• Email
  • Print
  • Increase Font
  • Decrease Font

2019-20 Governance

Governance framework

ARPC’s governance framework is based on the Terrorism Insurance Act 2003 (TI Act) and ARPC’s status as a corporate Commonwealth entity for the purposes of the PGPA Act and the Public Governance, Performance and Accountability Rule 2014 (PGPA Rule).

ARPC is established as a body corporate under the TI Act (section 12) and comprises a Chair and between four and six other members (referred to as the Board). Board members are appointed on a part-time basis by the Minister. During the reporting period, the Minister was the Hon. Michael Sukkar MP from 29 May 2019.

The Minister may give written directions in relation to the performance of ARPC’s functions and the exercise of its powers.

The Board is the accountable authority for the purposes of the PGPA Act. As required by the PGPA Act (section 45), ARPC has an audit committee (the Audit and Compliance Committee) which was constituted by four Board members to 4 October 2019 and subsequently three members until 9 June 2020 when the Board re-appointed Robin Low to the Committee.

Under the PGPA Act (section 22), the Finance Minister may make an order (a Government Policy Order) specifying that a policy of the Australian Government is to apply in relation to one or more corporate Commonwealth entities. During the reporting period, there were no General Policy Orders (GPOs) applicable to ARPC.

Under the TI Act, the Board appoints the CEO of ARPC. The CEO manages the affairs of ARPC subject to the strategic directions and policies determined by the Board.

The chart below sets out the organisational framework of ARPC.

Organisational chart

Organisational chart

In addition to the statutory framework, ARPC’s corporate governance framework is underpinned by the Board Charter (https://arpc.gov.au/wp-content/blogs.dir/3/files/2020/07/ARPC-Board-Charter.pdf), the Audit and Compliance Committee Charter (https://arpc.gov.au/wp-content/blogs.dir/3/files/2020/07/ARPC-Audit_Compliance-Committee-Charter.pdf) and a suite of policies and procedures in areas such as risk management, financial management, capital management, investment, privacy, delegations, people management, fraud control, conflict of interest, public interest disclosure, security management and business continuity planning.

Back to top


During 2019-20, the Board comprised a Chair and between four and six other (non-executive) members.

The term of appointment of two Board members expired on 4 October 2019. On 23 April 2020, two (non-executive) members were appointed by the Minister.

The names and details of ARPC Board members who held office during 2019-20 are outlined below.

Board members

Ian Carson AM, Chair

BEc PGDip Professional Accounting FAICD
Terms: 1 July 2017 – 30 June 2020
1 July 2020 – 30 June 2023

Ian Carson was reappointed Chair of the Board on 23 April 2020.

Ian is Chairman of Markets at PwC. Previously Ian was Chair of PPB Advisory, a professional advisory firm, of which he was a founding partner.

Ian is co-founder of SecondBite, a for-purpose organisation which rescues nutritious food that would otherwise go to landfill. Ian is President of The Victorian Arts Centre Trust and Trustee of The Melbourne Cricket Ground. In 2017, Ian was awarded an Order of Australia for his work in Food Rescue and Business. In 2018, together with his wife Simone, he was appointed ‘Melbournian of the Year’.

Janet Torney, Member

Terms: 1 July 2015 – 30 June 2018
1 July 2018 – 30 June 2021

Janet Torney was appointed a Member of the Board on 1 July 2015 and is Chair of the Audit & Compliance Committee.

Janet is a non-executive director with strong expertise in strategy, governance, risk and change management and investments. She is Chair of Whitehelm Capital, Chair of Perpetual Super and Chair of Club Plus Super. In the not-for-profit sector, Janet is Chair of Girl Guides Australia and a Director of the Australian Cricketers’ Association.

Janet’s career spans more than 30 years in the financial services sector – superannuation, investments, infrastructure, banking and insurance, in the engineering sector – manufacturing and consulting, and in the member-focussed sector – notably sport and female related. Janet is a Fellow of the Australian Institute of Company Directors and a Fellow of the Association of Superannuation Funds of Australia.

Elaine Collins, Member

Terms: 1 July 2015 – 30 June 2018
1 July 2018 – 30 June 2021

Elaine Collins was appointed a Member of the Board on 1 July 2015 and is a member of the Audit and Compliance Committee.

She is a non-executive director and actuary, with a career spanning 25 years in the insurance industry in Australia, New Zealand, Hong Kong and Singapore. She served in senior roles with KPMG and as a Partner of Deloitte, carrying out Appointed Actuary roles for more than ten years, with key expertise in strategic risk management, policy formulation and capital efficiency.

Elaine has non-executive Director roles with general insurer Zurich Insurance Australia Ltd (and Chair of its Risk, Compliance and Audit Committee), lenders‘ mortgage insurer ANZLMI (and a member of its Audit and Risk Committees) and, from 1 July 2020, health insurer rt health.

Elaine is a Fellow of the Actuaries Institute and a Fellow of the Australian Institute of Company Directors. She is a member of the Actuaries Institute’s Professional Standards Committee and a Professor of Practice at the University of New South Wales.

John Peberdy, Member

Terms: 1 July 2015 – 30 June 2018
1 July 2015 – 30 June 2021

John Peberdy was appointed a Member of the Board on 1 July 2015.

John has a proven track record as a strategic senior executive, having delivered improved business outcomes, in Australia and New Zealand, within Ansvar Insurance, a market leader in the care, community, faith and education insurance sector. John has
extensive experience delivering on business growth and profitability, initiating and driving change and optimising daily operations through effective leadership of a strong executive team. His expertise includes strategy and planning, business management, leadership and people management, risk management and general insurance.

Among his current directorship roles, John is the Chair, EA Insurance Services Pty Ltd and Deputy Chair, Christian Super.

Michael Callaghan, AM PSM Member

Term: 5 October 2016 – 4 October 2019

Mr Michael Callaghan was appointed a Member of the Board on 5 October 2016 and completed his term on 4 October 2019.

Mike is Chair of the Aged Care Financing Authority and Chair of the Asian Development Bank’s replenishment of the Asian Development Fund. He is also a Non-resident Fellow at the Lowy Institute for International Policy. In 2017, he was the Chair of the Australian Government Review of the Petroleum Resource Rent Tax. He also led the review into the Economic Impact of the Government’s Regulation Agenda.

In 2015, Mike headed the Northern Australia Insurance Premiums Taskforce. Between 2012 and 2014, Mike was Program Director of the G20 Studies Centre at the Lowy Institute.

Mike was Deputy Secretary of the Treasury from 2004 until 2012. He also served as the Prime Minister’s Special Envoy, International Economy. He has had 39 years’ experience in the Treasury and the International Monetary Fund.

Robin Low, Member

Terms: 5 October 2016 – 4 October 2019
23 April 2020 – 22 April 2023

Ms Robin Low was reappointed a Member of the Board on 23 April 2020 and is a member of the Audit and Compliance Committee.

Robin is a non-executive director. She is on the boards of four ASX listed companies: Appen Limited, AUB Group Limited, IPH Limited and Marley Spoon. She is also on the boards of three not for profit companies: Guide Dogs NSW/ACT, Primary Ethics and Public Education Foundation. She is a past deputy chairman of the Auditing and Assurance Standards Board.

Robin is a chartered accountant, with over 25 years’ experience with PricewaterhouseCoopers, including more than 17 years as an assurance partner specialising in financial services, particularly insurance.

Ms Karen Payne, Member

Term: 5 October 2017 – 4 October 2020

Karen Payne was appointed a Member of the Board on 5 October 2017 and is a member of the Audit and Compliance Committee.

Karen was appointed as the Inspector-General of Taxation and Taxation Ombudsman on 6 May 2019 for a term of five years. She was previously a part-time Member of the Board of Taxation and CEO of the Board of Taxation and prior to this, a partner with Minter Ellison Lawyers. Karen has more than 20 years’ experience as a specialist taxation advisor, specialising in the financial services sector.

She is a solicitor admitted in NSW and the High Court of Australia, chartered accountant and chartered tax adviser. Karen is a member of the Australian Institute of Company Directors, the Tax Institute and Chartered Accountants in Australia and New Zealand.

Ms Maria Fernandez PSM, Member

Term: 23 April 2020 – 22 April 2023

Maria Fernandez has a distinguished career in the public sector. From 2015 to 2019, she was Deputy Secretary, Intelligence and Capability with the Department of Home Affairs. Before that, Maria was Director (CEO) of the Australian Geospatial Intelligence Organisation. Maria’s experience also includes the cyber threat environment through an earlier role as Deputy Director Intelligence at the Australian Signals Directorate, and Maria was the first female head of an Australian intelligence agency.

Maria was awarded a Public Service Medal for outstanding public service in advancing Australia’s interests. Maria is a Graduate of the Australian Institute of Company Directors and is a graduate of the Harvard Business School Advanced Management Program.

Board meetings

The Board convened seven meetings during the 2019-20 financial year, comprising five meetings for general business, one strategic planning workshop and one meeting on ARPC’s response to the COVID-19 pandemic. The table below lists the number of meetings attended by each member during the reporting period.

Number of meetings attended by each member of the Board in 2019-20


Number of meetings entitled to attend

Number of meetings attended

Mr Ian Carson



Ms Janet Torney



Ms Elaine Collins



Mr John Peberdy



Mr Mike Callaghan



Ms Robin Low



Ms Karen Payne



Ms Maria Fernandez



Board remuneration

Remuneration for Board members in 2019-20, including travel and meeting allowances, was determined by the Remuneration Tribunal (Remuneration and Allowances for Holders of Part-time Public Office) Determination 2019 and the Remuneration Tribunal (Official Travel) Determination 2019. There was no remuneration for performing duties on the Audit and Compliance Committee.

Board member annual fees and meeting fees

Remuneration Basis

Chair Annual Fee

Chair Meeting Fee

Member Annual Fee

Member Meeting Fee

Table 6A Annual Fee plus Meeting Fee





Audit and compliance committee

Established in accordance with the PGPA Act (section 45), the Audit and Compliance Committee (Committee) supports the Board overseeing the administration and governance of ARPC.

Under the PGPA Rule (section 17), the Committee must consist of at least three appropriately qualified and skilled members. In the reporting period, the Committee had four members until 4 October 2019 and three members from 5 October 2019 to 9 June 2020 when Robin Low was re-appointed to the Committee.

The functions of the Committee are set out in its Charter and include reviewing the appropriateness of ARPC’s:

  • financial reporting
  • performance reporting
  • system of risk oversight and management, and
  • system of internal controls

The Committee performs these functions in addition to monitoring ARPC’s compliance with statutory obligations, overseeing the work of the internal and external auditors and ARPC’s governance framework. The Committee also provides a general forum for communication between members, ARPC’s senior executive team and the internal and external auditors.

During the reporting period, the Committee reviewed all reports received from ARPC’s internal auditors, PwC, and external auditors, the Australian National Audit Office (ANAO) and accepted ANAO’s terms of engagement. The Committee monitored the implementation of internal audit recommendations and reviewed and accepted PwC’s terms of engagement. It also reviewed the financial statements to assist the Board with its declarations under subsections 41(2) and 42(2) of the PGPA Act 2013 with respect to ARPC’s accounts and records and annual financial statements.

During 2019-20, four Committee meetings were held. The Committee members attended the number of meetings outlined in Meetings attended by each member of the Audit and Compliance Committee in 2019-20 below.

Meetings attended by each member of the Audit and Compliance Committee in 2019-20


Number of meetings

entitled to attend

Number of meetings


Ms Janet Torney



Ms Elaine Collins



Ms Robin Low



Ms Karen Payne



Back to top

Internal processes for managing risk

The PGPA Act (section 16) provides that the Board ‘has a duty to establish and maintain systems relating to risk and control.’ The Board performed this during the reporting period by having oversight of the Risk Management Policy and reviewing risk and tolerance levels, performance reports, risk strategies and controls at every meeting. In addition, each year the Board holds a strategic workshop which includes consideration of current and emerging risks on ARPC’s role and its Risk Appetite and Tolerance Statement (RATS).

ARPC uses a risk matrix to estimate the likelihood and severity of incidents. These risks are reviewed by management before Board meetings and updated for continued relevance, or to record emerging risks identified by management and/or the Board.

ARPC’s control environment for governance, business continuity and security management continue to be refined to address emerging risks.

Processes implemented to manage risk include:

  1. Maintaining a Business Continuity Policy and Procedure. Staff access and test an alternative site up to three times per year. The site could be used if ARPC was unable to operate out of its Sydney CBD office. In addition, all staff are provided with the necessary tools to work remotely if required.
  2. Implementing a range of IT security measures.
  3. Having a deed of indemnity with each Board Member. In 2019-20, ARPC maintained and paid premiums for insurance covering members and senior executives against legal costs and other expenses that may be incurred in the performance of their duties. In compliance with the PGPA Rule (section 23), ARPC does not insure any ARPC officials against liabilities relating to breach of duty under the PGPA Act. The amount paid for Directors’ and Officers’ Indemnity Insurance in 2019-20 was $46,684 ($38,893 in 2018-19).
  4. Upon commencement, all ARPC staff and Board members are required to sign a confidentiality agreement which outlines their obligations relating to confidential information.

Back to top

Risk culture

ARPC has policies, procedures and activities to support a healthy risk culture which include:

Provide the right motivation:

Communicate the right message:

  • ARPC purpose and role
  • Employee induction
  • Clear accountabilities in position descriptions
  • Employee objectives, recognition and reward (remuneration and annual review)
  • Safetrac compliance training for all employees
  • KnowBe4 IT security training for all employees
  • Training by external providers, WiserLife and Bendelta
  • Employee workshops
  • Board and Audit & Compliance Committee reporting and action items
  • Strategic Internal Audit Program
  • Biannual fraud risk assessment
  • Employee training including training exercises for DTI scenarios
  • Employee engagement surveys and action plans
  • Employee pulse surveys

Take the right risks:

Establish the right environment:

  • Risk Appetite and Tolerance Statement
  • Risk register and controls
  • Key risk indicators and reporting
  • ARPC values
  • Code of conduct
  • Policies and procedures
  • Manager attestation processes

Back to top

Our risk management framework

The Board has oversight of ARPC’s corporate governance arrangements and is responsible for monitoring ARPC’s Risk Management function under the PGPA Act. The Board is responsible for setting ARPC’s risk appetite and reviews the RATS annually. Administration of the risk framework, including review of risks and controls, preparation of the Board report, and identification of emerging risks lies with management, specifically the Enterprise Risk and Crisis Response team. Oversight of the Risk Management function is provided by management to the Board, through the Risk Report and any changes to the risk register, which are formally presented four times a year for noting.

ARPC’s five strategic priorities provide the basis for the risk framework below, with each risk tolerance statement in the RATS relating to a strategic priority. Underlying the framework are the risk and control registers, which outline financial, strategic and operational risks facing ARPC, as well as the controls and procedures in place to mitigate these risks. The Key Risk Indicator (KRI) Report is used to measure ARPC’s risk exposure and outlines 27 risk indicators mapped to risks in the risk register. In addition, the risk management framework is supported by regular risk review meetings held with senior management, as well as compliance testing performed over key processes at ARPC, designed to address gaps in the strategic internal audit plan.

Overview of ARPC’s Risk framework

Overview of ARPC’s Risk framework

Back to top

Managing risk and uncertainties

Section 4 of the Financial Statements 4. Managing uncertainties describes the major risks faced by ARPC and explains how these risks are managed.

In summary, ARPC’s risks comprise:

  • Insurance risk
    • Underwriting risk
    • Claims risk
  • Operational risk
  • Capital risk
  • Market risk
    • Interest rate risk
    • Price risk
  • Credit risk
    • Investment counterparty risk
    • Receivables counterparty risk
    • Retrocession counterparty risk
  • Liquidity risk

Back to top

Internal audit

ARPC’s internal audit function is outsourced to PwC and overseen by the Audit and Compliance Committee. During 2019-20, PwC continued to provide internal audit services to ARPC. The updated five-year rolling Strategic Internal Audit Plan (SIAP), which is closely aligned to the risk register and risk appetite and tolerance statement, was approved by the Committee and the Board and included in the 2019-20 Internal Audit work plan.

PwC works closely with the Committee, CEO and senior management to identify and analyse business risks. The Committee regularly meets with PwC, its internal auditor, and independent of management periodically. Audit findings are reported to the Committee. Management actions or improvements identified through audits are agreed with management, approved by the Committee and tracked to completion on the Audit Issue Register. Internal audit has routine discussions with external audit to avoid any duplication of work and external audit has full access to internal audit work.

2019-20 Internal audit program

The Internal Audit Workplan for 2019-20 was successfully completed, with all management actions or improvement opportunities accepted, recorded and tracked on the Audit Issues Register. The annual program also has flexibility to accommodate Board or management requests for ad hoc audit reviews.

The following reviews were completed during 2019-20:

  • Cedant Review Process
  • Risk Management
  • Claims Processing, and
  • Governance and Compliance Framework Redesign – post implementation review

A review of payroll processes was requested by management and commenced in the reporting period.

Back to top

Fraud prevention and control

Every two years, ARPC reviews and updates the ARPC Fraud Control Policy and underlying fraud risk assessments. The Fraud Control Policy allocates responsibilities for fraud risk management and control among the Audit and Compliance Committee, the CEO, ARPC management and staff. The Policy outlines legislative and governance requirements, and is framed around key fraud control strategies:

  • prevention
  • detection
  • response, and
  • monitoring, evaluation and reporting.

The Fraud Control Policy complies with requirements under section 10 of the PGPA Rule, which provides the minimum standard for the management of risk and incidents of fraud by accountable authorities (the Board). ARPC staff were provided with training in compliance with the Fraud Control Policy and the PGPA Rule.

Back to top

Corporate governance practices

The Board and ARPC’s leadership team are committed to maintaining best practice corporate governance standards that are fit-for-purpose for ARPC’s operations.

In 2019-20, ARPC completed the implementation of process improvements recommended in a review conducted by PwC in the previous reporting period. These included changes to the frequency of board meetings, policy drafting and review cycles, implementing systems for collecting and disseminating market intelligence and improvements to internal attestation processes. The implementation of the review recommendations was completed in early 2020.

ARPC continues to monitor governance trends in the public and private sectors.

Back to top


In the reporting year, ARPC continued to review and improve its compliance plan and program of compliance testing. Regulatory compliance was further supported by a program of mandatory training for staff on relevant legislation and policies, routine information sessions for staff on relevant topics and a process of six-monthly attestations by all senior managers covering key legislation including the TI Act, PGPA, PGPA Rule, the Privacy Act 1998 and Public Interest Disclosure Act 2013.

Under the TI Act (section 40), the Board may delegate all or any of its powers or functions to the CEO or any person employed under the TI Act. Delegations made by the Board are documented and reviewed at least every three years.

ARPC’s annual report is prepared and provided to the Minister by 15 October each year in compliance with the PGPA Act (section 46). ARPC’s annual financial statements comply with accounting standards prescribed by the PGPA rules and are audited by the Auditor General as soon as practicable after preparation. The financial statements can be found in Chapter 6 of this document.

ARPC also prepares a Corporate Plan on a rolling four-year basis, in accordance with the PGPA Act (section 35) and provides it to the Minister and the Minster for Finance by 31 August each year.

Under the PGPA Act (section 39), ARPC prepares an Annual Performance Statement to report on progress against purpose, as stated within the preceding Corporate Plan. ARPC’s Annual Performance Statement is outlined in Chapter 3 of this document.

Back to top

Public interest disclosure

The Public Interest Disclosure Act 2013 (PID Act) promotes integrity and accountability in the Commonwealth public sector by encouraging the disclosure of information about suspected wrongdoing. It also protects people who make disclosures and requires agencies to investigate or take other appropriate actions.

In accordance with the PID Act, ARPC has a PID policy/procedure which is made available on the ARPC webpage. During the reporting period, ARPC received no public interest disclosures.

Back to top

Information publication scheme statement

In accordance with the Freedom of Information (FOI) Act and the Information Publication Scheme (IPS), ARPC publishes a range of information on its website. In compliance with the Act and IPS, ARPC publishes its organisational structure, functions, appointments, annual reports, consultation arrangements, submissions to Parliament, routinely requested information and details of the freedom of information officer. Further details are available on ARPC’s IPS webpage at: https://arpc.gov.au/ips

Back to top

Judicial and administrative decisions

In 2019-20, there were no judicial decisions or decisions of administrative tribunals that could significantly affect ARPC’s operations.

Back to top

Consultation arrangements

ARPC employees regularly meet with insurers, industry bodies and other interested parties outside the Australian Government for discussions on various matters. A summary of the stakeholder engagement activity undertaken by ARPC during the reporting period can be found in Chapter 1.

Back to top


ARPC engages consultants to provide specialist skills to assist with key projects and tasks. During 2019-20, consultants were engaged (following the appropriate procurement processes outlined in ARPC’s Procurement Policy), to assist in the following areas:

  • strategic planning and stakeholder engagement facilitation
  • specialist technical projects and maintenance e.g. website refresh and protected email migration
  • research projects e.g. cyber terrorism
  • retrocession advice
  • independent review/advice on legal,
    and accounting issues
  • staff development and training
  • work health and safety, and
  • recruitment.

Back to top

Ecologically sustainable development

ARPC continues to pursue initiatives designed to minimise waste, conserve energy and minimise water usage in the office, such as using electronic meeting papers, double-sided printing and scanning and energy efficient lighting throughout the office. ARPC’s premise has a NABERS 4.5-star energy and 4-star water rating (out of 6 stars).

The table below lists the strategies used by the building owners and ARPC to assist in reducing its environmental footprint.

Environmental footprint strategies


Sydney office

Energy efficiency

The Sydney Office has a NABERS 4.5-star energy rating. The building also implemented an elevator allocation system to increase energy efficiency.

Use of sensor lighting throughout the office.

Shutting down computers outside of working hours.

Purchasing and use of carbon neutral paper.


Using double sided printing or scanning to reduce the volume of paper used.

Recycling of paper, cardboard, print cartridges, plastics, glass E-waste and fluorescence tubes.


The building has been accredited with a 4-star water rating.

Back to top