Table of contents
Prudential practice guide
HPG 510 Governance
-
Current1 July 2019
Prudential framework pillars
About this guide
Prudential Practice Guides (PPGs) provide guidance on the Australian Prudential Regulation Authority’s (APRA) view of sound practice in particular areas. PPGs frequently discuss legal requirements from legislation, regulations, or APRA’s prudential standards, but do not themselves create enforceable requirements.
Prudential Standard CPS 510 Governance (CPS 510) sets out APRA’s requirements in relation to the governance of authorised deposit takers, general insurers, life companies, private health insurers, and Level 2 and Level 3 groups, collectively referred to as regulated institutions. This PPG aims to assist regulated institutions to comply with those requirements and, more generally, to outline prudent practices in relation to certain governance matters.
Subject to the requirements of CPS 510, a private health insurer has the flexibility to structure its governance framework in the way most suited to achieving its business objectives. Not all practices outlined in this PPG will be relevant for every private health insurer. Some aspects may vary depending upon the size, complexity and risk profile of the insurer.
Disclaimer and copyright
This prudential practice guide is not legal advice and users are encouraged to obtain professional advice about the application of any legislation or prudential standard relevant to their particular circumstances and to exercise their own skill and care in relation to any material contained in this guide.
APRA disclaims any liability for any loss or damage arising out of any use of this prudential practice guide.
© Australian Prudential Regulation Authority (APRA)
This work is licensed under the Creative Commons Attribution 3.0 Australia Licence (CCBY 3.0). This licence allows you to copy, distribute and adapt this work, provided you attribute the work and do not suggest that APRA endorses you or your work. To view a full copy of the terms of this licence, visit https://creativecommons.org/licenses/by/3.0/au/
Introduction
The information in this guide supports compliance with Prudential Standard CPS 510 Governance (CPS 510).
Principles
A number of principles underpin a sound and effective governance framework for a private health insurer. These include:
responsibility — the board of directors (the Board) is ultimately responsible and accountable for the decisions and actions taken by a private health insurer;
independence — demonstrated by a Board that discharges its review and oversight role effectively and independent of the interests of dominant shareholders, management, and competing or conflicting business interests;
renewal — a policy of renewal provides for fresh insight and general reinvigoration of a Board while also ensuring ongoing effective oversight and understanding of the business of the private health insurer by the Board;
expertise — demonstrated by a Board with the necessary expertise to fulfil its role and functions, and access to independent expertise not readily available amongst the current directors;
diligence — demonstrated by a Board that discharges its duties and responsibilities carefully and conscientiously;
prudence — demonstrated by a Board with a clear focus on the prudent management of the private health insurer’s business operations;
transparency — demonstrated by a Board that is open and honest in its dealings on behalf of the private health insurer; and
oversight — demonstrated by a Board that is able to satisfy itself that the management and operation of the private health insurer’s business operations conforms to its strategy, direction and policies.
[1]
APRA’s Aid for Directors of ADIs and Insurers (October 2014) provides additional advice about the additional responsibilities the APRA prudential framework places on directors.
Interpretation
Under CPS 510, some industry specific requirements for governance are necessary or appropriate, particularly when there are underlying differences in the legislative framework applying to a particular industry. In such areas, industry-specific requirements are included in CPS 510 and are clearly expressed as such.
Private health insurers need not consider provisions of CPS 510 which relate specifically to other APRA-regulated industries. For example:
Level 2, Level 3 and Category C insurers, EFLICS and NOHCs – these terms apply to authorised deposit taking institutions, life insurers and or general insurers;
Head of Group references – a reference to a ‘Head of group’ in CPS 510 is a reference to a Level 2 Head or a Level 3 Head;
Foreign institution requirements – not applicable to the private health insurance industry as all registered private health insurers are required to be companies within the meaning of the Corporations Act 2001 (Corporations Act).
Governance arrangements
An effective governance framework includes the oversight of systems, structures, policies, processes and people that underpin accountability within the private health insurer’s business operations. It supports a private health insurer to make objective business decisions in the best interests of policyholders.
APRA expects that Boards will establish a process to ensure that governance risks are properly and regularly evaluated and managed by the Board. Governance risks include, but are not limited to, risks associated with:
accountability and transparency of decision-making processes;
delegation of roles and responsibilities;
remuneration arrangements;
fitness and propriety; and
the management of conflicts of interest.
[2]
Prudential Practice Guide CPG 220 Risk Management provides guidance relating to risk management. Prudential Practice Guide HPG 520 Fit and Proper provides additional guidance relating to assessments of fitness and propriety.
For the avoidance of doubt, where a private health insurer already has in place a policy that satisfies requirements set out in CPS 510, the insurer may incorporate such policies by reference into the governance framework. That is, the materials do not have to be duplicated for the purposes of complying with the requirements of CPS 510.
APRA’s view is that a prudent Board will determine a target size for the Board and its committees and reflect in the Board’s renewal policy an outline of how the Board intends to achieve and maintain this target size.
APRA’s view is that Board size influences a Board’s capacity to operate effectively. APRA considers it would be prudent practice for a private health insurer to periodically review the total number of directors on the Board and assess whether the size of the Board supports the effective functioning and decision-making of the board. The size of the Board is ultimately a matter for the private health insurer to set in light of the size, business mix and complexity of the business operations.
APRA’s view is that, when determining the overall composition of the Board, a private health insurer would ordinarily take into account the insurer’s business and strategic plans and the skills and capabilities required to effectively oversee the implementation of that strategy.
APRA expects that a private health insurer would establish policies and procedures relating to voting rights which support effective decision-making by the Board. This would be expected to include procedures which ensure that the views of all directors are adequately reflected in all decisions made by the Board.
It would be prudent practice for the Board to consider using relevant Board committees to provide appropriate oversight of key governance matters. CPS 510 requires the establishment of three separate committees: risk, audit and remuneration. Private health insurers may establish other additional committees at their own discretion, for example a dedicated nomination committee.
Board and senior management
The Board has ultimate responsibility for the sound and prudent management of a private health insurer’s business operations. A well-functioning Board will review and approve business strategies and significant policies of the private health insurer. It will also satisfy itself that an effective system of risk management and internal control is established and maintained, and that senior management monitors the effectiveness of the risk management framework.
Senior management has responsibility for day-to-day management of a private health insurer’s business operations. This includes the implementation and monitoring of systems, structures, policies, processes, information and oversight arrangements used in managing the private health insurer.
Residency
As a guide, a person might be considered ‘ordinarily resident’, as referred to in CPS 510, if they are likely to be in Australia for a majority of days in any 12-month period.
Conflicts of interest
The Corporations Act contains requirements for dealing with conflicts of interest. Specifically, subject to certain exceptions, subsection 195(1) of the Corporations Act requires that a director of a public company with a material personal interest in a matter that is being considered at a directors’ meeting must not:
be present while the matter is being considered at the meeting; or
vote on the matter.
The Corporations Act allows exceptions to this rule. Subsection 195(2) permits directors who do not have a material personal interest in a matter to pass a resolution that they are satisfied that the interest (which must be identified in accordance with subsection 195(2)(a)) should not disqualify the director with a material personal interest from voting or being present.
APRA expects that such resolutions would be limited to exceptional circumstances and that they would be minuted, together with reasons.
Group structures
Where a private health insurer is part of a corporate group, APRA expects that the Board would consider the potential impact on the private health insurer of the operations of the corporate group, including but not limited to, the policies and procedures of other entities in the group.
A person may act as a director of more than one APRA-regulated institution within a corporate group.
Independence
When assessing the independence of a director, the Board must have regard to whether the director:
is a substantial shareholder of the private health insurer or an officer of, or otherwise associated directly with, a substantial shareholder of the insurer;
is employed, or has previously been employed, in an executive capacity by the private health insurer, or another group member, and there has not been a period of at least three years between ceasing such employment and serving on the Board of the private health insurer;
has within the last three years been a principal of a material professional adviser or a material consultant to the private health insurer or another group member, or an employee materially associated with the service provided;
is a material supplier of the private health insurer, or another group member, or an officer of or otherwise associated directly or indirectly with a material supplier or customer; or
has a material contractual relationship with the private health insurer or another group member other than as a director.
APRA encourages all Boards to consider the benefits of appointing one or more directors who are free from any business or other association that could materially interfere with the exercise of independent judgement. Such independent directors broaden the skills and capabilities that can be brought to the Board table, and improve decision-making by bringing an objective perspective to issues the Board considers. They are also well placed to hold other directors accountable for their conduct, particularly in relation to conflicts of interest.
Further, APRA’s view is that a prudent private health insurer would consider whether the appointment of an independent director as chairperson of the Board would benefit the Board’s fulfilment of its duties.
It would be prudent practice for a private health insurer to consider the current and past associations of candidates when seeking to appoint new directors. Where a current or past association could influence a director’s ability to effectively carry out their role, APRA expects that the Board would consider whether that appointment is appropriate and in the best interest of the private health insurer.
A person is precluded from being considered an independent director if they do not meet the criteria for independence referenced in CPS 510.
Board nomination, appointment and removal
Achieving overall Board composition which is appropriate for a private health insurer’s business operations provides the foundation for sound governance. The nomination, appointment and removal processes of the Board are crucial to achieving appropriate Board composition.
APRA’s view is that the Board would be expected to have in place robust processes to support the nomination of appropriate candidates for appointment to the Board. This would include processes to support open and effective communication and consultation with organisations with a right to nominate directors for appointment to the Board. APRA considers that it would be appropriate for the Board to have processes in place to respond to the situation where a sponsoring organisation nominates or appoints a director that the Board considers unsuitable for appointment.
The Board’s policy for nominating and appointing directors would be expected to ensure that terms of tenure are staggered to support continuity and the appropriate transfer of knowledge and skills to new directors.
When considering potential candidates and appointing new directors, APRA’s view is that a private health insurer would assess:
the current and past associations of candidates;
the appropriateness of other directorships held by the candidate director, especially directorships of other private health insurers;
the skills and capabilities of nominated candidates against the role and responsibilities of the vacancy and the Board as a whole, including consideration of committee vacancies; and
the fitness and propriety of nominated candidates.
Board performance assessment
CPS 510 requires the Board to assess its performance and that of individual directors relative to its objectives. In undertaking this assessment, a well-functioning Board would typically consider and document the objectives that it sets for the Board collectively and for individual directors.
Objectives for the Board could include:
establishing the overall strategy for the private health insurer and ensuring reporting against this strategy;
approving the risk management strategy of the private health insurer including determining the level of risk it is willing to accept;
assessing operating and financial conditions against forecasts;
assessing senior management performance against agreed criteria, which would include, for relevant senior management, the effectiveness of risk controls; and
making key decisions in a timely manner.
Objectives for individual directors may include:
demonstrating the required expertise for their role;
attendance and participation at Board meetings; and
contributing to Board deliberations and the overall direction of the private health insurer.
APRA expects the Board to consider whether its annual board assessment would be best undertaken by a party who is free from connection to the private health insurer or its associates. At a minimum, APRA expects the Board assessment would be undertaken by an external party at least every three years.
APRA expects that a Board would have in place a documented policy on Board performance assessments which includes:
the timeframe within which assessments will be conducted;
how sufficient objectivity in performance assessments will be achieved;
how the Board will manage the outcomes of performance assessments and recommended courses of action in the event of performance that is below expectations; and
a reasonable timeframe for action after performance assessments have been conducted.
Board renewal
APRA expects a Board renewal policy would document the maximum tenure period for each director, including the circumstances where the private health insurer may deviate from the terms of its tenure policy. APRA’s view is that long periods of tenure can affect a person’s capacity to exercise independent judgement. APRA expects that the length of each director’s tenure would be examined shortly before the end of each term served and that there would be limited circumstances in which maximum tenure limits exceeding 12 years would be appropriate.
[3]
For the purpose of this Prudential Practice Guide, a reference to ‘tenure’ is a reference to the total length of service of an individual director on the Board (including non-continuous service).
APRA expects that a private health insurer would develop and implement a considered approach for assessing each director on the cessation of their term, and at the end of the private health insurer’s maximum tenure period, to determine whether it is appropriate for the individual to be reappointed. This includes having regard to periods of time served on the Board of a predecessor private health insurer where the individual is appointed to, for example, the Board of the merged or successor entity.
APRA expects that circumstances where a person is re-appointed as a director at the end of the private health insurer’s maximum tenure period would be exceptional. APRA also expects that, in the absence of exceptional circumstances, a director would serve on the Board for at least the term for which the director was appointed. Decisions about the appointment and removal of individual directors would ordinarily be considered by the Board of the private health insurer. An appropriate length of term of appointment for directors would ordinarily be in the vicinity of three to four years.
Board committees
CPS 510 sets out the minimum requirements for the Board Remuneration Committee, Board Risk Committee and Board Audit Committee.
A well-functioning Board will typically consider whether there may be merit in establishing Board committees for the purpose of overseeing critical functions. Whilst CPS 510 requires the establishment of a Board Remuneration Committee, a Board Risk Committee and a Board Audit Committee, the Board may find the establishment of other committees beneficial for certain functions and for strengthening the overall governance arrangements of the private health insurer.
While some functions and responsibilities of directors may be delegated to board committees where appropriate, the Board retains ultimate responsibility for ensuring that those duties are performed.
In establishing committees, a well-functioning Board will have regard to the risk profile of the private health insurer and the complexity of its business, as well as the experience and expertise of the directors.
Where Board committees are established, it is prudent practice for these committees to have clearly defined charters that set out their role and objectives, responsibilities, authorities and tenure, and for the charters of these committees to be regularly reviewed. It would also be prudent practice that board committees report regularly to the Board.
Board Audit Committee
APRA expects that, in addition to the requirements in CPS 510, the Board Audit Committee would, from time to time, meet separately with the internal auditor and Appointed Auditor without other parties being present.
Internal audit
While CPS 510 requires the internal audit function to have a reporting line and unfettered access to the Board Audit Committee, this does not preclude the internal auditor from having a reporting line to management, provided that this does not undermine the independence of the internal audit function, either in appearance or in fact.
Board Risk Committee
CPS 510 requires a private health insurer to establish a dedicated Board Risk Committee. The Board Risk Committee is responsible for reviewing the risk management framework of the insurer, for determining policies that ensure the risk management framework is adhered to and for monitoring adherence to those policies.
It would be prudent practice for the Board Risk Committee to allow those responsible for risk management functions to meet with it, without other parties being present.
Board Remuneration Committee
APRA has issued Prudential Practice Guide PPG 511 Remuneration (PPG 511), to assist APRA-regulated institutions to consider and properly manage the risks that may arise from remuneration arrangements. PPG 511 also provides advice on the governance arrangements for the Board Remuneration Committee and the use of external advisors.