicted of any offence of dishonesty in any jurisdiction, whether in Australia or overseas”, insolvent under administration or disqualified by APRA or the Federal Court) from holding the position.||Banned Persons Check||Not disqualified by APRA|
|Bankruptcy Check||Not insolvent|
|Police Check||No offence of dishonesty|
|Overseas Police Check (if relevant)||No offence of dishonesty|
|No conflict of interest, or where one exists, it is concluded that it will not pose a risk.||Directorship Check||No conflict of interest|
|Being ordinarily resident in Australia (Prudential Standard CPS 520 only – applies for senior managers of a corporate agent of a general insurer).||Visa/Passport (Work Rights) Validation||Resident in Australia|
For more information on how PeopleCheck can assist with background checking to meet your APRA compliance requirements and for best practice recommendations customised for your organisation, please contact us on (02) 4023 0603 or firstname.lastname@example.org.
- Prudential Standard CPS 520 Fit and Proper, January 2013
- Prudential Standard SPS 520 Fit and Proper, July 2013
- APRA’s Fit and Proper Requirements – Consultation Paper, March 2004
- Prudential Practice Guide SPG 520 – Fitness and Propriety August 2010
- APRA – www.apra.gov.au