Health Insurance (prudential standard) determination No. 7 of 2015
Prudential Standard HPS 510 Governance
Private Health Insurance (Prudential Supervision) Act 2015
I, Ian Laughlin, delegate of APRA under subsection 92(1) of the Private Health Insurance (Prudential Supervision) Act 2015 DETERMINE Prudential Standard HPS 510 Governance in the form set out in the Schedule, which applies to all private health insurers.
This instrument takes effect on the day the Private Health Insurance (Prudential Supervision) Act 2015 commences.
Dated: 26 June 2015
[Signed]
Ian Laughlin
Deputy Chairman
Interpretation
In this Determination:
APRA means the Australian Prudential Regulation Authority.
Private health insurer has the meaning given in the section 4 of the Act.
Schedule
Prudential Standard HPS 510 Governance comprises the 9 pages commencing on the following page.
Prudential Standard HPS 510
Governance
Objectives and key requirements of this Prudential Standard
This Prudential Standard sets out minimum foundations for good governance of a private health insurer. Its objective is to ensure that a private health insurer is managed soundly and prudently by a competent Board.
The key requirements of this Prudential Standard are that:
· specific requirements with respect to Board size and composition are met;
· the chairperson of the Board of directors must be an independent director;
· the Board must have a policy on Board renewal and procedures for assessing Board performance; and
· a Board Audit Committee must be established.
Authority
1. This Prudential Standard is made under subsection 92(1) of the Private Health Insurance (Prudential Supervision) Act 2015 (the Act).
Application
2. This Prudential Standard applies to all private health insurers[1], except where expressly noted otherwise.
3. All private health insurers have to comply with this Prudential Standard in its entirety, unless otherwise expressly indicated.
4. This Prudential Standard takes effect on the day the Private Health Insurance (Prudential Supervision) Act 2015 commences.
Interpretation
5. Terms that are defined in Prudential Standard HPS 001 Definitions (HPS 001) appear in bold the first time they are used in this Prudential Standard.
6. Where this Prudential Standard provides for APRA to exercise a power or discretion, the power or discretion is to be exercised in writing.
7. Unless otherwise indicated, the term health benefits fund will be used to refer to a health benefits fund of a private health insurer, as relevant.
8. This Prudential Standard sets out the minimum requirements that a private health insurer must meet in the interests of promoting strong and effective governance.
Board composition
9. A board must have at least 5 directors.
10. A board must have a majority of non-executive directors at all times.
11. If a board consists of 5 to 7 directors, it must at all times have at least 3 independent directors[2], 1 of whom must be the chairperson.
12. If a board consists of more than 7 directors, it must at all times have at least 4 independent directors, 1 of whom must be the chairperson.
13. The directors must have a range of skills, knowledge and experience:
(a) to understand collectively the risks to the private health insurer; and
(b) to understand the insurer’s legal and prudential obligations; and
(c) to oversee effectively the management of the private health insurer; and
(d) to contribute effectively to the board’s deliberations and processes.
14. An independent director of a private health insurer does not cease to be an independent director only because he or she is a director of:
(a) a parent company of the private health insurer; or
(b) another subsidiary of the parent company of the private health insurer.
Chairperson
15. The chairperson of a board must be an independent director.
16. A person may only be chairperson of a board if he or she has not been the chief executive officer (or equivalent) of the private health insurer at any time during the previous 3 years.
17. However, APRA may approve in writing a person who does not meet the requirement of paragraph 15 as chairperson of a board.
18. Also, if the position of chief executive officer (or equivalent) is unexpectedly vacated, the chairperson may serve in the role for up to 90 days without APRA approval.
Note: Part 5 of the Private Health Insurance (Prudential Supervision) Rules 2015 requires a private health insurer to notify APRA within 28 days after a change of the name or contact details of its chief executive officer.
19. Approval from APRA is required if a chairperson seeks to serve as chief executive officer (or equivalent) for more than 90 days.
Residency of directors
20. The majority of directors of Australian-owned private health insurers must ordinarily reside in Australia.
21. For a foreign-owned private health insurer:
(a) at least 2 directors must be in Australia for a majority of the time within any 12 month period; and
(b) at least 1 of the directors mentioned in subparagraph (a) must be an independent director.
Directors – associates of shareholders
22. For a private health insurer that is a company limited by shares, the number of directors who may be associates of a shareholder must be proportionate to the shareholder’s shareholding.
Example: If a shareholder holds up to 15 per cent of the insurer’s voting shares, and the board has up to 6 directors, only 1 director may be an associate of the shareholder.
Board charter
23. A board must have a charter in writing that:
(a) sets out the roles and responsibilities of the board, committees and management of the private health insurer; and
(b) provides a structure for determining how board decisions are to be made; and
(c) encourages directors to exercise independent thinking and judgment in the discharge of their responsibilities; and
(d) if the private health insurer is part of a corporate group – clearly documents how the board will interact with the group.
Delegation
24. A board may delegate its authority to a person or a committee.
25. A delegation under paragraph 24 must be in writing and retained as a record by the private health insurer.
26. A board must:
(a) ensure there are procedures for it to monitor the exercise of delegations; and
(b) not abrogate its responsibilities through the use of delegations.
Board policies
27. A board must ensure that:
(a) the private health insurer has written policies to manage the insurer’s risks; and
(b) the private health insurer has procedures in place to monitor and evaluate compliance with policies and that these are regularly reviewed.
28. If the private health insurer is part of a corporate group and applies group policies or carries out group functions, the board of the insurer must ensure that the group policies or functions take account of the business requirements of the insurer.
Board performance
29. A board must have a policy and procedures for annually assessing its performance against its objectives.
30. The policy and procedures must provide for an assessment of individual directors, board committees and the board collectively.
Examples of objectives for a board include:
(a) establishing the overall strategy for the insurer and ensuring reporting against this strategy;
(b) approving the risk management strategy of the insurer including determining the level of risk it is willing to accept;
(c) assessing operating and financial conditions against forecasts;
(d) assessing senior management performance against agreed criteria, which would include, for relevant senior management, the effectiveness of risk controls; and
(e) making key decisions in a timely manner.
Examples of objectives for individual directors include:
(a) whether a director demonstrates the required expertise for their role;
(b) attendance and participation at board meetings; and
(c) contribution to board deliberations and the overall direction of the insurer.
Board renewal
31. A board must have a policy about board renewal that addresses how the board will renew membership to ensure that:
(a) it remains open to new ideas and independent thinking; and
(b) it complies with paragraphs 9 to 14 inclusive; and
(c) consideration is given to the length of time a director has served on the board, and whether this could affect his or her ability to perform his or her duties.
Board audit committee
32. A private health insurer must have a board audit committee.
33. The functions of a board audit committee must include an objective, non-executive review of the effectiveness of the private health insurer’s financial reporting and risk management framework.
34. A board audit committee need not undertake a review of risk management if there is another board committee undertaking this function.
35. A board audit committee must:
(a) have at least 3 members, all of whom must be non-executive directors; and
(b) have sufficient power to enable it to obtain all information necessary to perform its function; and
(c) meet at least once every year; and
(d) give a report to the board of the insurer after each committee meeting.
36. The chairperson of the board audit committee must be an independent director.
37. The chairperson of the board may sit on the board audit committee but must not chair the committee.
38. A board audit committee must have a charter approved by the board that:
(a) clearly documents the committee’s responsibilities and the extent of its decision making powers; and
(b) includes sufficient powers to enable the committee to obtain all necessary information for the performance of its function; and
(c) provides the committee with unfettered access at all times to the following:
(i) senior management;
(ii) an internal auditor;
(iii) an external auditor; and
(iv) an appointed actuary; and
(d) requires a formal process to measure the committee’s performance against the charter.
39. A board audit committee must:
(a) ensure the adequacy, expertise and independence of the internal and external audit functions; and
(b) ensure there is unfettered access for the internal auditor, the external auditor, and the appointed actuary to raise matters directly with the board or the board audit committee; and
(c) review an external auditor’s engagement annually and be satisfied that the auditor is independent within the meaning of Part 2M.4 of the Corporations Act 2001; and
(d) regularly review internal and external audit plans to ensure that they cover all material risks and financial reporting requirements of the private health insurer; and
(e) ensure that issues identified in internal and external audit reports are addressed in an appropriate and timely manner.
40. If a private health insurer is part of a corporate group, the insurer may use an audit committee of the group to satisfy paragraph 32 if:
(a) there are clear reporting lines between the group audit committee and the board of the insurer; and
(b) the board of the insurer ensures that the group audit committee gives appropriate regard to the requirements of the insurer; and
(c) the board of the insurer annually re-evaluates the effectiveness of the group audit committee in meeting the needs of the insurer; and
(d) the group audit committee has unfettered access to all business operations of the insurer.
Internal audit
41. A private health insurer must have an internal audit function that is adequately resourced and skilled for the size and corporate complexity of the insurer.
42. The board must be satisfied that:
(a) the internal audit function is independent; and
(b) internal audit processes are clearly documented and subject to regular review; and
(c) the internal audit function has unfettered access to all business operations of the insurer.
Transition arrangements
43. Any approval, determination or other exercise of discretion by PHIAC under Schedule 1 – Governance Standard (the PHIAC governance standard) of the Private Health Insurance (Insurer Obligations) Rules 2009 as they existed prior to 1 July 2015 will continue to have effect following 1 July 2015 as though exercised pursuant to a corresponding power under this Prudential Standard. In particular, an approval granted by PHIAC under subclause 2(5) of the PHIAC governance standard, and in force immediately before 1 July 2015, continues in effect as if determined under paragraph 19 of this Prudential Standard.
Adjustments and exclusions
44. APRA may, by notice in writing to a private health insurer, adjust or exclude a specific requirement in this Prudential Standard in relation to that private health insurer.
Attachment A
1. Independent director means a director of a private health insurer who:
(a) is not an executive director; and
(b) either:
(i) is free from any business or other association that could materially interfere with the exercise of his or her independent judgment, including not being:
(A) a substantial shareholder of the private health insurer or an officer of, or otherwise associated directly with, a substantial shareholder of the insurer; or
(B) employed by, or previously employed in an executive capacity by, the insurer or another member of the group, and has not ceased that employment at least 3 years before serving on the board of the insurer; or
(C) someone who has, within the last 3 years, been a principal of a material professional adviser or a material consultant to the insurer, another member of the group, or an employee materially associated with the service provided; or
(D) a material supplier or customer of the insurer or other group member, or an officer of, or otherwise associated directly or indirectly with, a material supplier or customer; or
(E) someone with a material contractual relationship with the insurer or another group member other than as a director; or
(ii) has been approved in writing as an independent director by APRA.
Note: A person who is a member of a private health insurer that is a mutual society or restricted access group would not by that fact alone be a person described by subparagraph 1(b)(i)(A) of this Attachment. The definition of substantial shareholder in HPS 001 makes clear that a person must have in the insurer a substantial holding as defined in section 9 of the Corporations Act 2001.
[1] Refer to subsection 92(1) of the Act.
[2] See Attachment A for the definition of independent directors
