APRA warns companies to lift their game on cyber security
The prudential regulator says its standard on cyber attacks and information security will be ‘rigorously applied’, as it put companies on notice following high-profile data breaches.
The prudential regulator says its standard on cyber attacks and information security will be “rigorously applied”, as it put companies on notice to up their game following high-profile data breaches last year.
Australian Prudential Regulation Authority chairman John Lonsdale said the regulator had a lot of cyber security supervisory work underway, after financial services companies were ordered to conduct independent system reviews.
“Where we have problems at the entity level we expect remediation to happen and we expect it swiftly,” he added. “You need to have very sound operational risk and cyber resilience in place and importantly where there is a problem being able to make sure the critical functions still operate.”
APRA is awaiting the findings of a Deloitte review into Medibank Private’s cyber defences and controls, after flagging in November the company should look at pay consequences for executives “where appropriate” following a widescale data hack. APRA also cautioned of further potential regulatory action.
Mr Lonsdale said of Medibank: “Let’s see what the review comes out with and then deal with the facts.” He expects a resolution in the first half of 2023.
Separately, Mr Lonsdale signalled APRA will review the use of non-operating holding company (NOHC) structures by banks, that are often used to facilitate expansion in areas outside the sector. ANZ has recently joined companies such as Macquarie Group in moving to such a structure.
“There are more entities that are thinking about NOHCs... Business models are changing,” Mr Lonsdale said. “We think it’s time that we have a look at it.”
Consolidation in the banking sector will also be a theme this year as regulators assess ANZ’s $4.9bn tilt for Suncorp Bank, which has stoked concerns about declining industry competition.
“We look at consolidation very closely, so where there are mergers or takeovers of entities there are public interest tests that apply,” Mr Lonsdale said. “In the ANZ case that is a very big deal, the Treasurer has the authority to look at the public interest and make a decision on that, and I’m sure he’ll do that after receiving advice from other regulators.”
He also noted more rationalisation in the credit union industry and among super funds.
Watch out Labor, ‘the super tax could be your downfall’
Labor’s proposed tax on the unrealised gains of super funds could cost it the next election, says fund manager Geoff Wilson, who mobilised investors in 2019 against a planned franking credit hit.
Last of big four banks updates rate cut tip
All four of the big banks now agree on when the Reserve Bank board will cut interest rates following welcome inflation data this week.