Prudential standard

SPS 310 Audit and Related Matters

  • Superannuation
  • Superseded
    30 June 2023 – 29 June 2024
Prudential framework pillars
Governance
Audit
Supporting

About this standard

This standard requires an RSE licensee to appoint an auditor to provide independent advice. RSE licensees must ensure the Auditor is able to fulfil their responsibilities within specified timeframes.

This standard supports SPS 510 Governance, which is a core standard in the Governance Pillar. It applies to all RSE licensees.

Objectives and key requirements of this Prudential Standard

This Prudential Standard establishes requirements for the provision, to the Board and senior management of an RSE licensee, of independent advice in relation to the operations, financial position and risk controls of the business operations of the RSE licensee. This advice is designed to assist the Board and senior management in carrying out their responsibilities for the sound and prudent management of the business operations of the RSE licensee.
This Prudential Standard outlines the roles and responsibilities of the RSE auditor of an RSE licensee. It also outlines the obligations of an RSE licensee to make arrangements to enable an RSE auditor to fulfil his or her responsibilities.
The key requirements of this Prudential Standard are that:
  • an RSE licensee must make arrangements to enable an RSE auditor to undertake his or her role and responsibilities;
  • the RSE auditor must audit the financial statements and annual information required under reporting standards made by APRA in relation to each RSE, and review other aspects of that RSE, and provide a report to the RSE licensee of that RSE. The audit and review must cover the RSE licensee’s business operations in respect of the RSE;
  • an RSE auditor may also be required to undertake special purpose engagements; and
  • an RSE licensee must submit to APRA all reports required to be prepared by an RSE auditor under this Prudential Standard.
Preamble

Superannuation (prudential standard) determination No. 4 of 2022

Prudential Standard SPS 310 Audit and Related Matters

Superannuation Industry (Supervision) Act 1993
I, Renée Roberts, delegate of APRA:
under subsection 34C(6) of the Superannuation Industry (Supervision) Act 1993 (the Act) REVOKE Superannuation (prudential standard) determination No. 1 of 2018, including Prudential Standard SPS 310 Audit and Related Matters made under that Determination; and
under subsection 34C(1) of the Act, DETERMINE Prudential Standard SPS 310 Audit and Related Matters in the form set out in the Schedule, which applies to all RSE licensees and all RSE auditors.
This instrument commences on 30 June 2023.
Dated: 1 December 2022
Renée Roberts
Executive Director
Policy and Advice Division

Interpretation

In this Determination:
APRA means the Australian Prudential Regulation Authority.
RSE auditor has the meaning given in section 10(1) of the Act.
RSE licensee has the meaning given in section 10(1) of the Act.

Schedule

Prudential Standard SPS 310 Audit and Related Matters comprises the 8 pages commencing on the following page.

Prudential Standard SPS 310

Audit and Related Matters

Authority

This Prudential Standard is made under section 34C of the Superannuation Industry (Supervision) Act 1993 (SIS Act).

Application and commencement

This Prudential Standard applies to all registrable superannuation entity (RSE) licensees (RSE licensees) and RSE auditors.
This Prudential Standard commences on 30 June 2023.

Interpretation

Where this Prudential Standard provides for APRA to exercise a power or discretion, the power or discretion is to be exercised in writing.
[1]
For the purposes of this Prudential Standard, ‘RSE licensee’ and ‘RSE auditor’ have the meaning given in section 10(1) of the SIS Act.

Obligations of RSE licensees – auditor appointment

An RSE licensee must annually appoint an for each RSE within the RSE licensee’s business operations as soon as practicable but, in any event, no later than the last day of each year of income to which the appointment relates. 
RSE auditor
RSE auditor has the meaning given in section 10(1) of the Act.
RSE licensee has the meaning given in section 10(1) of the Act.
[2]
For the purposes of this Prudential Standard, an ‘RSE licensee’s business operations’ includes all activities as an RSE licensee (including the activities of each RSE of which it is the licensee), and all other activities of the RSE licensee to the extent that they are relevant to, or may impact on, its activities as an RSE licensee.
Where an RSE licensee is a member of a group, the auditor engaged by that group may also be engaged as the RSE auditor for an RSE within the RSE licensee’s business operations under this Prudential Standard, provided that auditor meets all relevant requirements of this Prudential Standard.
[3]
For the purposes of this Prudential Standard, a reference to ‘a group’ is a reference to a group comprising the RSE licensee and all connected entities and all related bodies corporate of the RSE licensee, ‘connected entity’ has the meaning given in section 10(1) of the SIS Act and ‘related body corporate’ has the meaning given in section 50 of the Corporations Act 2001 (Corporations Act).
An RSE licensee must set out the terms of engagement of the RSE auditor in a legally binding contract between the RSE licensee and the RSE auditor. The RSE auditor must comply with the terms of engagement. The terms of engagement must:
require the RSE auditor to fulfil the roles and responsibilities of the RSE auditor as specified in this Prudential Standard and in the manner specified in this Prudential Standard;
require the RSE auditor, in meeting his or her role and responsibilities, to comply with relevant standards and guidance statements issued by the Auditing and Assurance Standards Board (AUASB) (relevant AUASB standards and guidance) to the extent that they are not inconsistent with the requirements of this Prudential Standard and other prudential requirements. If they are inconsistent:
[4]
‘Prudential requirements’ include requirements under the SIS Act, the Superannuation Industry (Supervision) Regulations 1994 (SIS Regulations), prudential standards, reporting standards, the Financial Sector (Collection of Data) Act 2001 (FSCOD Act), licence conditions, authorisations, superannuation data and payment standards, directions and any other requirements imposed by APRA under legislation.
this Prudential Standard prevails; or
may notify the RSE licensee in writing that alternative standards and guidance must be used by the RSE auditor; and
APRA
APRA means the Australian Prudential Regulation Authority.
refer the RSE auditor to the relevant provisions in the SIS Act.
[5]
Refer to Part 4, Part 16 and Part 25 of the SIS Act for requirements relating to RSE auditors.
An RSE licensee must use all reasonable endeavours to ensure that the RSE auditor complies with the terms of engagement contained in paragraph 7.
An RSE licensee must use all reasonable endeavours to assist the RSE auditor in being fully informed of all prudential requirements applicable to the RSE licensee.
An RSE licensee must ensure that the RSE auditor has access to all data, information, reports and staff in respect of the RSE licensee’s business operations that the RSE auditor reasonably believes necessary to fulfil his or her role and responsibilities under the SIS Act and this Prudential Standard. This must include access to the Board of the RSE licensee (the Board), Board Audit Committee, internal auditor(s) and any information APRA has provided to the RSE licensee, as required by the RSE auditor.
[6]
For the purposes of this Prudential Standard, a reference to ‘the Board’ is to be read as a reference to the Board of directors or group of individual trustees of an RSE licensee and ‘group of individual trustees’ has the meaning given in section 10(1) of the SIS Act.

Obligations of RSE licensees – fitness and propriety

An RSE licensee must ensure that its RSE auditor:
is not disqualified under section 130D of the SIS Act;
satisfies the eligibility criteria in Prudential Standard SPS 520 Fit and Proper (SPS 520) as applicable to an RSE auditor;
is a fit and proper person in accordance with the RSE licensee’s Fit and Proper Policy as required by SPS 520, including those requirements that apply specifically to the RSE auditor; and
satisfies the auditor independence requirements in Prudential Standard SPS 510 Governance.

Obligations of RSE licensees – auditor’s report

An RSE licensee must ensure that the RSE auditor provides a report to the Board on each audit of the operations of each RSE within the RSE licensee’s business operations, for each year of income (the auditor’s report) that complies with this Prudential Standard. The RSE auditor must provide the report required under this paragraph to the RSE licensee. The audit required under this paragraph must also cover the operations of the RSE licensee in respect of that RSE.
[7]
Refer to paragraph 20 for APRA’s power to determine the approved form.
An RSE licensee must ensure that the RSE auditor provides the auditor’s report to the Board within sufficient time to enable the RSE licensee to submit the report to APRA within three months after the end of the year of income to which the report relates. The RSE auditor must provide the report to the RSE licensee within that time. The report submitted to APRA by the RSE licensee must either be the original or a true copy. If the report is a true copy it must be verified by:
if the RSE licensee is a body corporate — at least two directors of the body corporate; or
if the RSE licensee is a group of individual trustees — at least two of those trustees.
An RSE licensee must ensure that the auditor’s report is completed in respect of the RSE’s whole year of income, even if the RSE was transferred, in whole or in part, to the RSE licensee from another RSE licensee during that year of income.
If an RSE was wound up during the year of income to which the report relates, an RSE licensee must ensure that the auditor’s report covers the period from the start of the RSE’s year of income to the date the RSE was wound up and is completed no later than within three months after the end of the year of income to which the report relates.
Where an RSE licensee has more than one RSE within its business operations, the RSE licensee must ensure that an RSE auditor completes a separate auditor’s report in respect of each RSE.
Notwithstanding the requirement for a separate report for each RSE set out in paragraph 16, an RSE licensee may engage an RSE auditor to prepare a single auditor’s report covering some or all of any small APRA funds (SAFs) within its business operations, provided that:
[8]
A SAF is an RSE that has fewer than five members.
the RSE licensee, consistent with its obligations under the SIS Act, the governing rules and Prudential Standard SPS 220 Risk Management (SPS 220), is satisfied that its risk management strategy adequately covers each of the SAFs covered by the single auditor’s report;
the auditor’s report is unmodified;
each SAF has been individually audited in accordance with relevant AUASB standards and guidance; and
the RSE licensee provides APRA with a listing of the SAFs covered by the single auditor’s report.
Where an RSE licensee is part of a group, to the extent that the auditor’s report only relates to the RSE licensee itself, an RSE auditor may prepare that part of the auditor’s report (and any other documents required to be provided or maintained under this Prudential Standard) on whichever of the following bases the RSE auditor considers appropriate:
both the RSE licensee and the group, provided it is clear where the RSE auditor is referring to matters relating to the RSE licensee or the group; or
the RSE licensee on a standalone basis, separate to the group.

Responsibilities of the RSE auditor - reporting

At a minimum, the auditor’s report, which must be prepared by the RSE auditor, must provide:
reasonable assurance addressing:
annual financial statements of each RSE prepared in accordance with relevant Australian Accounting Standards issued by the Australian Accounting Standards Board;
the annual information, relating to each RSE, required under the reporting standards made by APRA under the FSCOD Act that are identified in Attachment A as requiring reasonable assurance; and
compliance with provisions of the SIS Act, SIS Regulations, Corporations Act, Corporations Regulations 2001, FSCOD Act, and additional conditions imposed under s. 29EA of the SIS Act, that are specified in a form approved under paragraph 20; and
limited assurance addressing:
the annual information, relating to each RSE, required under the reporting standards made by APRA under the FSCOD Act that are identified in Attachment A as requiring limited assurance;
the RSE licensee’s systems, procedures and internal controls that are designed to ensure that the RSE licensee has complied with all applicable prudential requirements, has provided reliable data to APRA as required under the reporting standards prepared under the FSCOD Act, and has operated effectively throughout the year of income; and
the RSE licensee’s compliance with its risk management framework.
[9]
  Refer to SPS 220 for the requirement for an RSE licensee to have a risk management framework.
For the purposes of this Prudential Standard, ‘reasonable assurance’ and ‘limited assurance’ are defined in accordance with relevant AUASB standards and guidance.
If APRA has approved a form (the approved form) under this paragraph for the auditor’s report, the auditor’s report must be in the approved form. APRA may approve a form that provides for, among other requirements, the requirements outlined in paragraphs 19 and 21 to 23 inclusive.
[10]
The approved form will be made available on APRA’s website.
An RSE auditor must modify the opinion contained in the auditor’s report for breaches of any provisions which, in the RSE auditor’s professional opinion, are material. In forming an opinion as to whether a breach is material, the RSE auditor must refer to relevant AUASB standards and guidance.
When preparing a report or assessment required under the SIS Act or this Prudential Standard (whether as part of routine or special purpose engagement), an RSE auditor must:
do so on the basis that APRA may rely upon the report in the performance of its functions under the SIS Act; and
exercise independent judgement and not place sole reliance on work performed by APRA.
An RSE auditor must retain all working papers and other documentation in relation to the prudential requirements of the RSE for a period of at least five years after the end of year of income. Where requested to do so in writing by APRA, the RSE auditor must provide the working papers and other documentation to APRA.
[11]
Refer to section 35A of the SIS Act.

Other responsibilities of the RSE licensee

An RSE licensee must bear the costs of preparing and submitting reports, documents and other material required by this Prudential Standard.
An RSE licensee must facilitate meeting arrangements requested by APRA, including ensuring attendance by the RSE auditor. APRA liaison on audit-related matters will normally be conducted under tripartite arrangements involving APRA, the RSE licensee and the RSE auditor. APRA may also meet, at any time, the internal auditor (where applicable) and, where an RSE licensee is part of a group, the head entity of the group.

Special purpose engagements

APRA may require an RSE licensee, by notice in writing, to appoint an auditor, who may be the existing RSE auditor or another auditor, as specified in APRA’s notice, to provide a report on a particular aspect of the RSE licensee’s business operations, prudential requirements or the risk management framework.
An auditor appointed for a special purpose engagement must provide limited assurance on the matters upon which the auditor is required to report unless otherwise determined by APRA and advised to the RSE licensee in writing.
An auditor appointed for a special purpose engagement must submit, within three months of the date of the notice commissioning the report, an auditor’s report simultaneously to APRA and to the Board, unless otherwise determined by APRA.
An auditor must modify the report referred to in paragraph 26 for breaches relating to the matters upon which the auditor is required to report which, in the auditor’s professional opinion, are material. In forming an opinion as to whether a breach is material, the auditor must refer to relevant AUASB standards and guidance.

Adjustments and exclusions

APRA may adjust or exclude a specific requirement in this Prudential Standard in relation to:
a particular RSE licensee of an RSE;
a particular connected entity of an RSE licensee of an RSE;
specified RSE licensees of RSEs; or
specified connected entities of RSE licensees of RSEs.

Previous exercise of discretion

An RSE licensee must contact APRA if it seeks to place reliance, for the purposes of complying with this Prudential Standard, on a previous exercise of discretion by APRA under a previous version of this Prudential Standard.

Attachment A - Content of auditor’s report: annual information required under reporting standards made by APRA

For the purposes of paragraph 19(a)(ii) and 19(b)(i) of this Prudential Standard, the auditor’s report must address the annual information in the following reporting standards on the basis specified below in relation to each listed reporting standard:
[12]
If a reporting standard has been revoked prior to or during a year of income, the RSE auditor’s report for that year of income does not need to address the annual information required by that reporting standard.
Reporting Standard
Level of assurance
Reporting Standard SRS 114.1 Operational Risk Financial Requirement
Reasonable
Reporting Standard SRS 320.0 Statement of Financial Position
Reasonable
Reporting Standard SRS 330.0 Statement of Financial Performance
Reasonable
Reporting Standard SRS 533.0 Asset Allocation (in respect of MySuper investment options only)
Limited
Reporting Standard SRS 550.0 Asset Allocation (Table 1, columns 1-5 and 9-12 of Reporting Form SRF 550.1 Investments and Currency Exposure only)
Reasonable
Reporting Standard SRS 602.0 Wind-up 
Reasonable
Reporting Standard SRS 702.0 Investment Performance (in respect of MySuper investment options only)
Limited
Reporting Standard SRS 706.0 Fees and Costs Disclosed (in respect of MySuper investment options only)
Limited
Reporting Standard SRS 800.0 Financial Statements 
Reasonable
Reporting Standard SRS 801.0 Investments and Investment Flows
Reasonable
[13]
Applies only to RSEs that have wound up.
[14]
Applies only to small APRA funds and single member approved deposit funds.
[15]
Applies only to small APRA funds and single member approved deposit funds.