'Significant weaknesses': RACQ hit with enforcement action over risk governance issues
The Australian Prudential Regulation Authority (APRA) has taken enforcement action against RACQ Insurance, requiring the insurer to develop a program to improve its risk governance after a review this year uncovered “significant weaknesses”.
APRA says areas of concerns listed by the prudential review include risk and compliance framework and practices, capability and capacity challenges within the risk functions, unclear accountabilities and an immature risk culture.
“We expect APRA-regulated entities to have strong risk governance in place and we are disappointed with the current deficiencies identified within RACQ,” Deputy Chair Helen Rowell said today in a statement.
“We will not hesitate to require action and highlight publicly, where appropriate, when entities do not meet these expectations.”
The regulator says the enforcement action, which also applies to RACQ Bank, requires the member-owned motoring club to develop and implement a comprehensive, APRA-approved, risk transformation program.
“While APRA acknowledges RACQ’s announcement in June that it will make a significant investment in its systems and processes, APRA’s requirement builds on this and seeks to ensure the material risk governance concerns identified are addressed,” the regulator says.
“This enforcement action comes after APRA identified significant weaknesses in RACQ’s risk governance during a prudential review undertaken this year.”
In June RACQ announced the systems and processes investment plan after self-reporting a regulatory breach to the Australian Securities and Investments Commission (ASIC). The breach related to premium discounts and how some of the wording in product disclosure statements was inadequate in describing the pricing application. RACQ said in August that it expects to refund $200-220 million to members.
APRA says in addition to the risk transformation program, RACQ must also engage a third party to provide independent assurance over the delivery of the changes made and provide periodic reporting to the regulator.
RACQ is required as well to assign accountability under the Banking Executive Accountability Regime for successful delivery of the risk transformation program to an appropriate, named executive.
RACQ Group CEO David Carter says an independent firm with expertise in risk management has been engaged to review RACQ’s activities and identify opportunities for improvement.
“This review is underway, along with the development of an action plan that will outline RACQ’s roadmap for improving its risk management approach,” Mr Carter said in a statement in response to APRA’s enforcement action.
“This work will also be subject to approval and oversight by ASIC and APRA and will continue into FY24.”