APRA puts financial sector on notice to lift standards over its cyber security
In a speech delivered in Sydney, APRA chairman John Lonsdale has criticised the financial sector’s slow introduction of standards and controls.
In a speech to industry representatives on Friday, the head of the prudential regulator has said time is running out for banks, insurers and super funds to lift their standards.
Australian Prudential Regulation Authority chairman John Lonsdale said the regulator was concerned about resiliency across the financial sector and the ability for companies to respond to financial shocks and cyber breaches.
Speaking at the Financial Services Institute of Australasia, Mr Lonsdale said APRA was running out of patience with the industry responding to the regulator’s information security standards released three years ago.
Mr Lonsdale said many regulated entities were “still struggling with foundational issues”, concerning the need to ensure third-party controls were effective and regularly testing security controls and response plans.
He said there was the potential for “serious impact to millions of Australians” from breaches.
“Our patience has run out,” he said. “Where an entity is found to be significantly wanting in its cyber preparedness, we are intensifying supervision, insisting upon remediation plans, and taking enforcement action such as capital overlays and potentially licence conditions.”
APRA, which regulates banks, insurers and superannuation funds, is charged with ensuring the stability and safety of the financial sector. APRA regularly wades into the market to smack down companies it finds are not meeting its standards, with the power to go after payments to key company figures as punishment.
Mr Lonsdale said APRA had given companies until 2025 to meet new operational resilience standards to ensure they “understand and manage the risks across their operational value chain”.
“Mapping out critical operations and identifying material service providers is a practical initial step, as is building organisational awareness,” he said.
“APRA will continue to work closely with entities to prepare them for the implementation of the standard and will issue additional guidance early next year.”
Mr Lonsdale said APRA would focus on business leadership to ensure they were alert to the potential of poor outcomes, pointing to the failures of Silicon Valley Bank and Credit Suisse as proof of the consequences of failures.
He warned that APRA was considering “targeted improvements” to bank’s liquidity and capital standards “to ensure they remain resilient and that stress at one entity doesn’t have an outsized impact on the system”.
Mr Lonsdale said APRA was also looking at liquidity risks in superannuation as well as questions around values of listed and unlisted assets.
He also warned that super funds must do better in meeting the needs of Australians in retirement, rather than just managing finds to the end of their working life.
The regulator was also concerned about the rising cost of insurance and difficulty accessing cover for many Australians.
The latest Global Insurance Market Index from heavyweight broker Marsh found pricing in the Australia-Pacific rose 1 per cent in the latest quarter, marking the 24th quarter straight prices have lifted.
Mr Lonsdale said APRA stood ready to assist in gathering data to show areas of pain and risk in insurance.
“Armed with a better understanding of how climate change may impact insurance, all stakeholders can hopefully make better decisions now to prevent or limit negative consequences,” he said.
More Coverage
ASX may rise; Qantas, WiseTech in focus; Tesla jumps
Qantas hoping for less fiery investor catch-up as strike action looms. WiseTech shareholders will react to founder Richard White's 'transition'. Cochlear AGM. Tesla's best day in more than 11 years buoys Nasdaq, but Boeing, IBM falls weigh on Dow.
Generation of boomers to drive up waterfront house prices
McGrath CEO’s latest report suggests sea-change seekers are driving up prices in coastal towns as a generation accesses super and makes plans for their golden years.