Welcome to the latest issue of the KHQ Super Alert. This week, APRA circulated a letter relating to cybersecurity awareness and also came together with ASIC to provide further guidance to trustees about the retirement income covenant.

APRA – Insights into cybersecurity weaknesses

On 15 August 2024, APRA published a letter addressed to all regulated entities which outlines additional insights in relation to ‘the common cyber weaknesses observed in terms of security in configuration management, privileged access management and security testing’. APRA explained that it expects entities to ‘review their control environment against these common weaknesses’ and has included detailed guidance with the letter explaining how these issues can be addressed.

ASIC – Proceedings brought against ASX 

On 14 August 2024, ASIC issued a media release announcing that it has commenced proceedings against ASX Limited, the operator of the Australian Securities Exchange. According to ASIC, the proceedings relate to the ASX’s ongoing project to replace its Clearing House Electronic Subregister System (CHESS). ASIC has alleged that ASX made misleading statements surrounding the delivery of the project, via announcements made that it remained ‘on-track for go-live’ and was ‘progressing well’.

ASIC Chair Joe Longo said that ‘companies and market participants rely on what the ASX says about its operations to make their own decisions and investments. We expect the ASX to be a place to list and invest with confidence. When the ASX falls short, it has wide ranging consequences across the market’.

APRA – Conference speech published

On 14 August 2024, APRA published a speech about the retirement phase of superannuation delivered by its Deputy Chair, Margaret Cole. More specifically, the speech provided a ‘pulse check’ on the outcomes from 2023’s APRA and ASIC retirement income covenant thematic review report. This report was covered in our Super Alert of 21 July 2023. The key points made by Ms Cole in the speech include the following:

• ‘the needs of members in the retirement phase of superannuation are far more diverse [than the accumulation phase], and understanding and supporting these needs will be complex’;
• ‘the lack of progress in tracking the success of retirement income strategies…is most concerning. Three quarters of trustees told [APRA] that measuring retirement outcomes was a priority, and yet only limited number of success metrics were reported in the survey by trustees’; and
• ‘as [disengaged] members head towards retirement, they will need to make critical decisions about what to do with their superannuation, including transitioning out of the accumulation phase…[so helping members] understand their options – including the benefits of moving their super assets to the pension phase – should be fundamental to your strategy’.

ASIC followed up with a speech along the same lines delivered by ASIC Commissioner Simone Constant. Ms Constant suggested that trustees use member data to meet these needs. For example, data could be used to show ‘whether your members are on track to have the kind of retirement they expect, based on their projected balance and their current income levels’.

ASIC – Update on financial advice

On 9 August 2024, ASIC issued a media release summarising all recent developments and issues surrounding financial advice. Included in the update are the below topics:

• ‘maintaining accurate records on the financial advisers register
• assessing adviser qualifications
• ASIC’s review of cold calling for superannuation switching business models
• cyber security – third-party exposure
• financial adviser registration
• Report 779 Superannuation and choice products: What focus is there on performance?
• provisional relevant providers, and
• keeping up to date with financial advice news’.

AASB – Exposure draft standards for climate-related reporting

On 6 August 2024, the Australian Accounting Standards Board (AASB) released Exposure Draft 331 (ED 331) entitled ‘Climate-related and Other Uncertainties in the Financial Statements – Proposed illustrative examples’. This is related but somewhat separate to the development we reported last week in relation to the stakeholder feedback the AASB received on its exposure draft consultation document ED SR1 ‘Australian Sustainability Reporting Standards – Disclosure of Climate-related Financial Information’ (see our Super Alert of 9 August 2024).

ED 331 proposes several examples of how an entity may ‘report the effects of climate-related and other uncertainties in its financial statements’. According to AASB, ‘[t]hese examples aim to improve transparency of reported information and strengthen the connection between financial statements and other parts of a company’s reporting’.

These AASB exposure drafts are linked to the Treasury Laws Amendment (Financial Infrastructure and Other Measures) Bill 2024 (Cth) which proposes to introduce sustainability reports as an added section in annual financial reports (see our Super Alert of 5 April 2024 for more information about this Bill).

The consultation period closes on 4 October 2024.

FSC – New fraud and scam standard

On 1 July 2024, the Financial Services Council issued a media release announcing the publication of FSC Standard No. 29 ‘Fraud and Scam Mitigation Measures for Superannuation Funds’. According to the FSC, the standard ‘includes the need for multifactor authentication on all high-risk transactions as well as requiring funds to have clear policies and procedures for preventing and dealing with scams and fraudulent events’. However there is ‘flexibility for vulnerable customers who are unable to access multifactor authentication’.