How do we collaborate to tackle concentration risk in Australia’s super sector?

Australia’s superannuation (super) sector is a prime candidate for concentration risk. Multiple firms rely on the same third-party providers for critical services like custody, administration, insurance or IT infrastructure. This concentrated reliance creates hidden vulnerabilities – single points of failure that, if disrupted, could ripple across several funds simultaneously. The resulting risk is not just to an individual super fund but the stability or perceived stability of the entire superannuation system.

In other jurisdictions, including the UK, we’ve seen industry and regulators work together to address these shared risks. Through initiatives like coordinated resilience testing and developing common response frameworks, UK financial services firms have taken proactive steps to understand and manage concentration risk. 

Australia’s superannuation sector could benefit from a similar collaborative approach. Three ways super funds can begin to approach concentration risk include: 

1. Build awareness of where concentration risks exist

Funds may benefit from developing a clearer picture of where concentration risks sit, both within their own operations and across the industry. For example, a single third-party experiencing a cyberattack or operational disruption could simultaneously affect multiple funds and, by extension, millions of members.

Mapping these shared dependencies at both the fund and system level can help highlight where vulnerabilities exist. In doing so, super funds can better anticipate where disruptions might cascade through the system.

With increasing scrutiny on governance across the sector and considering recent reforms like the Financial Accountability Regime (FAR), there’s growing value in boards and executive teams having clear visibility of these risks and shared dependencies. 

2. Deepen understanding of vulnerabilities

As part of preparations for CPS 230, super funds are already expected to assess and test their resilience to operational risks using scenario planning. This work could usefully be extended beyond individual entities, to consider broader, industry-wide scenarios. For example, what would be the impact if a widely used administrator failed? Or if a geopolitical event disrupted a critical offshore service provider? 

This kind of scenario analysis can help uncover not only a fund’s internal vulnerabilities but also how shared risks could play out across the superannuation ecosystem. 

Recognising that concentration risk is inherently systemic, there may be opportunities for funds to collaborate with peers and regulators to build a more complete picture of these interdependencies.

Industry collaborations, working alongside regulators to understand evolving expectations, such as those introduced under CPS 230, can also help ensure that risk management practices align with the broader goal of strengthening system-wide resilience.

3. Preparing collective communication plans and fallback strategies

If a third-party failure introduces systemic instability, clear and timely communication will be key. Funds need to look beyond their own situation and address the potential broader implications for members, regulators and other stakeholders. Having well-prepared messaging can help maintain trust and avoid unnecessary concern across the superannuation system.

Because concentration risk is shared, this type of response planning requires a collective approach. Super funds could consider working together, potentially through industry bodies, to develop shared contingency plans, such as mutual support arrangements or joint vendor stress testing.

Regular, industry-wide crisis simulations involving key third-party providers could also help test the effectiveness of these strategies. These collaborative exercises would not only improve individual fund readiness but also strengthen the system’s ability to respond to large-scale disruptions.

How Baringa can help

Baringa brings global expertise, a proven methodology and deep experience in Australia’s superannuation sector to support firms in building operational resilience. In the UK, we’ve helped institutions and regulators to design and deliver industry-wide scenario testing, giving us practical insight into what works when managing systemic concentration risk.

Leveraging our expertise in risk management, resilience, regulatory compliance and data analytics, we can support the Australian superannuation industry co-develop realistic, system-relevant scenarios that test vulnerabilities such as cyber incidents, liquidity challenges or third-party disruptions.

By helping to standardise the approach to scenario design, coordination and analysis, we enable meaningful comparisons across funds and support a more consistent understanding of sector-wide risks. For individual funds, we also offer tailored assessments to strengthen operational resilience, improve business continuity planning, and support CPS 230 readiness.

If your organisation is considering these kinds of activities, we’d welcome the opportunity to collaborate.