Insurance (prudential standard) determination No. 5 of 2014
Prudential Standard GPS 310 Audit and Related Matters
Insurance Act 1973
I, Wayne Byres, delegate of APRA:
(a) under subsection 32(4) of the Insurance Act 1973 (the Act) REVOKE Insurance (prudential standard) determination No. 2 of 2013, including Prudential Standard GPS 310 Audit and Related Matters, made under that Determination; and
(b) under subsection 32(1) of the Act DETERMINE Prudential Standard GPS 310 Audit and Related Matters, in the form set out in the Schedule, which applies to:
(i) all general insurers and authorised NOHCs; and
(ii) a subsidiary of a general insurer or authorised NOHC, where that subsidiary is a parent entity of a Level 2 insurance group.
This instrument takes effect on 1 January 2015.
Dated: 3 December 2014
[Signed]
Wayne Byres
Chair
Interpretation
In this Determination:
APRA means the Australian Prudential Regulation Authority.
authorised NOHC has the meaning given in section 3 of the Act.
general insurer has the meaning given in section 11 of the Act.
Level 2 insurance group has the meaning given in Prudential Standard GPS 001 Definitions made by Insurance (prudential standard) determination No. 2 of 2014 or, if that prudential standard is revoked, the meaning given in the replacement prudential standard.
parent entity has the meaning given in Prudential Standard GPS 001 Definitions made by Insurance (prudential standard) determination No. 2 of 2014 or, if that prudential standard is revoked, the meaning given in the replacement prudential standard.
replacement prudential standard means any prudential standard made under section 32 of the Act which replaces Prudential Standard GPS 001 Definitions made by Insurance (prudential standard) determination No. 2 of 2014.
subsidiary has the meaning given in Prudential Standard GPS 001 Definitions made by Insurance (prudential standard) determination No. 2 of 2014 or, if that prudential standard is revoked, the meaning given in the replacement prudential standard.
Schedule
Prudential Standard GPS 310 Audit and Related Matters comprises the 16 pages commencing on the following page.
Prudential Standard GPS 310
Audit and Related Matters
Objective and key requirements of this Prudential Standard
This Prudential Standard sets out the roles and responsibilities of a general insurer’s and Level 2 insurance group’s Appointed Auditor and Group Auditor (Auditor). It also sets out the obligations of a general insurer or Level 2 insurance group to make arrangements to enable its Auditor to fulfil their responsibilities.
The ultimate responsibility for providing impartial advice in relation to the operations, financial condition and internal controls of a general insurer or Level 2 insurance group rests with the Auditor. This advice is designed to assist the Board and senior management in carrying out their responsibility for the sound and prudent management of the general insurer or Level 2 insurance group.
The key requirements of this Prudential Standard are that:
· the general insurer or Level 2 insurance group must make arrangements to enable the Auditor to undertake their roles and responsibilities;
· the Auditor must prepare the certificates and reports required in accordance with the requirements of and timeframes specified in this Prudential Standard;
· the general insurer or Level 2 insurance group must submit to APRA all certificates and reports to be prepared by the Auditor;
· the Appointed Auditor must audit the yearly statutory accounts of the general insurer and review other aspects of their operations on an annual basis. The Appointed Auditor must prepare a certificate and report on these matters and provide them to the Board;
· the Group Auditor must conduct a limited assurance review of the annual accounts of the Level 2 insurance group on an annual basis and review other aspects of the group’s operations; and
· the general insurer or Level 2 insurance group must submit a Financial Information Declaration to APRA on an annual basis.
Authority
1. This Prudential Standard is made under section 32 of the Insurance Act 1973 (the Act) and includes a determination made under subsection 7(1) of the Act.
Application
2. This Prudential Standard applies to each:
(a) general insurer authorised under the Act (insurer); and
(b) Level 2 insurance group as defined in Prudential Standard GPS 001 Definitions (GPS 001).
Where a requirement applies to a Level 2 insurance group, the requirement is imposed on the parent entity of the Level 2 insurance group.
3. This Prudential Standard includes requirements that apply to all auditors appointed under the Act. These requirements are functions of an auditor for the purposes of paragraph 49J(1)(b) of the Act.
4. This Prudential Standard applies to insurers and Level 2 insurance groups (regulated institutions) from 1 January 2015.
Level 2 insurance groups
5. Paragraphs 8 to 36 and Attachment A apply to insurers only. Paragraphs 37, 38 and Attachment D apply to all regulated institutions. Attachment B (read in conjunction with Attachment C) sets out the requirements for Level 2 insurance groups, including the requirement to appoint a Group Auditor.
Interpretation
6. Terms that are defined in GPS 001 appear in bold the first time they are used in this Prudential Standard.
7. Where this Prudential Standard provides for APRA to exercise a power or discretion, this power or discretion is to be exercised in writing.
Obligations of an insurer
8. Under the Act, an insurer must appoint an auditor (Appointed Auditor).[1]
9. Under the Act, APRA may exempt an insurer from the requirement to appoint an Appointed Auditor.[2]
10. An insurer must make arrangements that are necessary to enable its Appointed Auditor to undertake their functions as required by the Act[3] and prudential standards made under the Act. These arrangements include ensuring that an insurer’s Appointed Auditor is fully informed of all prudential requirements applicable to the insurer. These arrangements also include ensuring that an insurer’s Appointed Auditor is provided with any other information that:
(a) APRA has provided to the insurer and may assist the Appointed Auditor in performing their duties; and
(b) has been requested by the Appointed Auditor in performing their duties.
11. An insurer must ensure that its Appointed Auditor has access to all relevant data, information, reports and staff of the insurer (and must take all reasonable steps to ensure access to contractors of the insurer) that its Appointed Auditor reasonably believes are necessary to fulfil their responsibilities. This will include access to the insurer’s Board and Board committees, if any.
12. Under the Act, an insurer must submit to APRA all certificates and reports required to be prepared by its Appointed Auditor.[4] An insurer must submit to APRA:
(a) certificates and reports, other than those relating to a special purpose review, on or before the day that the insurer’s yearly statutory accounts are submitted in accordance with reporting standards made under the Financial Sector (Collection of Data) Act 2001 (Collection of Data Act);[5] and
(b) certificates and reports relating to a special purpose review within the time specified in paragraph 21.
13. An insurer must provide to APRA an annual declaration on financial information (Financial Information Declaration) as set out in Attachment D.
Roles and responsibilities of the Appointed Auditor
14. In addition to and without derogation from the role of an Appointed Auditor as provided for under the Act,[6] an Appointed Auditor’s primary roles are to provide:
(a) an independent and objective view on the truth and fairness of the insurer’s financial statements; and
(b) an assessment of the insurer’s systems, procedures and controls used to address compliance with prudential requirements and for the purposes of producing reliable financial data.
An insurer may also seek the advice of its Appointed Auditor in relation to other matters where the insurer considers this to be appropriate.
15. The Appointed Auditor must:
(a) audit the yearly statutory accounts of the insurer; and
(b) provide a certificate to the insurer relating to the yearly statutory accounts.[7] The certificate must fulfil the requirements set out in paragraphs 29 to 33.[8]
16. The Appointed Auditor must:
(a) on an annual basis, review and test the insurer’s systems, processes, and controls designed to:
(i) address compliance with all prudential requirements; and
(ii) enable the insurer to report reliable financial information to APRA; and
(b) perform such other work as necessary to fulfil the Appointed Auditor’s responsibilities under this Prudential Standard.
17. The Appointed Auditor must provide a report to the insurer relating to the findings of this review.[9] The report must meet the requirements set out in paragraphs 34 to 36.[10]
18. The Appointed Auditor must provide the certificate and the report to the insurer within such time as to enable the insurer to provide the certificate and the report to APRA on or before the day that the insurer’s yearly statutory accounts are required to be given to APRA in accordance with reporting standards made under the Collection of Data Act.[11]
Special purpose review
19. When APRA specifies in writing, an Appointed Auditor must:
(a) undertake a special purpose review of matters specified by APRA relating to the insurer’s operations, risk management or financial affairs; and
(b) prepare a report in respect of that review.[12]
20. The review must be completed in accordance with any relevant professional standards and guidance notes (as appropriate to the nature of the special purpose review), to the extent that they are not inconsistent with the requirements of this Prudential Standard. Where APRA considers, having regard to the nature of the insurer’s operations and the purpose of the special purpose review, that the review should not be completed in accordance with those professional standards and guidance notes, APRA may advise the insurer in writing that an alternative standard must be used.
21. The cost of a special purpose review will be borne by the insurer. The Appointed Auditor must submit the report to APRA and the insurer simultaneously within three months of the review being commissioned, unless APRA grants an extension of time in writing.
Non-routine reporting by Appointed Auditors
22. The Act specifies certain circumstances where Appointed Auditors are required to report to APRA on a non-routine basis.[13] This may be where:
(a) APRA requests specific information; or
(b) where an Appointed Auditor has information that is specified in the Act or that they consider would assist APRA in performing its functions.
23. APRA may require an Appointed Auditor to provide information, or to produce books, accounts or documents, about an insurer if it will assist APRA in performing its functions under the Act.[14] To ensure that an Appointed Auditor is able to comply with any such request from APRA, the Appointed Auditor must retain all working papers and other documentation in relation to the insurer for a period of seven years after the date of the report or certificate to which the working papers or documentation relate, as required under the Corporations Act 2001.[15]
24. In assessing whether the interests of policyholders may be materially prejudiced,[16] an Appointed Auditor must not consider a single activity or a single deficiency only in isolation. Policyholder interests may be materially prejudiced by a number of activities or deficiencies that may not individually result in a material threat to policyholder interests but, when considered in total, do amount to a material threat. In such cases, the Appointed Auditor must provide such information to APRA as required under the Act if they have reasonable grounds for believing that the interests of policyholders may be materially prejudiced.[17]
25. In most cases, matters reported to APRA by an Appointed Auditor should also be reported by that person to the insurer to which the matter relates.[18] An Appointed Auditor must not notify the insurer where:
(a) that person considers that, by doing so, the interests of policyholders would be jeopardised; or
(b) there is a situation of mistrust between the Appointed Auditor and the Board or senior management of the insurer.
26. An Appointed Auditor who is required to provide information to APRA on a non-routine basis[19] is not excused from such a requirement on the ground that doing so would tend to incriminate them or make them liable to a penalty.[20] Certain protection is provided under the Act[21] to Appointed Auditors who supply information to APRA in these circumstances.
Meetings with Appointed Auditors
27. APRA liaison with an Appointed Auditor will normally be conducted under trilateral arrangements involving:
(a) APRA;
(b) the insurer; and
(c) the insurer’s Appointed Auditor.
28. Any one of these parties may initiate a meeting or discussion when the party considers it necessary. Notwithstanding the trilateral relationship, APRA and an insurer’s Appointed Auditor may meet on a bilateral basis where either party considers this to be necessary.
Audit certificate and report
29. As required under the Act, an insurer’s Appointed Auditor must:
(a) prepare a certificate relating to the insurer’s yearly statutory accounts on an annual basis; and
(b) provide that certificate to the insurer within the time specified in paragraph 18.[22]
30. The certificate must be:
(a) addressed to the Board of the insurer; and
(b) provide the Appointed Auditor’s opinion in respect of the insurer’s yearly statutory accounts.
31. In preparing the certificate, the Appointed Auditor must have regard to relevant professional standards and guidance notes issued by the Auditing and Assurance Standards Board (AUASB), to the extent that they are not inconsistent with the requirements of this Prudential Standard.
32. The certificate must specify whether, in the Appointed Auditor’s opinion, the yearly statutory accounts of the insurer present a true and fair view of the results of the insurer’s operations for the year and financial position at year end, in accordance with:
(a) the provisions of the Act and prudential standards, the Collection of Data Act and reporting standards; and
(b) to the extent that they do not specify any requirements that conflict with the aforementioned:
(i) Australian Accounting Standards; and
(ii) other mandatory professional reporting requirements in Australia.
33. Where, for reasons beyond their control, the Appointed Auditor is unable to provide a certificate that complies with paragraph 32 (for example, if there are accounting records that have not been appropriately kept, transactions that appear irregular or that have not been accurately or properly recorded, requests for information and explanation that have not been met, or aspects of the accounts that do not represent a true and fair view of the transactions and financial position), the certificate must be qualified and contain details of these matters.
34. An Appointed Auditor must prepare a report on an annual basis and provide that report to the insurer by the time specified in paragraph 18.[23] The report must:
(a) be addressed to the Board of the insurer; and
(b) provide the Appointed Auditor’s opinion on a range of matters.
35. In preparing the report, the Appointed Auditor must have regard to professional standards and guidance notes issued by the AUASB, to the extent that they are not inconsistent with the requirements of this Prudential Standard. The Appointed Auditor must base this report on at least a limited assurance engagement.
36. The Appointed Auditor must specify in the report the results of their investigations, including the matters listed in Attachment A.
Adjustments and exclusions
37. APRA may adjust or exclude a specific requirement in this Prudential Standard in relation to a regulated institution.
Determinations made under previous prudential standards
38. An exercise of APRA’s discretion (such as an approval, waiver or direction) under a previous version of an audit prudential standard continues to have effect as though exercised pursuant to a corresponding power (if any) exercisable by APRA under this Prudential Standard.[24]
Attachment A
Matters to be addressed in an Appointed Auditor’s report
For the purposes of paragraph 36 of this Prudential Standard, the Appointed Auditor’s report must address whether:
(a) there exist systems, procedures and controls that are kept up-to-date and address compliance with all prudential requirements. If the Appointed Auditor is of the opinion that the insurer does not have such systems, procedures and controls, it must specify in the report the reasons for this opinion;
(b) systems, procedures and controls relating to actuarial data integrity and financial reporting risks (the risks that incorrect source data will be used in completing returns to APRA in accordance with the Collection of Data Act) are adequate and effective;
(c) during the course of testing the insurer’s systems, procedures and controls, instances of non-compliance with prudential requirements have been identified. If so, details are to be provided;
(d) the insurer has complied, in all significant respects, with its Risk Management Strategy (RMS) and Reinsurance Management Strategy (ReMS). If the Appointed Auditor is of the opinion that the insurer has not complied with its RMS and ReMS, it must specify in the report the reasons for this opinion;
(e) the insurer has systems, procedures and controls in place to ensure that reliable statistical and financial data are provided to APRA in the quarterly returns required by reporting standards made under the Collection of Data Act. If the Appointed Auditor is of the opinion that the insurer does not have such systems, procedures and controls, it must specify in the report the reasons for this opinion; and
(f) there are matters that have come to the Appointed Auditor’s attention that will, or are likely to, adversely affect the interests of policyholders of the insurer. If so, the Appointed Auditor must provide details in the report.
Attachment B
Level 2 insurance groups
Appointment of a Group Auditor
1. The parent entity of a Level 2 insurance group must appoint a Group Auditor. The Group Auditor of a Level 2 insurance group must be one of the following persons:
(a) the Appointed Auditor[25] of the parent entity where the parent entity is an insurer;
(b) the Appointed Auditor[26] of an APRA-authorised insurer within the group; or
(c) a responsible auditor[27] of the parent entity where the parent entity is an authorised NOHC.
2. In addition to the fit and proper criteria that the Group Auditor is required to meet under Prudential Standard CPS 520 Fit and Proper (CPS 520), the parent entity of a Level 2 insurance group must ensure that the Group Auditor is not:
(a) the Group Actuary;
(b) the actuary of an entity within the group carrying on insurance business;
(c) an employee or director of the entity of which a person referred to in sub- paragraph (a) or (b) is an employee or director; or
(d) a partner of a person referred to in sub-paragraph (a) or (b).
3. The parent entity of a Level 2 insurance group must also ensure that its Group Auditor meets the independence requirements applicable to an Appointed Auditor under Prudential Standard CPS 510 Governance (CPS 510).[28]
Role of Group Auditor
4. The parent entity of a Level 2 insurance group must ensure that its Group Auditor:
(a) conducts a limited assurance review of the group’s annual accounts[29];
(b) performs for the group the functions of a Group Auditor set out in this Prudential Standard and any other prudential standard; and
(c) prepares, and gives to the group, any reports required to be prepared by the Group Auditor under this Prudential Standard.
5. The parent entity of a Level 2 insurance group must:
(a) ensure that the reports required to be prepared by the Group Auditor deal with all the matters required by this Prudential Standard to be dealt with in the reports; and
(b) lodge with APRA the reports required to be prepared by its Group Auditor under this Prudential Standard.
Obligations of a Level 2 insurance group
6. The parent entity of a Level 2 insurance group must make any arrangements necessary to enable its Group Auditor to undertake their functions as required by this Prudential Standard. These arrangements include ensuring that its Group Auditor is fully informed of material prudential requirements applicable to the group. These arrangements also include ensuring that its Group Auditor is provided with any other information that:
(a) APRA has provided to the group and may assist the Group Auditor in performing their duties; and
(b) has been requested by the Group Auditor in performing their duties.
7. The parent entity of a Level 2 insurance group must ensure that its Group Auditor has access to all relevant data, information, reports and staff of the group (and must take all reasonable steps to ensure access to contractors of the group) that its Group Auditor reasonably believes are necessary to fulfil their responsibilities. This will include access to:
(a) the Board of the parent entity of the group;
(b) the Board committees of the parent entity, if any;
(c) the Board of any other entity within the group; and
(d) the Board committees, if any, of any other entity within the group.
8. The parent entity of a Level 2 insurance group must submit to APRA:
(a) reports, other than those relating to a special purpose review, on or before the day that the group’s annual accounts are to be lodged in accordance with reporting standards made under the Collection of Data Act;[30] and
(b) reports relating to a special purpose review within the time specified in paragraph 16 of this Attachment.
9. A Level 2 insurance group must provide to APRA an annual declaration on financial information as set out in Attachment D.
Roles and responsibilities of the Group Auditor
10. A Group Auditor’s primary roles are to provide:
(a) an independent and objective view of the truth and fairness of the group’s annual accounts required by reporting standards made under the Collection of Data Act; and
(b) an assessment of the group’s systems, procedures and controls used to address compliance with prudential requirements and for the purposes of producing reliable financial data.
A Level 2 insurance group may also seek the advice of its Group Auditor in relation to other matters where the group considers this to be appropriate.
11. The parent entity of a Level 2 insurance group must ensure that its Group Auditor:
(a) conducts a limited assurance review of the annual accounts of the group;
(b) on an annual basis, reviews and tests the group’s systems, processes and controls designed to:
(i) address compliance with all prudential requirements; and
(ii) enable the group to report reliable financial information to APRA; and
(c) performs such other work as necessary to fulfil the Group Auditor’s responsibilities under this Prudential Standard.
12. The parent entity of a Level 2 insurance group must ensure that its Group Auditor provides a report to the group relating to the findings of the limited assurance review. This report must meet the requirements set out in paragraphs 21 to 23 of this Attachment.
13. The parent entity of a Level 2 insurance group must ensure that its Group Auditor provides the limited assurance review report to the group within such time as to enable the group to provide the report to APRA on or before the day that the Level 2 insurance group’s annual accounts are submitted in accordance with the Collection of Data Act.
Special purpose review
14. When APRA specifies in writing, a Group Auditor must:
(a) undertake a special purpose review of matters specified by APRA relating to the Level 2 insurance group’s operations, risk management or financial affairs; and
(b) prepare a report in respect of that review.[31]
15. The review must be completed in accordance with any relevant professional standards and guidance notes (as appropriate to the nature of the special purpose review), to the extent that they are not inconsistent with the requirements of this Prudential Standard. Where APRA considers, having regard to the nature of the Level 2 insurance group’s operations and the purpose of the special purpose review, that the review should not be completed in accordance with those professional standards and guidance notes, APRA may advise the Level 2 insurance group in writing that an alternative standard must be used.
16. The cost of a special purpose review will be borne by the Level 2 insurance group. The Group Auditor must submit the report to APRA and the insurer simultaneously within three months of the review being commissioned, unless APRA grants an extension of time in writing.
Non-routine reporting by Group Auditors
17. The parent entity of a Level 2 insurance group must ensure that its Group Auditor reports to APRA on a non-routine basis where APRA requests specific information or where the Group Auditor has information that they consider would assist APRA in performing its functions.[32]
18. If APRA requests information or documents from the Group Auditor, the parent entity of the Level 2 insurance group must ensure that such information or documents are provided to APRA.
Meetings with Group Auditors
19. APRA liaison with a Group Auditor is normally conducted under trilateral arrangements involving:
(a) APRA;
(b) the Level 2 insurance group; and
(c) the Group Auditor.
20. Any one of these parties may initiate a meeting or discussion when the party considers it necessary. Notwithstanding the trilateral relationship, APRA and a Group Auditor may meet on a bilateral basis where either party considers this to be necessary.
Limited assurance review report
21. The parent entity of a Level 2 insurance group must ensure that its Group Auditor prepares a report on an annual basis and provides that report to the group by the time specified in paragraph 13 of this Attachment. The report must:
(a) be addressed to the Board of the parent entity of the group; and
(b) provide the Group Auditor’s opinion on a range of matters.
22. Preparation of the report must be consistent with professional standards and guidance notes issued by the Auditing and Assurance Standards Board as may be amended from time to time, to the extent that they are not inconsistent with the requirements of this Prudential Standard. The parent entity of a Level 2 insurance group must ensure that its Group Auditor bases this report on at least a limited assurance engagement.
23. The parent entity of a Level 2 insurance group must ensure that its Group Auditor specifies in the report the results of their investigations, including the matters listed at Attachment C.
Engagement of the Group Auditor
24. Where this Prudential Standard requires the parent entity of a Level 2 insurance group to ensure that its Group Auditor performs a particular task or service or complies with a certain prudential requirement, the parent entity of a Level 2 insurance group must ensure that the contract engaging the Group Auditor includes a term requiring the Group Auditor to perform the task or service or comply with that requirement.
Attachment C
Matters to be addressed in a limited assurance review report
For the purposes of paragraph 23 of Attachment B, the Group Auditor’s report must address whether:
(a) there is evidence to suggest that the returns provided to APRA in accordance with the Collection of Data Act do not present a fair view of the financial position of the Level 2 insurance group;
(b) there exist systems, procedures and controls that are kept up-to-date and address compliance with all prudential requirements. If the Group Auditor is of the opinion that the group does not have such systems, procedures and controls, it must specify in the report the reasons for this opinion;
(c) systems, procedures and controls relating to actuarial data integrity and financial reporting risks (the risks that incorrect source data will be used in completing returns to APRA in accordance with the Collection of Data Act) are adequate and effective;
(d) during the course of testing the group’s systems, procedures and controls, instances of non-compliance with prudential requirements have been identified. If so, details are to be provided;
(e) the group has complied, in all significant respects, with its Risk Management Strategy (RMS) and Reinsurance Management Strategy (ReMS). If the Group Auditor is of the opinion that the Level 2 insurance group has not complied with its RMS and ReMS, it must specify in the report the reasons for this opinion;
(f) the group has systems, procedures and controls in place to ensure that reliable statistical and financial data are provided to APRA in the semi-annual returns required by reporting standards made under the Collection of Data Act. If the Group Auditor is of the opinion that the group does not have such systems, procedures and controls, it must specify in the report the reasons for this opinion; and
(g) there are matters which have come to the Group Auditor’s attention that will, or are likely to, adversely affect the interests of policyholders of the group. If so, the Group Auditor must provide details in the report.
Attachment D
Financial Information Declaration
1. A regulated institution must provide to APRA a declaration on financial information (Financial Information Declaration) signed by:
(a) the chief executive officer (CEO) (by whatever name called, or for a Category C insurer, the local equivalent); and
(b) the chief financial officer (CFO) (by whatever name called, or for a Category C insurer, the local equivalent).
This declaration is set out in paragraph 2 of this Attachment. Where the CEO and the CFO are the same person, the Financial Information Declaration must be signed by that person and another person to be agreed upon with APRA.
2. The CEO and the CFO must (by the time provided for in paragraph 3 of this Attachment) provide APRA with a Financial Information Declaration, signed by both of them,[33] stating that for the last financial year, to the best of their knowledge and belief having made appropriate enquiries:
(a) the financial information that the regulated institution has lodged with APRA has been prepared in accordance with the Act, Regulations, prudential standards, the Collection of Data Act, accounting standards and other mandatory professional reporting requirements in Australia, to the extent that the accounting standards and professional reporting requirements do not contain any requirements contrary to the aforementioned legislative and prudential requirements;
(b) the information provided to the auditor and Appointed Actuary for the purpose of enabling them to undertake their roles and responsibilities is accurate and complete, consistent with the accounting records of the regulated institution, and a true representation of the transactions for the year and the financial position of the regulated institution;[34] and
(c) the financial information lodged with APRA is accurate and complete, consistent with the accounting records of the regulated institution, and represents a true and fair view of the transactions for the year and the financial position of the regulated institution.
3. The Financial Information Declaration must be submitted to APRA on, or before, the day that the insurer’s yearly statutory accounts or Level 2 insurance group’s annual accounts (as appropriate) are required to be submitted to APRA in accordance with reporting standards made under the Collection of Data Act.
4. If the CEO or CFO qualifies the Financial Information Declaration, the qualified Declaration must include a description of the cause and circumstances of the qualification, and steps taken, or proposed to be taken, to remedy the problem.
[1] Refer to section 39 of the Act.
[2] Refer to paragraph 7(1)(c) of the Act.
[3] Refer to section 49J of the Act.
[4] Refer to section 49L of the Act.
[5] This Prudential Standard sets out further detail regarding these certificates and reports.
[6] Refer to section 49J of the Act.
[7] Refer to paragraph 49J(1)(a) and subsection 49J(3) of the Act.
[8] Refer to subsection 49(J)(3) of the Act.
[9] Refer to paragraph 49J(1)(c) of the Act.
[10] Refer to subsection 49J(4) of the Act.
[11] Refer to paragraphs 49L(1)(a) and (aa) of the Act.
[12] Refer to paragraphs 49J(1)(b) and (c), and subsection 49J(4) of the Act.
[13] Refer to sections 49 and 49A of the Act for details of these requirements. See also section 49B of the Act in relation to voluntary reporting.
[14] Refer to section 49 of the Act.
[15] Refer to section 307B, Corporations Act 2001 for further requirements in relation to audit working papers.
[16] Within the meaning of paragraph 49A(2)(d) of the Act.
[17] Refer to subsection 49A(2) of the Act.
[18] Note the operation of section 38E of the Act in relation to disclosure of certain information to directors and officers of the insurer.
[19] Refer to sections 49 or 49A of the Act.
[20] Refer to subsection 38F(1) of the Act.
[21] Refer to section 49C and subsection 38F(2) of the Act.
[22] Refer to subsection 49J(3) of the Act.
[23] Refer to paragraph 49J(1)(c), subsection 49J(4) and paragraph 49L(1)(aa) of the Act.
[24] The continuation of an exercise of APRA’s discretion with respect to actuarial matters under a previous version of Prudential Standard GPS 310 Audit and Actuarial Valuation and Reporting is captured in Prudential Standard GPS 320 Actuarial and Related Matters.
[25] Note that the Appointed Auditor must meet fit and proper criteria under Prudential Standard CPS 520 Fit and Proper (CPS 520).
[26] Note that the Appointed Auditor must meet fit and proper criteria under CPS 520.
[27] As defined in CPS 520. Note that the responsible auditor must meet fit and proper criteria under CPS 520.
[28] In particular, under CPS 510 read with this paragraph, the Group Auditor of a Level 2 insurance group cannot also be employed by a related body corporate or by related firms.
[29] For the purposes of the limited assurance review in Attachment B and Attachment C of this Prudential Standard, a Level 2 insurance group’s annual accounts comprise the reporting documents in respect of the Level 2 insurance group’s financial year that are required to be prepared by the parent entity of the group in compliance with reporting standards made under the Collection of Data Act but excluding the reporting documents required to be prepared under Reporting Standard GRS 460.0_G Reinsurance Assets by Counterparty (Level 2 Insurance Group) and Reporting Standard GRS 460.1_G Exposure Analysis by Reinsurance Counterparty (Level 2 Insurance Group).
[30] This Prudential Standard sets out further detail regarding these reports.
[31] Refer to paragraphs 49J(1)(b) and (c), subsection 49J(4), paragraphs 49K(1)(a) and (b), and subsection 49K(3) of the Act.
[32] Also note that Part IV Division 2 of the Act sets out the duties of auditors and actuaries of insurers, authorised NOHCs or subsidiaries to give information to APRA.
[33] As per paragraph 1 of this Attachment, where the CEO and the CFO are the same person, the Financial Information Declaration must be signed by that person and another person to be agreed upon with APRA.
[34] Refer to the Act and this Prudential Standard for the roles and responsibilities of auditors; and Prudential Standard GPS 320 Actuarial and Related Matters for the roles and responsibilities of Appointed Actuaries.
