APRA’s letter to the industry and what we should take from it
A brief summary of APRA's letter to the industry and why it matters to our clients.
Why robust internal policies and procedures are fundamental for financial services providers
A Federal Court decision involving an industry super fund highlights that having internal policies is not enough— they must be properly implemented.
CPS 230 ‘Day 2’ Compliance: When the Real Work Begins
As organisations move into ‘Day 2’ compliance, the focus shifts from frameworks to evidence. This article explores why ongoing contract and supplier management, SLA and KPI tracking, and meaningful reporting are critical to demonstrating operational resilience under CPS 230 – and how legal and risk teams can keep compliance working in practice.
Third-Party Risk Isn't Just a Procurement Issue Anymore
Third‑party risk is no longer just a procurement problem. With growing regulatory scrutiny and standards like CPS 230, organisations are now accountable for how their suppliers support critical operations, manage risk and respond to disruption. This article explores why legal, risk and governance teams must take a more active role – and what a practical, integrated approach to third‑party risk really looks like.
Why Updating Policies Isn’t Just a Box-Ticking Exercise
In today's fast-paced business environment, policies are more than just documents sitting in a shared drive—they're the backbone of compliance, governance, and operational clarity. Yet, too often, organisations treat policy reviews as a “tick the box” exercise. That approach can lead to outdated,...
