Introduction
Under the National Consumer Credit Protection Act 2009 (Cth), a key obligation for any Australian Credit Licence (ACL) holder is to maintain adequate financial resources and have adequate risk management systems. This requirement is fundamental to ensuring a licensee can engage in credit activities and provide its financial service in compliance with the law. However, for a body regulated by the Australian Prudential Regulation Authority (APRA), this specific obligation is modified to avoid regulatory duplication, as these entities are already subject to APRA’s own prudential framework.
This arrangement between the Australian Securities and Investments Commission (ASIC) and APRA means that certain licence holders are exempt from the standard ACL financial requirements. This guide provides essential clarity for any ACL holder under APRA supervision, explaining who qualifies for this exemption, the scope of the exemption, and the practical implications for those who engage in credit activities under this dual regulatory structure.
APRA’s Role in Regulating Bodies Under Its Supervision
APRA’s Prudential Framework & Licensing Process
The APRA operates under a prudential regulation framework designed to ensure the financial soundness of the institutions it oversees. This framework consists of relevant legislation, prudential standards, and prudential practice guides (PPGs).
While prudential standards set out the minimum requirements that a regulated entity must meet, PPGs provide guidance on what APRA considers to be sound practice in meeting those requirements.
APRA offers two main pathways for entities seeking to become an Authorised Deposit-Taking Institution (ADI):
Pathway | Description & Suitability |
---|---|
The direct pathway | Suitable for applicants that already possess substantial capital, governance structures, and operational capabilities necessary to meet the full prudential framework from the outset. These applicants are typically well-resourced and may have an existing banking-related business. |
The restricted pathway | Designed for new entrants that need time to develop their capabilities and raise capital. This pathway allows an entity to operate as a Restricted ADI for a limited period, during which it can conduct limited banking business while working towards meeting the full prudential framework. |
The licensing process is consultative, beginning with pre-application discussions where APRA:
- Clarifies its expectations
- Assesses the applicant’s proposal
- Provides feedback through challenge meetings to ensure readiness for formal application
To grant an ADI licence, APRA must be satisfied that the applicant:
- Is financially sound
- Can manage risks effectively
- Has fit and proper individuals in key roles
- Will be able to meet all relevant prudential requirements on an ongoing basis
Ongoing Supervision & Enforcement by APRA
Once an entity receives its ACL, it becomes subject to APRA’s ongoing supervision. APRA’s supervisory approach is risk-based, forward-looking, and outcomes-focused. This means that supervision intensity is proportionate to the level of risk an entity poses to the financial system; institutions with greater potential impact face more rigorous oversight.
This supervision is carried out through both off-site analysis of data and on-site reviews and assessments.
APRA’s regulatory toolkit includes a range of enforcement powers to ensure compliance and address prudential risks. These powers are applied to hold entities and individuals accountable for their conduct.
APRA’s enforcement actions can include:
- Conducting formal investigations into potential breaches
- Issuing directions that require an entity to take or seize specific actions
- Imposing conditions on an entity’s licence to operate
- Banning individuals from working in any APRA-regulated industry
- Commencing civil proceedings or referring matters for criminal prosecution
In the rare event that a regulated entity fails, APRA’s resolution function is designed to manage the exit in an orderly manner. The primary goal of resolution is to protect depositors and policyholders while minimising disruption to the financial system.
An additional layer of protection is provided by the Financial Claims Scheme (FCS), an Australian Government scheme administered by APRA that protects the deposits of customers with ADIs.
Coordination Between APRA & ASIC
APRA and the ASIC work together to regulate entities under their respective purviews, aiming to minimise regulatory duplication. This coordination is particularly evident in how they handle financial resource and risk management obligations for dually regulated entities.
To avoid overlap, bodies regulated by APRA are generally exempt from certain Australian Financial Services (AFS) and ACL obligations because they are already subject to APRA’s comprehensive prudential standards.
Key exemptions include:
Exemption Area | Rationale for Exemption |
---|---|
Adequate financial resources | An APRA-regulated licensee is exempt from this obligation under the National Consumer Credit Protection Act 2009 (Cth) because APRA imposes its own capital and liquidity requirements. |
Risk management systems | The obligation to have adequate risk management systems under both the AFS and credit licensing regimes does not apply, as APRA’s framework includes extensive risk management standards. |
This coordinated approach ensures that while APRA focuses on prudential soundness, ASIC can focus on market integrity and consumer protection without imposing duplicative requirements.
The regulators maintain open communication, share information about licensees, and consult on significant actions such as licence variations, suspensions, or cancellations. However, it is important to note that related bodies corporate of an APRA-regulated entity may still be subject to ASIC’s requirements if their activities are not central to APRA’s prudential oversight.
Speak with an AFSL Lawyer Today
Request a Consultation to Get Started.
Exemptions from Adequate Financial Resources & Risk Management Obligations Under APRA Supervision
Definition of Bodies Regulated by Australian Prudential Regulation Authority
A “body regulated by APRA” is defined under section 3(2) of the Australian Prudential Regulation Authority Act 1998 (Cth). The APRA serves as the prudential regulator for a significant portion of Australia’s financial services industry, overseeing the financial stability and soundness of these institutions.
Entities that fall under APRA’s supervision and are considered “bodies regulated by APRA” typically include:
- Banks
- Mutuals, such as building societies and credit unions
- General insurance and reinsurance companies
- Life insurance companies
- Private health insurers
- Friendly societies
- Most members of the superannuation industry
These institutions are subject to APRA’s comprehensive prudential framework, which includes stringent requirements for financial health and risk management.
Exemption from Financial Resource & Risk Management Obligations
An ACL holder that is a body regulated by APRA is exempt from certain general conduct obligations under the National Consumer Credit Protection Act 2009 (Cth). Specifically, paragraph 47(1)(l) of the Act exempts these entities from the requirements to have adequate financial resources and adequate risk management systems.
This exemption exists because APRA already imposes robust prudential standards on these institutions, covering financial adequacy and risk management. To avoid regulatory duplication, the law recognises that an APRA-regulated licensee is already meeting comparable obligations. Therefore, ASIC does not enforce its own separate financial and risk management requirements on these licence holders.
Scope of Exemptions Including Related Bodies Corporate
The exemption from financial and risk management obligations does not automatically extend to all entities within a corporate group. If you are a related body corporate of an APRA-regulated entity, you are still required to comply with the financial resource and risk management obligations under your ACL.
APRA’s regulatory focus is on the prudential soundness of the institution it directly supervises and the stability of the broader financial system. The financial capacity of a subsidiary or related entity may not be considered material to APRA’s prudential objectives for the parent institution. Consequently, these related entities must independently satisfy ASIC’s requirements if they engage in credit activities that require an ACL.
Practical Implications for Australian Credit Licence Holders
For an ACL holder that is also a body regulated by APRA, the primary practical implication of this exemption is the reduction of regulatory duplication. These licence holders are not burdened with meeting two different sets of financial and risk management standards from two separate regulators. Instead, they adhere to the comprehensive prudential framework established and enforced by APRA.
This streamlined approach is a deliberate feature of Australia’s dual-regulator system. ASIC and APRA coordinate their regulatory activities to ensure consistency and efficiency. This coordination includes sharing information and consulting on matters related to dual-regulated entities, which helps minimise overlap and creates a more coherent regulatory environment for the financial service provider.
Speak with an AFSL Lawyer Today
Request a Consultation to Get Started.
Consequences of Non-Compliance & Enforcement Actions
ASIC’s Enforcement Powers & Penalties
The ASIC holds significant powers to enforce compliance with financial resource and risk management obligations under the National Credit Protection framework. These powers include:
Enforcement Tool / Mechanism | Description |
---|---|
Suspension or Cancellation of Licences | ASIC can suspend or cancel an ACL if a licensee is not complying or is likely to contravene obligations, potentially without a hearing in urgent cases. |
Imposition of Penalties | Breaches may attract significant civil penalties for individuals (up to 5,000 penalty units) and corporations (up to 10% of annual turnover). |
Banning Orders | ASIC can issue orders prohibiting individuals or entities from engaging in credit activities to protect the public. Breaching a banning order is a criminal offence. |
Enforceable Undertakings and Settlements | Used to resolve disputes without litigation, allowing licensees to provide compensation to consumers, though ASIC has adopted a more litigious approach. |
Reporting and Compliance Certificates | Licensees must lodge annual compliance certificates. Failure to do so is a strict liability offence subject to penalties. |
Liability for Representatives | Licensees are held responsible for the conduct of their representatives and may be liable for breaches they commit. |
These enforcement tools enable ASIC to maintain the integrity of the credit licensing regime and protect consumers from financial harm.
APRA’s Enforcement & Resolution Powers
The APRA oversees entities under its prudential supervision, including ADIs. APRA’s enforcement and resolution powers include:
Category | Description |
---|---|
Directions and Conditions | APRA can issue directions for entities to take or refrain from actions and can impose or vary conditions on an entity’s licence. |
Bans on Individuals | APRA has the power to ban individuals from holding key positions if they are deemed not fit and proper or pose risks to an institution’s safety. |
Supervisory Actions | APRA conducts ongoing supervision through onsite reviews and data analysis to identify and address risks proactively. |
Resolution Measures | In the event of an entity’s failure, APRA can manage an orderly exit, including using the Financial Claims Scheme (FCS) to protect depositors. |
Consultation with Other Regulators | APRA coordinates with ASIC and others to avoid duplication. ASIC must consult APRA before taking actions that could affect an APRA-regulated entity’s business. |
Enforcement Before Imminent Risk | APRA can use its enforcement powers proactively to maintain prudential standards and deter misconduct before risks become imminent. |
APRA’s enforcement framework is designed to uphold financial stability and protect the interests of depositors, policyholders, and the broader financial system.
Impact on Licensees & Representatives
Non-compliance with financial resource and risk management obligations can have serious consequences for both licensees and their representatives, including:
Impact Area | Description of Consequences |
---|---|
Legal Liability | Licensees can be held legally responsible for breaches committed by their representatives, including liability for client losses due to non-compliance. |
Reputational Damage | Enforcement actions, licence suspensions, or public banning orders can severely damage a licensee’s or representative’s reputation and client trust. |
Operational Disruption | Suspension or cancellation of a licence can halt a licensee’s ability to engage in credit activities, leading to significant business and financial harm. |
Personal Consequences | Individuals may face banning orders, criminal penalties, or disqualification from the industry, impacting their career and livelihood. |
Increased Regulatory Scrutiny | Non-compliance can lead to intensified supervision and ongoing monitoring by ASIC and APRA, increasing compliance costs and operational burdens. |
To mitigate these risks, licensees should maintain robust compliance and risk management systems, ensure their representatives are adequately trained and supervised, and promptly address any breaches or regulatory concerns.
If you have questions about your obligations or need assistance with compliance or enforcement matters, it is advisable to seek legal advice to understand your rights and responsibilities fully.
Speak with an AFSL Lawyer Today
Request a Consultation to Get Started.
Conclusion
An ACL holder regulated by APRA is exempt from the standard financial resource and risk management obligations enforced by ASIC, as they are already subject to APRA’s own comprehensive prudential framework. Understanding the precise scope of this exemption is critical for all licence holders, as non-compliance with the applicable regulatory regime can lead to severe enforcement actions from either regulator.
Managing these dual regulatory requirements demands a clear understanding of your specific circumstances. For trusted ACL compliance guidance in clarifying your financial and risk management obligations, contact our expert lawyers at AFSL House to ensure your financial service operations remain fully compliant and secure.
Frequently Asked Questions
A body regulated by APRA is defined under section 3(2) of the Australian Prudential Regulation Authority Act 1998 (Cth). This includes entities such as banks, mutuals (building societies and credit unions), general insurance and reinsurance companies, life insurance companies, private health insurers, friendly societies, and most members of the superannuation industry. These entities are subject to APRA’s comprehensive prudential framework, which imposes stringent requirements on financial health and risk management.
Not all ACL holders regulated by APRA are exempt. While bodies regulated by APRA are exempt from the requirements to maintain adequate financial resources and risk management systems under the National Consumer Credit Protection Act 2009 (Cth), this exemption does not automatically extend to related bodies corporate. Related entities must comply with these obligations independently if their activities are not central to APRA’s prudential oversight. This approach avoids regulatory duplication, as APRA’s prudential standards already cover these areas for the regulated entity.
ACL holders not regulated by APRA must have adequate financial resources to:
• Engage in the credit activities authorised by their licence;
• Carry out supervisory arrangements related to those activities.
These licensees must plan and monitor their cash flows to ensure they can meet all debts as they fall due and maintain sufficient financial resources on an ongoing basis. They are responsible for designating a senior person, known as a financial manager, to oversee these financial resource obligations. This person should have appropriate knowledge, skills, and sufficient time to manage the licensee’s financial resources effectively.
Non-APRA regulated ACL holders must establish and maintain adequate risk management systems. These systems should:
• Be based on a structured and systematic process that considers the licensee’s obligations under the National Consumer Credit Protection Act 2009 (Cth);
• Identify and evaluate risks that could adversely affect consumers or market integrity, including risks of non-compliance;
• Establish and maintain controls designed to manage or mitigate those risks;
• Be fully implemented and monitored to ensure effectiveness.
The nature and scope of these systems should be proportionate to the licensee’s business size, complexity, and risk profile.
ASIC requires licensees to lodge an annual compliance certificate confirming they have adequate financial resources and risk management systems in place. ASIC may also conduct surveillance visits to review a licensee’s compliance measures, processes, and procedures. Licensees are expected to document their compliance arrangements, implement them fully, monitor their effectiveness, and report any breaches promptly. ASIC also expects licensees to have designated senior management responsible for overseeing compliance and to maintain adequate resources to support these functions.
Yes, a licensee may designate one or more senior persons as financial managers who are directly responsible to the licensee or its board for ensuring that financial resources remain adequate at all times. These financial managers should have the appropriate knowledge, skills, and sufficient time to manage these responsibilities. For large businesses, this delegation helps ensure effective oversight of financial resources across different business units or activities.
Failure to comply with financial resource or risk management obligations can lead to serious consequences, including:
• Suspension or cancellation of the ACL by ASIC;
• Civil penalties, which for individuals can be up to 5,000 penalty units or three times the benefit obtained or detriment avoided, and for corporations can be substantially higher, including up to 10% of annual turnover;
• Banning orders preventing individuals or entities from engaging in credit activities, with breaches of such orders constituting criminal offences;
• Increased regulatory scrutiny and potential reputational damage.
ASIC and APRA coordinate enforcement actions, and non-compliance may also result in additional supervisory measures or legal proceedings.
APRA and ASIC work closely to avoid regulatory duplication for entities under APRA supervision. APRA’s prudential framework covers financial resource and risk management requirements, so ASIC exempts these entities from equivalent obligations under the National Consumer Credit Protection Act 2009 (Cth) and the AFS licensing regime. The regulators maintain open communication, share information, and consult on significant regulatory actions such as licence variations or cancellations. This coordination ensures that entities are not subject to overlapping or conflicting requirements, promoting regulatory efficiency and clarity.
Related bodies corporate of APRA-regulated entities are generally not exempt from financial resource and risk management obligations. APRA’s prudential oversight focuses on the regulated entity itself and the broader financial system’s stability. Therefore, subsidiaries or related entities must independently comply with ASIC’s financial and risk management requirements if they hold an ACL and engage in credit activities. This distinction ensures that all entities carrying out credit activities maintain appropriate standards, even if they are part of a group with an APRA-regulated parent.