Australian Prudential Regulation Authority’s (APRA) Prudential Standard CPS 230 applies to APRA-regulated entities in respect of all contracted service providers from 1 July 2026. In its 30 April 2026 letter ‘APRA Letter to Industry on Artificial Intelligence (AI)‘ (available here), APRA made it clear that while AI is not subject to separate governance requirements, IT services leveraging AI need to be managed in accordance with existing prudential authorities such as CPS 230 and CPS 234. This poses a potential risk to regulated entities because levels of maturity around governance, risk management, and operational resilience in relation to AI tools may not be keeping pace with the scale, speed, and complexity of the developing technology.

APRA-regulated entities will need to ensure that they can meet their obligations under CPS 230 and CPS 234 in relation to AI.

How is AI changing the ballpark?

AI is changing the technology landscape in a number of ways, including by:

• increasing both the likelihood and potential impact of cyber-attacks;
• operating on a different basis to other technologies;
• being provided by a limited number of vendors; and
• disrupting change management processes.

Cyber-attacks

AI increases the risk of cyber-attacks. The use of AI makes it easier for bad actors to perform cyber-attacks. This changes the nature of how bad actors can make cyber-attacks in a way that requires deliberate addressing in entities cyber security posture.

Further, entities not having a clear AI policy or only using after the fact enforcement measures can result in employees using AI outside of secure environments. This creates additional risks around the cyber-attacks as this information and these AI tools may be at a greater risk that the entities typical environment, or this use may result in sensitive information leaving any entity’s secure environment.

AI operations

AI operates on a fundamentally different basis to other existing automation tools. AI uses probabilistic algorithms to determine likely results rather than applying linear logic. This can create a ‘black box’ in which it is difficult to identify exactly how an AI has reached a decision.

Despite this, AI is being adopted as simply ‘just another technology‘. This adoption method creates gaps such as inherent bias in system and privacy risks that are inherent to the probabilistic nature of these systems.

Typically, if these gaps are to be addressed, then they are addressed as part of implementing an AI tool. However, these gaps need management throughout the AI lifecycle, and not just at implementation, as the algorithm used by AI will change throughout its lifecycle as the AI gets access to new training data.

Limited number of vendors

There are only a limited number of AI vendors dominating the marketplace. While there are lots of businesses which offer customers modified versions (aka ‘wrappers’) of platforms offered by AI vendors, there are very few who utilise truly unique platforms. This means that critical AI systems may be dependent on a single underlying platform, and therefore the materiality of these systems may be greater than apparent at face value. This will need to be carefully managed, as it can be difficult to address upstream ‘fourth party’ risk.

In addition to this, entities often rely on only a single vendor for their provision of AI tools and, due to uptake speed and negotiation position, may be using substandard contracts in relation to these vendors. This poses a potential redundancy risk, especially if disaster recovery and security measures are not adequately provided for.

Change management

Traditional change management and assurance are inadequate to protect entities in the context of the dynamic nature of AI solutions. Regulated entities often address risk in a fragmented manner, wherein different types of risk (ie legal, privacy, procurement, etc) are dealt with in isolation based on point in time and sample-based assurance methods. AI cuts across multiple risk types and is almost constantly evolving, meaning that a traditional change management and assurance approach is not best suited to the use of AI tools. This is further complicated by the requirement for specialist skills and tools for proper auditing of AI tools.

What do regulated entities need to do to meet prudential requirements?

APRA-regulated entities will likely need to take additional steps – and keep updating them – to meet prudential requirements in relation to AI, including:

• introducing, with far greater frequency, new security controls and testing to address the potential use of AI in cyber-attacks;
• having clear and well-explained AI policies, including restrictions that prevent employees from using ‘shadow’ or unauthorised AI tools;
• ensuring that AI is implemented in a responsible way, including by taking steps to ensure human oversight of decisions and checking that training data has not introduced bias into the system;
• making sure that contracts with AI vendors include stringent service levels, security obligations, and disaster recovery obligations, as well as effective governance regimes;
• reviewing AI usage across the business to identify any potential critical junctures that rely on a single upstream vendor and creating redundancy plans that can be implemented if there is an issue with that vendor; and
• assessing risks on a holistic basis instead of in silos.

ARPA’s letter of 30 April includes a number of specific recommendations which regulated entities should review in depth, but would also be useful for non-regulated entities to consider.

What do boards need to do to meet prudential requirements?

APRA prudential standards place significant obligations on the boards of regulated entities to ensure that they are able to oversee risk management strategies and make informed decisions around the entity’s risk appetite and tolerance settings.

This requires directors to be educated around AI and keep up with the changes to the technology. A failure to meet this requirement could result in the board being in breach of obligations under CPS 230 and 234 as the board is ultimately responsible for these obligations.

Next steps

HWLE Lawyers’ IP and technology team has extensive experience in advising businesses regarding AI, contract and common law, and complying with ARPA’s IT outsourcing requirements. If you are concerned about adopting AI in your business, please contact us for further information on how we can assist you.

This article was written by Luke Dale, Partner, Nikki Macor Heath, Special Counsel, and Max Soulsby, Associate.