APRA has written to regulated entities with a clear message about artificial intelligence: AI is moving quickly, and governance is not keeping up.
Many organisations are adopting AI faster than they can govern it, faster than they can assure it, and faster than their boards can properly challenge the risks.
This should not surprise anyone who has watched how AI is entering businesses.
There is the official AI. The board-approved AI. The AI with a strategy paper, procurement review and carefully worded benefits statement. Then there is the AI that arrives through software updates, supplier products, developer tools, productivity platforms, customer service systems, claims triage, fraud detection, document summarisation and staff experimentation.
APRA is not saying, “Do not use AI.” In fact, it acknowledges that AI can create productivity, efficiency and customer benefits, and that failing to embrace AI may put businesses at a strategic disadvantage. However, APRA is also saying that AI creates new risks and amplifies existing ones. And, based on its engagement with large banks, insurers and superannuation trustees, the regulator is seeing a gap between adoption and control.
One of APRA’s clearest messages is directed at boards. Boards are interested in AI, and they can see the strategic upside such as improved productivity. However, as APRA observed, many boards are still developing the technical literacy needed to provide effective challenge and oversight.
A board does not need to become a team of machine learning engineers. But it does need to understand enough to ask better questions, such as:
APRA also makes an important point about governance maturity. Many organisations recognise that existing prudential standards apply to AI risk. However, APRA observed that few organisations have properly operationalised AI governance in practice.
One trap is treating AI as just another technology implementation. The problem is that AI has different characteristics. Predictive systems can behave in unexpected ways. Outputs can be wrong but confident. Bias can be embedded in data or behaviour. AI systems can affect privacy, conduct, cyber security, operational resilience, model risk, procurement, legal obligations and customer outcomes all at once.
That is why AI governance cannot live in one team’s spreadsheet.
It needs to be connected to the organisation’s risk management framework, supplier management, data governance, security controls, assurance program and operational resilience planning. AI needs a management system.
APRA expects entities to have an inventory of AI tooling and AI use cases. This is basic, but it is also where many organisations will struggle. An AI inventory should answer practical questions:
This does not need to become a monster spreadsheet. But it does need to exist, be maintained and connect to the rest of the governance program. A policy that says “we use AI responsibly” is not enough if no one can explain what AI the business is actually using.
APRA also called out supplier concentration and opacity.
AI is often not built directly by the organisation. It comes through third parties: model providers, SaaS platforms, cloud tools, developer environments, customer systems, analytics providers and embedded software features. That creates a visibility problem, with questions like:
APRA observed that contractual arrangements often lag behind practice, with limited evidence of specific provisions around audit rights, model updates, incident notification and changes to data handling.
Traditional assurance is also under pressure. Point-in-time assurance methods are not well suited to systems that learn, adapt, degrade or change over time. An annual review might tell you what was true when the review happened. It will not necessarily tell you whether a model is drifting, a supplier has changed behaviour, a control has broken down, or an AI-enabled process is producing outcomes the business did not intend.
APRA expects more integrated assurance across cyber security, data governance, model performance risk, operational resilience, privacy and conduct risk. AI risk does not sit neatly in one framework, one team or one dashboard. It cuts across the business.
ASIC has also made a similar announcement, from a cyber perspective. Frontier AI models are increasing the speed, scale and accessibility of cyber activity. That does not mean every control needs to be reinvented. It does mean existing controls will be tested more often and under greater pressure.
The message is not to panic, but to approach the situation with discipline, making sure to patch properly, review access, test incident response, validate controls, manage third-party risk and use evidence.
The takeaway from APRA’s letter is not “write an AI policy”.
Organisations need to know where AI is being used, who owns it, what risks it creates, which suppliers are involved, what data it touches, what controls apply, how assurance is performed and what evidence supports the organisation’s position.
This is exactly why AI governance needs to sit alongside security and privacy, not off to the side as a separate project.
At de.iterate, we believe AI governance should be part of a real management system. That means connecting AI use cases, risks, controls, suppliers, policies, evidence, assurance tasks, assets and data in one place.
It means boards and executives can see what is current, what is overdue, what is evidenced and what needs attention. It means AI risk is not treated as a bolt-on compliance exercise. It becomes part of how the organisation manages governance, security, privacy and resilience.
APRA’s message is clear: AI governance needs to move faster, become more mature and be supported by evidence.
de.iterate helps organisations manage AI Ethics, Security and Privacy as one connected program.
Book a demo to see how it works.