All credit unions and other ADIs will need to hire or designate a chief risk officer and set up a board risk committee, if they do not already have one, says APRA.
On Friday, The Australian Prudential Regulation Authority
released updated requirements on risk management across its regulated industries.
It said these requirements "reflect its heightened expectations in this area."
The package proposes harmonised risk management requirements for authorised deposit-taking institutions, general insurers, life insurers and conglomerate groups.
APRA said the proposed cross-industry prudential standard "consolidates existing risk management standards for insurers and includes some risk management requirements for ADIs that are currently spread across a number of ADI prudential standards."
The new standard will not apply to superannuation.
APRA said it proposes boards of regulated institutions "establish a board risk committee, to which a designated chief risk officer would be accountable."
APRA said there could be "no 'dual-hatting' [and that] the CRO cannot be the chief executive officer, chief financial officer, the actuary or the head of internal audit."