Search

Quality and consistency through collaboration

All.FirmWide services.Cyber and Privacy

Artificial Intelligence (AI) is being rapidly adopted by APRA regulated entities, but AI governance, risk management and assurance are struggling to keep pace. That was APRA’s clear message in an open letter to the financial services industry.  This view has been gathered from interviewing a select group of banks, insurers and superannuation trustees and has been echoed in ASIC’s recent open letter (published  8 May 2026).  To assist entities with compliance, APRA has set out its minimum expectations around AI literacy at a Board level, AI governance, information security, managing supplier risk and assurance.

Boards must uplift technical literacy

While Boards are currently motivated to pursue the potential productivity and cost benefits of AI, many Boards are still developing the technical literacy required for effective monitoring and oversight of AI risk. APRA also cautioned against an overreliance on vendor presentations and technical summaries without Boards sufficiently understanding and interrogating relevant AI risks.

Governance must keep up with the pace of AI adoption

AI is being treated as ‘just another technology’. As a result, key risks relating to the adaptive behaviour of AI models, ethical considerations, bias, privacy and data are being missed. This has led to gaps in the management of AI across its lifecycle, including insufficient monitoring and change management.

Cyber-attacks are on the rise as more sophisticated AI models are released

AI is increasing the tools at the disposal of malicious actors and the ways in which a cyber-attack may be carried out. Prompt injection (a security vulnerability where hackers provide specially crafted inputs into a Large Language Model (LLM), causing it to ignore the original developer’s instructions and execute unauthorised commands), insecure AI integrations and the misuse of autonomous AI agents are now all common entry points.

APRA warns of gaps in security testing programmes and a lack of preventative controls. Organisations are instead relying on detection and reporting after the fact. ASIC is urging entities to reassess their cyber plans, to identify and protect critical assets and systems and to prepare for incident response.  

AI risk is being introduced by suppliers, often without organisations knowing

AI is often embedded within software, platforms or developer tools. This can lead to a lack of transparency around how models are trained and updated and how they perform.

Traditional change management and assurance is not sufficient for dynamic AI solutions

AI risks can impact multiple business functions, including operational risk, cyber and information security, data governance, legal and regulatory compliance. Internal audit and risk functions are often fragmented and may lack the specialist skills and tools to conduct AI assessments and audits.

APRA’s minimum expectations

APRA outlines the following minimum expectations for regulated entities:

  1. AI at the Board level: Boards must develop sufficient AI literacy in order to set strategic direction and to effectively challenge and oversee AI risk.
  2. Governance: implement frameworks, reporting lines, ownership and accountability across the AI lifecycle (from development to deployment to decommissioning); maintain an inventory of AI tools and use cases; ensure human involvement in high-risk use cases; and train staff on AI use.
  3. Information security: conduct security testing; ensure there are security controls that address AI-specific threats and attack paths; and implement contingency processes where AI supports critical operations.
  4. Visibility over supplier risk: map the AI supply chain (including material, third-party and fourth-party dependencies as required under APRA CPS230 (Operational Risk Management)) and understand performance issues and risks that arise across it; ensure contracts allow the auditing of and assurance over AI services; and actively manage concentration risk (for example, systemic failure scenarios and exit arrangements for critical AI providers).
  5. Assurance: implement internationally recognised frameworks and conduct comprehensive risk and information security assessments prior to deployment and throughout the AI lifecycle.

APRA’s letter is a deliberate wake up call to industry around the need to ensure that AI is deployed against a suitable governance and operational framework, with appropriate contractual protections and with sufficient AI literacy. In fact, regulated entities should consider themselves put on notice that APRA will, in its words:

apply its supervisory focus to entities’ AI adoption and manage the resulting risks. Where entities fail to adequately identify, manage or control AI risks in a manner proportionate to their size, scale and complexity, we will take stronger supervisory action and, where appropriate, pursue enforcement.  

Considering these developments, we expect increased regulatory oversight by APRA and enforcement action being taken against entities that lack adequate AI governance frameworks. Given current enforcement trends this enforcement action may be in the form of a capital charge imposed on entities until governance is adequate to control AI related risks.  

Return To Top
Related articles
Media room