What APRA Actually Expects on AI Governance: A Practical Guide for Australian Financial Institutions

APRA's AI governance framework: the existing standards applied to AI

APRA has taken a consistent approach to AI governance: apply existing prudential standards to AI rather than create AI-specific standards. This means CPG 234 (Information Security), CPS 230 (Operational Resilience), and the model risk management expectations embedded in various prudential standards apply to AI systems. APRA's position is that AI does not require special treatment — it requires the same rigorous governance that high-risk technology and high-impact models have always required under existing frameworks.

The practical implication is that institutions cannot wait for an APRA AI standard before implementing AI governance. The obligations exist now. What has changed is APRA's examination focus: technology risk examinations in 2025-2026 explicitly include questions about AI and ML systems that were not in examination programmes two years ago.

The model governance gap APRA consistently finds

The most consistent APRA finding on AI across examination themes and supervisory discussions is the extension gap: institutions have mature model governance for traditional statistical models (credit scorecards, economic capital models, ALM models) but have not extended that governance to ML and AI systems on equivalent terms. The ML model developed by the data science team for fraud detection, the NLP model used for customer service triage, the pricing algorithm used for deposit products — these may not be in the model inventory, may not have been independently validated, may not have a named model owner in the risk management sense, and may not be within an approved model risk appetite.

APRA's view is straightforward: if a model is used in a regulated decision or operation, it is subject to model risk management requirements regardless of its technical complexity. A gradient boosted ensemble is still a model. An LLM used in a customer-facing decision is still a model. The validation methodology may need to adapt to the model type, but the governance requirement does not go away because the model is complex.