We operate in a highly regulated industry and manage compliance with requirements overseen by key regulators including the Australian Securities & Investments Commission (ASIC), APRA, the Australian Transaction Reports and Analysis Centre, the Australian Securities Exchange (ASX), the Reserve Bank of Australia, the Reserve Bank of New Zealand, the Financial Markets Authority (FMA) in New Zealand and other financial regulators.
Suncorp is committed to a culture of honest and ethical behaviour, and doing the right thing by our people and our customers is a priority. Our Whistleblower Service is available to all our people and suppliers to raise concerns of suspected
or actual misconduct, which may have a negative effect on the workplace, customers and Suncorp’s reputation.
This year we updated our Whistleblower Procedures to reflect changes to the Whistleblower provisions in the Corporations Act. We continue to highlight the requirement to maintain strict confidentiality of a whistleblower’s identity, and have expanded the prohibited conduct which would result in adverse outcomes for a whistleblower.
We have a range of policies in place to ensure our people and systems comply with regulatory requirements.
The Board has accountability for the oversight of compliance management and actively promotes a risk-aware culture through the Enterprise Risk Management Framework (ERMF).
Compliance risks are reported to the Board quarterly through the Board Risk Committee. The ERMF links risk appetite to our strategy and business plan, and sets out accountabilities, governance arrangements and processes for risk management within the Three Lines of Defence model.
Our Internal Audit team independently tests and verifies the effectiveness of Suncorp controls, risk standards and compliance, validates our ERMF and provides written reports to both the Board Audit and Board Risk Committees.