Table of contents
Prudential standard
SPS 510 Governance
-
Superseded1 January 2024 – 29 June 2024
Prudential framework pillars
About this standard
This standard requires an RSE licensee to have a sound governance framework and to conduct its affairs with a high degree of integrity. RSE licensees must meet specific requirements for board committees, appointments, renewal and performance.
This is a core standard in the Governance Pillar. It applies to all RSE licensees.
Objectives and key requirements of this Prudential Standard
This Prudential Standard sets out minimum foundations for good governance of an . Its objective is to ensure that an RSE licensee’s business operations are managed soundly and prudently by a competent Board, which can make reasonable and impartial business judgements in the best interests of beneficiaries and which duly considers the impact of its decisions on beneficiaries.
The ultimate responsibility for the sound and prudent management of an RSE licensee’s business operations rests with its Board of directors.
It is essential that an RSE licensee has a sound governance framework and conducts its affairs with a high degree of integrity. A culture that promotes good governance benefits all stakeholders of an RSE licensee and helps to maintain public confidence in the entity.
The governance of an RSE licensee builds on these foundations in ways that take account of the size, business mix and complexity of the RSE licensee’s business operations.
The key requirements of this Prudential Standard are that:
- the Board must have a governance framework which includes, at a minimum, the Board’s charter (or equivalent document) and policies and processes that achieve appropriate skills, structure and composition of the Board;
- the Board must have a written policy which sets out requirements relating to the nomination, appointment and removal of directors that support appropriate Board composition and renewal on an ongoing basis;
- a Board Audit Committee must be established; and
- an RSE licensee must have a dedicated internal audit function.
RSE licensee
RSE licensee has the meaning given in subsection 10(1) of the Act.
Preamble
Superannuation (prudential standard) determination No. 2 of 2023
Prudential Standard SPS 510 Governance
Superannuation Industry (Supervision) Act 1993
I, Clare Gibney, delegate of :
under subsection 34C(6) of the Superannuation Industry (Supervision) Act 1993 (the Act) REVOKE Superannuation (prudential standard) determination No. 3 of 2022, including Prudential Standard SPS 510 Governance made under that determination;
under subsection 34C(1) of the Act, DETERMINE Prudential Standard SPS 510 Governance, which applies to all RSE licensees.
This instrument commences on 1 January 2024.
Dated: 20 November 2023
Clare Gibney
Executive Director
Policy and Advice Division
Interpretation
In this Determination:
APRA means the Australian Prudential Regulation Authority.
RSE licensee has the meaning given in subsection 10(1) of the Act.
Schedule
Prudential Standard SPS 510 Governance comprises the document commencing on the following page.
Prudential Standard SPS 510
Governance
Authority
This Prudential Standard is made under section 34C of the Superannuation Industry (Supervision) Act 1993 (SIS Act).
Application
This Prudential Standard applies to all registrable superannuation entity (RSE) licensees (RSE licensees) under the SIS Act.
All RSE licensees must comply with this Prudential Standard in its entirety, unless otherwise expressly indicated.
For the purposes of this Prudential Standard, a reference to the ‘Board’ is to be read as a reference to the Board of directors or group of individual trustees of an RSE licensee.
For the purposes of this Prudential Standard, references to an auditor or an actuary are taken to be references to an auditor or an actuary that an RSE licensee must appoint under RSE licensee law.
This Prudential Standard sets out the minimum requirements that an RSE licensee must meet in the interests of promoting strong and effective governance.
This Prudential Standard commences on 1 January 2024.
APRA
APRA means the Australian Prudential Regulation Authority.
[1]
For the purposes of this Prudential Standard, ‘RSE licensee’ has the meaning given in subsection 10(1) of the SIS Act.
[2]
For the purposes of this Prudential Standard, a reference to ‘a director’ is a reference to a director of an RSE licensee which has a Board of directors or, in the case of a group of individual trustees, an individual trustee and ‘group of individual trustees’ has the meaning given in subsection 10(1) of the SIS Act.
[3]
For the purposes of this Prudential Standard, ‘RSE licensee law’ has the meaning given in subsection 10(1) of the SIS Act. Refer also to Prudential Standard SPS 520 Fit and Proper (SPS 520).
The role of the Board and senior management
The Board is ultimately responsible for the sound and prudent management of an RSE licensee’s business operations.
[4]
For the purposes of this Prudential Standard, an ‘RSE licensee’s business operations’ includes all activities as an RSE licensee (including the activities of each RSE of which it is the licensee), and all other activities of the RSE licensee to the extent that they are relevant to, or may impact on, its activities as an RSE licensee.
The Board, in fulfilling its functions, may delegate authority to management to act on behalf of the Board with respect to certain matters, as decided by the Board. This delegation of authority must be clearly set out and documented. The Board must have mechanisms in place for monitoring the exercise of delegated authority. The Board cannot abrogate its responsibility for functions delegated to management.
The Board must ensure that the directors and the senior management of the RSE licensee, collectively, have the full range of skills needed for the effective and prudent operation of the RSE licensee’s business operations, and that each director has skills that allow them to make an effective contribution to Board deliberations and processes. This includes the requirement for directors, collectively, to have the necessary skills, knowledge and experience to understand the risks of the RSE licensee’s business operations, including its legal and prudential obligations, and to ensure that the RSE licensee’s business operations are managed in an appropriate way taking into account these risks. This does not preclude the Board from supplementing its skills and knowledge by engaging external consultants and experts.
Where the Board establishes a board committee that has responsibility for activities that have the potential to have a material impact on the interests, or reasonable expectations, of beneficiaries, or to the long-term financial soundness of the RSE licensee, any of its RSEs or connected entities, an RSE licensee must ensure that only a director of the RSE licensee holds the position of chairperson on that board committee.
[5]
For the purposes of this Prudential Standard, a reference to ‘beneficiaries’ is a reference to ‘beneficiaries of an RSE within the RSE licensee’s business operations’.
[6]
For the purposes of this Prudential Standard, a reference to a ‘connected entity’ has the meaning given in subsection 10(1) of the SIS Act.
Senior management of an RSE licensee must be ordinarily resident in Australia.
Directors and senior management of an RSE licensee must be available to meet with APRA on request.
The Board must provide the auditor and the actuary, as relevant, with the opportunity to raise matters directly with the Board.
RSE licensees that are part of a corporate group
[7]
For the purposes of this Prudential Standard, a reference to ‘a group’ is a reference to a group comprising the RSE licensee and all connected entities and all related bodies corporate of the RSE licensee, and ‘related body corporate’ has the meaning given in section 50 of the Corporations Act 2001 (Corporations Act).
Where an RSE licensee is part of a corporate group, and the RSE licensee utilises group policies or functions, the Board must approve the use of group policies and functions and must ensure that these policies and functions give appropriate regard to the RSE licensee’s business operations and its specific requirements.
Governance framework
An RSE licensee must at all times have a governance framework that sets out how the Board oversees and exercises its authority in relation to the business operations of the RSE licensee and which encompasses the totality of systems, structures, policies, processes and people within an RSE licensee’s business operations.
[8]
Refer also to Prudential Standard SPS 220 Risk Management (SPS 220) for requirements relating to the management of governance risk.
The Board is ultimately responsible for the establishment, implementation and oversight of the governance framework.
An RSE licensee’s governance framework must, at a minimum, include:
a formal charter that sets out the roles, responsibilities and objectives of the Board;
the Board’s policy in relation to voting rights and procedures for the decisions of the Board;
the Board’s policies on:
the size and composition of the Board and any Board committees;
[9]
For the purposes of this Prudential Standard, a reference to ‘board committees’ is a reference to the Board Audit Committee, the Board Remuneration Committee required under CPS 511 and any other committees which meet the description set out in paragraph 11 of this Prudential Standard.
Board renewal;
the nomination, appointment and removal of directors, including defined director terms in office and maximum tenure periods;
[10]
For the purpose of this Prudential Standard, a reference to ‘tenure’ is a reference to the total length of service of an individual director on the Board (including non-continuous service).
the RSE licensee’s policies and processes:
to manage risks relating to fitness and propriety of responsible persons; and
[11]
Refer to SPS 520 for requirements relating to the fitness and propriety of responsible persons.
relating to the management of conflicts; and
[12]
Refer to Prudential Standard SPS 521 Conflicts of Interest for requirements relating to the management of conflicts.
a review process to ensure that the governance framework remains effective.
Board composition
The chairperson of the Board must be a director of the RSE licensee.
A majority of directors of an RSE licensee must be ordinarily resident in Australia.
Board performance assessment
The Board must have procedures for assessing, at least annually, the Board’s performance relative to its objectives. It must also have in place a procedure for assessing, at least annually, the performance of individual directors.
Board renewal
The Board must have in place a formal policy on Board renewal. This policy must provide details of how the Board intends to renew itself in order to ensure it remains open to new ideas and independent thinking, while retaining adequate expertise.
Board nomination, appointment and removal
The Board must establish and implement policies and processes for the nomination, appointment and removal of directors. These policies and processes must, at a minimum, address:
the length of the term for which a director is appointed to the Board;
the maximum tenure limit for an individual director;
how vacancies will be managed, including, where applicable, how the RSE licensee will comply with the vacancy requirements in Part 9 of the SIS Act;
the process by which a candidate will be nominated for a vacant Board position;
the factors that will be considered when assessing the suitability of a nominated candidate, including how the RSE licensee assesses the independence of the candidate where relevant and the Board’s process for determining whether a particular candidate is appointed;
the process by which a director will be appointed to the Board;
the factors that will determine when an existing director will be re-appointed, including whether the director has served on the Board for a period that could, or could reasonably be perceived to, materially interfere with their ability to act in the best interests of beneficiaries;
the process by which the Board will resolve disputes about nominations, appointment, re-appointment or removal of directors;
when and how a director will be removed from the Board; and
the Board’s policy on voting rights and procedures in relation to nomination, appointment, reappointment and removal of a director.
Board Audit Committee
An RSE licensee must have a Board Audit Committee, which assists the Board by providing an objective non-executive review of the effectiveness of the RSE licensee’s financial reporting and risk management framework unless, with respect to risk management, there is another Board Committee which carries out this function.
The Board Audit Committee must have sufficient powers to enable it to obtain all information necessary for the performance of its functions.
The Board Audit Committee must have at least three members. All members of the Committee must be non-executive directors.
[13]
For the purpose of this Prudential Standard, a reference to ‘a non-executive director’ is a reference to a director who is not a member of the RSE licensee’s management. Non-executive directors may include Board members or senior managers of the parent company of the RSE licensee or of the parent company’s subsidiaries, but not executives of the RSE licensee.
The chairperson of the Board may sit on the Board Audit Committee, but may not chair the Committee except where the chairperson of the Board is the only independent director (within the definition of section 10 of the SIS Act) on the Board.
The Board Audit Committee must have a charter that includes a reference to the fact that the Committee is responsible for the oversight of:
all APRA statutory reporting requirements;
other financial reporting requirements;
professional accounting requirements;
internal and external audit; and
the appointment of both the RSE licensee’s auditor and internal audit function.
The Board Audit Committee must review the engagement of the auditor at least annually, including making an assessment of whether the auditor meets the Audit Independence tests set out in APES 110 Code of Ethics for Professional Accountants, as well as the additional auditor independence requirements set out in this Prudential Standard.
[14]
APES 110 Code of Ethics for Professional Accountants was issued by the Accounting Professional and Ethical Standards Board in December 2010.
The Board Audit Committee must regularly review the internal and external audit plans, ensuring that they cover all material risks and financial reporting requirements of the RSE licensee. It must also regularly review the findings of audits and ensure that issues are being managed and rectified in an appropriate and timely manner.
The Board Audit Committee must ensure the adequacy and independence of both the internal and external audit functions.
The members of the Board Audit Committee must, at all times, have free and unfettered access to senior management, the internal audit function, the heads of all risk management functions, the auditor and the actuary, as applicable, and vice versa.
The Board Audit Committee must establish and maintain policies and procedures for employees of the RSE licensee to submit, confidentially, information about accounting, internal control, compliance, audit, and other matters about which the employee has concerns. The Committee must also have a process for ensuring employees are aware of these policies and for dealing with matters raised by employees under these policies.
Members of the Board Audit Committee must be available to meet with APRA on request.
The Board Audit Committee must invite the auditor and the actuary, as applicable, to meetings of the Committee.
The internal auditor must have a reporting line, and unfettered access, to the Board Audit Committee.
Internal audit
An RSE licensee must have an independent and adequately resourced internal audit function. An RSE licensee may outsource this function where the outsourcing agreement meets the requirements of Prudential Standard SPS 231 Outsourcing. If an RSE licensee does not believe it is necessary to have a dedicated internal audit function, it must apply to APRA to seek an exemption from this requirement, setting out reasons why it believes it should be exempt. APRA may approve alternative arrangements in writing for an RSE licensee where APRA is satisfied that they will achieve the same objectives.
The objectives of the internal audit function must include evaluation of the adequacy and effectiveness of the financial and risk management framework of the RSE licensee. To fulfil its functions, the internal auditor must, at all times, have unfettered access to all the RSE licensee’s business lines and support functions.
[15]
Refer to SPS 220 for the requirement to review the risk management framework.
Auditor independence
The Corporations Act contains a number of requirements in relation to auditor independence. The auditor independence requirements in this Prudential Standard are substantially consistent with those requirements and are intended to help ensure the independence of an auditor engaged to perform work of a prudential nature in relation to RSE licensee law.
The Board must, to the extent practical, undertake steps to satisfy itself that the auditor, who undertakes work for the RSE licensee in relation to RSE licensee law, is independent of the RSE licensee and the RSE, and that there is no conflict of interest situation that could compromise, or be seen to compromise, the independence of the auditor.
[16]
Independent of the RSE licensee means that the auditor has been assessed as independent in terms of paragraph 29 of this Prudential Standard.
[17]
Refer to SPS 521 for requirements to identify relevant interests and relevant duties for all responsible persons.
As part of the process of ascertaining the independence of the auditor, an RSE licensee must obtain a declaration from the auditor to the effect that:
the auditor is independent, both in appearance and in fact;
the auditor has no conflict of interest situation; and
there is nothing to the auditor’s knowledge (either in relation to the individual auditor or any audit firm or audit company of which the auditor is a member or director) that could compromise that independence.
A person, who was a member of an audit firm or a director of an audit company, and who served in a professional capacity in the audit of an RSE licensee in relation to RSE licensee law, cannot be appointed to the role of director or senior manager of that RSE licensee until at least two years have passed since they served in that professional capacity.
A person, who was an employee of an audit company, other than a director of that company, and who acted as the lead auditor or review auditor in the audit of an RSE licensee in relation to RSE licensee law, cannot be appointed to the role of director or senior manager of that RSE licensee until at least two years have passed since they acted as the lead auditor or review auditor.
[18]
‘Lead auditor’ means the registered company auditor who is primarily responsible to the audit firm or the audit company for the conduct of audit work conducted in relation to RSE licensee law.
[19]
‘Review auditor’ means the registered company auditor (if any) who is primarily responsible to the individual auditor, audit firm or audit company for reviewing audit work conducted in relation to RSE licensee law.
A person cannot be appointed as a director or senior manager of an RSE licensee if:
the person was, or is, a director of the audit company or a member of the audit firm that was, or is, responsible for the audit of the RSE licensee in relation to RSE licensee law; and
there is already another person appointed or employed as a director or senior manager of the RSE licensee who was a director of the audit company or a member of the audit firm, at a time when the audit company or audit firm undertook an audit of the RSE licensee at any time during the previous two years.
An individual who plays a significant role in the audit of an RSE in relation to RSE licensee law, for five successive years, or for more than five years out of seven successive years, cannot continue to play a significant role in the audit until at least a further two years have passed, except with an exemption in writing from APRA. APRA may grant an exemption from this requirement if the individual provides specialist services that are otherwise not readily available or there are no other registered company auditors available to provide satisfactory services for the RSE licensee.
[20]
For the purpose of this paragraph, ‘an individual who plays a significant role’ means an individual auditor who acts as the auditor in respect of any of the requirements of RSE licensee law, or the lead or review auditor where such audit work is performed by an audit company or audit firm.
For the purposes of maintaining their independence and objectivity, the auditor and actuary cannot both be employed by the same body corporate or related bodies corporate, or by the same firm or related firms.
Persons not to be constrained from providing information to APRA
[21]
Refer also to the provisions for the protection of whistleblowers in Part 29A of the SIS Act and the whistleblowing provisions in SPS 520.
No prospective, current, or former officer, employee or contractor (including professional service provider) of an RSE licensee may be constrained or impeded, whether by confidentiality clauses or other means, from disclosing information to APRA, from discussing issues with APRA of relevance to the management and prudential supervision of the RSE licensee, or from providing documents under their control to APRA, that may be relevant in the context of the management or prudential supervision of the RSE licensee. Such persons are not to be constrained or impeded from providing information to, as applicable, auditors, actuaries and others, who have statutory responsibilities in relation to the RSE licensee.
An RSE licensee must ensure that its internal policy and contractual arrangements do not explicitly or implicitly restrict or discourage auditors or other parties from communicating with APRA.
Adjustments and exclusions
APRA may adjust or exclude a specific requirement in this Prudential Standard in relation to:
a particular RSE licensee of an RSE; or
specified RSE licensees of RSEs.
[22]
Refer to subsection 34C(5) of the SIS Act.
Previous exercise of discretion
An RSE licensee must contact APRA if it seeks to place reliance, for the purposes of complying with this Prudential Standard, on a previous exemption or other exercise of discretion by APRA under a previous version of this Prudential Standard.