Westpac Self Assessment Report


Following the Australian Prudential Regulation Authority (APRA) adding a further $500 million to Westpac’s capital requirement, we take a more detailed look at the full report from their Culture, Governance and Accountability (CGA) self-assessment with the question – what else is in there?

Key Findings (per westpac)  asset_26.png

  • Management of non-financial risks was generally less mature than the management of financial risks and the likely root cause of many of its non-financial risk-related issues
  • Across the Group, there was a lack of clarity on accountability and consequences; and, at times, Westpac was too slow to identify, prioritise, escalate and remediate issues

Key Findings (per the full report) 

  • Organisational tendency to cultivate complexity - Westpac has a high level of comfort with complexity, replication and the significant cost of maintenance and change. This is within intergroup interactions, frameworks, policies, systems and processes
  • A tendency to privilege upfront conceptual work over execution and implementation - This included a decrease in focus as work proceeded
  • An organisational imperative for safety - At both a company and employee level

Westpac’s Culture, Governance and Accountability (CGA) self-assessment was undertaken by a joint team of Westpac employees and consultants from global management consulting firm, Oliver Wyman, and was submitted to APRA in November 2018. Last week, Westpac released a full copy of the CGA self-assessment on its website. 

APRA’s response was to apply an additional $500 million to Westpac’s operational risk capital requirement. This is to be achieved through an increase in risk weighted assets and will apply from 30 September 2019. This change is expected to reduce Westpac’s Level 2 common equity tier 1 (CET1) capital ratio by approximately 16 basis points, which, as at 31 March 2019, was 10.64%. 


blueasset_914x.pngAs well as identifying several strengths across the Group, the self-assessment noted a number of shortcomings and proposed a series of recommendations and actions to address them. While Westpac’s culture, governance and accountability generally support sound management of non-financial risks, it was highlighted that:

  • Its management of non-financial risks was generally less mature than the management of financial risks and the likely root cause of many of its non-financial risk-related issues
  • There were a common set of behaviours across the Group, including: a lack of clarity on accountability and consequences; and, at times, Westpac was too slow to identify, prioritise, escalate and remediate issues

In addition, the self-assessment found that some of the Group’s strengths also created weaknesses.

For example, Westpac has a deep focus on financial risk, and although this is inherently positive, it has at times diluted a focus on important non-financial risks.
Westpac was also assessed as having an analytical culture that is highly consultative. While this characteristic has its benefits, it has at times slowed down decision making, created undue complexity and diluted accountability.


In addition to those aspects, both positive and potentially negative, publicised by Westpac, the report also raises some other important points. These have been summarised below. 

  • greenasset_144x.pngAn organisational tendency to cultivate complexity. Westpac has a high level of comfort with complexity, including elaborate interactions within the Group, multiple frameworks and policies dealing with what are common issues, and complex systems and processes. To achieve satisfactory outcomes amidst this complexity, there was too often a reliance on personal networks, critical employees and ad hoc workarounds. The inefficiencies and the opportunity for errors in this, including in risk management, were noted as being obvious.
  • A tendency to privilege upfront conceptual work over execution and implementation, including a fading of focus as work proceeds from idea to action. Consequences include an execution deficit, delayed and inadequate embedding of change, additional cost and a lack of accountability for outcomes. These presented themselves in various ways, including in the effectiveness and efficiency of risk-related change implementation. The issue was often characterised as Westpac having a dominant intellectual or analytical culture, but the shadow of this is, too frequently, sub-par execution. 
  • An organisational imperative for safety, both at a company and employee level. In many respects, this is a strength and stems from experience which has driven a focus on the management of financial risk, especially credit risk, embedding skills that proved invaluable during the global financial crisis. It also made Westpac sceptical about becoming involved in things that it didn’t fully understand, or which did not seem to make sense, again of value during the crisis.transparency_illustration_3.png
  • A propensity to believe that “more is more” - more analysis, more information, more documentation, more iteration of papers, more signoffs, more meetings, more policies, more frameworks, more “stuff” — frequently layered on without offsetting reduction or rationalisation. This can add rigour and thoroughness, but also unnecessary complexity, slow or impeded execution on a range of fronts, and challenges to cognition and thinking space.
  • Many employees resigned themselves to complexity as the natural state of affairs, and their response to that complexity was often to wrap more complexity around it – potentially adding risk in the process.
  • Following Westpac’s “near-death” experience in the early 1990s a “hard-nosed sales culture” had developed that risked staff “pushing” products on customers, while management ran the risk of not thinking enough about customers’ interests.


In total, 39 recommendations were made by the review team, 15 of them considered of High importance.

Having regard to the capacity of the organisation to absorb change effectively, the report also acknowledged that it may be necessary to prioritise and stage the remedial work contemplated by the recommendations.
This could mean some recommendations being implemented before others, and recommendations involving significant work being implemented over an appropriately extended timeframe. 


It seems important to note that APRA says it will not release other banks’ self-assessments, because these were provided to the regulator on a confidential basis. ANZ Bank is the only major bank not to release its report, saying that is a matter for APRA.asset_16.png

Among other banks, Macquarie Group, Suncorp, Bank of Queensland, and Bendigo and Adelaide have also not published the “self-assessment”. 

In addition to this, at the close of business at the end of the first week following the assessment and APRA’s reaction being released, the Westpac share price was down approximately 0.2%.

Given the current consumer emphasis on transparency, and the importance of appropriate cultural traits being visible to both employees and customers, regardless of how the content of these reports are viewed, they are an opportunity to improve.
Should the intention behind these remedial recommendations be embraced, as they should, they will assist in restoring faith in the financial services sector and ultimately strengthen the underlying risk management frameworks which the major institutions are build upon.

By not publicising such a report, and a commitment to acting on them, more questions are raised over their content and the behavioural traits being communicated.

Westpac Group CEO Brian Hartzer, said:

“The CGA self assessment was a valuable exercise. We acknowledge the need to improve non-financial risk management and oversight and we are working to resolve the issues raised. Our Board and senior executives are committed to addressing the  shortfalls identified in the report and will continue to provide regular updates on our progress.”

As customers, investors and employees await to see whether change and transformation occur, there is a degree of honesty which comes through in the report, and reaction by Westpac, which acknowledges the challenges inherent in a business of its size and, importantly, shows elements of humility and pride, over denial and deceit. 

How can RSM help?

For more information, please contact your local RSM adviser here.





Jeremy Elman
Partner - Sydney

Subscribe to Risk Insider to stay up to date with the latest in Technology, Fraud and Security.