The Australian Prudential Regulation Authority (APRA) has written to banks, insurers and superannuation funds setting out its minimum expectations in relation to their readiness for geopolitical shocks.
APRA has grown increasingly concerned over recent years about the potential for adverse impacts on the financial system stemming from geopolitical shocks such as trade restrictions, sanctions and armed conflicts.
Although most entities are aware of geopolitical risks, APRA and other agencies on the Council of Financial Regulators have observed common gaps in how entities translate this into practical risk management and crisis preparedness.
These gaps include:
- actions by nation states to impose sanctions, restrict market access or reduce capital mobility are often not considered explicitly in business plans, or credit, funding and investment strategies;
- risk management practices are not keeping pace with rapidly evolving threats. These include personnel-related security risks, and risks associated with disinformation campaigns that could undermine confidence in an entity’s resilience;
- many boards are still developing the technical literacy needed to provide effective challenge on technology-related risks such as AI. Reliance on critical third parties, often located overseas, makes it more challenging to manage these risks; and
- crisis preparedness exercises are not always strong enough to give boards and management confidence that the entity could withstand and respond effectively to a severe geopolitical shock.
In response, APRA has written to all its regulated industries today setting out minimum expectations for geopolitical risk readiness in six key areas.
These include enhancing preparation for non-financial and non-traditional risks such as foreign interference, insider threats or cyber attacks connected to geopolitical developments.
These also include an entity’s preparation for traditional financial impacts through capital and liquidity planning as well as investment stress testing for potential scenarios such as market closure, sanctions and funding stress.
APRA Chair John Lonsdale said: “As a mid-size trade-exposed economy, Australia will always be impacted by what happens in the rest of the world – and right now the rest of the world is becoming more volatile and unpredictable.
“Today’s letter is a clear call to action as awareness is not enough. We need to see APRA-regulated entities integrate geopolitical risk into governance, risk management and crisis preparedness practices to strengthen their readiness for geopolitical shocks.
“Where APRA identifies heightened exposure, weak governance, or inadequate preparedness, we will take appropriate supervisory action to address these gaps,” Mr Lonsdale said.
The expectations outlined in today’s letter do not represent new prudential requirements; rather, APRA seeks to ensure entities use APRA’s existing prudential standards to better integrate geopolitical risk into governance, risk management and crisis preparedness.
Additionally, APRA will shortly write to a group of larger entities with heightened exposure to geopolitical shocks asking them to complete a targeted readiness assessment with a focus on crisis preparedness, personnel risks and political risks.
Entities outside this group are expected to take a risk-based and proportionate approach, with supervisors engaging through routine supervision.
Today’s letter is available on the APRA website at: Strengthening readiness for geopolitical shocks
.png/_jcr_content/renditions/cq5dam.web.1280.1280.jpeg)
