Share this article
Clues about the likely contents of the upcoming final report from the Royal Commission into Aged Care Quality and Safety (the aged care royal commission) can be found in another final report – that of the 2019 financial services royal commission.
The release of the final report from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry1 was a watershed moment in the world of financial services and brought to account the boards and executive teams of many of Australia’s leading banks, insurers, superannuation funds and other financial organisations. The impact of the financial services royal commission, headed by commissioner Kenneth Hayne, was profound and the report continues to affect the sector, the community and national politics two years on.
For aged care, reforms arising from the aged care royal commission will be equally profound. Amongst the changes foreshadowed, the governance, risk and compliance obligations of aged care boards are likely to be significantly strengthened. Similarly, new prudential regulation and financial oversight is expected to be introduced.
To understand what flowed from the 2019 report - and therefore what the aged care sector might expect when its own royal commission final report is released on 26 February 2021 - we summarise the lessons to be learned from the financial services royal commission, as well as outline what the journey ahead might look like for the aged care sector.
The financial services royal commission uncovered a raft of poor industry practices and instances of wrongdoing that impacted customers. The central messages of the final report were straightforward for all:
Obey the law.
Act fairly and do not mislead or deceive.
Provide services that are fit for purpose.
Deliver services with reasonable care and skill
When acting for another, act in the best interests of that other.
Commissioner Hayne also called on regulators to enforce the law and take a ‘why not litigate’ approach.
To understand the breadth of its impacts, we consider the effects of the financial services royal commission from three different perspectives:
How the government responded.
How regulators responded.
How boards and executive teams of financial organisations responded.
The federal government was decisive in its response to the financial services royal commission final report, with the Treasurer immediately announcing the government would enact all of the recommendations in the report2.
Although slowed down by COVID-19, there have been waves of regulatory changes enacted in order to implement the 76 financial services royal commission recommendations, with more changes planned.
The government has also significantly increased the funding of regulators, Australian Securities and Investments Commission (ASIC) and the Australian Prudential Regulation Authority (APRA), by circa $550 million over four years. The regulators are using this to build capability and resourcing, in order to emerge stronger, and with more ambitious supervisory programs.
ASIC and APRA are today more capable and more active in their oversight of the sector, as well as more rigorous in holding financial organisations to account. Three significant shifts have occurred.
First, ASIC acted to require financial institutions to undertake large-scale remediations to address past breaches. This had a significant impact on the organisations involved. For example, by December 2020, banks and other financial organisations had paid more than $1.24 billion to customers as compensation for ‘fees for no service’ or poor financial advice3. This amount is expected to grow as remediation activity ramps up further.
Secondly, we observed a big jump in the number of regulatory notices issued by ASIC and APRA, creating significant work for the organisations receiving them. The regulators commenced investigations to uncover regulatory breaches and industry reviews to benchmark industry practice in areas of concern. Regulators were more likely to publish the outcomes of these reviews and investigations, bringing a new level of transparency and impacting the reputations of the affected organisations.
Thirdly, ASIC strengthened its enforcement capabilities and commenced a raft of legal proceedings. The first targets were those organisations uncovered during case studies at the royal commission hearings. These have been taken to full hearing, following a ‘why not litigate’ approach.
We have seen an increase in the size of penalties issued by the courts for breaches. Fines have ranged from the millions to tens of millions (and we’ve even seen penalties in the billion-dollar range for money laundering breaches in the actions brought by the Australian Transaction Reports and Analysis Centre (AUSTRAC)).
Financial organisations have had to change markedly in order to adapt to this new regulatory environment. We highlight below six themes that summarise how boards and executive teams have had to change.
First, financial organisations have worked to strengthen risk and compliance capabilities across their three lines of defence. Line two and three roles have been recruited and refreshed, risk teams are better resourced, and the voice of risk has grown in stature and credibility.
Work continues to improve the awareness and competency of people at the front line (i.e. line one) to better manage the risks they face day-to-day.
Directors have been challenged to strengthen the role played by the board and to set a clear tone from the top. Many boards have reviewed and refreshed the board structure and the remit of committees.
Board evaluations have probed non-executive director (NED) skills and capabilities and the quality of oversight practices. Boards have called out the need for significantly better reporting from management to ensure they are receiving the right information to oversee the business. The board/management dynamic has shifted markedly with NEDs more likely to apply a ‘show me, don’t tell me’ approach when engaging with management, as well as applying much greater rigour to hold management to account.
Non-financial risk encompasses compliance; regulatory risk; operational risk; data, cyber and technology risk; customer outcomes; employee conduct risk; privacy/confidentiality; governance and more. Non-financial risk brings significant customer, reputational and financial exposures. In the past, financial organisations focused more on financial risks such as credit and solvency risk. More recently, however, boards and executives have brought much greater focus to the management of non-financial risks by increasing agenda time, reporting and oversight activities to manage them.
Commissioner Hayne described culture as shared values and norms that ‘shape behaviour and mindset’ or, more practically: ‘What people do when no one is watching’.
Each organisation is responsible for its own culture, and boards are required to assess and oversee it. This means going beyond monitoring and measuring culture, to actively managing it by targeting risk culture weaknesses and conduct issues. Financial organisations are developing more sophisticated mechanisms to understand and track their culture, and are investing in regular culture reviews and culture change programs.
There has been a shift from a focus on the customer ‘experience’, to the outcomes that must be delivered to customers - particularly in relation to what they pay for services or products. This requires clarity on what those outcomes are (as set by regulatory standards, contractual obligations or customer expectations), as well as much-improved reporting and monitoring of these outcomes.
There is also a greater focus on customer complaints, including those in the tail, the insights to be drawn from them, and the identification of systemic issues from aggregating previously isolated data points.
Accountabilities are a cornerstone requirement for the board to challenge executives and hold them to account. All financial institutions are implementing an enhanced accountability regime (a recommendation of the financial services royal commission), and board remuneration committees are receiving more detailed information on incidents and risk outcomes to feed into remuneration decisions.
Organisations are also strengthening their consequence management frameworks to guide the consequences applied to conduct issues, such as breach of policy or misconduct. Mechanisms may include further training, removing delegated authorities, impacting promotion and more.
The changes across financial services over the two years since the release of the financial services royal commission’s final report provide many signposts for the challenges ahead for aged care operators.
The aged care sector will be embarking on a significant change journey.
Based on the financial services experience, however, the aged care sector will emerge stronger and more capable of serving the people needing care, as well as supporting communities and meeting the higher expectations of stakeholders.
1The final report into the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry was handed down on 1 February 2019
2 Minor exceptions only (e.g. a ban on commission payments to mortgage brokers).
3 Australian Securities & Investments Commission, 21-023MR ASIC update: Compensation for financial advice related misconduct as at 31 Dec 2020, 12 February 2021
5 minute read | March 18, 2021
6 minute read | April 15, 2021
5 minute read | April 30, 2021
6 minute read | February 22, 2021
5 minute read | February 22, 2021
8 minute read | March 18, 2021
6 minute read | May 11, 2021