APRA Announces Upcoming Changes to D2A and Extranet to Replace AUSkey

By Regulatory News

December 13, 2019

APRA notified that AUSkey, which is the authentication credential for Direct to APRA (D2A) and the APRA Extranet, will be replaced with myGovID, Relationship Authorization Manager (RAM), and machine to machine (M2M) credentials. AUSkey will be decommissioned at the end of March 2020 and entities will be required to take steps in February/March 2020 to ensure continued access to APRA systems. APRA will provide technical and support information in early 2020 to enable entities to transition.

The new Data Collection Solution was originally due to go live in March 2020; however, APRA has now advised that implementation will now be later in 2020. For entities to continue to submit data to APRA via D2A from April onward, they will need to complete the necessary steps with respect to transition from AUSkey to myGovID and RAM by the end of March 2020. To be ready for AUSkey changeover for D2A by the end of March 2020:

Entities should ensure that users set up their digital identity in myGovID and that their business is linked and administrators authorized in RAM. Entities may also create machine credentials ready for next year, but should store them in a different file to the current D2A credential.
Entities will need to complete a minor update to D2A in February/March 2020.

Additionally, the users of APRA Extranet will only need to set up a myGovID and link it to the APRA Extranet service when available in RAM. APRA is working closely with the Australian Taxation Office to facilitate the transition. Entities should prepare now by following Australian Taxation Office published materials to set up users with myGovID and manage business authorizations in RAM.

Additionally, APRA has been exploring alternative implementation approaches for the new Data Collection Solution. In late October and early November, APRA engaged a cross-section of industry representatives to explore the benefits and impact of contrasting approaches. Entities were asked about the impact of continuing to report through D2A after March 2020. Some interesting themes that emerged are as follows:

Many entities are keen to involve regtech firms to support the uplift of their capability, to move from manual to automated submission processes, and to set them up for future, more granular data collections.
Entities want APRA to engage with them early in relation to future data collection roadmap. This will help entities plan their future technology uplift for regulatory reporting.
There was tolerance for continuing to use D2A after March for a limited period; however, some concerns were raised about an implementation approach which would require continuing two systems (D2A and new solution) in the longer term.
Entities confirmed that re-submission of past returns (which may be required if all existing collections were migrated in their current form), would create a significant burden.

Related Links

Keywords: Asia Pacific, Australia, Banking, Insurance, Superannuation, AUSKey, myGovID, RAM, D2A, Reporting, Extranet, Data Collection Solution, Regtech, APRA

Featured Experts

María Cañamero

Skilled market researcher; growth strategist; successful go-to-market campaign developer

Nicolas Degruson

Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.

David Fihrer

Skilled life insurance actuary; subject matter expert on IFRS 17 and source of earnings

PBC Publishes the 2019 Financial Stability Report for China

SARB Proposes Implementation Dates for Certain Basel III Regulations

News

OSFI Outlines Prudential Policy Priorities for Coming Months

OSFI has set out the near-term priorities for federally regulated financial institutions and federally regulated private pension plans for the coming months until March 31, 2022.