The Australian Prudential Regulation Authority (APRA), the Australian Securities and Investments Commission (ASIC) and the Reserve Bank of Australia (RBA) have primary oversight over the banking sector in Australia.

The RBA is Australia’s central bank. Its role is set out in the Reserve Bank Act 1959. The Bank conducts the nation’s monetary policy and issues its currency. It seeks to foster financial system stability and promotes the safety and efficiency of the payments system.

APRA was established as an independent statutory authority that supervises institutions across banking, insurance and superannuation.

ASIC was also established an independent Australian Government body that broadly administers, regulates and enforces matters under the Australian Securities and Investments Commission Act 2001 (Cth) and Corporations Act 2001 (Cth) (Corporations Act). Its role is to maintain, facilitate and improve the performance of the financial system and entities in it.

The following regulators and public service agencies also regulate and monitor the banking sector in Australia.

• Treasury – The Treasury is an executive arm of the Australian Government and is tasked to maintain competitive and efficient markets that operate to secure, regulate and reform corporate practices, foreign investment and financial systems in line with Australia’s national interests. These areas of responsibility may be delegated to a regulatory authority.
• Australian Transaction Reports and Analysis Centre (AUSTRAC) – AUSTRAC regulates anti-money laundering and counterterrorism financing programs, customer identification and verification, reporting, record keeping and preventing financial crime.
• Foreign Investment Review Board (FIRB) – The FIRB monitors investment from foreign individuals in Australian assets such as agricultural land, business investments, and commercial land. When undertaking business in Australia, FIRB sets the requirements that must be adhered to and regulates compliance reporting for foreign investors.
• Australian Financial Complaints Authority (AFCA) – AFCA is Australia’s dispute resolution scheme for financial services. All financial service providers are required by ASIC to be members of AFCA.
• Australian Tax Office (ATO) – The ATO is the Australian Government’s principal revenue collection agency.
• Australian Financial Security Authority (AFSA) – The AFSA is responsible for regulating personal insolvency and personal property securities systems and managing proceeds of crime in Australia.

A banking business must be licensed by APRA as an authorised deposit-taking institution (ADI) or be exempt from the requirement to be an ADI to carry on banking business in Australia. Under the Banking Act 1959 (Cth) (Banking Act), carrying on a ‘banking business’ consists of:

• taking deposits (other than as part-payment for identified goods or services);
• making advances of money; and
• may include other financial activities.

There are two alternate routes for entities to become registered as ADIs; the direct route or the restricted route. The direct route allows certain entities to conduct banking once the licence is granted whereas the restricted route provides an entity with a restricted ADI (RADI) for two years in which they have to meet the prudential framework in full. The type of licence suited to the entity will be discussed with APRA at step one (see question 9 below).

APRA provides several different ADI-related licences that entities will apply for depending on the their circumstances such as their operations and the structure of the entity providing the banking services. Banking businesses may hold one of the following licenses in order to carry on their banking business in Australia: ADI, foreign ADI, locally incorporated subsidiary ADI or RADI.

In addition to holding on the above licence, a banking business will also need to hold an Australian financial services licence (AFSL) if it provides financial services, or an Australian credit licence (ACL) if they engage in credit activities and provide credit services for personal, household or domestic purposes (which also includes credit provided to purchase, renovate or improve residential property for an investment purpose).

In the context of banking activities, ADIs will hold an AFSL in respect of deposit account and payment facilities offered and ACL to provide credit to consumers such as through personal loans, mortgages or credit cards.

No, a banking license such as an ADI does not automatically permit the licensee to engage in certain other activities. However, entities that carry on a banking business in Australia may also be licensed to engage in credit activities and provide credit services and/or provide financial services.

Generally, an AFSL will be required if an entity ‘carries on a financial services business in Australia’, unless an exemption applies. An entity may carry on a business in Australia if it:

• has a place of business in Australia;
• establishes or uses a share transfer in Australia; or
• administers, manages, or otherwise deals with, property situated in Australia as an agent, legal personal representative or trustee, whether by employees or agents or otherwise,

but the degree to which an entity engages in activities in Australia will depend on whether it is conducted with system, repetition and continuity.

However, under section 911A(2)(g) of the Corporations Act, an entity regulated by APRA may be exempt from holding an AFSL if they provide a financial service to wholesale clients only and the service is one in relation to which APRA has regulatory or supervisory responsibilities.  This may include a foreign ADI.

An ACL will be required if an entity engages in a credit activity or provides credit services regulated under Schedule 1 of the National Consumer Credit Protection Act 2009 (Cth) (NCCP), the National Credit Code (NCC), unless an exemption applies or the entity is an authorised representative of a Australian credit licensee. The NCC applies to credit that is provided or intended to be provided wholly or predominantly for:

• personal, household or domestic purposes;
• to purchase, renovate or improve residential property for investment purposes;
• to refinance credit that has been provided wholly or predominantly to purchase, renovate or improve residential property for investment purposes, and
• and in the course of carrying on a business of providing credit in Australia.

Australia operates a regulatory sandbox that is designed to provide businesses with an opportunity to trial products and services without the need to hold the required AFSL or ACL or other regulatory instrument. Fintech businesses that meet certain criteria, are seeking to provide financial services or engage in credit activities and are likely to fall under the ambit of ASIC can apply to be in the sandbox.

ASIC has set strict eligibility requirements for business who may enter and the financial products and services that qualify for the sandbox licensing exemption. Once a fintech business is granted access to the regulatory sandbox, there are further restrictions imposed on the clients who can be provided a product or service under the exemption and set limits on the value of the financial products or services provided.

There are no specific restrictions with respect to the issuance or custody of crypto currencies, such as a regulatory or voluntary memorandum. However, the issuance or custody of crypto currencies may require the issuer or custodian to be licensed under the Australian financial services regulatory regime. Namely, if a business is issuing a crypto asset that falls under the definition of a ‘financial product’, Australian financial services laws apply, including the requirement to hold an AFSL. Further, if cryptocurrency stored by a custody service provider falls within the definition of a ‘financial product’, the business must hold the appropriate custodial and depository authorisations.

Crypto assets however do not meet the definition or qualify as deposit products. They also do not meet the requirements for the Australian government’s bank guarantee, also known as the Financial Claims Scheme (FCS), which protects deposits up to $250,000 per account holder.

With respect to the segregation of funds, ASIC Consultation Paper 343 Crypto assets as underlying assets for ETPs and other investment products suggests that segregation on the blockchain would secure crypto assets as unique public and private keys are maintained on behalf of the responsible entity so that the certain assets are not intermingled with other crypto asset holdings.

Australian banking regulators are working to support entities that deal in cryptocurrencies and enhance consumer protection given the concern for malevolent use. As the nature of cryptocurrency systems is anonymous and has global reach, the RBA has raised questions about how to limit use of digital currencies for criminal activity. In light of this, the RBA and the Federal Treasury have been examining and begun introducing a Central Bank Digital Currency (CBDC), which the RBA suggests will offer a centralised, stable, universally accepted, means of payment.

Currently, there are no strict capital requirements for crypto assets held by an ADI or other APRA-regulated entity.

APRA in a letter to all APRA regulated entities in early 2024 outlined its interim policy and supervision priorities which states it would consult on the prudential treatment for crypto assets in 2024, with a view to providing new requirements that are expected to come into effect from 2025. This follows APRA’s interim expectations on the management of risks associated with crypto assets released in a letter to banks issued in 2022.

In particular, APRA specified that the Basel Committee (BCBS) has finalised the international standard for the prudential treatment of banks’ exposures to crypto-assets, and that this will provide the basis for APRA’s prudential requirements for Australian banks. The implementation date for 1 January 2025 was amended to 1 Janurary 2026. The standards set out minimum capital requirements in bank dealings in certain group types pf cryptoassets. For example, Group 2b exposures are subject to a risk weight of 1,250%.

Broadly, the application process for authorisation as an ADI (ie a banking licence) is three steps.

Firstly, early contact must be made with APRA. The first step enables the applicant to understand APRA’s expectations and requirements, provide an opportunity for any concerns to be addressed, and ensures that the applicant has sufficient information required for the pre-application meetings and the application itself.

Next, having resolved any issues raised at the pre-application stage, the applicant can lodge a formal application for APRA to consider whether to grant your business a licence. At this second stage, the applicant will be required to pay a non-refundable licensing fee, present all supporting documentation and information including a credible three-year business plan, financial resources and risk management frameworks. The application fee for an ADI is currently $110,000 or for a RADI (the restricted licence) $80,000. The fee to apply to progress from a RADI to an ADI is $30,000.

The final step in the process is the assessment of the application. APRA will review the application and supporting information, determining whether further documentation is required to whether to convene a meeting to discuss elements of the proposed operation on-site.

The timeframe for approval will vary.

ASIC states that its assessment will take at least 12 months from receipt of the application, but that entities should plan to have sufficient resources to support a longer licensing timeframe. A shorter time from of 6 months is the stated timeframe for the Restricted ADI licence. APRA warns applicants to take care in regard to public announcements to ensure that unintentionally misleading statements about the time expectations for being granted a licence are not made.

Cross-border activity is permissible in certain circumstances.

APRA’s position generally stated is that foreign banks should be subject to prudential regulation if they are soliciting and operating an active business into Australia, even if that business is booked offshore.

In April 2011 (and updated in September 2013) APRA published an open letter to foreign banks in which it stated that it will not object to non-ADI foreign bank conducting business with Australian counterparties predominantly from offshore, provided that:

• the foreign bank does not maintain an office or permanent staff in Australia, including staff employed by an entity within the banking group that conducts non-banking business on its behalf in Australia;
• the foreign bank does not solicit business from retail customers in Australia;
• all business contracts and arrangements are clearly transacted and booked offshore;
• the foreign bank does not engage in advertising or allow bank staff to physically solicit business in Australia; and
• where offshore staff of the foreign bank meet with clients and potential clients in Australia, it is for the limited purpose of arranging or executing documentation in relation to the business of those clients.

Foreign banks are also able to operate on a limited basis in Australia in the following ways:

• applying to APRA to establish a representative office which only liaises with clients and conducts research activities and does not conduct any form of banking business; or
• applying to APRA to open a foreign branch in Australia to deal with wholesale clients only.

Foreign banks may also incorporate a local subsidiary that can apply to APRA for a (full) ADI licence.

Financial institutions including overseas banks may carry on other financial services activities in Australia that do not require it to be registered as an ADI but may be required to hold an AFSL or ACL (see question 4).

ASIC’s reissued Regulatory Guide 121 Doing financial services business in Australia (RG 121) which is intended to assist offshore providers to determine whether they cross the threshold to be carrying on a financial services business in Australia and whether the licensing regime (or exemptions) are relevant.

Currently there are a number of cross-border exemptions that are being phased out. This includes the provision of financial services from outside Australia to wholesale clients only. A foreign financial services licence regime has also been established. There are further exemptions that are yet to be agreed on by the Australia legislatures therefore remain uncertain. This includes offshore exemptions for certain categories of professional investors and for offshore providers currently regulated by an equivalent licensing regime.

The Australian banking landscape is heavily regulated, with a strong emphasis on corporate governance and prudential supervision. To carry on a banking business in Australia, an entity must be an ADI within the meaning of the Banking Act.

An ADI must be incorporated, hold an ADI licence (issued by APRA) and be subject to the Corporations Act. This means ADI status cannot be obtained by an association, partnership or other unincorporated entity.

Subject to the permissible cross-border activities and exemptions outlined in question 10, a foreign bank wishing to conduct standard banking activities in Australia (which includes taking deposits and making advances of money) must be authorised by APRA as an ADI. In terms of structure, the foreign bank can be set up to operate through a local subsidiary (being a separate legal entity) or foreign branch office (being part of the foreign bank as opposed to a separate legal entity). An Australian branch of a foreign bank with APRA authorisation to conduct a banking business in Australia is known as a ‘foreign ADI’ (whereas a local subsidiary of a foreign bank holding an ADI licence is known simply as an ‘ADI’).

In Australia, the operation of banks (that is, ADIs) is governed by a comprehensive regulatory framework designed to ensure financial stability and protect depositors. Central to this framework are the prudential standards set by APRA, which outline specific organisational requirements.

The board of directors of an ADI bears the ultimate responsibility for its sound and prudent management. To fulfil this role effectively, the board and senior management must collectively possess the necessary skills, knowledge and experience to ensure efficient and responsible operations.

APRA Prudential Standard CPS 510 Governance (CPS 510) provides detailed prudential requirements relating to the size, composition, and independence of an ADI’s board. Specifically, a locally incorporated ADI must maintain a minimum of 5 directors and the chairperson of the board must be an independent director (meaning they must not have served as the ADI’s chief executive officer within the preceding 3 years).

Furthermore, a majority of the directors must be independent, and a majority of directors present and eligible to vote at all board meetings must be non-executive directors. This requirement is generally applicable, except in cases where the ADI is a subsidiary of another APRA-regulated entity or an equivalent overseas entity. Additionally, a majority of directors must be ordinarily resident in Australia. An ADI is required to establish and implement a policy on board renewal and procedures for assessing board performance, conducted at least annually. It must also maintain various executive committees, including a Board Audit Committee and Board Risk Committee.

In March 2025, APRA proposed changes to strengthen its governance framework for banks, including (but not limited to) requiring ADIs to:

• Ensure their boards have the right mix of skills and experience to effectively deliver the ADI’s strategy;
• Raise standards regarding the fitness of ‘responsible persons’ (senior management).
• Extend requirements for managing conflicts of interest will be extended from superannuation trustees to banks
• Strengthen board independence
• A lifetime tenure limit of 10 years will be introduced for non-executive directors.

For a foreign ADI operating through an Australian branch, CPS 510 mandates the nomination of a senior officer outside Australia with delegated authority from the board to oversee the Australian branch operations. Concurrently, a senior manager ordinarily resident in Australia must be responsible for the local operations and readily available to meet with APRA upon request.

Beyond CPS 510, ADIs in Australia are subject to a range of additional corporate governance requirements and guidelines derived from various sources, including APRA prudential standards, the Corporations Act, ASX Listing Rules, and voluntary industry standards such as the Australian Banking Association Banking Code of Practice and ASIC’s ePayments Code.

The Corporations Act imposes statutory duties of care, diligence, and good faith on both executive and non-executive directors. The Banking Act requires ADI directors to take reasonable steps to ensure compliance with directions or requirements issued by APRA. Additionally, APRA Prudential Standard CPS 520 Fit and Proper mandates that individuals holding key positions of responsibility within ADIs maintain minimum fit and proper standards. ADIs are therefore required to actively manage risks and establish appropriate systems, including maintaining a fit and proper person policy and conducting regular assessments of fitness and propriety for responsible persons.

Finally, the Financial Accountability Regime (FAR) imposes core obligations on the directors and senior executives of an ADI, including ‘accountability obligations’, ‘key personnel obligations’ (ensuring clear allocation of responsibilities), and ‘notification obligations’. FAR is jointly administered by APRA and ASIC.

In Australia, an ADI’s remuneration policy is subject to significant regulatory oversight, primarily aimed at aligning executive incentives with prudent risk management and long-term financial stability. This oversight is driven by the need to prevent excessive risk-taking and ensure accountability.

APRA expects regulated entities to establish performance-based incentive structures that align remuneration with prudent risk management, including consequences for poor risk outcomes.

APRA Prudential Standard CPS 511 Remuneration (CPS 511) sets out comprehensive remuneration requirements for an ADI, particularly where it has been designated as a Significant Financial Institution (SFI). Key requirements of CPS 511 include:

1. (remuneration framework) an ADI must maintain a documented remuneration policy approved by the board, outlining the structure and terms of remuneration arrangements;
2. (board remuneration committee) a dedicated board remuneration committee must be established, with at least three non-executive directors and a majority of independent directors;
3. (financial and non-financial risks) variable remuneration arrangements must incorporate financial and non-financial risks that could materially impact the ADI’s risk profile, sustainable performance, and long-term soundness;
4. (variable remuneration adjustment tools) an ADI must implement variable remuneration adjustment tools, including overriding board discretion, in-period adjustments, malus, and clawback. These tools should be triggered in scenarios such as misconduct, significant risk management failures, breaches of accountability, and non-compliance;
5. (deferred remuneration) variable remuneration must be deferred for the chief executive officer, senior managers, executive directors, and highly paid material risk-takers. The proportion of deferred remuneration and vesting period varies based on the individual’s role. For example, in respect of the chief executive officer, at least 60% of their total variable remuneration must be deferred over a minimum of 6 years, vesting no faster than pro-rata after 4 years; and
6. (performance and risk alignment) variable remuneration outcomes must align with performance and risk outcomes, with the application of variable remuneration adjustment tools.

The FAR imposes deferred remuneration obligations on ‘accountable persons’ (who hold actual or effective senior executive responsibility for the management or control of the ADI or a significant part of its operations), which operate in tandem with CPS 511. An accountable person is required to have at least 40% of their variable remuneration deferred for 4 years (or longer where the ADI considers an accountable person is likely to have breached their accountability obligations).

Yes.

From 1 January 2023, a revised capital framework was implemented to solidify the financial system’s resilience. This involved increasing required capital reserves to better protect against future economic downturns and align the framework with changes to the internationally agreed Basel Framework, referred to as the Finalised Basel III post-crisis reforms.

The Australian regulatory capital requirements, outlined in APRA’s prudential standards (and in particular, APRA Prudential Standard APS 110 Capital Adequacy (APS 110)), are fundamentally based on the Basel III framework. These requirements ensure that Australian ADIs maintain adequate capital, both individually and on a group basis, to serve as a buffer against the inherent risks associated with their activities.

While largely aligned with Basel III, the Australian framework incorporates certain modifications to address specific Australian risks and ensure prudential safety. Notably, APRA has exercised its discretion to implement a more conservative capital adequacy regime than the minimum standards prescribed by Basel III. Further, in recognising that the Basel III framework was primarily designed for large, internationally active banks, APRA has introduced a set of simplified capital requirements for smaller, less complex banks. The purpose of this proportionate regulation is to minimise unnecessary regulatory burden without compromising prudential safety.

APRA continues to consult on revisions to the capital framework for authorised ADIs to implement ‘unquestionably strong’ capital ratios and the Basel III reforms.

APS 110 does not apply to foreign ADIs operating in Australia through branches. These entities are expected to adhere to comparable capital adequacy standards in their home jurisdictions. Additionally, APS 110 does not apply to Purchased Payment Facilities (PPFs).

Australia has adopted the leverage ratio as a key component of its prudential framework, designed to complement risk-based capital requirements and mitigate the potential for excessive leverage within the banking system. This measure gained prominence following the 2008 global financial crisis, which highlighted the significant economic risks associated with unchecked leverage.

As part of the Basel III capital reforms, the Basel Committee on Banking Supervision established a minimum leverage ratio. This ratio, calculated by dividing a bank’s Tier 1 capital by its total on- and off-balance sheet exposures, serves as a safeguard against risk-weighted capital requirements. Its purpose is to lessen the negative effects of reducing debt on financial stability and the broader economy. According to Basel III standards, banks are generally required to maintain a leverage ratio above 3 percent.

In Australia, APRA has implemented specific leverage ratio requirements through APS 110. An ADI that uses an Internal Ratings-Based (IRB) approach to credit risk, as approved by APRA, is subject to a mandatory minimum leverage ratio requirement. The IRB ADI must consistently maintain a leverage ratio of at least 3.5 percent. This increased requirement acknowledges the complexity and potential risks associated with IRB models.

For an ADI using the standardised approach, which typically encompasses smaller and less intricate banks, APRA retains the discretion to impose a leverage ratio requirement. However, APRA does not enforce a uniform leverage ratio for standardised ADIs, which seeks to lessen their regulatory burden and improve efficiency. The leverage ratio operates as a non-risk-based measure to restrict the amount of debt an ADI can accumulate relative to its equity, providing a clear and straightforward method for managing leverage. It acts as an additional check to the risk-weighted capital requirements, offering a safety net against excessive leverage that risk-weighted models may not fully address.

Australia has fully implemented the Basel III liquidity requirements, including the Liquidity Coverage Ratio (LCR) and the Net Stable Funding Ratio (NSFR), with a tailored approach for different categories of ADIs (depending on their size and complexity).

APRA sets stringent liquidity requirements for all ADIs to ensure they can meet their financial obligations under various stress scenarios. These requirements are primarily reflected in APRA Prudential Standard APS 210 Liquidity (APS 210) and APRA Prudential Practice Guide APG 210 Liquidity (APG 210).

APS 210 primarily addresses funding liquidity, mandating that ADIs implement sound practices for managing liquidity risks. This necessitates maintaining an adequate level of liquid assets to meet financial obligations as they become due, even under a broad range of challenging operating conditions. Key aspects of APRA’s liquidity framework include:

• (liquidity risk management) an ADI must establish a comprehensive liquidity risk management framework and maintain sufficient liquid assets to withstand severe liquidity stress through regular stress testing; and
• (funding structures and strategies) an ADI must develop robust funding structures and strategies appropriate to its size and complexity.

APRA categorises domestically incorporated ADIs as either LCR ADIs or Minimum Liquidity Holdings (MLH) ADIs. Typically, larger and more complex ADIs are designated as LCR ADIs, while less complex institutions fall under the MLH ADI classification. Foreign ADIs are generally classified as LCR ADIs, unless APRA determines otherwise.

The LCR requirement aims to enhance short-term resilience by mandating that LCR ADIs maintain sufficient unencumbered high-quality liquid assets (HQLA) to meet liquidity needs during a severe 30-day stress scenario. Domestically incorporated ADIs classified as LCR ADIs are also required to maintain a NSFR of at least 100 percent at all times. The NSFR focuses on longer-term stability, encouraging LCR ADIs to adopt stable funding structures.

Separately, MLH ADIs, which are typically smaller and less complex institutions, are required to hold 9 percent of their liabilities in specified liquid assets. These specified liquid assets include physical currency, Australian government securities, eligible foreign government securities, bank bills, certificates of deposit, debt securities issued by ADIs, and net at-call deposits with other ADIs.

It is important to note that APRA retains the authority to impose higher liquidity requirements if it has concerns regarding an ADI’s liquidity risk profile or the quality of its liquidity management. Unlike capital requirements, which may vary in scope, liquidity requirements apply to all ADIs operating within Australia.

The Reserve Bank of Australia (RBA) (as Australia’s central bank) provides several avenues for Australian banks to access funding, primarily aimed at ensuring liquidity and supporting the stability of the financial system. These sources are crucial, particularly during periods of market stress.

The RBA conducts activities known as ‘open market operations’ to manage the cash rate and maintain liquidity in the financial system. Banks can participate in repurchase agreements with the RBA, where they exchange eligible securities (such as government bonds) for cash, with an agreement to repurchase them at a later date. These operations allow banks to manage their short-term liquidity needs.

The RBA provides standing facilities, which allow banks to obtain overnight funding. These facilities include:

1. (Exchange Settlement Account (ESA) overdrafts) banks hold ESAs with the RBA to settle interbank payments. In cases of short-term liquidity shortfalls, banks can access overnight overdrafts, subject to certain conditions and interest rates;
2. (repurchase agreements) banks can also enter into overnight repurchase agreements with the RBA through the standing facilities;
3. (term funding facilities) in response to specific economic conditions, the RBA may introduce term funding facilities. These facilities provide banks with access to longer-term funding at favorable interest rates, supporting lending to businesses and households. An example of this was the term funding facility that was in place during the COVID-19 pandemic; and
4. (discount window) while not as frequently used in Australia as in certain other jurisdictions, the RBA retains the capacity to act as a lender of last resort. In exceptional circumstances, banks can access emergency funding from the RBA’s discount window, typically secured by eligible collateral.

The RBA’s funding mechanisms are primarily designed to:

1. maintain stability in the financial system;
2. manage short-term liquidity fluctuations;
3. support the transmission of monetary policy; and
4. act as a lender of last resort during periods of severe stress.

The requirements for an ADI to disclose its financial statements and engage in interim reporting depend on its listing status and regulatory obligations. While not all ADIs are legally required to publish financial statements, a publicly listed ADI (on the Australian Securities Exchange, ASX) must adhere to ASX Listing Rules, which require regular disclosure of audited financial statements. The frequency of reporting (quarterly, half-yearly, or annually) depends on the listing rules and company classification.

The Financial Sector (Collection of Data) Act 2001 (Cth) (FSCODA) grants APRA the authority to collect data from Registrable Financial Corporations (RFCs), including ADIs and non-bank lenders. FSCODA allows APRA to collect statistical data for its prudential supervision but does not grant APRA oversight of RFCs’ operational activities.

A corporation is classified as an RFC if it provides finance in Australia and has Australian assets or outstanding loan principal exceeding AUD$50 million. APRA issues reporting standards outlining required data and submission formats. Upon registration, RFCs must submit a registration form, initial return and a copy of their latest audited financial position. Depending on the RFC type, they may need to report to APRA monthly or quarterly. APRA shares summary data with the public, other regulators and the Australian Bureau of Statistics

In Australia, APRA employs consolidated supervision, particularly for financial conglomerate groups. This approach aims to ensure the stability and resilience of the entire group, rather than just individual entities within it.

APRA utilises a tiered approach to apply prudential standards to different entities and groups:

1. Level 1 supervision: This applies to individual APRA-regulated institutions or Extended Licensed Entities (ELEs). An ELE includes the ADI and its subsidiaries that APRA considers part of the ADI for prudential purposes. APRA has discretion in determining which subsidiaries are included in the ELE;
2. Level 2 supervision: This applies to an ADI Level 2 group, which includes the ADI and all of its subsidiaries (or, if the ADI is a subsidiary of an authorised Non-Operating Holding Company (NOHC), the consolidation of the immediate parent and its subsidiaries). Certain non-consolidated subsidiaries may be excluded; and
3. Level 3 supervision: This applies to conglomerate groups, known as Level 3 groups, that have material operations across multiple APRA-regulated industries and/ or non-APRA-regulated sectors. APRA has the discretion to apply Level 3 supervision. A Level 3 group comprises all institutions within a consolidated entity, adjusted as determined by APRA, with the Level 3 Head being the ultimate holding company, ultimate Australian parent, or certain reporting entities.

Consolidated supervision allows APRA to assess the overall financial health and risk profile of a group, rather than just individual entities. This enables APRA to identify and address potential risks that may arise from interdependencies and contagion within the group. It ensures that capital and liquidity are adequate at the group level, preventing risks from being hidden within non-regulated entities. It increases the transparency of the whole group and allows for the regulation of NOHCs.

The acquisition of shareholdings or control in ADIs in Australia is governed by a multifaceted regulatory framework, designed to safeguard financial stability, maintain competition, and protect the national interest. The complexities of this framework are essential to maintaining a robust and secure financial system.

The Financial Sector (Shareholdings) Act 1998 (Cth) (FSSA) places limitations on shareholdings in ADIs and their holding companies, generally restricting individuals or groups acting in concert to a maximum 20% stake. Prospective shareholders are also subject to a ‘fit and proper’ assessment. The definition of a ‘stake’ encompasses direct control interests, including voting power and the voting power of associates. However, the Treasurer possesses the authority to approve shareholdings exceeding this 20% limit in specific circumstances, particularly when it is deemed to be in the national interest. These approvals may be subject to conditions relating to duration and substance. Penalties are imposed for unacceptable shareholdings held without the Treasurer’s consent, and the Federal Court can issue orders to restrain or reduce such shareholdings.

Furthermore, the Treasurer has the power to declare that a person has ‘practical control’ of an ADI, even if their shareholding is below 20%, if they effectively direct the company’s actions. If such a declaration is made, the Federal Court can implement remedial orders. Additionally, the Banking Act mandates that ADIs obtain the Treasurer’s permission for arrangements involving the sale or disposal of their business, amalgamations, or the formation of partnerships with other ADIs.

The Competition and Consumer Act 2010 (Cth) also plays a crucial role, applying to mergers of financial institutions and prohibiting acquisitions that would substantially lessen market competition, unless authorised by the Australian Competition and Consumer Commission. Moreover, takeover laws under the Corporations Act apply when an ADI or NOHC is a listed company or an unlisted company with more than 50 members, restricting certain acquisitions of relevant interests in voting shares unless an exemption applies.

Finally, approval under the Foreign Acquisitions and Takeovers Act 1975 (Cth) (FATA) is required for any acquisition of an ADI by a foreign entity. Also see response to Question 22.

Yes, Australia’s regulatory regime imposes conditions on the ownership of banks and in particular major participations. Ownership of ADIs and their holding companies is governed by the FSSA. See our response to Question 20.

ADIs are also required to comply with the ‘fit and proper’ test in CPS 520 – see our response to 12.

APRA has flagged governance as a key priority in its 2024-25 Corporate Plan, indicating it will conduct a broad review of CPS 520.

It is a requirement for a foreign interest to notify proposals by foreign persons seeking to acquire or interest an interest of 20 percent or more in, or takeover an Australian business valued at more than $50 million. FIRB examines proposals by foreign persons seeking such proposals, which are regulated by the Foreign Acquisitions and Takeovers Act 1975 (Cth) (FATA).

A foreign person is:

• an individual who is not ordinarily a resident of Australia;
• a corporation in which a substantial interest is held by an individual who is not ordinarily resident in Australia, a foreign corporation or a foreign government;
• a corporation in which two or more individuals, each of whom is not ordinarily resident in Australia or a foreign corporation or a foreign government, together hold a substantial interest;
• the trustee of a trust where a substantial interest is held by an individual not ordinarily resident in Australia, a foreign corporation or a foreign government; or
• the trustee of a trust where two or more individuals, each not ordinarily resident in Australia or a foreign corporation or a foreign government, together hold a substantial interest; or
• a foreign government.

The Basel Committee on Banking Supervision (Basel Committee) has established a number of indicators that help it determine whether a bank should be classified as a Global Systemically Important Bank (G-SIB).  There are currently no Australian G-SIBS.

APRA is the authority responsible for implementing the regime for domestic systemically important banks (D-SIBs) which is largely reflective of the Basel Committee indicators for identifying G-SIBs.

This includes five key factors which influence global systemic importance: size, cross-jurisdictional activity, interconnectedness, substitutability/financial institution infrastructure (including factors regarding the concentrated nature of the banking sector and complexity.

APRA has a higher loss absorbency (HLA) requirement for D-SIBs. This is to reduce the probability that failure of a D-SIB will have a greater impact on the domestic financial system and economy compared to non-systemic institutions. The HLA requirement for D-SIBs must be fully met by Common Equity Tier 1 (CET1). CET1 is the highest quality capital that banks must maintain in order to adequately absorb losses and remain solvent. Accordingly, CET1 are funds that are permanent, unrestricted and available to cover losses.

APRA designated Australia’s four major banks as D-SIBs in December 2013. The banks are: Australia and New Zealand Banking Corporation (ANZ), Commonwealth Bank of Australia (CBA), National Australia Bank (NAB), and Westpac Banking Corporation (Westpac).

APRA-regulated entities (including banks as ADIs) are required to comply with APRA prudential standards. A breach of the prudential standards constitutes a breach of the relevant underlying legislation for which the prudential standard applies (e.g. for banks, the Banking Act). If an ADI breaches the prudential standards, it may be required to report the breach to APRA. Failure to notify APRA of a breach of the prudential standards is 200 units for ADIs (currently $66,000AUD)

If APRA has reason to believe that an ADI has contravened or is likely to contravene a provision of applicable legislation or prudential standard, APRA has the power to issue directions requiring the ADI to undertake (or not to undertake) certain actions, including requiring compliance with the relevant legislation or prudential standard, removing a director or senior manager, or requiring an audit. Non-compliance with such a direction carries a penalty of 50 penalty units (currently $16,500AUD) and gives APRA power to revoke the authorisation.

Depending on the nature and extent of the breach, the ADI may be subjected to civil penalties for any such breach of banking regulations.

The following prudential standards establish the resolution regime for banks in Australia, specifically:

• CPS 190 – Financial Contingency (CPS 190) requires all ADIs, NOHCs and certain foreign ADIs (i.e. those with a branch or locally incorporated operations where APRA finds some or all of CPS 190 applies) to have and maintain a recovery and exit plan (Resolution Plan) setting out how it would respond to a stress that threatens its viability and provides requirements on the content of the Resolution Plan.
• CPS 900 – Resolution Planning (CPS 900) requires all ADIs, including foreign ADIs and NOHCs authorised under the Banking Act that provide critical functions to take preemptive actions so that in the event of failure, APRA can assist them ensure there is minimal adverse impact on the financial system.

The Financial Claims Scheme (FCS) was established by the Australian government to provide financial protection for consumers in the event of the failure of an ADI. The FSC protects deposits up to $250,000 per account holder per ADI and aims to return deposits to account holders. The FSC does not operate automatically – it is activated at the discretion of the Treasurer and once activated, administered by APRA.  (The FCS also covers claims of up to $5,000 from policyholders and claimants against general insurers in Australia).

No, there is no mechanism in Australia enabling a bail-in tool to be directly applied for resolution purposes.

Relevantly, Additional Tier 1 capital (AT1) instruments had been used to stabilise banks during times of stress and provide capital to support a bank’s resolution at the point of failure. However, APRA has expressed concerns that AT1 instruments have not been effective in their role because they absorb losses at a late stage of a bank’s crisis and are difficult to use for supporting resolution, especially given that a large portion of AT1 is held by retail investors in Australia.

APRA has made a proposal to replace AT1 with cheaper and more reliable forms of capital:

• Large, internationally active banks will be able to replace 1.5 per cent AT1 with 1.25 per cent Tier 2 and 0.25 per cent CET1 capital.
• Smaller banks will be able to fully replace AT1 with Tier 2, with a reduction in Tier 1 requirements.
• APRA’s requirements applicable to internationally active banks will remain in line with international minimum standards.

The proposed approach does not directly address liquidity crises (including breach of the Liquidity Coverage Ratio) as they primarily focus on capital adequacy requirements. APRA’s approach is designed to improve the structure and quality of capital that banks hold.

The updated framework will come into effect from 1 January 2027.

Gone Concern Capital refers to capital that would not absorb losses until such time as an ADI is wound up or the capital is otherwise written off or converted into ordinary shares or mutual equity interests. APRA’s proposed changes (see our response to question 27) aim to address the challenges associated with AT1 (which functions as a form of Gone Concern Capital) and draws distinctions in the regime for different types of banks.

The Financial Accountability Regime (FAR) requires banks and their NOHCs to identify directors and senior executives (Accountable Persons), detail their specific responsibilities in ‘accountability statements’ and conduct their activities in accordance with principles-based obligations including ‘skill’, ‘integrity’ and in ‘cooperation’ with ASIC and APRA. If Accountable Persons do not comply, they may be disqualified and/or held personally liable (as well as the bank), with a significant maximum civil penalty of 50,000 penalty units ($15.65 million AUD). FAR replaces the Banking Executive Accountability Regime (BEAR) and replicates the UK’s Senior Manager & Certification Regime (SMCR) and the Hong Kong Certification Regime.

Recent trends in bank regulation in Australia include:

• Digital Assets: ASIC has increased focus on regulating digital assets, particularly in light of the FTX collapse and is taking prosecutorial action against misconduct related to crypto products.
• BNPL: From June 2025, Buy Now Pay Later (BNPL) products will be regulated as ‘low-cost credit contracts’ under the National Credit framework, requiring compliance with licensing and responsible lending obligations.
• Climate-related Disclosure: The Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 mandates certain organizations to make climate-related financial disclosures starting from January 2025, aligning with global trends in mandatory climate reporting.

• Cybersecurity: With the increasing digitalisation of the financial sector, vulnerabilities to cyber risks like ransomware, data breaches and phishing have grown. ASIC has already removed over 7,300 phishing websites and APRA is focusing in 2024-25 on enhancing cyber resilience through CPS 234 – Information Security and investing $73.2 million in cyber technology upgrades.
• Climate risk: Climate change poses physical risks (e.g., extreme weather) and transition risks (e.g., shifts to a lower carbon economy). APRA addresses these through CPS 229 – Climate Change Financial Risks, promoting better management practices. APRA’s 2024-25 Corporate Plan aims to enhance expectations for entities to consider the financial impacts of climate risk.