1. What are the national authorities for banking regulation, supervision and resolution in your jurisdiction?

The Australian banking sector is regulated by three key regulators, being the Australian Prudential Regulation Authority (APRA), which is responsible for financial system stability and depositor protection, the Australian Securities and Investments Commission (ASIC), which is responsible for market conduct and consumer protection, and the Reserve Bank of Australia (RBA), which is responsible for monetary policy, overseeing financial system stability and the payments system.

APRA is a statutory authority established for the primary purpose of the prudential supervision of financial institutions in Australia. The Australian Prudential Regulation Authority Act 1998 (Cth) (APRA Act) sets out that APRA’s core objective is maintaining the financial safety of institutions and the stability of the Australian financial system. APRA’s core objective must be balanced against the objectives of efficiency, competition, contestability and competitive neutrality. APRA establishes and enforces a comprehensive framework of prudential standards with which regulated institutions must comply, including minimum capital, governance and risk management requirements.

ASIC is the corporate, markets and financial services regulator and is responsible for market integrity and consumer protection across the financial system. ASIC enforces the law under the Corporations Act 2001 (Cth) (Corporations Act), sets and enforces banking standards, and investigates and acts against misconduct in the banking sector as required by the Australian Securities and Investments Commission Act 2001 (Cth) (ASIC Act).

The RBA is Australia’s central bank and payments system authority. The RBA promotes overall financial system stability by managing and providing liquidity to institutions, conducing monetary policy, issuing banknotes, monitoring financial system risks and regulating the payments system (including supervising payment schemes and purchased payment facility operators.

There is also a range of other regulators and government bodies which regulate and supervise the Australian banking sector. These include:

  • Federal Treasury – Federal Treasury is an executive arm of the Australian Government, which is responsible for advising the government on financial system stability issues and on the legislative and regulatory framework underpinning the financial system.
  • Australian Competition and Consumer Commission (ACCC) – The ACCC is responsible for competition policy and monitors competition, fair trading and consumer protection (in areas other than financial services) in compliance with the Competition and Consumer Act 2010 (Cth) (CCA). The ACCC and Federal Treasury play a key role in terms of the ownership and acquisitions of supervised financial institutions.
  • Australian Transaction Reports and Analysis Centre (AUSTRAC) – AUSTRAC is Australia’s anti-money laundering and counter-terrorism financing regulator and specialist financial intelligence unit. AUSTRAC regulates designated services carried on by “reporting entities” (including authorised deposit-taking institutions).
  • Australian Tax Office (ATO) – The ATO is the Australian Government’s principal revenue collection agency.
  • Foreign Investment Review Board (FIRB) – FIRB examines proposals by foreign persons to invest in Australia and makes recommendations to the Federal Treasurer on proposals, subject to the Foreign Acquisitions and Takeovers Act 1975 (Cth) (FATA) and the Federal Government’s Foreign Investment Policy.
  • Australian Securities Exchange (ASX) – The ASX regulates equities, derivatives and enterprise trading markets, and ensures compliance with disclosure and market awareness obligations.
  • Australian Financial Complaints Authority (AFCA) – AFCA is Australia’s dispute resolution scheme for financial services. All financial service providers are required by ASIC to be members of AFCA

2. Which type of activities trigger the requirement of a banking licence?

An entity that wishes to conduct banking business in Australia must be authorised by APRA as an authorised deposit-taking institution (ADI) or otherwise be entitled to rely on an exemption from the requirement to be an ADI. Under the Banking Act 1959 (Cth) (Banking Act), banking business means a business that consists of:

  • banking within the meaning of the Australian Constitution (ie, banking, other than state banking; also state banking extending beyond the limits of the state concerned, the incorporation of banks, and the issue of paper money); or
  • a business whose activities consist of both taking money on deposit (otherwise than as part payment for identified goods or services) and making advances of money as well as certain other financial activities such as holding stored value.

Under the Payment Systems (Regulation) Act 1998 (Cth), a holder of stored value in connection with a PPF must be authorised as an ADI (though usually such entities are only authorised to conduct limited banking business – see section 3). A purchased payment facility (PPF) is a facility (other than cash) that can be purchased, is able to be used as a means of making payments up to the amount that is available for use under the conditions applicable to the facility and the payments are to be made by the provider of the facility or by a person acting under an arrangement with the provider (ie, not the user of the facility). The holder of stored value is the person making payments in relation to the PPF.

Under certain circumstances, a company may be required to apply for authorisation as a non-operating holding company (NOHC) of a group of companies that includes one or more ADIs. NOHCs do not carry on a business other than the business of ownership or control of other bodies corporate.

3. Does your regulatory regime know different licences for different banking services?

There are a number of different ADI-related licences depending on the type of banking services provided and the corporate structure of the entity providing banking services.

Entities that carry on banking business generally apply for an ADI licence under one of the following three categories:

  • Australian ADI for bodies corporate incorporated in Australia and carrying on banking business in Australia. This is known as the direct pathway and is generally recommended for businesses that have the existing resources and capabilities to immediately establish an ADI. The ADI authorisation permits the business to conduct its intended banking business from the grant of the licence but the applicant must demonstrate its ability to meet the full prudential framework and readiness to commence banking business. Before authorisation, an applicant for an ADI must achieve a limited launch of at least one income-generating asset product and be operationally ready to launch deposit products shortly after being authorised.
  • Foreign ADI for foreign bodies corporate, which are authorised to carry banking business and provide services to wholesale clients in Australia by establishing an Australian branch. For further information, see section 9.
  • Locally-incorporated subsidiary ADI for foreign bodies corporate, which are authorised to conduct banking business and provide services to wholesale and retail clients in Australia by establishing a locally- incorporated subsidiary as a separate legal entity from its oversees parent.

For locally incorporated entities, APRA also offers a restricted pathway to becoming an ADI, known as a restricted ADI (RADI) licence. Becoming a RADI may be appealing to new entrants to allow them time to develop the resources and capabilities to establish an ADI. The restricted pathway allows entrants to conduct limited banking business as a RADI for a maximum of two years, before needing to meet the requirements of the full prudential framework and applying for an ADI licence.

The initial conditions on a RADI licence are more restricted than those of a full ADI licence, reflecting the restricted range of activities permitted under the licence.

This pathway can assist entrants in seeking the investment required to operationalise the business while progressing compliance with the full prudential framework and an ADI licence application. Entrants that cannot meet the requirements of an ADI are expected to exit banking business.

Generally, APRA will subject new ADIs and RADIs to greater prudential supervision than established ADIs in the initial years of being licenced. This includes APRA accounting for the heightened risk profile of new ADIs and RADIs by adopting adjusted capital requirements, contingency planning and deposit restrictions. For new ADIs, APRA will assess the sustainability and track record of the new ADI when determining whether the ADI is established and these adjustments are no longer necessary.

As well as ADI and RADI licences, APRA also issues limited ADI licences to holders of stored value in connection with PPFs, authorising them to undertake a limited range of banking activities. Generally, APRA will impose the following conditions on the limited ADI licence:

  • PPF providers cannot accept deposits for the purpose of making advances of money (excluding incidental credit balances resulting PPFs);
  • PPF providers must not represent they are an ADI without qualifying they are only authorised to provide PPFs and not authorised to take deposits;
  • PPF providers can only conduct PPF operations and closely related services;
  • PPF providers must be incorporated in Australia; and
  • PPF providers must provide APRA with financial data on a periodic basis.

As set out in section 2, under certain circumstances, a company may also be required to apply for authorisation as a NOHC of a group of companies that includes one or more ADIs. NOHCs do not carry on a business other than the business of ownership or control of other bodies corporate.

As well as the above, entities wishing to carry on banking business will likely need to hold an Australian financial services licence (AFSL) (see section 4) to provide financial services and an Australian credit licence (ACL) (see section 4) to undertake credit activities and provide credit services.

Finally, while not a licence:

  • carrying on banking business will likely constitute providing designated services under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act). The AML/CTF Act regulates entities (referred to as reporting entities) that provide designated services with a geographical link to Australia. The geographical link is satisfied where the designated service is provided through a permanent establishment in Australia, the provider is a resident of Australia and the designated service is provided through a permanent establishment in a foreign country or the provider is a subsidiary of an Australian company and the service is provided through a permanent establishment of the subsidiary in a foreign country. Designated services include certain account related services where the account provider is an ADI, debit card and store value card services, remittance services and making a loan, where the loan is made in the course of carrying on a loans business. The AML/CTF Act and AML/CTF Rules require reporting entities to enrol with AUSTRAC, adopt and maintain a compliant anti-money laundering and counter-terrorism financing program, report certain matters to AUSTRAC and keep records of certain matters.
  • Reporting entities that provide remittance services or digital currency exchange services must also register with AUSTRAC; and
  • ADIs must open an exchange settlement account (ESA) with the RBA. ESAs are the means by which providers of payments services settle obligations that have accrued in the clearing process.

4. Does a banking licence automatically permit certain other activities, e.g., broker dealer activities, payment services, issuance of e-money?

Authorisation as an ADI or RADI under the Banking Act does not automatically permit other activities. The Banking Act does not generally govern or affect the relationship between an ADI and its customers. Many financial products and services offered by ADIs and other financial institutions fall outside the definition of “banking business” as regulated by the Banking Act (eg, credit facilities, non-cash payment (NCP) facilities including debit cards, direct debit or credit arrangements, finance lease, hire purchase, foreign currency exchange and derivatives). The provision of financial services and consumer credit services are regulated separately from the regulation of banking business under the Banking Act.

Financial services

Subject to limited exceptions, a person who “carries on a financial services business in Australia” must hold an AFSL authorising the person to provide the relevant financial services. AFSLs are issued by ASIC. A financial services business is taken to be carried on where a person, in the course of carrying on a business, engages in conduct that is intended (or likely) to induce clients in Australia to use a financial service provided by the person, even if the conduct is intended (or likely) to have that effect in other places as well. Financial services includes the provision of financial product advice, dealing in a financial product and making a market for a financial product, where “financial product advice”,“dealing” and “making a market” are widely defined to include many banking services. Financial products to which financial services relate include a range of banking products such as deposit products and NCP facilities (eg, debit cards). Broker dealer services and payment services (including in relation to e-money) will also fall within the AFSL regime.

One exemption from the requirement to hold an AFSL is available to an APRA-regulated body (including an ADI) where the service is one in relation to which APRA has regulatory or supervisory responsibilities and the service is provided only to wholesale clients as defined under the Corporations Act. The provision of financial products and services by an ADI to a retail client generally requires an AFSL.

Consumer credit

Certain consumer credit activities are regulated separately by ASIC under the National Consumer Credit Protection Act 2009 (Cth) (NCCPA). A person engaging in a credit activity (eg, providing credit as a lender) or providing credit services (eg, providing credit assistance to customers) in connection with credit regulated under the National Credit Code (NCC) must hold an ACL or be entitled to rely on an exemption from the requirement to hold an ACL. The NCC applies to credit that is provided to natural persons or strata corporations, for a fee or charge, wholly or predominantly for: (1) personal, household or domestic purposes; (2) to purchase, renovate or improve residential property for investment purposes; or (3) to refinance credit that has been provided wholly or predominantly to purchase, renovate or improve residential property for investment purposes, and in the course of carrying on a business of providing credit in Australia. In the context of banking activities, ADIs must hold an ACL to lend to consumers (eg, personal loans, mortgages and credit cards).
Financial services and consumer credit providers may also have obligations under the AML/CTF Act (see section 3).

5. Is there a “sandbox” or “license light” for specific activities?


For banking activities, APRA offers a restricted pathway for locally incorporated entities to becoming an ADI, known as a RADI (see response to section 3). Becoming a RADI permits new applicants (who may not have the resources and capabilities to establish an ADI) to conduct limited banking business for up to two years, giving them time to develop the necessary resources and capabilities to meet the full prudential framework.
The initial conditions on a RADI licence are more restricted than those of a full ADI licence, reflecting the restricted range of activities permitted under the licence, and RADIs are subjected to greater prudential supervision by APRA to account for the heightened risk profile of RADIs.

Fintech sandbox

For financial services and consumer credit activities, ASIC has made certain class orders establishing a fintech licensing exemption and released Information Sheet 248 Enhanced regulatory sandbox. ASIC’s regulatory guidance details ASIC’s framework for fintech businesses to test certain financial services, financial products and credit activities without holding an AFSL or ACL by relying on the class orders for up to 24 months (referred to as the regulatory sandbox). There are strict eligibility requirements for both the type of businesses who can enter the regulatory sandbox and the products and services that qualify for the licensing exemption.

Once a fintech business accesses the regulatory sandbox, there are restrictions on how many persons can be provided with a financial product or service and caps on the value of the financial products or services which can be provided.

6. Are there specific restrictions with respect to the issuance or custody of crypto currencies, such as a regulatory or voluntary moratorium?

There are no specific restrictions with respect to the issuance or custody of cryptocurrency (eg, a regulatory or voluntary memorandum). However, the issuance or custody of cryptocurrency may be require the issuer or holder to be licensed under the Australian regulatory regime. Generally, the predominant focus on the regulation of cryptocurrency has revolved around the application of cryptocurrency and cryptocurrency- adjacent services to the established regulatory framework. For example, the features of a particular cryptocurrency or the features of a service permitting payment using cryptocurrencies may mean that it constitutes a financial product, triggering the AFSL requirement.

As at the time of writing, the Federal Government of Australia (Government) announced that it will release a ‘token mapping’ consultation paper in early 2023 to inform what digital assets should be regulated by financial services laws, and the development of appropriate custody and licensing arrangements to focus on consumer protection. Following this consultation, the Government will consult on a custody or licensing framework with the intention to introduce legislation to follow.

7. Do crypto assets qualify as deposits and, if so, are they covered by deposit insurance and/or segregation of funds?

Deposit products under the Corporations Act are any deposit-taking facility made available by an ADI under the Banking Act in the course of its banking business. While the RBA governor has suggested that stablecoins should be treated like deposits, to date, it has been the case that crypto assets do not qualify as deposit products and wallets holding cryptocurrency are therefore not covered by deposit insurance. The Australian banking regulatory regime practically only applies to entities that deal in fiat currency and is not currently designed to support entities that deal exclusively in crypto assets (particularly crypto assets that are commodities or utilities and do not have the traditional function of money) and it would be practically difficult to meet the requirements of the banking regime.

On the segregation of funds, ASIC considers that specialised infrastructure and expertise is required to effectively, safely and securely custody crypto assets. Following its consultation on crypto assets (ASIC Consultation Paper 343 Crypto assets as underlying assets for ETPs and other investment products), ASIC has set out a number of good practices in Information Sheet 225 Crypto-assets relating to considerations when offering retail clients exposure to crypto assets.

Specifically, ASIC has recommended (among other suggestions) that crypto assets be segregated on the blockchain such that customer assets are not comingled with the custodian’s assets. While ASIC’s guidance has been provided in the context of responsible entities engaging custodians to hold crypto assets in connection with retail managed investment schemes rather than banking, the guidance is relevant more generally as to its expectations for all entities that intend to custody crypto assets for clients, regardless of whether the crypto assets are regulated financial products.

Australia’s regulatory framework (including how this relates to digital assets, payments, stored value and custody) is under review. It is anticipated that there will be recommendations that will impact how crypto assets and crypto asset-adjacent services are treated by regulators.

8. If crypto assets are held by the licensed entity, what are the related capital requirements (risk weights, etc.)?

The current Australian bank capital framework does not contemplate any capital requirements in relation to crypto assets held by an ADI or other APRA-regulated entity.

However, in 2022, APRA released a letter titled ‘Crypto- assets: Risk management expectations and policy roadmap”, which indicates that APRA is developing a longer-term prudential framework for crypto assets and related activities in consultation with other regulators internationally. For ADIs, the Basel Committee is consulting on the prudential treatment for bank exposures to crypto assets which will form the basis of internationally agreed minimum standards for ADIs and APRA’s corresponding prudential expectations. APRA’s initial view on capital management is that ADIs that invest in crypto assets will need to ensure that they hold an appropriate level of regulatory capital, and factor any exposures into the internal capital adequacy assessment process and stress testing where relevant. Crypto assets defined as intangible assets under the relevant accounting standards must be deducted from Common Equity Tier 1 Capital.

The policy roadmap sets out that APRA plans to consult on requirements for the prudential treatment of crypto asset exposures in Australia for ADIs following the Basel Committee’s consultation in 2023, develop and revise requirements for operational risk management for operational risks associated with crypto asset activities, and consider approaches to prudential regulation of stablecoins.

In the meantime, APRA has indicated that it expects that all regulated entities will adopt a prudent approach if they are undertaking activities associated with crypto assets, including conducting appropriate due diligence, comprehensive risk assessment and management of operational, investment and credit risks, consideration of Prudential Standard CPS 231 Outsourcing when relying on third parties, application of robust risk management controls, as well as compliance with conduct and disclosure regulation administered by ASIC. Entities are expected to consult with APRA and ASIC where they are unclear on prudential, disclosure or conduct requirements and expectations when undertaking activities associated with crypto-assets. APRA states that regulated entities should engage with their responsible supervisor if they are undertaking activities associated with crypto assets.

9. What is the general application process for bank licences and what is the average timing?

ADI and RADI applications

The application process for an ADI licence involves the following steps:

  • Pre-application – all entities contemplating an ADI licence are encouraged to engage APRA in preliminary consultation on its plans to carry on banking business in Australia, discuss licensing pathways and address any material issues or concerns raised by APRA prior to submission of their licencing application.
  • Lodging an application – once an entity has addressed or has an acceptable proposal to resolve any issues arising from the pre- application meetings, the entity may make a formal application to APRA requesting authority to conduct banking business in Australia and pays the applicable application fee. A non-refundable application fee is payable prior to APRA commencing a detailed assessment of the applicant. As at the timing of writing the fee is AUD$110,000 for an ADI and AUD$80,000 for a RADI. RADIs must pay an additional AUD$30,000 upon progressing to becoming an ADI. The application must be accompanied by supporting documents as set out in APRA’s published guidelines;
  • Assessment – APRA will assess the application in an iterative process with the applicant. This process includes APRA providing feedback and/or requesting further information, meetings with senior officers and other responsible persons, review of policies and procedures and an on-site review. The applicant must be able to demonstrate:
    • an approach which proportionately meets the requirements of the prudential standards; a sound risk culture; and that it has adequate financial and non-financial resources, including staff with appropriate expertise to commence operations for which it is being licensed and to competently implement sound risk management practices.

The applicant’s supporting documents generally include details related to the applicant’s ownership and management, three-year business plan, financial resources, and risk management procedures.

  • Substantially complete application – When APRA considers the application to be substantially complete, it will advise the applicant. At this stage, an applicant will have demonstrated that it has sufficient financial and non-financial resources, and has submitted all of the expected supporting material which is of sufficient quality and detail to allow APRA to complete its assessment. Once APRA is satisfied that it has a substantially complete application, a licensing decision is ordinarily made within 90 days.
  • Licensing decision – APRA’s licensing team’s recommendation as to whether to grant a licence is subject to a challenge process by APRA’s subject matter experts. Once APRA’s licensing team prepare a final recommendation on the application, an independent decision-maker will determine whether APRA will grant or refuse the application of the ADI licence based on the financial risks faced by the applicant and any threat it poses to a stable financial system. Unsuccessful applicants will be advised of the reasons for the decision in writing and may request APRA to review its decision.

RADIs will be expected to demonstrate a credible business plan, a credible plan to meet the prudential framework for new ADIs within a period of two years including launch of live products during the restricted phase, and a credible contingency plan that includes at least one option to execute an orderly and solvent exit from banking business.

As APRA’s assessment of applications is an iterative process, the time taken to obtain a licence varies among applicants. Assessment for an ADI generally takes 12-18 months and depends on factors such as the complexity of proposed arrangements, the applicant’s responsiveness to any inquiries or requests by APRA, and the quality of the documentation submitted. 

Assessments for prospective RADIs generally take at least 6 months.

PPF application

The application process for an ADI licence involves the following steps:

  • Pre-application – all PPF provider applicants are encouraged to contact APRA for preliminary consultation to assist APRA to identify any matters that might adversely impact on the proposal and advise on the format and required content.
  • Lodging an application – once an entity has addressed or has an acceptable proposal following the pre-application meetings, the entity may make a formal application to APRA and pay the applicable application fee. A non- refundable application fee is payable prior to APRA commencing a detailed assessment of the applicant. As at the timing of writing the fee is AUD$55,000 for a PPF provider. The application must be accompanied by supporting documents as set out in APRA’s published guidelines;
  • Processing and assessment – APRA will assess the application in an iterative process with the applicant. This process includes APRA providing feedback and/or requesting further information, meetings with senior officers and other responsible persons, review of policies and procedures and an on-site review. The time required to process an application will depend on the particular circumstances of each application.

10. Is mere cross-border activity permissible? If yes, what are the requirements?

Mere cross-border activity is permissible in certain circumstances. An overseas bank may conduct banking business with Australian counterparties from an offshore office without a licence from APRA, provided the overseas bank does not:

  • maintain an office or permanent staff in Australia, including staff employed by another entity within the banking group that conducts business on its behalf;
  • solicit business from retail customers in Australia;
  • use a “restricted word” under section 66 of the Banking Act (eg, bank, banker, banking, building society, credit union, or credit society) in its business without consent from APRA; and
  • all business contracts and arrangements are clearly transacted and booked in offshore and are subject to an offshore legal and regulatory jurisdiction.

If the above requirements are not satisfied, overseas banks are still able to operate in Australia in a number of ways depending on the type of business they will be conducting. Each of the following pathways to operating in Australia require authorisation of the overseas bank’s home country supervisor:

  • Representative Office – An overseas bank may establish a representative office to conduct liaison and research activities in Australia. The representative office must not conduct any form of banking business or activities related to the administration of banking business. Overseas banks must apply for consent from APRA to establish a representative office and receive an additional consent from APRA if any “restricted words” are used in the course of their business. This consent will, generally, require that the overseas bank is subject to adequate prudential supervision as a bank in its home country and is of good repute.
  • Foreign ADI – An overseas bank may conduct carry out banking business with wholesale clients in Australia by obtaining a foreign ADI licence and establishing an Australian branch. Applicants must apply to APRA for authority to conduct banking business in Australia as a foreign ADI. Whilst foreign ADIs are not subject to capital requirements by APRA, they will need to meet other local regulatory requirements applicable to its business (eg, restrictions on deposits and generally provide products and services to wholesale clients only). Applicants should also consider non-APRA regulated requirements such as their need for an AFSL or ACL (see section 4), FIRB approval and an Exchange Settlement Account. See section 11 for further organisational requirements for foreign ADI licensees.
  • Subsidiary ADI – An overseas bank may conduct banking business and provide services to wholesale and retail clients in Australia by establishing a locally-incorporated subsidiary ADI. A locally-incorporated subsidiary ADI is a separate legal entity from its overseas parent and will need to meet the local capital and regulatory requirements outlined in section 11 on a stand-alone basis.
  • Non-bank locally incorporated subsidiary – An overseas bank which wishes to offer non-banking financial services to both retail and wholesale clients in Australia can establish a non-bank locally incorporated subsidiary. A non-banking financial business is licensed and regulated by ASIC, and restrictions on the use of the word “bank” will apply.

Overseas banks that wish to carry on a financial services business in Australia will be required to hold an AFSL or be otherwise exempt from the AFSL requirement. Similarly, overseas banks that wish to undertake credit activities or provide credit services must hold an ACL or be otherwise exempt from the ACL requirement. There are exemptions from the AFSL requirement for certain foreign financial services providers (FFSPs) however the Australian FFSP regulatory regime is currently in a state of flux and there are possible legislative changes on the horizon. In January 2021, the Australian Treasury closed consultation on draft legislation updating the FFSP regulatory regime. The draft legislation seeks to introduce:

  • the comparable regulator exemption, which exempts FFSPs authorised to provide financial services in a comparable regime from the requirement to be licensed when dealing with wholesale clients;
  • the professional investor exemption, which exempts FFSPs that provide financial services from outside Australia to professional investors from the requirement to be licensed in Australia; and
  • an exemption from the fit and proper person assessment to fast track the AFSL process for FFSPs authorised to provide financial services in a comparable regulatory regime.

Note, a foreign entity that carries on a business in Australia must register with ASIC as a branch office of a foreign incorporated entity or as a locally incorporated subsidiary. Whether a body is carrying on a business will depend on certain legal principles and factual circumstances. Under the Corporations Act, an entity will be deemed to be carrying on a business in Australia if it has a place of business in Australia, establishes or uses a share transfer office or share registration office in Australia or administers, manages or otherwise deals with, property situated in Australia as an agent, legal representative or trustee. There is also a general law test that considers the level of system, repetition and continuity of an entity’s business activities in Australia.  The higher the level of system, repetition or continuity the more likely it is that such activities amount to “carrying on a business” in Australia. For example, an insignificant and one-off transaction is arguably not indicative of a business being carried on in Australia. However, a number of small transactions occurring regularly, or a large one-off transaction, may amount to carrying on a business.

11. What legal entities can operate as banks? What legal forms are generally used to operate as banks?

All ADIs must be incorporated and subject to the requirements of the Corporations Act. This means that associations, partnerships or unincorporated entities are not eligible to apply for an ADI licence with APRA. Australian branches of foreign ADIs are not subject to this requirement unless the overseas bank wishes to provide its services to retail clients in Australia. In this event, a locally-incorporated subsidiary of the foreign ADI must be established.

12. What are the organizational requirements for banks, including with respect to corporate governance?

The board is ultimately responsible for the oversight of the sound and prudent management of an ADI. The board and senior management collectively must have the full range of skills, knowledge and experience needed for the effective and prudent operation of an ADI.

APRA Prudential Standard CPS 510: Governance (CPS 510) sets out the prudential requirements for the size, composition and independence of boards of directors of ADIs. Organisational requirements under CPS 510 for a board of a locally incorporate ADI include the following:

  • the board must have at least 5 directors at all times;
  • the chairperson of the board must be an independent director and must not have been the Chief Executive Officer of the institution at any time during the previous 3 years;
  • a majority of directors must be independent directors and a majority of directors present and eligible to vote at all board meetings must be non-executive directors, unless the ADI is a subsidiary of another APRA-regulated entity (eg. a non-operating holding company) or an overseas-equivalent entity;
  • a majority of directors must be ordinarily resident in Australia; and
  • it must have a policy on board renewal and procedures for assessing board performance in place at least annually, and various executive committees including a remuneration committee, audit committee and risk committee.

Under CPS 510, foreign ADIs must nominate a senior officer outside Australia with delegated authority from the board to oversee the Australian branch operation, and a senior manager ordinarily resident in Australia must be responsible for the local operation and available to meet with APRA on request.

ADIs in Australia are also subject to a range of other corporate governance requirements and guidelines under APRA prudential standards, the Corporations Act (eg, continuous disclosure obligations, financial reporting obligations, directors’ duties and annual meeting requirements); ASX Listing Rules (eg, disclosure obligations and ongoing requirements); and voluntary industry standards such as the Australian Banking Association Banking Code of Practice and ASIC’s ePayments Code.

Under the Corporations Act, ADI executive and non- executive directors have statutory duties of care, diligence and good faith. Under the Banking Act, ADI directors must take reasonable steps to ensure compliance with directions from or requirements of APRA. Individuals with key positions of responsibility within ADIs are required by Prudential Standard CPS 520: Fit and Proper (CPS 520) to maintain minimum fit and proper standards. ADIs are required to take a very active role in dealing with risks and building appropriate systems as set out in CPS 520, including maintaining a fit and proper person policy and assessing fitness and propriety for responsible persons on an annual and as needs basis.

Banking Executive Accountability Regime

The Banking Executive Accountability Regime (BEAR) under Part IIAA of the Banking Act establishes accountability obligations for ADIs and their “accountable persons”. An Australian incorporated ADI’s accountable persons include its directors, senior executive positions such as chief executive officer, chief financial officer, chief operating officer, persons with oversight or senior executive responsibility for the ADI’s
internal audit, human resources, compliance and anti- money laundering functions; and other executives with responsibility for the ADI’s management or control. The regime aims to hold ADIs and their directors and senior executives accountable to higher standards of behaviour by establishing deferred remuneration, key personnel and notification obligations for ADIs.

Under the regime, accountability obligations require an ADI’s accountable persons to be registered with APRA and require them to conduct their business and responsibilities with honesty, integrity, due care, skill and diligence; deal with APRA in an open, constructive and cooperative way; and prevent matters from arising that would adversely affect the ADI’s prudential standing or prudential reputation. ADIs also have an obligation to ensure that their accountable persons and their non-ADI subsidiaries comply with the accountability obligations.

Financial Accountability Regime

In September 2021, the Australian Government introduced the Financial Accountability Regime Bill 2022 (FAR) into Parliament with no material changes compared to the draft legislation released in July 2021. FAR will replace and extend the obligations under BEAR to all APRA regulated entities, and all entities solely regulated by ASIC under AFSLs and ACLs; and extending FAR obligations to accountable entities’ subsidiaries and significant related entities.

FAR broadly imposes core obligations on directors and senior executives of ADIs, AFSL and ACL holders with such obligations including but not limited to the following:

  • “accountability obligations” mirroring those set out in BEAR (as described above), and also in dealing with APRA and ASIC in an open, constructive and cooperative way
  • “key personnel obligations” intended to ensure that responsibilities covering all aspects of the operations of the accountable entity and its significant related entities are appropriately allocated to accountable persons; and
  • “notification obligations” consisting of core notification obligations applicable to all accountable entities, and enhanced notification obligations applicable to entities which meet a prescribed threshold.

FAR will be jointly administered by APRA and ASIC. As at the time of writing, renewed debate on the inclusion of civil penalties for individuals has delayed the passing of the FAR bill. However, once the bill is passed, FAR will apply to ADIs six months from the commencement date of the relevant Act and a further 12 months later for all other APRA-regulated entities (ie, financial institutions in the insurance and superannuation industries). APRA is intending to revise CPS 520 subject to the finalisation of FAR.

13. Do any restrictions on remuneration policies apply?

It is generally expected that APRA-regulated entities have established performance-based incentive structures that align remuneration arrangements with prudent risk management and that there are appropriate consequences for poor risk outcomes.

The BEAR accountability regime sets out deferred remuneration obligations which require ADIs to set remuneration policies that defer or reduce an accountable person’s variable remuneration. A specified proportion of the variable remuneration of accountable persons must be deferred for at least four years (or a shorter period approved by APRA). The proportion of variable remuneration must depend on the particular accountable person’s role and the size of the ADI. These deferred remuneration obligations are intended to incentivise senior managers to make decisions for the long-term benefit of the ADI. The obligation cannot be avoided simply by not paying variable remuneration or paying only token variable remuneration, as the thresholds are expressed in terms of variable remuneration and total remuneration. For example, for CEOs of large ADIs, the lesser of 60 per cent of variable remuneration or 40 per cent of total remuneration must be deferred. Deferred variable remuneration must also be withheld if the ADI considers it likely that an accountable person has failed to comply with his or her accountability obligations, pending determination of whether they have in fact failed to meet their accountability obligations.

Under FAR (which will replace BEAR), deferred remuneration obligations will apply to accountable persons. Accountable persons are required to have at least 40 per cent of their variable remuneration deferred for four years and this level of remuneration can be reduced where an account person breaches their obligations.

APRA Prudential Standard CPS 511: Remuneration (CPS 511) is intended to operate in alignment with the proposed FAR remuneration obligations. APRA’s Prudential Practice Guide CPG 511: Remuneration (CPG 511) aligns guidance with the proposed FAR obligations, including for deferral and vesting requirements. APRA has indicated that it may make consequential amendments to CPS 511 if necessary to achieve alignment with the FAR once it is finalised. CPS 511 applies to ADIs that are significant financial institutions (SFIs) from 1 January 2023, and for all other APRA- regulated entities from 1 January 2024. CPS 511 sets out remuneration requirements, including requirements to:

  • maintain a remuneration framework that includes a documented remuneration policy which is approved by the board and sets out the structure and terms of applicable remuneration arrangements;
  • establish a board remuneration committee comprised of at least three non-executive directors and a majority of whom are independent directors;
  • incorporate in variable remuneration arrangements the financial and non-financial risks that could materially impact the entity’s risk profile, sustainable performance, long- term soundness; payout and vesting schedules commensurate with the possible range of risk and performance outcomes and that are sensitive to the time horizon of risk; and appropriate variable remuneration adjustment tools including overriding board discretion, in-period adjustments, malus and clawback applicable for various scenarios including misconduct leading to significant adverse outcomes; significant failure of financial or non-financial risk management, breach of accountability, fitness and propriety, or compliance obligations.
  • defer variable remuneration for the chief executive officer, senior managers and executive directors, and highly-paid material risk takers. The proportion of variable remuneration deferred and vesting period will depend on the person’s role. For example, for a chief executive officer, at least 60 per cent of the total variable remuneration must be deferred over a minimum of 6 years and vest no faster than on a pro-rata basis after 4 years; and
  • align variable remuneration outcomes with performance and risk outcomes and apply variable remuneration adjustment tools (as set out above).

APRA is expected to update CPS 511 following its consultation on incorporating remuneration disclosure and reporting requirements in 2023.

14. Has your jurisdiction implemented the Basel III framework with respect to regulatory capital? Are there any major deviations, e.g., with respect to certain categories of banks?

The Australian bank capital framework released by APRA in November 2021 is based on the internationally agreed Basel III regulatory capital framework (Basel III) and commenced on 1 January 2023. The framework is designed to embed “unquestionably strong” capital requirements for ADIs and to strengthen Australia’s financial system stability. The regulatory capital requirements for ADIs ensure that Australian ADIs maintain adequate capital on an individual and group basis to act as a buffer against the risks associated with their activities and are set out in APRA’s prudential standards, including Prudential Standard APS 110: Capital Adequacy (APS 110). APS 110 does not apply to foreign ADIs, which are expected to meet comparable capital adequacy standards in their home jurisdictions. APS 110 also does not apply to PPFs.

Some modifications from Basel III have been implemented in the framework to adjust for Australian risks. In a number of areas, APRA’s prudential standards go beyond the minimum Basel III capital requirements. For example, in exercising its discretion in relation to the definition and measurement of capital, APRA has applied a more conservative capital adequacy regime in its prudential standards for Australia than is required under Basel III. APRA has also introduced a set of simplified capital requirements that can be applied to smaller, less complex banks to avoid unnecessary regulatory burden without jeopardizing prudential safety as the Basel framework was developed primarily for large, internationally active banks.

15. Are there any requirements with respect to the leverage ratio?

The global financial crisis of 2008 cast light on the potential economic harm a build-up of on- and off- balance sheet leverage in the banking system can cause. As a result, the Basel Committee on Banking Supervision introduced a minimum leverage ratio in the 2010 Basel III capital reforms. The leverage ratio is calculated by dividing the Tier 1 capital held by a bank by its total on and off-balance sheet exposures and banks are expected to maintain a leverage ratio in excess of 3 per cent under Basel III. The leverage ratio is intended to supplement the risk-based capital requirements implemented by the Basel Committee and act as a “backstop” to reduce the damage deleveraging can inflict on the stability of the banking system and broader economy.
Effective from 1 January 2023, APS 110 sets out the minimum leverage ratio requirement for ADIs which use an internal ratings-based (IRB) approach to credit risk as approved by APRA. IRB ADIs must maintain a minimum leverage ratio of 3.5 per cent at all times. For all standardised ADIs, APRA may apply a leverage ratio requirement but does not mandate one to lessen the burden and increase efficiency for smaller ADIs.

16. What liquidity requirements apply? Has your jurisdiction implemented the Basel III liquidity requirements, including regarding LCR and NSFR?

APRA sets liquidity requirements and guidelines for Australian ADIs through Prudential Standard APS 210: Liquidity (APS 210) and Prudential Practice Guide APG 210: Liquidity (APG 210). APS 210 is mostly focused on funding liquidity. APS 210 requires ADIs to adopt prudent practices in managing liquidity risks and to maintain an adequate level of liquidity to meet their obligations as they fall due across a wide range of operating circumstances. This includes having a robust liquidity risk management framework; sound processes for managing liquidity risk such as maintaining sufficient liquid assets to withstand severe liquidity stress and regular stress testing; and robust funding structures and strategies appropriate to the size and complexity of the business.

APRA will classify local incorporated ADIs as either a liquidity coverage ratio ADI (LCR ADI) or a minimum liquidity holdings ADI (MLH ADI), and foreign ADIs are LCR ADIs unless determined by APRA to be an MLH ADI. Generally, APRA will classify larger, more complex ADIs as LCR ADIs and less complex ADIs as MLH ADIs.

The LCR requirement promotes short term resilience of an ADI’s liquidity risk profile by requiring LCR ADIs to maintain an adequate level of unencumbered high- quality liquid assets (HQLA) to meet its liquidity needs over 30 calendar days under a severe stress scenario. Locally incorporated ADIs classified as LCR ADIs must also maintain a net stable funding ratio (NSFR) of at least 100 per cent at all times. NSFR has a longer-term focus and encourages ADIs to adopt more stable funding structures on an ongoing basis. MLH ADIs must hold 9 per cent of its liabilities in specified liquid assets.

Specified liquid assets include physical currency, Australian government securities, foreign government securities eligible for repurchase with the RBA, bank bills certificates of deposit and debt securities by ADIs and net at-call deposits with other ADIs equivalent.

Higher liquidity requirements may be applied by APRA if it has concerns about the ADIs liquidity risk profile or the quality of its liquidity management. Unlike capital requirements, liquidity requirements apply to all ADIs.

17. Do banks have to publish their financial statements? Is there interim reporting and, if so, in which intervals?

While there is no general requirement for ADIs to publish their financial statements or interim reporting, ADIs that are publicly listed entities (eg. ASX listed entities) are subject to the listing rules which include periodic disclosure of audited financial statements. Periodic reporting may be required on a quarterly, half-yearly or annual basis.

Separately. the Financial Sector (Collection of Data) Act 2001 (Cth) (FSCODA) allows APRA to collect data from registrable financial corporations (RFCs) and facilitates the collection of statistical data. FSCODA primarily operates to assist APRA perform its prudential supervisory functions and does not empower APRA to supervise the activities of RFCs. Under FSCODA, an ADI and non-bank lender will broadly be a registrable corporation if it engages in the provision of finance in the course of carrying on business in Australia. An entity is not an RFC if: (i) its assets in Australia, consisting of debts due to the corporation resulting from transactions entered into in the course of provision of finance by the corporation, do not exceed AUD$50 million in aggregate value; and (ii) the principal amounts outstanding on loans or other financing, as entered into in a financial year, do not exceed AUD$50 million in aggregate value

Under FSCODA, APRA has issued reporting standards prescribing the data that RFCs must provide and the manner and form in which it is to be submitted. If a corporation becomes an RFC, it must provide APRA with a registration form, initial return and a copy of the last audited statement of financial position. Once registered and categorised, RFCs may be required to submit the appropriate forms to APRA monthly or quarterly, depending on the type of entity and the nature of the information provided. A summary of the data collected by APRA is made available to the public, with APRA also sharing the data it collects with other regulators and the Australian Bureau of Statistics.

18. Does consolidated supervision of a bank exist in your jurisdiction? If so, what are the consequences?

APRA practices consolidated supervision of conglomerate groups operating in the financial services sector. 

Conglomerate groups, referred to as Level 3 groups, comprise APRA regulated institutions that have material operations across more than one APRA-regulated industry and/or in one or more non-APRA-regulated sector.

APRA has set out a tiered approach to how the prudential standards are applied to entities, where:

  • Level 1 supervision applies to an individual APRA-regulated institution or an Extended Licensed Entity (ELE) comprising the ADI and each subsidiary of the ADI that APRA treats as part of the ADI for prudential purposes. The treatment of a subsidiary as forming part of the ELE is in APRA’s discretion (at APRA’s discretion).
  • Level 2 means supervision applied by APRA to an ADI Level 2 group, which includes the ADI and all its subsidiary entities (or, if the ADI is a subsidiary of an authorised NOHC, the consolidation of the immediate parent of the ADI and all the immediate parent’s subsidiary entities) other than certain non-consolidated subsidiaries.
  • Level 3 means supervision applied by APRA to a Level 3 group – APRA may, at its discretion, apply the Level 3 prudential framework to a conglomerate group, containing at least one APRA-regulated institution, which APRA considers to have material activities across more than one APRA-regulated industry and/or in one or more non-APRA-regulated industries. A Level 3 group comprises all institutions that are part of a consolidated entity, adjusted to include or exclude institutions as determined by APRA by notice in writing to the head of the group (Level 3 Head), of which the Level 3 Head is the ultimate holding company, the ultimate Australian parent or certain reporting entities.

In October 2022, APRA set out a roadmap for a review of the prudential framework for groups to ensure that the framework caters effectively to new group structures and emerging business models, and is consistently applied to existing structures. The review has been warranted by the emergence of more complex corporate structures and the number of applications for new NOHC authority licences and the need to ensure that the financial safety of APRA-regulated entities within groups is maintained. A discussion paper is expected to be released in the first half of 2023 to seek industry feedback on key prudential standards covering financial resilience, governance, risk management, resolution and competition issues in relation to groups. APRA intends to consult on revisions to the relevant standards over 2023-2024 with any changes effective from 2025.

19. What reporting and/or approval requirements apply to the acquisition of shareholdings in, or control of, banks?

Ownership of ADIs is governed by the Financial Sector (Shareholdings) Act 1998 (Cth) (FSSA). The FSSA restricts the shareholdings of individuals or two or more persons under an arrangement in certain financial sector companies, including ADIs and their holding companies to a 20% stake. All proposed shareholders must also be fit and proper. A person holds a stake only if the person holds a direct control interest and is the aggregate of the person’s voting power and the voting power of the person’s associates. The Treasurer can approve a higher percentage shareholding limit in certain circumstances such as where it is in the national interest to approve a higher than 20% stake and this approval may be subject to any restrictions on the duration and substance of the shareholding that the Treasurer sees fit. Penalties apply to an unacceptable shareholding held without the Treasurer’s consent. The Federal Court has powers to make orders to restrain or reduce the unacceptable shareholding.

Under the FSSA, the Treasurer can declare that a person whose stake does not exceed 20% still has practical control if the:

  • directors of a financial sector company are accustomed or under an obligation, whether formal or informal, to act in accordance with the directions, instructions or wishes of a person (either alone or together with associates); or
  • a person (either alone or together with associates) is in a position to exercise control over a financial sector company; and
  • the Treasurer is satisfied that the person does not hold a stake in the company or where the person does hold a stake, that stake is not more than 20%; and
  • the Treasurer is satisfied that it is in the national interest to declare that the person has practical control of the company for the purposes of the FSSA.

Once a declaration is made, the Federal Court may make remedial orders and require the relevant shareholder to relinquish their practical control over the company. Under the Banking Act, an ADI must seek the permission of the Treasurer to effect an arrangement for the sale or disposal of its business by amalgamation or otherwise or form a partnership with another ADI. The CCA applies in respect of mergers of financial institutions to prohibit a person from acquiring an ADI in circumstances which would substantially lessen market competition unless authorised by the ACCC. Takeover laws under the Corporations Act also apply where an ADI or NOHC is a listed company or an unlisted company with more than 50 members. The Corporations Act imposes restrictions on certain acquisitions of relevant interests in voting shares unless an exemption applies. Approval under the FATA is required for an acquisition of an ADI by a foreign entity – see response to section 21.

20. Does your regulatory regime impose conditions for eligible owners of banks (e.g., with respect to major participations)?

Longstanding legislative frameworks govern requirements on the ownership of ADIs, with concentration requiring specific approval and an assessment under the national interest or a fit and proper test for some small applicants – see response to section 19.

21. Are there specific restrictions on foreign shareholdings in banks?

Acquisitions of local ADIs by foreign persons are also subject to the Australian foreign investment approval regime, which is governed by the FATA. Under the regime, acquisitions of a substantial interest in an Australian corporation by foreign persons that satisfy a monetary threshold must be notified to the Treasurer, who is advised by the FIRB, which examines foreign investment proposals. The Treasurer has powers to prohibit the acquisition or to require the acquired assets to be disposed of if the acquisition is not in the national interest.

Generally, a foreign person is:

  • an individual not ordinarily resident in Australia;
  • a corporation in which an individual not ordinarily resident in Australia, a foreign corporation or a foreign government holds a substantial interest;
  • a corporation in which two or more persons, each of whom is an individual not ordinarily resident in Australia, a foreign corporation or a foreign government, hold an aggregate substantial interest;
  • the trustee of a trust in which an individual not ordinarily resident in Australia, a foreign corporation or a foreign government holds a substantial interest; or
  • the trustee of a trust in which two or more persons, each of whom is an individual not ordinarily resident in Australia, a foreign corporation or a foreign government, hold an aggregate substantial interest; or
  • a foreign government.

A person holds a substantial interest in an entity, trust or unincorporated limited partnership if the person holds an interest of at least 20% in the entity or partnership or the person, together with any one or more associates, holds a beneficial interest in at least 20% of the income or property of the trust.

Before the COVID-19 pandemic, acquisitions were subject to FIRB approval to the extent the acquisition exceeded a particular monetary threshold. During the COVID-19 pandemic, the Government amended the monetary thresholds for all transactions to AUD$0. From 1 January 2023, the A$0 monetary threshold continues to apply to certain transactions such as investments in national security businesses and investments by foreign government investors.

22. Is there a special regime for domestic and/or globally systemically important banks?

APRA’s framework for dealing with domestic systemically important banks (D-SIBs) in Australia is modelled from the Basel Committee on Banking Supervision’s D-SIB framework. Specifically, APRA’s assessment methodology has regard to the Basel Committee’s four key indicators of systemic importance of size, interconnectedness, substitutability and complexity and applies the Basel Committee’s higher loss absorbency (HLA) capital requirement for banks identified as D-SIBs.

The HLA capital requirement for D-SIBs is intended to reduce the probability of failure compared to non- systemic institutions.

APRA has determined that a one per cent HLA requirement will apply to Australian D-SIBs, which must be met by Common Equity Tier 1 capital and will be implemented as an additional capital conservation buffer as defined in APS 110 Capital Adequacy (APS 110).

APRA has determined that Australia’s four major banks are designated D-SIBs. D-SIBs are subject to loss- absorbing capacity requirements as set out in section 27.

The Basel Committee has also established indicators to determine whether a bank should be regarded a global systemically important bank, known as a G-SIB. As at November 2022, no Australian incorporated bank meets the criteria to be a G-SIB.

23. What are the sanctions the regulator(s) can order in the case of a violation of banking regulations?

Entities to which APRA’s prudential standards apply have an obligation to comply with those prudential standards. ADIs are subject to breach notification requirements in relation to breaches of financial position or financial obligation and prudential requirements where required by relevant legislation. Failure by an ADI (or any of its group members) to report a breach of a prudential requirement carries a penalty of 200 penalty units, with criminal liability for officers in extreme circumstances.

If APRA has reason to believe that an ADI has contravened or is likely to contravene a provision of applicable legislation or prudential standard, APRA has the power to issue directions requiring the ADI to undertake (or not to undertake) certain actions, including requiring compliance with the relevant legislation or prudential standard, removing a director or senior manager, or requiring an audit. Non-compliance with such a direction carries a penalty of 50 penalty units and gives APRA power to revoke the authorisation. A responsible officer who fails to take reasonable steps to ensure compliance with such a direction will be guilty of an offence.

24. What is the resolution regime for banks?

There is no special resolution regime for ADIs under current Australian law. However, one of APRA’s core functions is to plan and implement prompt and effective responses to the failure of an ADI. If an ADI is failing or likely to fail, APRA will aim to minimise losses to beneficiaries, and disruption to the broader financial system, by managing an orderly exit of the institution. Under the Banking Act, APRA has certain powers to intervene where an ADI may be in distress. For example, APRA is permitted to appoint a statutory manager, give specific directions to an ADI in certain circumstances (eg, the ADI is or will soon be unable to meet liabilities, APRA considers it necessary to protect depositors and the ADI has contravened the Banking Act) or restructure the ADI’s business as needed (eg, by way of merger or reconstruction).

APRA has introduced two new prudential standards that are intended to impose on relevant institutions requirements to be appropriately prepared to recover from severe distress:

  • CPS 190: Financial Contingency (CPS 190) requires all ADIs to have a financial contingency plan setting out how it would respond to stress threatening its viability. The plan must include actions which the bank could take to recover financial resilience or enable an orderly and solvent exit from the regulated activity.
  • CPS 900: Resolution Planning (CPS 900) requires ADIs that are are “significant financial institutions” and “non-significant institutions” which provide critical functions to support APRA to determine a resolution plan setting out the steps APRA would take to protect beneficiaries and maintain financial system stability in the event of its failure.
  • These resolution options may include a solvent wind-down, transfer of assets of the business, or recapitalisation of the ADI.

These prudential standards are proposed to commence on 1 January 2024.

25. How are client’s assets and cash deposits protected?

The Financial Claims Scheme (FCS) was established by the Australian Government to provide a financial protection of depositors of ADIs incorporated in Australia from potential loss due to ADI failure. The FCS is set out in the Banking Act and administered by APRA. Under the FCS, the Government guarantees certain “protected accounts” held at an Australian ADI in the event that the ADI becomes a “declared ADI”. This will occur if APRA has applied to the Federal Court of Australia to wind up that ADI, and the Finance Minister has made a declaration under the Banking Act. The Treasurer may declare that the FCS applies to an ADI if a statutory manager is in control of an ADI or APRA has applied for an ADI to be wound up. Operation of the FCS is not automatic; it is activated at the discretion of the Treasurer.

Protected accounts are guaranteed up to a cap of AUD$250,000 per account holder per ADI.

26. Does your jurisdiction know a bail-in tool in bank resolution and which liabilities are covered? Does it apply in situations of a mere liquidity crisis (breach of LCR etc.)?

Under current Australian law, the bail-in of deposits to resolve an ADI in difficulty is not permitted and APRA has stated its support for this position, noting a bail-in is against APRA objectives and would reduce overall confidence of depositors, which may have an impact on broader financial stability. APRA has no specific power to bail-in an ADI’s creditors by converting or writing off their claims, although APRA may use its transfer and direction powers which could result in similar economic results in certain circumstances.

While there is no specific bail-in tool in bank resolution, additional Tier 1 and Tier 2 capital instruments which contain contractual provisions for the conversion of ordinary shares or write-off when required to absorb losses. These additional requirements for loss absorbing capacity for the major banks are required to be met through the issue of more Tier 2 capital. In addition, depositor protection provisions under the Banking Act are in place such that deposits must be repaid first if an ADI is in financial crisis and the FCS allows for deposits of up to a AUD$250,000 cap to be safeguarded by the Australian Government.

27. Is there a requirement for banks to hold gone concern capital (“TLAC”)? Does the regime differentiate between different types of banks?

The introduction of the requirement for banks to hold gone concern capital and total loss-absorbing capacity (TLAC) is in progress. In 2018-19, APRA consulted on a framework for TLAC to support resolution planning for ADIs. The framework seeks to ensure that in the event that a large or complex ADI failed, it could be resolved with minimal impact to the critical functions it provides to the economy and the community (eg, deposit-taking and payments). Loss-absorbing capacity also reduces the risk of taxpayer funds being used for resolution purposes. The TLAC requirement will apply differently for ADIs designated as D-SIBs and all other ADIs. For D-SIBs, APRA proposed to increase minimum Total Capital requirements. For other ADIs, financial resources for resolution will be assessed as part of planning under the new Prudential Standard CPS 900 which has been released in draft. APRA anticipates that most non-D-SIBs will not be required to maintain additional loss-absorbing capacity for resolution purposes.
On 2 December 2021, APRA announced that it is finalising loss-absorbing capacity requirements for D- SIBs which will be implemented in a staged approach. This requirement is set as an increase to minimum Total Capital requirements of 3 percentage points of risk- weighted assets (RWA) on a Basel III Basis in the interim effective from 1 January 2024, and a final requirement of 4.5 percentage points of RWA effective from 1 January 2026.

28. In your view, what are the recent trends in bank regulation in your jurisdiction?

Compared to the position a year ago, the banking sector faces a significantly shifted economic outlook as it continues to deal with the flow-through effects of the COVID-19 pandemic, geopolitical tensions, rising inflation and increasing interest rates. In light of this, APRA maintains its purpose to ensure Australians’ financial interests are protected and Australia’s financial system remains stable, competitive and efficient. APRA’s Corporate Plan for 2022-2023 (Corporate Plan) is designed to respond to rapid changes in APRA’s operating environment. The Corporate Plan aims to preserve the financial and operational resilience of Australian ADIs, modernise the prudential architecture and ensure it remains fit for purpose, and data-driven decision-making by APRA’s stakeholders.

APRA intends to increase focus on the evolving Australian financial landscape (ie, new financial activities and participants), address financial risks associated with climate change, and adopt new regulatory tools and practices. APRA has also signalled that regulated entities dealing in crypto asset related activities act cautiously – see section 8. Major banks have begun integrating blockchain technology to improve legacy banking systems and processes, such as near-instant and free settlement of transactions. Two major banks have also created Australian dollar-backed stablecoins with the RBA governor indicating his view that stablecoins should be treated like deposits and stablecoin regulation must be a priority.

Following high profile cyber attacks on prominent Australian businesses in 2022, APRA has also flagged that cyber resilience and improving risk culture is a priority area. APRA intends to rigorously apply its standard on cyber attacks and information security, with its expectation that swift remediation occurs in connection with any issues identified in independent system reviews of operational risk controls. Regulated entities are expected to have sound operational risk and cyber resilience controls in place to ensure that critical functions remain operational, particularly where data related processed have been outsourced. Since the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (Banking Royal Commission) published its final report on 4 February 2019, legislation enacting many of the recommendations has been passed or proposed and legislative reform is continuing. Banking regulators also continue to focus on implementing the recommendations in the final report. The regulatory changes anticipated are outlined in the federal government’s Banking Royal Commission Implementation Roadmap. It is generally expected that there will be more stringent legislative regulations in the banking industry focussed on consumer protection. The Financial Sector Reform (Hayne Royal Commission Response) Bill 2020 (Bill) was introduced to give legislative effect to 20 Banking Royal Commission recommendations. Key measures of the Bill include, among other things, banning the hawking of financial products, introducing a deferred sales model for add-on insurance products and enabling provisions in financial services industry codes to be enforceable.
Recent cases demonstrate that ASIC and APRA remain committed to taking enforcement action in relation to matters referred by the Commissioner.

Developments in financial technology (fintech) have increasingly become a defining feature of Australia’s economic and legal standing with a broadening of product offerings and maturing of the Australian policy and regulatory approach. In particular, Australian fintechs have focussed on disrupting the core product offering of many Australian institutional financial service providers, including banking services, payments, wallets, and wealth and investment, and there has been a commensurate rise in the number of digital banks (known as neobanks) emerging in the Australian market. Following APRA’s introduction of the Restricted ADI licensing framework in 2018, there have considerable new entrants that have become ADIs through the restricted ADI pathway, with many of these banks broadly focused on retail banking. APRA’s subsequent revision of its approach to licensing and supervising new ADIs assisted with addressing sustainable market entry challenges (eg, operational and financial). The framework is designed to balance the promotion of competition and development of innovative new business models with the maintenance of safety and stability in the financial system. Over the next few years, it is likely there will be more sophisticated offerings from these neobanks, the introduction of neobanks focused on specific services (eg, the provision of small and medium-sized enterprise credit) and some consolidation activity of key banking participants in the market.

There has been a continued increase in deferred payment solutions in the market following deep consumer interest and uptake compared to more traditional short-term credit (eg, credit cards). Most significantly, there has been mass consumer adoption of “buy now, pay later” (BNPL) as a payment model. As a result, there has been heightened regulatory scrutiny of BNPL service providers and in November 2022, the Government released an Options Paper proposing options for regulatory reform in the BNPL sector.

With respect to payments, the Government has undertaken a range of reviews in recent years relating to payments systems reforms. In December 2022, the Treasury opened consultation on its strategic plan for the payments system, stating its reform agenda as including matters such as updating the PSRA to capture the full suite of payment entities and systems, implementing a tiered licensing framework for payment service providers and considering developments in the broader digital economy that are related to payments, such as digital wallets, stable coins, crypto assets and central bank digital currencies.

29. What do you believe to be the biggest threat to the success of the financial sector in your jurisdiction?

Fintech and the rapid digital evolution of the financial sector in Australia poses many challenges and opportunities for both the sector’s financial institutions and regulators. Banks and regulators have had to change their priorities as the digitisation of finance continues to accelerate, business models adapt and innovation tests traditional regulatory boundaries and supervisory practices. Regulators and the Government face the challenge of adapting and aligning existing financial regulation architecture to new products and services, balancing innovation with consumer protection. Despite the Australian Government’s broad commitment to encouraging growth and productivity within the technology and financial services industry, it is generally expected that regulator engagement is likely to be more rigorous and the regulatory approach to enforcement more proactive given the Australian Government and regulatory focus on consumer protection and outcomes.

Generally, the changing regulatory landscape in Australia and active interest from regulators presents established banking institutions the challenge of redesigning their existing technology platform, strategies and capabilities to better serve consumers. At the same time, new banks will have opportunities to shape new business models to meet increasing demand for bespoke offerings and tailored services.