ASIC has released a new set of proposals to improve risk management systems for responsible entities, in the hope of remedying an absence of detailed guidance on risk management adequacy.
The proposals, released on 21 July, follow a review of responsible entities conducted in February 2015 which highlighted a number of “inconsistencies” in arrangements between various responsible entities.
ASIC noted that several of the entities, particularly smaller ones, could make improvements to their risk management systems, and the regulator anticipates the new proposals will assist in this.
“Our proposed guidance is intended to provide flexibility for responsible entities to develop and maintain risk management systems that are appropriate for the nature, scale and complexity of their operations,” ASIC said in a statement.
The current proposals draw on feedback ASIC received in 2013 when the regulator published a similar set of proposals in CP 204, which was not implemented since ASIC was “awaiting the outcome of the 2014 Financial System Inquiry”.
The responses received in relation to CP 204 generally supported the need for clearer guidance on adequate risk management systems, though ASIC noted many of their proposals were not new.
“Feedback indicated that most of the proposed processes were already included in the existing risk management systems of most responsible entities, to varying degrees of sophistication,” ASIC said.
Some of the proposals include having responsible entities have documented processes to identify and assess risks, ensure their systems address all material risks and conduct stress testing or scenario analysis “as frequently as appropriate”.
“Risk management is an area where there are a number of ways that the requirements could be met, taking into account the nature, scale and complexity of the particular business and schemes operated. We consider flexibility is required to accommodate this and to enable responsible entities to respond to any changes in market conditions,” ASIC added.