Table of contents
Prudential practice guide
GPG 520 Fit and Proper
-
Current1 July 2008
Prudential framework pillars
About this guide
Note: Prudential Standard GPS 520 Fit and Proper (GPS 520) has been replaced by Prudential Standard CPS 520 Fit and Proper (CPS 520). References in this practice guide to GPS 520 should be read as a reference to CPS 520
Prudential Standard GPS 520 Fit and Proper (GPS 520) sets out APRA’s requirements in relation to assessing the fitness and propriety of responsible persons of insurers and authorised NOHCs (collectively referred to as regulated institutions). This prudential practice guide aims to assist regulated institutions in complying with those requirements and, more generally, to outline prudent practices in relation to fitness and propriety. Unless otherwise defined in this prudential practice guide, expressions in bold are as defined in Prudential Standard GPS 001 Definitions.
Subject to the requirements of GPS 520, regulated institutions have the flexibility to configure their Fit and Proper Policy in the way most suited to achieving their business objectives.
Not all of the practices outlined in this prudential practice guide will be relevant for every regulated institution and some aspects may vary depending upon the size, complexity and risk profile of the regulated institution.
Disclaimer and copyright
This prudential practice guide is not legal advice and users are encouraged to obtain professional advice about the application of any legislation or prudential standard relevant to their particular circumstances and to exercise their own skill and care in relation to any material contained in this guide.
APRA disclaims any liability for any loss or damage arising out of any use of this prudential practice guide.
© Commonwealth of Australia
This work is copyright. You may download, display, print and reproduce this material in unaltered form only (retaining this notice) for your personal, non-commercial use or use within your organisation. All other rights are reserved.
Requests and inquiries concerning reproduction and rights should be addressed to:
Commonwealth Copyright Administration
Copyright Law Branch
Attorney-General’s Department
Robert Garran Offices
National Circuit
Barton ACT 2600
Fax: (02) 6250 5989
or submitted via the copyright request form on the website http://www.ag.gov.au/cca
Fit and Proper Policy
The Fit and Proper Policy of a regulated institution assists it in prudently managing the risk that responsible persons are not fit and proper. It will form a part of the institution’s broader risk management system.
A Fit and Proper Policy may be developed and implemented as a group policy provided the regulated institution meets the requirements of GPS 520, including paragraph 6 of GPS 520.
A regulated institution may consider extending its assessment process for fitness and propriety to a wider range of persons than is required under GPS 520. The assessment process under the Fit and Proper Policy could be adapted for this purpose.
Responsible persons
The responsible persons of a regulated institution are those persons whose conduct is most likely to have a significant impact on its sound and prudent management. For a locally-incorporated insurer or an authorised NOHC these persons generally comprise directors, senior managers, auditors, actuaries and persons who perform certain functions in relation to subsidiaries. For a Category C insurer the persons generally comprise senior managers of the Australian operations who are ordinarily resident in Australia, auditors, actuaries, and persons ordinarily resident in Australia who perform certain functions in relation to subsidiaries.
Under GPS 520, consideration of whether a particular individual is a responsible person takes into account the person’s functions and duties and not simply their position title. In the case of a regulated institution with subsidiaries, consideration also takes into account whether the conduct of persons in the subsidiaries could materially damage the regulated institution.
APRA envisages that, for regulated institutions that are not Category C insurers, senior managers will include managers reporting directly to the Chief Executive Officer and those responsible for key aspects of risk management. Ordinarily, persons other than these would be unlikely to meet the definition of senior manager.
For Category C insurers, senior managers will include the key people resident in Australia. The number of senior managers within a Category C insurer will depend on the scale of its operations.
The application of certain provisions of GPS 520 is limited to people who are ordinarily resident in Australia. As a guide, a person might be considered ordinarily resident if they are likely to be in Australia for a majority of days in any 12-month period.
APRA envisages that only a limited number of the most senior people within a subsidiary would perform activities that have the ability to materially impact on the business or financial standing of the regulated institution for the purposes of paragraph 10(f) or 11(g) of GPS 520. It may be the case that no person in a given subsidiary meets this criterion.
A regulated institution may seek guidance from APRA if it is unsure of whether a particular person meets the definition of a responsible person.
Under paragraph 14 of GPS 520 APRA has the power to determine that additional persons are responsible persons. APRA does not expect that it would routinely use this power or use it to substantially increase the scope of the Prudential Standard. APRA will consult with a regulated institution before making a determination.
Criteria to determine if a responsible person is fit and proper
Under GPS 520 the skills and experience required by each responsible person depends on the person’s role. This will, in turn, be affected by the role undertaken by other responsible persons. For example, a director is generally expected to understand the role and responsibilities of a director and have a general knowledge of the institution, its business and its regulatory environment. However, each director is not generally expected to have all the competencies that the Board collectively needs if other directors have those competencies or they are obtained from external consultants or experts.
GPS 520 requires that, under its Fit and Proper Policy, a regulated institution will consider the nature and extent of a number of matters in conducting fit and proper assessments. Such matters ordinarily include, when relevant:
the person’s character, competence and experience relative to the duties involved, including whether the person:
possesses the necessary skills, knowledge, expertise, diligence and soundness of judgement to undertake and fulfil the particular duties and responsibilities of the role in question; and
has demonstrated the appropriate competence and integrity in fulfilling occupational, managerial or professional responsibilities previously and/or in the conduct of his or her current duties; and
whether the person:
has demonstrated a lack of willingness to comply with legal obligations, regulatory requirements or professional standards, or been obstructive, misleading or untruthful in dealing with regulatory bodies or a court;
has breached a fiduciary obligation;
has perpetrated or participated in negligent, deceitful, or otherwise discreditable business or professional practices;
has been reprimanded, or disqualified, or removed, by a professional or regulatory body in relation to matters relating to the person’s honesty, integrity or business conduct;
has seriously or persistently failed to manage personal debts or financial affairs satisfactorily in circumstances where such failure caused loss to others;
has been substantially involved in the management of a business or company which has failed, where that failure has been occasioned in part by deficiencies in that management;
is of bad repute in any business or financial community or any market; or
was the subject of civil or criminal proceedings or enforcement action, in relation to the management of an entity, or commercial or professional activities, which were determined adversely to the person (including by the person consenting to an order or direction, or giving an undertaking, not to engage in unlawful or improper conduct) and which reflected adversely on the person’s competence, diligence, judgement, honesty or integrity.
Conduct and events that took place overseas may also be relevant to the assessment.
When documenting the competencies required for each responsible person position, a regulated institution might consider documenting any training or induction processes required for each position, on appointment to the position and on an ongoing basis.
Additional criteria for Appointed Auditors and Appointed Actuaries
In assessing the fitness and propriety of a person to be the Appointed Actuary, a regulated institution would ordinarily consider whether there is a risk that the independent professional judgement of the Appointed Actuary may be unduly influenced.
There are additional criteria for the appointment of Appointed Auditors and Appointed Actuaries. There are also additional criteria for the appointment of responsible auditors of NOHCs. These requirements reflect the importance of these positions and the need to ensure independence, including avoiding potential conflicts of interest.
[1]
These additional criteria are specified in GPS 520
The additional criteria require certain levels of experience. This may include experience with insurance businesses outside Australia. In such cases, the regulated institution will need to consider the extent to which the person can demonstrate competency that relates specifically to Australian conditions, including Australia’s prudential and regulatory requirements.
Decision standards for fitness and propriety considerations
The fit and proper criteria in GPS 520 require the regulated institution to assess whether responsible persons meet certain requirements. If insufficient information is available to enable the regulated institution to prudently conclude that those requirements are met, particularly as a result of lack of cooperation by the person, the criteria are not met.
APRA does not require a regulated institution to necessarily bar or remove a person from a responsible person position solely on the basis that one of the matters listed at paragraph 13 has occurred. Depending on the circumstances, a listed matter may not be relevant to that assessment. Where a matter is relevant, the regulated institution may consider it in conjunction with other relevant matters such as materiality, elapsed time since the event, and repetition or duration of the behaviour. GPS 520 requires a regulated institution to apply prudent judgement in determining whether the person could be considered fit and proper for the responsible person position.
A person may be assessed as unfit for a particular responsible person position because of a lack of competence for that position or because of a conflict of interest that applies to the duties of that position. However, the person may still be fit and proper for another responsible person position because the competencies or conflicts were specific to the position. However, where a person is found to be not fit and proper due to a lack of character, diligence, honesty, integrity or judgement, that person will normally not be suitable for any responsible person position.
Process for assessment of fitness and propriety
When assessing a person’s fitness and propriety, a regulated institution need not make enquiries about a matter that is unlikely to be material.A regulated institution will need to weigh the burden of documenting information and the risk of unnecessary disclosure of personal information with the possibility that this information might be material.
An annual performance review will typically be the appropriate time for the annual assessment of a responsible person’s fitness and propriety. However, if material information adverse to the assessment becomes known to a regulated institution during the year, GPS 520 requires that steps be taken without waiting for the annual performance review.
Attestations and representations
The Fit and Proper Policy may require persons to provide attestations relating to some or all of the matters required to be considered as part of a fit and proper assessment and specified at paragraph 13.
For a new appointment to a responsible person position, attestations or representations may assist in satisfying the requirement to make reasonable enquiries under paragraph 38 of GPS 520. However, APRA does not envisage that attestations and representations would be sufficient for a regulated institution to fully satisfy itself of a responsible person’s fitness and propriety on initial assessment. An initial assessment is likely to at least include Australian criminal record checks, as well as evidence of material qualifications.
Attestations or representations may be appropriate for interim appointments. If an attestation is later discovered to have been given in the knowledge that it was false, this will very likely indicate that the person should be removed. If a regulated institution appoints a person to a responsible position without an assessment and it is later discovered that the person was disqualified under the Insurance Act 1973 (Insurance Act) from holding the position, both the person and the regulated institution may commit an offence under the Insurance Act.
Attestations and representations covering the matters in paragraph 13 generally would be sufficient for an annual review of a responsible person’s fitness and propriety. However, these representations may not be conclusive e.g. if a person responsible for making the assessment becomes aware of any material matter not previously identified or considered. For the Appointed Auditor or Appointed Actuary, representations from a firm of which the auditor or actuary is a member may assist in assessing fitness and propriety.
Relying on information gathered for other fitness and propriety assessments
In making an assessment under its Fit and Proper Policy, a regulated institution may consider, where prudent, taking into account other assessments of fitness and propriety or information collected for such assessments. In determining the weight to be given to other assessments, the regulated institution will ordinarily have regard to the time elapsed since the assessment was made and whether the criteria applied were comparable and relevant. In considering whether it would be prudent to take into account previously collected information, a regulated institution will ordinarily consider whether the information remains current. It is likely that such information would substitute for some, but not all, of the enquiries necessary for the institution’s fit and proper assessment.
For example, for those responsible persons who are responsible officers of the holder of an Australian financial services licence, relevant information may have been gathered during the licensing process and this information may be taken into account if the regulated institution believes that the information remains current.
[2]
As defined in the Corporations Act 2001.
Information gathered in support of an application for registration as a company auditor may assist a regulated institution in determining fitness and propriety of an Appointed Auditor. The assessment by the Australian Securities & Investments Commission of the fitness and propriety of a company auditor may be taken into account in a regulated institution’s own assessment of the Appointed Auditor’s fitness and propriety.
Some legal considerations
Where a regulated institution becomes aware of information that could lead to an assessment that a person is not fit and proper, taking reasonable steps as required under GPS 520 will generally include providing the person with a fair opportunity to put matters to the institution.
Regulated institutions have obligations under the Privacy Act 1988 (Privacy Act) relating to how they collect and use information about responsible persons. The obligations include informing responsible persons that information will be collected about them and the ways which the information may be used and disclosed. Regulated institutions may need to take steps to ensure compliance with the Privacy Act such as with National Privacy Principles 1.3 and 1.5 in Schedule 3.
In some instances a regulated institution may have information about a person that has not been collected for assessing fitness and propriety. Where this information is relevant, GPS 520 may require the use of that information for assessing fitness and propriety. The Privacy Act includes exemptions from the National Privacy Principles for conduct required by law, such as the requirement under the Insurance Act to comply with Prudential Standards. Where relevant, a regulated institution may consider seeking its own legal advice on these issues.
As a law of the Commonwealth, GPS 520 may override inconsistent State and Territory laws, if those laws are incapable of operating concurrently with GPS 520. For example, it may be necessary to read down a State law relating to employment where there is apparent inconsistency with GPS 520, but where the position is unclear, legal advice should be obtained. Accordingly, the Fit and Proper Policy of a regulated institution needs to meet the requirements of, and be implemented in a way that complies with, GPS 520 in all respects, even if it would breach a contract or apparently conflict with another law (other than a law of the Commonwealth). This applies regardless of whether the contractual relationships are in place as envisaged by paragraph 35.
To assist in complying with its Fit and Proper Policy, a regulated institution may consider putting in place appropriate contractual or other relationships. This may include responsible persons agreeing:
to provide any assistance that the regulated institution needs to obtain information for the implementation of its Fit and Proper Policy or GPS 520, including giving consents and taking steps to ensure that any person providing information in good faith will not be made liable for providing that information; and
not to seek damages or any other remedy from the regulated institution for implementing its Fit and Proper Policy or seeking to do so in good faith.
It may be necessary to amend the constitution of a regulated institution to ensure directors take office under terms that enable the regulated institution to ensure compliance with its Fit and Proper Policy. APRA does not require a regulated institution to convene an extraordinary meeting of its members only to consider such an amendment. However, a regulated institution will still need to consider whether its constitution requires such a meeting.
When a responsible person is not fit and proper
The steps that a regulated institution takes to ensure that a person does not hold a responsible person position for which they are not fit and proper may include:
not appointing the person or terminating their engagement;
redefining the person’s responsibilities pending further enquiries by the regulated institution or until the person receives further training or experience; or
if there are no effective steps prudently available, taking steps to facilitate APRA independently considering the person’s fitness and propriety. This in itself would not satisfy the regulated institution’s obligations to notify APRA of information under GPS 520.
APRA’s powers
APRA has powers under the Insurance Act to:
direct a locally incorporated insurer or authorised NOHC to remove a director or senior manager;
[3]
Refer section 27 of the Insurance Act.
direct a Category C insurer to remove a senior manager or the agent in Australia (where the agent is an individual);
[4]
Refer section 27 of the Insurance Act.
direct a corporate agent to remove a director or senior manager of the corporate agent;
[5]
Refer section 27 of the Insurance Act.
direct an insurer or authorised NOHC to end the appointment of the Appointed Auditor or Appointed Actuary;
[6]
Refer section 49R of the Insurance Act.
for a locally incorporated insurer or authorised NOHC, to apply to the Federal Court of Australia to disqualify a person from being, or acting as, a director or senior manager and, for a locally incorporated insurer, being an Appointed Auditor or Appointed Actuary;
[7]
Refer sections 25A and 44 of the Insurance Act.
for a Category C insurer, to apply to the Federal Court of Australia to disqualify a person from being, or acting as, a senior manager, Appointed Auditor, Appointed Actuary or the agent in Australia (where the agent is an individual); and
[8]
Refer sections 25A and 44 of the Insurance Act
for a corporate agent, to apply to the Federal Court of Australia to disqualify a person from being, or acting as, a director or senior manager.
[9]
Refer section 25Aof the Insurance Act.
APRA may give a direction of the kind referred to at paragraphs 38(a) to (c) if APRA is satisfied that the person:
either:
is disqualified under section 25A of the Insurance Act from being or acting as a director or senior manager of an insurer, NOHC or corporate agent; or
is otherwise a disqualified person under the Insurance Act; or
[10]
As defined in section 25 of the Insurance Act
[11]
Refer sections 25 of the Insurance Act.
does not meet one or more of the criteria for fitness and propriety set out, where relevant, in paragraph 22 of GPS 520.
[12]
Refer section 27 of the Insurance Act.
APRA may give a direction of the kind referred to at paragraph 38(d) if APRA is satisfied that the person:
is disqualified under section 44 of the Insurance Act from holding such an appointment; or
does not meet one or more of the criteria for fitness and propriety set out, where relevant, in paragraphs 22 to 30 of GPS 520.
[13]
Refer to section 49R of the Insurance Act.
The Federal Court of Australia may, on application from APRA, disqualify a person from holding an appointment as an Appointed Auditor or Appointed Actuary if it is satisfied that the person:
has failed to perform adequately and properly the functions and duties of such an appointment under the Insurance Act or the prudential standards; or
does not meet one or more of the criteria for fitness and propriety applicable to Appointed Auditors or Appointed Actuaries set out, where relevant, in paragraphs 22 to 30 of GPS 520; or
does not meet the eligibility criteria for such an appointment as applicable under paragraph 30 of GPS 520.
[14]
Refer to section 44 of the Insurance Act.
The Federal Court of Australia may, on application from APRA, disqualify a person from being or acting as:
director or senior manager of a locally incorporated insurer or authorised NOHC;
an agent in Australia of a Category C insurer (where the agent is an individual); and
a director or senior manager of a corporate agent if it is satisfied that the person is not a fit and proper person to be or act as such a person and the disqualification is justified.
[15]
Refer to section 25A of the Insurance Act.
[16]
Refer to section 25A of the Insurance Act
A person is also automatically disqualified in certain circumstances as set out under section 25 of the Insurance Act from being:
a Category C insurer’s agent in Australia; or
a senior manager of a regulated institution; or
for a regulated institution other than a Category C insurer, a director.
A regulated institution is not excused from meeting its obligations under GPS 520 on the basis that APRA has powers under the Insurance Act. APRA expects institutions to take the action needed so that only a person who is fit and proper acts in a responsible person position. For example, a regulated institution will need to assess promptly whether an Appointed Actuary is fit and proper if the regulated institution becomes aware of any non-performance by the person of duties or functions required by the Insurance Act or the Life Insurance Act 1995.
APRA’s powers apply independently of a regulated institution’s powers and duties when a responsible person is not fit and proper. APRA is not required to wait until a regulated institution has considered whether a responsible person is fit and proper. However, APRA will generally consult with a regulated institution and will not normally act to remove a responsible person until the regulated institution has had sufficient time to complete its consideration.
If a person whom APRA considers is not fit and proper is not removed from holding a responsible person position by the institution, APRA will exercise its powers as appropriate. For example, APRA may use its powers if a regulated institution faces difficulties in removing a director who is not fit and proper.
When assessing whether a person is fit and proper for a particular responsible person position or more generally, APRA will consider, among other matters, the matters listed at paragraph 13 to the extent that they are relevant.
If a regulated institution considers that a responsible person is fit and proper for a responsible person position but APRA considers otherwise, APRA may notify the institution that APRA will exercise its powers if certain requirements are not satisfied. Requirements that may be applied include limits to the areas or activities in which the person can work, further training, or specific reporting or other requirements that APRA believes are appropriate. In exceptional circumstances, APRA may exercise its powers without notification.
It is not necessary for a person to be a past, current or immediately prospective responsible person for APRA to consider that person’s fitness and propriety. In some circumstances, APRA will need to identify persons who are not fit and proper in order to ensure they are not able to hold responsible person positions in the future.
A person affected by a decision made by APRA referred to in paragraphs 38(a) to (d) may request that APRA review that decision. If APRA confirms or varies the decision, or fails to revoke the decision within 21 days, the person affected by the decision may then make an application to the Administrative Appeals Tribunal. The process for reconsideration and review is set out under Part VI of the Insurance Act.
Appointment of auditors and actuaries
The Insurance Act requires that an insurer appoints an auditor and an actuary. The insurer must not appoint a person as an auditor or actuary unless it is reasonably satisfied that the individual is fit and proper for the appointment with that insurer under the criteria (including eligibility criteria) specified in GPS 520.
Informing APRA
Regulated institutions are required, under paragraphs 50 and 51 of GPS 520, to provide certain information to APRA and ensure that this information remains current. To assist regulated institutions in complying with this requirement, APRA provides an annual form containing the most recent information to be provided to APRA regarding those in responsible person positions. The regulated institution may use this form to correct and update the information provided to APRA. Information on this process, and a standard form, are available on APRA’s web site at http://www.apra.gov.au.
If a regulated institution believes that a person has information that is likely to be material to a fit and proper assessment that it has not been able to obtain, the regulated institution would be expected to discuss the matter with APRA.
The following are examples of information that APRA may require the regulated institution to obtain under paragraph 53 of GPS 520:
specified information and documentation on any criminal record or civil finding and any prospective criminal or civil proceedings to which the person may be subject (the requirement to provide this information will be in accordance with Part VIIC of the Crimes Act 1914 (Crimes Act));
[17]
Part VIIC of the Crimes Act places limits on the disclosure and use of information about ’spent’ convictions. Part VIIC of the Crimes Act protects from disclosure not only convictions that are spent convictions under Part VIIC, but also convictions that are spent convictions under spent convictions legislation of a State or Territory.
specified information from law enforcement agencies, other regulators, current and former employers of the person, professional associations and others whom APRA believes may have relevant information; and
the reasons for the resignation, retirement or removal of a responsible person.
APRA may make other enquiries to enable it to assess the fitness and propriety of a responsible person.
Adjustments and exclusions
In reference to paragraph 55 of GPS 520, APRA will consider applications that candidly disclose all information that the regulated institution has, or can obtain by reasonable enquiry, that may be relevant to APRA’s consideration of the application.