Financial Stability Review – April 20214. Domestic Regulatory Developments

Coordination between Australia's main financial regulatory agencies – the Australian Prudential Regulation Authority (APRA), the Australian Securities and Investments Commission (ASIC), the Australian Treasury and the Reserve Bank – occurs through the Council of Financial Regulators (CFR). The CFR is chaired by the Bank, which also provides the secretariat. The CFR remains strongly focused on the effects of the pandemic and how the member agencies and the financial sector can best support the economic recovery and financial stability. A related focus at recent meetings has been operational risk, in particular cyber risk. The improvement of health, economic and financial conditions in Australia in the second half of 2020 allowed the CFR to return to its regular quarterly meeting schedule, after meeting more frequently through much of 2020.

The key focus of the CFR has been recovery from the pandemic …

Improved economic conditions in Australia have enabled a range of support measures designed to sustain households and businesses during social restrictions to be gradually withdrawn. This transition has widespread and interlinking effects on CFR agencies' respective areas of responsibility. As a result, the CFR has been closely monitoring developments, in particular as they relate to loan repayment deferrals, credit conditions and business insolvencies, and their implications for economic and financial conditions more broadly.

Financial institutions have played an important role in cushioning households and businesses from the impact of the pandemic, including by offering temporary loan repayment deferrals. A key focus of the CFR in the latter part of 2020 was the expiry of the majority of those deferrals in September and October, and borrowers' transition to normal loan repayment schedules. As noted in ‘Chapter 2: Household and Business Finances in Australia’, lenders and borrowers navigated this period successfully, with almost all borrowers resuming their scheduled repayments. The housing and business loans that continue to have deferred repayments account for a very small share of outstanding credit. However, they have a somewhat riskier profile than other loans, and careful management will be needed from lenders, including for any cases of hardship. CFR members are monitoring ongoing developments with loans with deferred repayments, along with the performance of household and business loans more generally, as support measures are further reduced.

Looking ahead, the CFR has noted that conditions for housing and business lending will be important for shaping the recovery. Moderate growth in housing credit has almost entirely been for owner-occupier housing and loan commitments have increased strongly, consistent with most other indicators of housing market activity. Mortgage lending standards are largely unchanged, but there has been some unwinding of the slight tightening in lending conditions early in the pandemic. The CFR places a high emphasis on lending standards remaining sound, particularly in an environment of rising housing prices and low interest rates. The CFR will continue to closely monitor developments and has indicated that it will consider possible responses if financial risks increase.

Growth in lending to business has been weak since the initial drawdown of credit lines by some businesses in the early stages of the pandemic. Both demand and supply factors, including as a result of uncertainty about the health and economic outlook, have been at play. However, with signs that demand for lending is increasing with the improvement in the outlook for the economy, the CFR has emphasised the importance of businesses continuing to have access to finance on reasonable terms.

Another area of transition monitored by the CFR has been business insolvencies. Temporary insolvency relief measures operated between March and December 2020 to limit viable businesses falling into external administration during the pandemic. In conjunction with other business support measures, these resulted in business insolvencies throughout 2020 being markedly lower than in previous years. A moderate level of insolvencies is to be expected in a healthy, dynamic economy and so insolvencies are expected to pick up during 2021. A smooth and efficient insolvency process is therefore important to minimise the disruption of an insolvency to other businesses. With this in mind, permanent small business insolvency reforms came into effect from January 2021, including new debt restructuring and simplified liquidation processes. In addition, a new class of professional registered liquidator has been introduced to undertake the simplified small business debt-restructuring process. CFR members discussed the implementation of the new framework and will continue to track its operation closely in the period ahead.

Questions over the application of business interruption insurance policies to business shutdowns during the pandemic have been a source of uncertainty for both insurers and pandemic-affected businesses. The CFR has regularly discussed progress on clarifying the validity of claims on these policies. In November 2020, the New South Wales Court of Appeal ruled in favour of policyholders in a key test case related to exclusions that reference the repealed Quarantine Act 1908. The Insurance Council of Australia has sought special leave to appeal the decision to the High Court. In consultation with the Australian Financial Complaints Authority, five general insurers have now also filed a second test case in the Federal Court of Australia to test further pandemic coverage issues. As discussed in ‘Chapter 3: The Australian Financial System’, a number of insurers have increased provisions for potential payouts. The CFR has welcomed the commitment of general insurers to abide by the terms of agreed test case protocols. This includes not relying on any policy time limits for lodging claims and not avoiding liability where the policy holder is insolvent, where claims are affected by the need to await the outcome of the test cases. CFR members have encouraged the industry to promptly pay out valid claims.

The CFR regularly reviews developments in non-bank financial intermediation and discussed developments at its November meeting. The disruption to financial markets during the early stages of the pandemic meant that non-bank lenders, which rely heavily on securitisation, slowed their lending for a period. Funding has since improved, including through support from the government's Structured Finance Support Fund, operated by the Australian Office of Financial Management. The fund has made targeted investments in term securitisations and warehouse facilities to support funding markets used by non-bank lenders. More generally, the Reserve Bank's monetary policy actions have reduced funding costs, including for non-bank lenders. Non-bank lending remains a relatively small share of the Australian financial sector, with debt-related assets of non-bank financial institutions representing around 7 per cent of overall financial system assets.

… but cyber and other operational risks remain very important

Outside pandemic-related developments, the major focus of the CFR has been operational risk, including cyber risk. In addition to the CFR's ongoing work program on cyber security, recent operational risk discussions have reflected two significant incidents affecting the financial sector over recent months. First, as noted in ‘Chapter 3: The Australian Financial System’, a series of outages affected ASX Limited in November 2020, disrupting trading and other functions. As co-regulators of ASX, ASIC and the Bank have requested that ASX commission an independent expert review of the ASX Trade outage. ASIC is also investigating whether ASX complied with its market licence obligations, and is undertaking a detailed analysis of the market impact of the incident, including participants' ability to access alternative trading venues.

Second, multiple entities experienced external breaches of file transfer software supplied by Accellion in December 2020 and January 2021. The affected entities included the Reserve Bank of New Zealand (RBNZ) and ASIC (though investigations have shown that there was no access to confidential information held by ASIC). CFR agencies have been in close contact with the affected entities, including the RBNZ, in order to understand the implications of the breach and any lessons for regulators and regulated entities in Australia.

CFR agencies have also been working closely with the Department of Home Affairs on the development of the government's proposal to broaden the scope of the ‘critical infrastructure’ regulatory regime. The reforms would place a positive security obligation on financial sector entities and additional obligations on entities that are considered to be of national significance. The regime is intended to rely on existing regulatory frameworks to the extent possible, to reduce regulatory burden and minimise duplication of requirements. A bill that would enable the reforms is currently before the Australian Parliament.

The CFR endorsed a new cyber work plan in November. This has three elements: developing inter-agency incident communication and coordination protocols; standardising agencies' approaches to the regulation and supervision of cyber risks; and implementing the pilot Cyber Operational Resilience Intelligence-led Exercises (CORIE) testing framework. The CORIE framework was published by the CFR in December 2020. It will be used to assess cyber resilience by subjecting selected financial sector entities to ‘ethical hacking’ exercises that mimic the tactics, techniques and procedures of real-life adversaries. A key objective of CORIE is to inform regulators of any systemic or institution-specific cyber security risks. Similar exercises have been conducted in other jurisdictions, including the United Kingdom (under the CBEST framework), European Union (TIBER-EU) and Singapore (AASE).

The CFR has discussed a range of other topics, including stablecoins and e-conveyancing

The CFR has recently established a working group to consider the regulation of ‘stablecoins’. Stablecoins are a type of cryptocurrency that aims to maintain a stable value against a specified asset or pool of assets. This may make them more attractive to hold as a means of payment than other cryptocurrencies. Stablecoins came to broader prominence in 2019 with a proposal for a global stablecoin (originally called Libra, but now rebranded as Diem) by a consortium of technology-focused companies, including Facebook. The Swiss-based Diem Association has more recently announced plans to launch single-currency stablecoins intended for use in consumer digital wallets. It is applying to be licensed as a payment system by the Swiss Financial Market Supervisory Authority (FINMA). While stablecoins do not currently play a significant role in the Australian financial system, the new CFR working group will consider how they would be regulated in Australia and whether any gaps in regulation exist.

CFR agencies and the Australian Competition and Consumer Commission are also working with state and territory land titles offices to consider regulatory arrangements for electronic property conveyancing (e-conveyancing). Currently, regulation of e-conveyancing focuses on the preparation and lodgement of documents with land titles offices, but there are some gaps related to the payment and financial settlement aspects of e-conveyancing. The agencies are developing options to address these gaps in the regulatory framework, and will report back to the CFR with reform options later this year. In the meantime, the CFR has encouraged the e-conveyancing industry to explore the development of a self-regulatory model for the payment and financial settlement aspects of e-conveyancing.^[1]

Other activities of the CFR and its working groups since the last Review have included the following:

• In November, the CFR published the conclusions of its review of the regulation of stored-value facilities (SVFs). The CFR proposed the creation of a graduated approach to the regulation of providers, balancing innovation and consumer protection. In response, the government has announced that it will develop a SVF reform package.
• A working group will examine developments in crypto-assets and decentralised finance (DeFi), and their potential implications for the financial system.
• Following discussions earlier in 2020, the CFR established a group to engage with the government's Digital Transformation Agency and the private sector on digital identity initiatives.

CFR agencies continued their engagement with their New Zealand counterparts via the Trans-Tasman Council on Banking Supervision (TTBC). The heads and deputies of the seven TTBC agencies met in December 2020, discussing the Australian and New Zealand fiscal outlooks and strategies; international information sharing arrangements in relation to cyber incidents; and the forward work plan of the TTBC.

The government's Review of the Australian Payments System will help to shape the future approach to regulating payments

As part of its Digital Business Plan, announced in the 2020–21 Budget, the government has launched a review of the governance and regulatory arrangements for the Australian payments system. The aim of the review is to ensure that the payments system's regulatory architecture and governance structure remain capable of achieving their objectives and supporting continued innovation and competition in the market for payment services. In turn, this should benefit consumers, businesses and the broader economy. While the focus is on regulatory and governance structures, the review is also looking more broadly at ways to promote competition and innovation in the payments system. This includes the use and development of the New Payments Platform, as well as ways to encourage the adoption of alternative payment methods by government, businesses and consumers. There were 46 public submissions to the review, which are available on the Treasury website.

In its submission, the Bank noted that the existing regulatory arrangements for the payments system in Australia have worked well; they have helped shape a payments system that in most regards is providing high-quality services for Australian consumers, businesses and government entities. However, key aspects of the regulatory architecture have been in place for more than two decades and numerous changes have occurred in the payments system over that time or are underway. In this context, the Bank's submission raised a number of issues, including in relation to:

• overcoming the coordination challenges that can hold back systemic innovation in payment networks
• ensuring that the scope of regulation is appropriate to respond to the increasing range of entities that are now involved in the provision of payment services
• ensuring that industry self-regulatory arrangements support competition and innovation from new players, while appropriately dealing with the risks to other payments system participants and users
• exploring whether a specialised licensing and oversight regime for non-bank payment service providers could help promote access and competition while appropriately controlling risk
• clarifying the Bank's ability to set regulatory requirements to promote the financial and operational resilience of payment systems
• examining whether there are aspects of the regulatory regime and market practices that are currently limiting competition by non-bank participants in the market for cross-border payment services and international money transfers
• ensuring that the decline, and eventual closure, of legacy payment systems (such as cheques) is carefully managed to support the needs of users while promoting payments system efficiency.

Operational resilience of payment systems is of growing importance

The Bank's submission to the government's payments system review also highlighted an increasing focus on the operational resilience of retail payment systems given the growing use of electronic payments and the reduction in the use of cash. Operational outages in retail payments can cause significant disruption to households and businesses, and economic activity more broadly. Data collected by the Bank from financial institutions show a significant increase in the number and total duration of outages to retail payments in recent years (Graph 4.1).

To promote reliability in retail payments, the Bank has been working with the industry to enhance its data collection on incidents and to develop a standard set of statistics on the reliability of payment services. These statistics will be publicly disclosed by individual providers on a quarterly basis. Better and more transparent information about the reliability of payment services will raise the profile of this issue among financial institutions and their customers, and enable improved measurement and benchmarking of operational performance. These benefits should encourage improved reliability of retail payment services and support public confidence in these services over the longer term.

The Bank's submission nonetheless argued that in the future there could be a case for regulatory action to promote the operational resilience and security of retail payment systems, for example, if system complexity or cyber risks continued to grow. It therefore proposed clarifying whether the regulatory framework would allow the Bank or another regulator to impose operational resilience or security standards on operators or participants in retail payment systems. Principles-based regulatory requirements for important retail payment systems have been introduced by central banks in a number of jurisdictions in recent years, including Canada, the European Union and the United Kingdom.

Endnotes

For more on e-conveyancing, see De Freitas G and E Fitzgerald (2021), ‘Property Settlement in RITS’, RBA Bulletin, March, viewed 6 April 2021. [1]