The Australian Prudential Regulation Authority (APRA) has imposed additional licence conditions on Mercer Superannuation (Australia) Limited (Mercer Super) to ensure it addresses risk management and compliance management deficiencies identified by APRA.
Mercer Super is the trustee of Mercer Super Trust and Mercer Portfolio Service Superannuation Plan, which have approximately 850,000 members and over $70 billion in funds under management.
The risk management and compliance management deficiencies were identified as part of APRA’s ongoing prudential supervision of the trustee, which included a prudential review conducted in October 2023.
Mercer Super has subsequently acknowledged significant breaches of prudential standards SPS 220 Risk Management (SPS 220), SPS 231 Outsourcing (SPS 231) and SPS 232 Business Continuity Management (SPS 232).
Under the terms of the new licence conditions, which came into force from 27 May 2024, Mercer Super must:
- develop and implement a remediation plan in conjunction with an independent expert that addresses the deficiencies identified by APRA;
- appoint an independent third party to complete an operational effectiveness review of Mercer Super’s risk management and compliance frameworks, following the completion of the remediation plan; and
- develop a plan to remedy any deficiencies identified in the operational effectiveness review.
On completion of the operational effectiveness review, Mercer Super is required to provide APRA with an attestation from the Trustee Chair, that the remediation actions are complete and effective, and that the entity is compliant with prudential standard SPS 220, SPS 231, and SPS 232.
APRA Deputy Chair Margaret Cole said:
“We have applied these conditions to drive substantial governance and risk management improvements at Mercer Super and protect the interests of its members.
APRA expects trustees to have robust risk management frameworks and to proactively manage systems and processes, including in the critical areas of business continuity management and the oversight of service providers. APRA is prepared to take strong steps, including taking enforcement action, where a trustee’s operational resilience management is substandard.”