The Australian Prudential Regulation Authority (APRA) has released its Annual Report for the 2024-25 financial year, highlighting the regulator’s approach to maintaining the stability of Australia’s financial system in a period marked by international volatility and cyber security incidents.
The report, prepared under the Public Governance, Performance and Accountability Act 2013, details APRA’s actions and priorities for the insurance sector and the broader financial landscape.
APRA chair John Lonsdale commented on the challenges of the past year. “The events of 2024-25 brought into sharp focus how quickly waves of international economic disruption can reach our shores and how interconnected the Australian and global financial systems have become,” he said.
He also underscored the importance of robust information security, referencing recent cyber incidents affecting superannuation funds.
Throughout the year, APRA concentrated on strengthening operational risk management, governance, and accountability across regulated entities.
The authority finalised a new operational risk prudential standard, effective from July 2025, which introduces higher expectations for managing disruptions and third-party provider risks.
APRA also extended the Financial Accountability Regime (FAR) to insurers and superannuation funds, requiring senior managers to assume clear responsibility for key functions.
Industry consultation on eight governance proposals was conducted, with draft regulatory changes expected in 2026.
APRA’s approach includes targeted supervision, policy adjustments, and enforcement actions to address sector-specific vulnerabilities.
For insurers, APRA proposed adjustments to capital requirements for longevity products, aiming to support the availability of competitively priced annuities.
The regulator also reviewed reinsurance standards to facilitate access to alternative arrangements, supporting the affordability and accessibility of insurance products while maintaining prudential oversight.
APRA advanced its Climate Vulnerability Assessment (CVA) in collaboration with major general insurers, examining the potential effects of climate change on household insurance affordability through 2050. An information paper detailing the CVA’s objectives and methodology was published, with results anticipated in the next reporting cycle.
APRA’s 2025 survey of regulated entities found that 97% of respondents saw value in APRA’s supervision, although only 24% believed regulatory changes adequately considered compliance costs.
In response, APRA has made proportionality a strategic focus for 2025-26, seeking to balance prudential safety with industry efficiency and competition.
Efforts to streamline regulatory processes included migrating data collections to APRA Connect and transitioning legacy data infrastructure to cloud-based platforms.
APRA also participated in cross-agency workstreams addressing geopolitical and climate risks, and reviewed the regulatory burden on smaller banks.
During the reporting period, APRA implemented reforms to capital and liquidity standards for banks and conducted sector-wide stress testing, including a focus on interconnections between banking and superannuation.
Operational resilience remained a priority, with APRA monitoring compliance with the new CPS 230 standard and emphasising cyber resilience through remedial actions and industry guidance.
Crisis preparedness was further developed through recovery and exit planning requirements, and APRA coordinated a major crisis simulation with Australian and New Zealand regulatory agencies to test cross-border response capabilities.
APRA continued to reinforce governance and accountability, embedding the FAR across insurers and superannuation trustees. Over 2,800 accountable person registrations were processed during the year.
A risk culture survey of the insurance sector revealed varying progress among entities, with APRA providing feedback and highlighting areas for improvement.
Enforcement actions included additional licence conditions, court enforceable undertakings, and increased capital add-ons for entities with identified weaknesses.
APRA led the insurance CVA and conducted a second industry-wide climate risk self-assessment, finding that larger entities had made progress, while smaller firms showed room for improvement.
The regulator worked with government and industry to address the protection gap in household insurance, driven by natural disasters, reinsurance costs, and building inflation.
APRA encouraged insurers to improve transparency around premium increases and policy coverage, and used its data collection role to inform stakeholders about protection gap issues.
Looking ahead, APRA’s 2025-26 Corporate Plan sets four strategic objectives:
Key initiatives include reinforcing cyber defences, testing compliance with new operational risk standards, updating governance requirements, and publishing the results of its first system-wide stress test.
APRA also plans to refine its regulatory framework to better balance safety, efficiency, and competition, including formalising a third tier of proportionality in banking regulation and exploring ways to make reinsurance more accessible.
