FAR is near, so get ready

6 min read
6 min read

Following the Financial Services Royal Commission, the Government proposed an extended regulatory framework, the Financial Accountability Regime (FAR) which will apply to all registrable superannuation entities (RSEs). The FAR will have a focus on non-financial risks including misconduct and end-to-end product management to enhance consumer protections.

Following the COVID-19 crisis, APRA will defer the regulatory extension until at least September 2020 and more likely 2021. As the coronavirus restrictions begin to ease and we move into a recovery phase, now is the time for RSEs to prepare their data for the impending regulations.

Data provides cultural insights

A keystone principal is the superannuation fund trustee must act in the ‘best interests’ of its beneficiaries. The FAR drills down on this principal and sets out the obligations of ‘accountable persons’ within an RSE. This includes the obligation to ‘take reasonable steps […] to prevent matters from arising that would adversely affect the prudential standing or prudential reputation of the entity.’

To demonstrate ‘reasonable steps’, RSEs and their ‘accountable persons’ will need to quickly navigate, understand and report on all aspects of their internal governance, culture and risk management.

An entity’s data contains key insights into the culture of that organisation. A strong information governance framework is essential to managing current and future data holdings and mitigating non-financial risks.

Information governance framework review

A review of your existing information governance framework is fundamental to getting to grips with your data and ensuring compliance with the impending regulatory obligations.

Some necessary steps when conducting the review, analysis and evolution of your information governance framework include:

1) Stakeholder representation

The obligations under the FAR will extend across multiple functions within licenced RSEs. In the example cited by Treasury, ‘accountable persons’ may have responsibility for operations including:

  • oversight of the entity as a member of the Board
  • risk management
  • HR
  • dispute resolution (internal and external)
  • claim and benefit entitlement handling
  • financial advice offerings (if any)
  • insurance offerings.

The information governance review must have stakeholder representation from across all functions, not just legal or IT.

2) Data mapping and audit

All records held by a licensed RSE, from historical hardcopy trust agreements through to instant messenger exchanges are classified as data.

It is important to understand your existing data holdings and data creation methods. This may involve an audit or mapping of your organisation’s data.

Who is responsible for the data?

Where is the data stored?

When was the data created? Is the data still relevant?

What format is the data? What systems generate the data?

Why is the data necessary? What is the operational value?

3) Understanding regulatory requirements

Your data management strategy and information governance framework will be influenced by the new obligations created under the FAR.

What are the regulatory obligations related to this data or the information it records? Are there privacy obligations related to the content of the data?

The Commission’s final report on superannuation had a significant focus on the culture and governance of an entity. Case studies included examples of corporate culture that promoted aggressive sales tactics, conflicts between duty and interests and failures to report statutory breaches.

Are you currently monitoring internal and external communications for indications of a culture of misconduct?

Could you quickly and efficiently provide the regulators all the data related to sales, complaints or claims in response to a regulatory notice?

4) Managing unstructured and disparate data

Unstructured and disparate data held across multiple software platforms is difficult to navigate and review.

Compliance under the FAR will require organisations to demonstrate that they understand exactly what data they have, where it is stored and can produce it quickly.

Collecting, processing and indexing data can provide you with the foundations of a searchable database. Tagging documents with key metrics such as custodian, date of creation and document categorisation creates organised and easily managed data holdings.

Indexed data stored in a central repository is easily searched, analysed and produced to internal audit teams, your lawyers and the regulators.

5) Team ‘buy in’

In order to remain compliant with the new obligations under the FAR, you will need more than policies, software and databases. Ongoing compliance will involve the ‘buy in’ of your team.

The employees in your organisation need to clearly understand what is required of them and why.

Your team will require not just onboarding to new systems, processes and procedures but also regular training to remain compliant.

In order to demonstrate ‘reasonable steps’ to the regulators, training should be recorded and stored to produce to the regulators when required.

6) Ongoing monitoring

Completing your information governance framework review should provide:

  • understanding of your entity’s existing data
  • identification of the systems and custodians that create new data
  • understanding of the regulatory requirements
  • a searchable central document repository
  • key data that may indicate a potential regulatory breach
  • internal stakeholder and team buy in.

Now is the time to define methods to continually monitor your data. For example, if all internal and external communication data is regularly collected, organised and analysed, the risk of misconduct will dramatically reduce.

Continual monitoring of data will demonstrate ‘reasonable steps’ have been taken to understand organisational culture, promote accountability and act in the ‘best interests’ of members.

7) Measure results

Define metrics and organisational goals related to your updated information governance framework.

Ensuring compliance with the new regulatory obligations created by the FAR may be the primary driver to improving your data management but there may be several other benefits including:

  • enhanced data security
  • securing sensitive, confidential or personal information
  • reducing data volumes, technology and administrative costs
  • increased team productivity
  • mitigating the risk of litigation.

Defining metrics and benchmarks for these goals will enable you to measure the success of the implementation of your updated information governance framework. You can gain insight into key performance indicators such as:

  • reduced overheads related to compliance and governance
  • lower data volumes and IT storage costs
  • fewer irrelevant documents collected in response to a regulatory notice
  • decreased incidence of potential data breach.

Information governance for proactive compliance

Effective information governance goes far beyond data holdings and defensible deletion of documents. Data contains the insights as to whether the culture of an organisation promotes acting in the ‘best interests’ of members in every interaction.

A strong information governance framework is the first step to demonstrating to APRA that you are moving into a regime of proactive compliance.

Picture of By Jackie Garton

By Jackie Garton

head of regulatory and compliance

More Reading

Super system can turbocharge productivity on road to net zero
In-Depth In-Depth

Super system can turbocharge productivity on road to net zero

Understanding the Division 296 super tax
In-Depth In-Depth

Understanding the Division 296 super tax

Rebuilding trust and embracing disruption: Lessons from banking for superannuation
In-Depth In-Depth

Rebuilding trust and embracing disruption: Lessons from banking for superannuation

Daniel Mulino MP

Assistant Treasurer and Minister for Financial Services

Sessions

Keynote 8 – Navigating the energy transition: opportunities, investor strategies and policy needs

Born in Brindisi, Italy, Daniel was a young child when he moved with his family to Australia. He grew up in Canberra and completed his first degrees – arts and law – at the ANU. He then completed a Master of Economics (University of Sydney) and a PhD in economics from Yale.

He lectured at Monash University, was an economic adviser in the Gillard government and was a Victorian MP from 2014 to 2018. As Parliamentary Secretary to the Treasurer of Victoria, Daniel helped deliver major infrastructure projects and developed innovative financing structures for community projects.

In 2018 he was preselected for the new federal seat of Fraser and became its first MP at the 2019 election, re-elected in 2022 and 2025. From 2022 to 2025, Daniel was chair of the House of Representatives’ Standing Economics Committee in which he chaired inquiries; economic dynamism, competition and business formation and insurers’ responses to 2022 major floods claims.

In 2025, he became the Assistant Treasurer and Minister for Financial Services.

In August 2022, Daniel published ‘Safety Net: The Future of Welfare in Australia’, which aims to explore the ways in which an insurance approach can improve the effectiveness of government service delivery.