APRA is not writing a new AI rulebook. Its framework is principle-based and technology-agnostic, so the standards you already answer to, CPS 220, CPS 230 and CPS 234, already cover AI. The work is mapping AI onto obligations you already carry.
- The central message of APRA's 30 April 2026 AI letter is almost anticlimactic: the regulator is not writing a new AI rulebook. Its framework is "principle-based, technology and vendor agnostic", so the prudential standards you already answer to already cover AI.
- That lands heavier than it sounds. If AI already sits inside CPS 230, CPS 234 and CPS 220, then every place an entity has run AI as a separate "innovation" project is a place it has quietly been out of compliance.
- APRA found entities tend to treat AI as "just another technology", missing that these systems are probabilistic and degrade over time, and that few had even built an inventory of where AI is already running.
- The task is not a new compliance regime. It is mapping AI honestly onto obligations you already carry, starting with an inventory and clear ownership across the AI lifecycle.
"We have been running AI as an innovation pilot off to one side, almost as a skunkworks, and it slowly dawned on me that everything it now touches already sits inside obligations I am personally accountable for." That was a chief risk officer, thinking out loud, somewhere between relief and alarm. Relief that there was no mysterious new framework to decode. Alarm at the implication, which is that the AI had been operating outside the risk system the whole time.
APRA confirmed exactly that on 30 April 2026. In its letter to banks, insurers and superannuation trustees, the regulator made clear it is not minting bespoke AI rules. Its prudential framework (the body of standards that keeps regulated institutions safe and sound) is deliberately technology-agnostic, which means the standards already on your shelf already apply to AI. The comfort and the discomfort arrive together: nothing new to learn, and nowhere left to hide.
What is APRA's actual position on AI rules?
That the rules already exist. Rather than enumerate specific standards by number, APRA reiterated that its principle-based framework is technology and vendor agnostic and that existing prudential standards apply to AI risk. The regulator's own observation was that most entities recognise this in theory, yet few have operationalised it in practice. In other words, leaders nod at "the standards apply" and then carry on treating the AI programme as a thing apart.
This is a different regulatory philosophy from the one taking shape overseas, and the contrast is worth holding. The European Union's AI Act takes the prescriptive route, naming specific uses such as credit scoring and insurance pricing as "high-risk" and attaching detailed obligations to each. APRA has chosen the opposite: no AI-specific standard, just the existing principles applied without exception. The practical effect for an Australian entity is that you do not get a tidy AI checklist. You get told that AI is already inside everything you are already required to do.
Which existing standards already cover your AI?
More of them than most AI programmes have mapped. The obligations were written to be technology-neutral, so an AI system inherits them the moment it touches a regulated function.
| The AI risk APRA flagged | The existing obligation that already covers it |
|---|---|
| Unmanaged, entity-wide AI risk with no board-owned framework | CPS 220 Risk Management (the requirement, in force since 2015, for a board-owned framework covering all material risks) |
| AI in critical processes; single-vendor dependence; no exit plan | CPS 230 Operational Risk Management (effective 1 July 2025, covering operational resilience, business continuity and third-party service-provider risk) |
| Agentic AI, identity gaps for non-human actors, data leakage | CPS 234 Information Security (in force since 2019, requiring security capability matched to the threat, with the board ultimately responsible) |
| Poor data quality, lineage and governance feeding models | CPG 235 Managing Data Risk (APRA guidance, not an enforceable standard, on managing data across its lifecycle) |
Read that table as a risk officer rather than a lawyer. Each row is not a new rule to adopt. It is an obligation you already report against, now with an AI-shaped hole in your coverage. CPS 230 is the one to sit with, because it took effect on 1 July 2025 and explicitly reaches third-party providers and continuity, which is precisely where most AI risk now concentrates.
Map your AI onto the obligations you already carry
The quickest way to close the gap APRA named is a structured map of every AI use case against the standards it already falls under, with an owner attached to each. We build that map with risk and executive teams in a single focused engagement.
Book your Strategy SessionWhy does treating AI as "just another technology" cause trouble?
Because the controls you built for ordinary software assume a system that behaves the same way twice. APRA's specific criticism was that entities apply familiar technology controls to AI and miss its distinctive characteristics. A conventional application is deterministic: the same input yields the same output, so you can test it once and trust it. An AI model is probabilistic and adaptive: it produces likely answers, it can drift as data shifts, and it can quietly degrade while every dashboard still shows green.
That difference breaks the old assurance habit. A control tested at a point in time tells you the model was acceptable on the day you looked, not that it is acceptable now. So "just another technology" is not a harmless simplification. It is the precise mental model that leaves a regulated decision running on a system nobody is watching closely enough, inside an obligation somebody is personally answerable for.
AI did not hand you a new rulebook. It exposed how much of the existing one you had quietly been treating as optional.
Where do you start?
You start by making the invisible visible, then attaching it to what you already do. The sequence matters, because you cannot govern what you have never listed.
- Build the AI inventory. One register of every AI tool and use case, what it decides, and what data it touches. APRA expects this, and most entities cannot produce it today.
- Map each use case to its existing obligations. Walk every material use case against CPS 220, CPS 230 and CPS 234, and mark where coverage is thin.
- Assign lifecycle ownership. Name who owns each system from design and development through deployment, monitoring and decommissioning, so accountability does not evaporate after go-live.
- Replace point-in-time checks with continuous monitoring. For probabilistic systems, assurance has to watch for drift and degradation over time, not certify a single moment.
- Close the thin spots deliberately. Treat the gaps the map reveals as a remediation plan with dates, the same way you would treat any other control deficiency.
APRA has asked for a step-change, and the honest news is that the standard you are being held to is one you already accepted. AI did not write you a new rulebook. It revealed how much of the existing one had been treated as optional while the technology slipped through the side door. The work is not to learn a new regime. It is to bring AI inside the one you already run.
This is one of three pieces on the letter. The companions cover what APRA now expects of your board, and how to handle the single-vendor concentration risk it warned about.
Frequently asked questions
Did APRA create a new AI standard?
Which prudential standards are most relevant to AI?
How is APRA's approach different from the EU AI Act?

About the author
British technology futurist, AI keynote speaker and advisor. Thirty years across enterprise technology and AI strategy, helping leaders navigate the future of work. The futurist who died.