AU: APS 220 Credit Quality
|
|
| Regulator |
APRA |
| Jurisdiction |
AU |
| Status |
live |
| Applicability |
Platform |
APRA Prudential Standard APS 220 Credit Quality governs credit risk management and the recognition of
impaired assets and provisioning for ADIs. It prescribes requirements for credit risk management
frameworks, loan classifications (performing, past due ≥ 90 days, impaired, restructured), and the
assessment and provisioning of credit losses under the Expected Credit Loss (ECL) model mandated by
AASB 9. It also covers concentration risk policy and non-accrual obligations.
APS 220 was substantially rewritten effective 1 January 2022, aligning the provisioning framework with
AASB 9 / IFRS 9 ECL principles and replacing the prior provisioning approach.
Compliance register
This register maps every material obligation under APS 220 to the platform control or institutional
process that satisfies it. It is the static traceability layer for the Totara compliance report —
dynamic data (module build status, test evidence, control test dates) is overlaid at runtime.
Scope legend
| Symbol |
Meaning |
| 🤖 Automated |
Platform enforces or performs the obligation. Primary control mode is GATE, AUTO, CALC, or ALERT. Human action is not required in the normal case. |
| 📊 Evidenced |
Platform captures the evidence trail automatically. Human compliance decision sits on top. Primary control mode is LOG. |
| 🏛 Institutional |
Obligation is met by a process entirely outside the platform — credit policy, board, finance. Platform may generate evidence inputs but does not own the process. |
| N/A |
Obligation does not apply to this deployment configuration. |
Build legend
| Symbol |
Meaning |
| ✅ |
Module built and deployed |
| 🔨 |
Module planned — not yet built (build_status: Not started) |
| ❌ |
Uncontrolled gap — no module attributed |
Part 2 — Credit risk management framework
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| Para 12 |
Board-approved credit risk management framework: origination standards, monitoring, classification, provisioning, and credit risk appetite |
🏛 Institutional |
CRE-001 |
MOD-150 provides the risk management platform underpinning the framework; board approval and periodic review of the framework document are governance acts |
— |
| Para 14 |
Credit origination — documented lending standards applied at origination including minimum serviceability buffers and LVR limits |
🤖 Automated |
CRE-003, CRE-004 |
MOD-115 (GATE) — loan cannot settle without a registered security instrument and LVR calculated within policy limits; credit decisioning rules enforced at application stage |
🔨 |
Part 3 — Asset classification and provisioning (AASB 9 / IFRS 9)
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| Para 20 |
Asset classification — classify exposures as performing (Stage 1), significant credit deterioration (Stage 2), or credit-impaired (Stage 3) |
🤖 Automated |
CRE-001, DT-005 |
MOD-150 (LOG) — model inventory auto-maintained; ECL stage assigned by the credit risk and ECL engine; stage transitions logged as system decision log entries |
🔨 |
| Para 22 |
Stage 1 provisioning — 12-month ECL for performing exposures |
🤖 Automated |
CRE-001 |
MOD-115 (CALC) — LVR band and collateral value are inputs to the ECL stage calculation for secured mortgage exposures |
🔨 |
| Para 24 |
Stage 2 provisioning — lifetime ECL for exposures with significant increase in credit risk (SICR) |
🤖 Automated |
CRE-001 |
MOD-115 (CALC) — current LVR deterioration is a SICR trigger; stage classification computed continuously, not at period end |
🔨 |
| Para 26 |
Stage 3 provisioning — lifetime ECL for credit-impaired exposures; non-accrual treatment |
🤖 Automated |
CRE-001 |
MOD-115 (CALC) — LVR band distribution reported in prudential returns (APS 220) at each stage; interest ceases to accrue automatically on Stage 3 classification |
🔨 |
| Para 30 |
Past-due identification — expose and report assets past-due ≥ 90 days |
🤖 Automated |
CRE-001 |
Days-past-due calculated from the core ledger; 90-day past-due classification applied automatically and reported in ARS 220 |
❌ |
Part 4 — Concentration risk
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| Para 40 |
Concentration risk policy — documented limits on single obligor, industry sector, and geographic concentration |
🤖 Automated |
CRE-005 |
MOD-115 (CALC) — current LVR calculated daily and contributes to concentration risk reporting at portfolio level; MOD-147 (ALERT) — related party concentrations included in concentration risk monitoring dashboard alongside other large-exposure alerts |
🔨 |
| Para 44 |
Monitor and report concentration risk metrics on a periodic basis |
🤖 Automated |
CRE-005 |
MOD-147 (CALC) — related party credit exposures calculated continuously as a percentage of Tier 1 capital; concentration reports fed to MOD-150 RAF dashboard |
🔨 |
Part 5 — Reporting
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| Para 50 |
Quarterly ARS 220 return submitted to APRA covering asset quality, stage classifications, and provisioning |
🤖 Automated |
REP-002 |
MOD-036 (AUTO) — prudential return builder produces ARS 220 return from credit risk data on schedule; MOD-115 (CALC) — LVR band distribution is a key ARS 220 data point |
🔨 |
| Obligation |
Owner |
Platform evidence input |
| Board approval and annual review of the credit risk management framework |
Board / Head of Credit Risk |
MOD-150 provides risk dashboard and trend data; framework document approval is a board act |
| Internal credit review function (second-line oversight of credit portfolio) |
Chief Risk Officer |
MOD-150 and MOD-147 provide the data backbone; independent credit review function is institutional |
| Model validation of ECL models |
Head of Model Risk |
MOD-150 logs model inventory and validation schedules; validation execution is institutional per the model risk management framework |
| Provisioning committee sign-off on ECL overlay adjustments (management overlays) |
CFO / CRO |
Platform computes the modelled ECL; any management overlay is applied through a documented governance process outside the platform |
Coverage summary
| Area |
Total obligations |
Platform automated 🤖 |
Platform evidenced 📊 |
Institutional 🏛 |
N/A |
| Credit risk framework |
2 |
1 |
0 |
1 |
0 |
| Asset classification and provisioning |
5 |
4 |
0 |
0 |
1 (past-due — gap) |
| Concentration risk |
2 |
2 |
0 |
0 |
0 |
| Reporting |
1 |
1 |
0 |
0 |
0 |
| Total |
10 |
8 (80%) |
0 (0%) |
1 (10%) |
1 |
Gap note: Past-due ≥ 90 days automatic classification (Para 30) has no attributed module. The core
ledger (MOD-001) tracks payment events; a dedicated days-past-due classification module is required to
satisfy this obligation systematically.
All attributed modules are currently build_status: Not started. The compliance position will update as
modules are built and deployed.
| Policy |
Title |
| CRE-001 |
Credit Risk Management Policy |
| CRE-003 |
Credit Decisioning & Scorecard Policy |
| CRE-004 |
Loan Origination Standards |
| CRE-005 |
Concentration Risk Policy |
| DT-005 |
Model Risk Management Policy |
| REP-002 |
Prudential Reporting Policy |
Official documentation
Policies referencing this standard
- CRE-001 — Credit Risk Management Policy
- CRE-003 — Credit Decisioning & Scorecard Policy
- CRE-004 — Loan Origination Standards
- CRE-005 — Concentration Risk Policy
- DT-005 — Model Risk Management Policy
Compiled 2026-05-22 from source/entities/regulations/au-aps-220.yaml