Australia’s superannuation system was the fourth largest in world at the end of 20191, responsible for managing the retirement savings of 16 million Australians to the value of more than A$3 trillion (tn)1. And it’s only expected to grow further.

Superannuation funds need to protect, invest and grow their members funds, however the industry is facing many challenges. Managing A$3tn in retirement savings is not without risk in an ever complex and accelerating legal and regulatory environment.

Boards, Executives and leaders in the super industry need to move risk (if it is not already!) to the top of their agendas – the consequences for mismanagement will be significant and not only for their members. This article explores the challenges faced by superannuation funds, making risk work and questions for you to consider.

If you'd like to talk about an efficient and effective way to mitigate risks facing your business, please contact us.

Internal and external challenges


During the peak of the COVID-19 disruptions, the federal government allowed Australians early access of up to $20,000 of their superannuation contributions. Upon announcement, there was a surge in the number of members calling their funds, meaning call centres were overburdened.

In the end, superannuation funds had to quickly realise some $36 billion of their investments2. This activity also drove a large uptick in fraudulent activity with phishing and other scams becoming an issue for members.

The nature of a pandemic such as COVID-19 naturally creates a lot of uncertainty which financial markets do not like.


For some funds, the realisation of the amount of change that is happening is causing them to ask if they are in the right place to be able to service members, and hence are considering their future viability. Sector specific challenges are adding further pressure and ultimately leading to further consolidation within the sector.

Trustee directors and fund executives need to actively manage the risks associated with fund mergers given the pace of change and business model transformation.

Uncertainty in investment markets

Geopolitical tensions, alongside continued impacts of COVID-19 means an increased uncertainty in the markets, making it more challenging for funds to continually deliver strong performance.

Increasing legislation and regulatory reform

There will be little reprieve for chief risk and compliance officers in the years ahead as the push to lift governance, culture, remuneration and accountability standards across the industry continues.

Large, macro legislation changes such as the modern slavery act, climate change and carbon controls, more commonly referred to as Environmental, Social and Corporate Governance (‘ESG’) will impact not only on how these funds must manage internal operations, but how and where they can invest to safeguard their reputations and what goes with it.

APRA’s Supervision Risk and Intensity (SRI) model was announced for roll-out in October 2020, and its 2021 Policy and Supervision priorities continue to focus on enhancing the resilience and crisis readiness of Australia’s financial systems.

On a much broader scale is the Super Reforms – Your future, Your Super measure that was announced in the 20/21 federal budget. While still currently being debated, its intent is a package of reforms designed to make sure the superannuation systems delivers better outcomes for members.

Some of the headlines from the reforms include:
  • ceasing the creation of multiple, unintended super account for employees
  • addressing any instances of underperformance in the sector
  • embedding further transparency and accountability to make it easier for member to choose well-performing products.

Trustees face regulatory pressure for continuous development of risk management activities that support business agility and resilience. For example, transparent management and board reporting that demonstrates risk data consumption, data-driven assessments and the integration of technology risk management capabilities throughout organisations.

Trustees will need documented and sound change management processes and structures in place that enable them to adapt efficiently.

Member outcomes

Funds must demonstrate that all decisions they are making are for the benefit of members. In the first reporting season, many trustees took a reasonable ‘best endeavours’ approach – now it’s expected that many funds will review this methodology to refine the approach ahead of the next iteration.

It's expected that APRA will develop its own review of what a good outcomes assessment/business performance review looks like. Many funds may take the opportunity to consider the information that is publicly available and identify the opportunity for uplift in outputs.

Increasing competition

Superannuation funds need to consider customer loyalty and how they differentiate themselves in a more competitive market. With increasing transparency in cost vs return, some may need to consider increasing their risk profiles when it comes to investment choices, while still investing to deliver outstanding customer service against a backdrop of tighter margins.

Cyber threats

As the amount of money these funds controls continues to grow, there continues to be an increasing amount of attention on them from would-be cyber attackers. In a recent KPMG Fraud Risk Survey 2021, 72 percent reported the risk of fraud and corruption had increased during the pandemic and 85 percent said they did not expect the risk to reduce in 2021.

Focus needs to be given to what fraud controls you have in place, data governance that is present, along with is your information security in place.

Managing the risk of fraud and cyber threats should still be a high priority. The survey also found that businesses are increasingly turning to technology to help identify the fraud and corruption that was occurring in the new remote working world.

Operational models

The superannuation industry is relatively new in Australia. Previously small trustee offices, with limited resources, managed the funds and outsourced many of their internal operations. With increased focus on member outcomes and corresponding growth these organisations bought more capability inhouse, evolving into diversified financial institutions that require more mature risk frameworks.

This increased size of operations has also put them in direct competition with the bigger financial services institutions for talent and resources.

Make risk work for you

In the context of this environment, superannuation funds need to not only comply with the law, and have the right people with the right capabilities, they need to maximise member outcomes.

As the scale and complexity of operations continues to increase, trustees should reflect on their need to evolve their risk appetite and risk management frameworks to ensure ongoing delivery against their strategy and business plan.

While for many, their risk governance has been sufficient, increasing growth and industry competition is placing greater emphasis on, Boards and Executives to oversee more complex and varied risk in first line activities. This has resulted in the increased focus on the capability and capacity of the second line risk teams particularly to challenge and oversee the first line.

Board Directors will need access to critical risk data to enable them to make informed decisions. This is driving the demand for relevant and timely risk information, which means trustees are reviewing the adequacy of their key risk indicators to ensure there is a balance of leading and lagging data to manage emerging risks. Trustees are also now looking to adopt automated data aggregation techniques – real-time dashboard reporting while utilising data mining and analytics to identify trends and undertake root cause analysis.

Ensuring the right systems and processes are in place to offer the right data, when its needed, allows trustees to make decisions to ensure they can deliver on these requirements. Ultimately, if organisations are delivering this data in an efficient, effective way, it offers a consistent and comprehensive view on performance, delivery against strategic imperatives, and benefits to their members, allowing them to be more competitive in the market.

Organisations need proactive and agile risk management. It is not a set and forget operation in today’s fast-moving environment, and risk must be constantly revisited and monitored.

KPMG’s Powered Risk solution is a technology enabled platform to help manage and mitigate risk in an efficient and controlled manner. It’s pre-configured and aligned to KPMG leading practice risk management. It integrates our forward-looking point of view and deep super industry knowledge with leading cloud technology and global delivery capabilities. It’s designed to help organisations identify, assess, mitigate, monitor and report on risk and compliance exposure to enhance stakeholder trust.

Risk must be prioritised to manage the increasing speed of change, and change requirements, to ensure that super funds stay competitive and serve their members best interests. For Boards, Trustees, CEOs, CIO’s, COO’s or CROs in the superannuation industry considering how to best harness the opportunities that risk management can offer, may want to consider the following questions.

Questions to consider

  • Do we have the right fraud controls, data governance and information security in place?
  • How can I better use risk and compliance data to inform business decisions?
  • How can risk and compliance functions dynamically respond to emerging risks and regulations?
  • Can I embed risk management across all operations and business levels?
  • How do I manage risks, compliance obligations and issues proactively?
  • How can I ensure my systems and data management is fit for purpose for potential future mergers?
  • How can I best respond to stakeholder and allay their fears?

To find out more about the risk issues facing superannuation funds or to discuss risk mitigation, risk transformation or Powered Risk, please contact us.

Key contacts