Table of contents
Prudential practice guide
GPG 232 Custody Arrangements
-
Current1 October 2006
Prudential framework pillars
Disclaimer and copyright
This prudential practice guide is not legal advice and users are encouraged to obtain professional advice about the application of any legislation or prudential standard relevant to their particular circumstances and to exercise their own skill and care in relation to any material contained in this guide.
APRA disclaims any liability for any loss or damage arising out of any use of this prudential practice guide.
This prudential practice guide is copyright. You may use and reproduce this material in an unaltered form only for your personal non-commercial use or non-commercial use within your organisation. Apart from any use permitted under the Copyright Act 1968, all other rights are reserved. Requests for other types of use should be directed to APRA.
Note: Prudential Standard GPS 220 Risk Management (GPS 220) and Prudential Standard GPS 231 Outsourcing (GPS 231) have been replaced by : Prudential Standard CPS 220 Risk Management (CPS 220) and Prudential Standard CPS 231 Outsourcing (CPS 231) respectively. References in this guide to GPS 220 and GPS 231 should be read as references to CPS 220 and CPS 231
Custody arrangements
This prudential practice guide supersedes CrossIndustry Circular No.1 — Custodian Requirements for APRA Supervised Entities issued in November 2000 in so far as it applies to ‘general insurance companies’ as described in that Circular. That Circular ceases to apply to general insurers (insurers) with effect from the date of release of this prudential practice guide.
Prudential Standard GPS 220 Risk Management (GPS 220) and Prudential Standard GPS 231 Outsourcing (GPS 231) set out APRA’s requirements of insurers in relation to risk management and outsourcing respectively. Those Prudential Standards set out concepts that are applicable across all of an insurer’s operations, including external custody arrangements. This prudential practice guide aims to assist insurers in complying with those requirements and, more generally, to outline prudent practices specifically in relation to external custody arrangements.
[1]
‘External custody arrangement’ and ‘external custody agreement’ in this prudential practice guide bear the same meaning as the definition of ‘external custody agreement’ in Prudential Standard GPS 120 Assets in Australia (GPS 120).
Subject to the requirements of GPS 220 and GPS 231, insurers have the flexibility to manage their external custody arrangements in the way most suited to achieving their business objectives.
Not all the practices outlined in this prudential practice guide will be relevant for every insurer and some aspects may vary depending upon the size, complexity and risk profile of the insurer.
There are requirements relating to custodians and external custody agreements in Prudential Standard GPS 120 Assets in Australia (GPS 120). Non-compliance with those requirements results in any interest in assets held by a custodian being excluded as an asset in Australia.
[2]
As defined under the Insurance Act 1973 (the Act) read with GPS 120.
Scope
This prudential practice guide applies to external custody arrangements (where an insurer engages an external party to act as its custodian), including arrangements with a related entity (or entities) in the same corporate group.
[3]
‘Custodian’ has the same meaning as in GPS 120.
[4]
A ‘corporate group’ exists where a number of companies are related bodies corporate within the meaning of section 50 of the Corporations Act 2001.
This prudential practice guide does not apply to arrangements that either insurers or their custodians have with securities depositories, whether in Australia or overseas.
Compliance with prudential standards
Where an insurer has entered into an external custody arrangement, one of the risks that will in most circumstances be identified by the insurer in its RMS is the risk of the custodian failing to adequately safeguard the insurer’s assets.
For the purposes of GPS 231, an external custody arrangement is typically considered to be a material outsourcing arrangement if the assets held under that arrangement are material in value. Prudential Practice Guide PPG 231 Outsourcing provides further guidance as to materiality.
External custody arrangements
To ensure appropriate levels of policyholder protection, it is critical that the assets supporting the financial soundness of an insurer are safely and accurately maintained across all jurisdictions. It is good practice for an insurer to:
have a clear understanding of the external custody arrangements in place to hold its assets;
be satisfied that these arrangements are safe and transparent;
be satisfied that a complete assessment of risks associated with these arrangements has been carried out; and
monitor service levels under an external custody arrangement on an ongoing basis.
Risk management and external custody arrangements
In respect of external custody arrangements, an insurer would typically conduct regular reviews by seeking information to satisfy itself that:
the custodian’s audited internal controls are adequate and continue to operate effectively;
the custodian’s resources are sufficient; and
the custodian is financially sound.
An insurer would typically consider whether:
the custodian’s controls ensure that the insurer’s assets are secure; and
the custodian has appropriate procedures for the acceptance, execution and settlement of authorised instructions.
An insurer would typically seek periodic information from the custodian in respect of the adequacy and effectiveness of such controls and actions taken or planned to address any concerns.
APRA envisages that an insurer would consider whether the custodian has, and continues to have, the appropriate organisational structure, staffing capabilities, business continuity management procedures, administrative resources and arrangements for holding the insurer’s assets.
In assessing the custodian’s financial soundness, APRA envisages that an insurer would consider the adequacy of the custodian’s capital and its insurance or guarantee arrangements.
Sub-custodians
An insurer would typically satisfy itself as to the continued effectiveness of the custodian’s process of selecting, monitoring and reviewing its sub-custodians, including the testing and auditing of their operations.
Requirements for the agreement
APRA envisages that an external custody agreement would provide for it to be subject to the laws of a state or territory of Australia. However, this does not apply where:
the assets held under that agreement are foreign assets; and
there are foreign laws that prevent the agreement from being subject to the laws of a state or territory of Australia.
[5]
This also appears as a requirement under GPS 120. In this case, the insurer should carefully consider how the additional risk that may ensue is appropriately addressed and managed.
In addition to the issues that are required to be dealt with in an external custody agreement in order for interests in the assets held under the external custody agreement not to be excluded as assets in Australia under GPS 120, the following issues would typically be addressed in a contract with a custodian:
that the custodian is prohibited from taking a charge, mortgage, lien or other encumbrance over, or in relation to, assets of the insurer. The custodian may, however, do this for expenses and outlays made within the terms of the agreement (but not including unpaid custodian or sub-custodian fees);
that the custodian accepts responsibility for liability arising from its failure, or failure of its agents and/or its sub-custodians, to exercise reasonable care based on the standards applicable to the custodian in the relevant market (refer paragraphs 25 to 26 of this prudential practice guide);
that, in the event that the insurer suffers loss due to those acts or omissions for which the custodian is liable, or for which it accepts liability, the right of the insurer to recover from the custodian is not dependent upon the right of the custodian to recover against any of its agents or subcustodians;
that the custodian will, prior to arranging for assets of the insurer to be held by a subcustodian, provide the insurer with written notice of the identity of each sub-custodian with which the assets of the insurer are intended to be placed; and
that the custodian will notify the insurer in writing of any subsequent appointments of new or replacement sub-custodians, at the earliest practicable time but in any event, no later than 10 business days after the appointment has been made.
Performance monitoring
An insurer would typically ensure that an external custody agreement provides for each material or systemic breach of the agreement to be brought to the insurer’s attention for consideration. APRA envisages that the external custody agreement would provide for such reporting to be within a reasonable time of the custodian becoming aware of the breach.
Termination provisions
The external custody agreement would typically provide for a right on the part of an insurer to terminate the agreement where the insurer has reasonable grounds to believe that the custodian is not complying with, or is unlikely to comply with, the requirements of GPS 120, the agreement, or other relevant legislation.
Further grounds triggering the insurer’s right to terminate may be set out in the agreement.
Typically, these would include:
where the custodian is unable, or is about to become unable, to meet its liabilities; and
where there is a change in the effective control of the custodian. This may occur, for example, through an acquisition or merger.
APRA envisages that the external custody agreement would provide, upon termination:
for the assets to be transferred into the name of the insurer (if not already held in the name of the insurer) or otherwise to be transferred as the insurer lawfully directs (including to another custodian);
[6]
In the case of a foreign insurer, a reference to ‘insurer’ in this paragraph may be read as a reference to the foreign insurer’s Agent in Australia, if applicable, ‘Agent in Australia’ being defined under GPS 120.
for the insurer to specify the timeframe within which assets are to be transferred following termination.
APRA directions and compliance
Apart from the requirements in GPS 231, APRA envisages that an insurer would have appropriate mechanisms in place to ensure that any directions issued by APRA to the insurer in relation to assets held by the custodian are effectively relayed to the custodian on a timely basis. The insurer would typically be satisfied that the custodian has adequate processes in place to implement any relevant directions the insurer is issued by APRA.
APRA envisages that the external custody agreement would contain a provision to the effect that, if the insurer is issued a relevant direction by APRA, the custodian will undertake not to obstruct any action taken by the insurer to comply with the direction.
GPS 220 requires an insurer’s RMS to document the insurer’s systems for ensuring compliance with prudential requirements. The insurer would typically consider the custodian’s processes for handling the insurer’s assets as part of the insurer’s systems for ensuring compliance with prudential requirements.
Standard of reasonable care and allocation of risk
An insurer would typically monitor relevant practices in the external custody market to gauge the standards of reasonable care that should apply in the context of the insurer’s obligations to its policyholders and in implementing subparagraph 17(b) in this prudential practice guide.
The insurer would typically have a clear understanding of the provisions of the agreement setting out the risks borne by each party to the agreement. In particular, the insurer would typically satisfy itself with respect to:
the types of risk it is carrying; and
the risks for which the custodian does not accept liability. For example, the custodian may not accept liability for losses arising from the insolvency of its sub-custodians or investment-related events, such as counterparty default.
Notification requirement
For notification of external custody arrangements, APRA envisages that the following would be specified in the notification:
the insurer’s Board is aware, in relation to the services of the custodian, that it is responsible for the custody and control of the assets of the insurer and for compliance with the Insurance Act 1973, the Financial Sector (Collection of Data) Act 2001 and other laws and regulations relevant to the insurer;
the insurer has assessed the various risks that could arise from the use of a custodian, including risks arising from any limitation of the custodian’s liability under the external custody agreement, and has systems in place to monitor and manage those risks;
there are adequate systems in place to monitor the operation of the custody arrangements including the identification of, and action to be taken in response to, material and/or systemic breaches;
the insurer is satisfied with the procedures, processes and standard of care of the custodian to safeguard the interests of policyholders, including to ensure that only properly authorised transactions are accepted, executed and settled; and
the insurer is satisfied that the custodian’s administration and reporting systems are adequate to ensure that APRA’s prudential requirements and other relevant legislation are complied with and the risk control measures required by the insurer are implemented.
Risk Management Declaration
In making the Risk Management Declaration, the Board could consider whether:
it is satisfied that any external custody agreement entered into by the insurer has been complied with and that only properly authorised transactions have been accepted, executed and settled;
it is satisfied that, in using the services of a custodian, all relevant legal requirements have been complied with;
it is satisfied that the risk control measures it has in place are sufficient to properly manage any risks to the insurer’s assets that are being held with the custodian;
the use of the external custody arrangements (including the system of the custodian to select and monitor its subcustodians) continues to be in the best interests of the insurer’s policyholders;
all reported material and/or systemic breaches (if any) of the external custody agreement have been evaluated and the insurer has either initiated appropriate action or has determined that no action is appropriate; and
it is satisfied that during the period it has complied with the requirements of any prudential standards in relation to the use of custodians.