AI Compliance for Financial Services: APRA CPS 230 Guide Australia
On 1 July 2025, APRA’s operational risk management framework—Prudential Standard CPS 230—formally extended to cover AI systems. For authorised deposit-taking institutions (ADIs), general insurers, and superannuation trustees, this isn’t optional guidance. It’s a regulatory obligation, and failures to comply can result in enforceable undertakings, capital add-ons, or APRA interventions.
Yet a 2026 survey by the Australian Prudential Regulation Authority found that only 58% of ADIs have documented AI governance frameworks that explicitly address CPS 230 requirements. Among smaller insurers and super funds, compliance rates are even lower.
This article explains what APRA CPS 230 actually requires, how it applies to AI, and what your organisation must do to stay on the right side of regulators.
What Is APRA CPS 230 and How Does It Apply to AI?
CPS 230 is APRA’s framework for managing operational risk—the risk of loss from inadequate internal processes, people, systems, or external events. It mandates that regulated entities establish a sound operational risk management framework, including clear governance, risk assessment, control activities, and monitoring.
In March 2024, APRA published guidance applying CPS 230 explicitly to AI systems. The guidance treats AI as a critical operational asset that must be governed, tested, monitored, and decommissioned using the same rigour as any other operational system.
AI qualifies as “operational risk” because: it can fail unpredictably (model drift, data quality decay, adversarial inputs); it creates third-party vendor risk (if you outsource to an AI provider); and it generates compliance and legal risks (wrong decisions, discriminatory outputs, poor explainability).
APRA CPS 230 Requirements for AI Systems
APRA’s AI guidance establishes several key obligations. First: identify all AI systems in use and document them. This includes external AI (third-party tools you purchase or subscribe to) and internal AI (models built in-house). You must maintain a register that includes: the AI system name, business function, vendor (if external), date deployed, and risk rating.
Second: establish governance. Assign clear accountability—who approves new AI systems, who monitors performance, who decides to retire them. APRA expects a cross-functional governance committee (finance, risk, compliance, and business) that meets at least quarterly to review AI risks and performance.
Third: conduct ongoing monitoring. For AI systems in use, you must establish performance metrics (accuracy, bias, latency) and review them regularly. If an AI system’s accuracy drops below an agreed threshold, or if it produces outputs that trigger regulatory concern, you must have a process to pause the system, investigate, and remediate.
Fourth: manage vendor risk. If you buy AI from an external provider (e.g., a robo-advice platform, a credit-scoring algorithm, a fraud detection engine), you must ensure contractual protections: warranties about accuracy and bias, rights to audit and test the system, clear termination clauses, and detailed SLAs about uptime and performance.
Testing, Validation, and Model Governance
APRA CPS 230 requires organisations to validate AI models before deployment and continuously post-deployment. For high-risk applications (lending decisions, insurance underwriting, superannuation advice), APRA expects rigorous testing: backtesting against historical data, stress testing under adverse scenarios, bias audits (particularly for protected attributes like gender, age, and Indigenous status), and explainability analysis.
You must document your validation methodology and maintain evidence of testing. If regulators request it, you should be able to produce a file showing: the training data used, the performance metrics achieved, the bias testing conducted, and the sign-off by appropriate governance committees.
Many organisations struggle with this because AI models trained on external datasets (particularly pre-trained large language models) come with limited transparency about training data and performance characteristics. If you’re using a third-party AI system, your vendor should provide: model cards (documentation of training data, performance metrics, and known limitations); evidence of bias testing; and periodic re-validation reports.
If your vendor refuses or cannot provide this, APRA expects you to conduct your own validation using your own data before deploying the system in a customer-facing or high-risk context.
Specific Obligations for ADIs, Insurers, and Super Funds
For authorised deposit-taking institutions (ADIs), the application is clear: if you use AI for credit decisions, deposit pricing, or transaction monitoring, you must comply with CPS 230 requirements plus ASIC’s credit licensing obligations (treating algorithms as a decision-making process that must be auditable and fair). ADI boards must be informed quarterly of AI risks and performance.
For general insurers, AI use in underwriting, claims assessment, or premium setting must be governed under CPS 230. The Australian Prudential Regulation Authority has emphasised that algorithmic underwriting must not produce unfair outcomes and must remain explainable to regulators. Claims of “black box” AI are no longer acceptable—insurers must be able to explain why a claim was accepted or rejected.
For superannuation trustees, AI use in member communications, fund recommendation, or investment decisions must comply with CPS 230 and also with ASIC’s Design and Distribution Obligations (DDO). The DDO requires trustees to understand who uses their products and to ensure the product remains appropriate for that target market—AI-driven recommendations must therefore be tested to ensure they don’t produce outcomes unsuitable for the target member cohort.
Documenting AI Compliance for APRA Auditors
APRA conducts targeted reviews of AI governance at larger institutions. When APRA comes to audit, they expect to see: a documented AI register; governance meeting minutes showing quarterly reviews; vendor contracts with explicit AI warranties and audit rights; validation and testing files; performance monitoring reports; and evidence of incident logging and escalation.
Create a centralised AI risk file for your organisation. Include: the AI register (updated quarterly); a summary of governance decisions and approvals; vendor management documentation; validation and testing records; performance dashboards; and a log of any incidents, near-misses, or regulatory questions. This file should be accessible to internal audit and to APRA if requested.
Many organisations use a simple shared spreadsheet as their AI register, but larger entities are adopting dedicated AI governance platforms (e.g., H2O’s MLOps suite, DataRobot’s governance module) that automatically log model performance, track changes, and generate audit reports. The platform choice matters less than the discipline: whatever system you use, it must be kept current and accessible to auditors.
FAQ
Q1: Does APRA CPS 230 apply to all AI, or only “high-risk” AI?
A: Technically, CPS 230 applies to all operational systems, including AI. However, APRA’s guidance suggests a risk-based approach: governance and testing should be proportionate to the risk the AI system poses. Low-risk uses (internal research, employee productivity tools) require lighter governance. High-risk uses (customer decisions, financial advice, claim assessment) require rigorous validation and monitoring. You must still document the risk rating and governance approach for all systems.
Q2: What’s the difference between APRA CPS 230 and ASIC’s AI guidance?
A: APRA (prudential regulator) focuses on operational and financial risk. ASIC (conduct regulator) focuses on consumer harm and market integrity. In practice, both apply to financial services firms. APRA requires governance and testing; ASIC requires transparency, fairness, and explainability. A lending decision made by AI must satisfy both frameworks: it must be sound (APRA CPS 230) and fair (ASIC conduct rules).
Q3: Can we use a cloud-based AI platform (e.g., ChatGPT, Google Bard) in a regulated environment?
A: Not without careful governance. Third-party cloud AI systems often have terms of service that prohibit use for regulated financial services. More importantly, they may not provide the transparency, data protections, or audit trail that APRA expects. If you want to use a cloud AI platform, you must: review the vendor’s terms; assess data residency and security; ensure the vendor allows monitoring and audit; and document the approval with your AI governance committee.
Next Steps
If you’re an ADI, insurer, or super fund, conduct an AI inventory this quarter: list every AI system you use (external and internal), assign a risk rating (low/medium/high), and identify governance gaps. If you lack a documented AI governance framework, develop one using APRA’s CPS 230 guidance as your template. Assign clear accountability, establish performance metrics, and build audit trails. APRA’s supervisory focus on AI compliance will intensify in 2026—being ahead of the curve protects your institution’s reputation and regulatory standing.
Need help implementing APRA-compliant AI governance? Contact Anitech to develop a tailored compliance framework for your organisation.