APRA Open Letter Response

APRA said, “Prove it.” Most of the industry can’t.

The dust is settling on APRA’s AI letter. The industry response is revealing.

On April 30, the Australian Prudential Regulatory Authority (APRA) sent a blunt message to every bank, insurer, and superannuation trustee in Australia: AI adoption has outpaced governance, assurance, and operational controls to the point that the industry is now leaving itself and its customers exposed to unacceptable risk.

The regulator made it equally clear that supervisory action will follow where organizations cannot demonstrate they are actively and continuously managing that risk.

Read the full letter: APRA Letter to Industry on Artificial Intelligence (AI)

The letter itself was short, direct, and unusually specific. APRA outlined clear expectations around:

‍

Most importantly, APRA made it clear that compliance must be grounded in evidence — not vendor slide decks, annual reviews, or policy documents sitting unread in SharePoint.  Australian Securities and Investments Commission (ASIC) quickly reinforced APRA’s position with its own warning to Australian Financial Service (AFS) licensees and directors, urging organizations not to wait for “perfect clarity” before acting.

Read the full ASIC letter: ASIC Open Letter to AFS Licensees and Market Participants.

Taken together, the message from regulators is becoming difficult to ignore. APRA is approaching AI through the lens of prudential risk, operational resilience, and governance accountability. ASIC is reinforcing conduct, disclosure, cyber resilience, and the enforcement of consequences when governance controls fail.  AI governance is no longer an emerging technology issue. It is rapidly becoming a board-level operational accountability issue.

“AI governance has become an operational accountability problem, not a policy-writing exercise. Regulators are now asking organizations to prove, continuously and with evidence, that they understand what AI is operating across their business, what data it is touching, and whether the right controls are working in practice.”

— Anthony Woodward, CEO, RecordPoint

‍

For context on where we sit in this conversation: RecordPoint already operates inside APRA, ASIC, REST Super, Insignia Financial, Westpac, NAB, and Macquarie. The regulators themselves run on the RecordPoint platform — alongside banks, insurers, and super funds. The letter now asks them to prove their AI is under control.

‍

“Prove it.”

That is effectively APRA’s message to the sector. Saying “we have a policy” or “we rolled out training” is no longer enough. Regulators increasingly expect governance controls to be operational, enforceable, continuously monitored, and supported by evidence.

Most APRA-regulated organizations are already running AI across:

• claims triage,

• loan decisioning,

• fraud detection,

• customer interactions,

• internal copilots,

• and operational workflows.

At the same time, AI usage is spreading outside formally approved channels. Employees are using embedded AI inside SaaS platforms, browser-based AI assistants, and AI-powered search capabilities, often without centralized governance visibility. The issue is no longer whether AI is being used.  

The issue is whether organizations can answer basic governance questions with confidence:

• Which AI systems are operating across the business?

• Who owns them?

• What data do they touch?

• What suppliers sit behind them?

• What assurance has been performed?

• What evidence exists that controls are actually working?

For many organizations, those answers simply do not exist today.

‍

A real-world scenario

A regulator asks a bank to demonstrate which generative AI systems employees use to summarize customer interactions and whether those systems process sensitive financial information outside approved environments. The organization has policies restricting unapproved AI usage, but lacks a centralized inventory, visibility into embedded AI features in SaaS platforms, and a reliable way to verify whether those controls are being followed.  

That is the gap APRA is increasingly focused on, and the data confirms how broad the gap is:    

• 78% of executives believe their organization would likely fail an AI governance audit in 90 days (Grant Thornton 2026 AI Impact Survey),

• 80% of Fortune 500 companies are already deploying AI agents into live environments, with only 14% of those agents secured (TechRadar, May 2026).  

Gartner’s May 18, 2026, research Shadow AI Is Creating Opportunity for Product Leaders found:  

• 79% of employees are misusing approved public generative AI tools, and  

• 52% are building custom AI solutions without a cybersecurity review.  

In that same Gartner research, RecordPoint is named as the case in point for shadow AI discovery — scanning source code, federated items, and employee laptops for unsanctioned model usage, then aggregating findings into a quantitative residual risk score executives can take to the board.  

‍

This is not just a cybersecurity problem

One of the biggest misconceptions in the market is treating AI governance purely as a cybersecurity issue. It is broader than that.

APRA’s expectations increasingly resemble an information governance and operational accountability framework:

• maintain authoritative inventories,

• capture lifecycle decisions,

• preserve evidence of monitoring,

• track supplier obligations,

• record human-in-the-loop interventions,

• and demonstrate defensible oversight.

Traditional governance approaches struggle to cope with that level of operational complexity. Policy documents, spreadsheet registers, and quarterly review processes were never designed for AI environments evolving daily across employees, vendors, systems, and embedded tooling.

‍

Another common scenario

An insurance claims team starts using an AI assistant embedded inside a third-party SaaS platform to summarize customer submissions and draft responses.

Six months later, an internal review discovers employees have been pasting highly sensitive medical information into prompts that were never assessed through formal governance processes.

The issue is not whether a policy existed somewhere in the organization. The issue is whether the organization had operational visibility into how AI was actually being used.

A purely cybersecurity-driven approach is equally limited. Runtime protection, prompt monitoring, and adversarial testing address parts of APRA’s assurance expectations — but they still do not create the authoritative governance record regulators are increasingly asking organizations to produce.  Recent enforcement activity reinforces where this is heading.

In ASIC v FIIG Securities Limited [2026] FCA 92, the Federal Court imposed a $2.5 million civil penalty on FIIG Securities for cybersecurity failures tied to its AFSL obligations.

While not AI-specific, the case reinforces a broader regulatory direction: regulators are increasingly focused not just on whether policies exist, but whether organizations can demonstrate active governance, operational oversight, and defensible evidence of control effectiveness.

As AI becomes more deeply embedded in enterprise operations, those expectations increasingly extend to AI governance itself.

‍

What we’re hearing from the industry

The market response to APRA’s letter was immediate. Most APRA-regulated organizations our team has spoken with escalated the issue into executive, board, risk, and operational resilience discussions within days of the letter landing.

A recurring theme emerging from customers is that many organizations still have limited visibility into:

• where AI is being used,

• what sensitive data do those systems interact with,

• and whether governance controls are enforceable in practice — particularly across third-party SaaS platforms and embedded AI capabilities.

“The biggest shift we’re seeing is organizations realizing this is no longer just a cyber or policy discussion. APRA and ASIC have effectively elevated AI governance into an operational accountability issue. The challenge for many organizations now is moving from written policies to enforceable governance with real visibility and evidence.”

— Miles Ashcroft, Head of Risk and Compliance, RecordPoint

‍

The industry response is splitting into two camps

So far, market response has fallen into two broad categories.

The consulting-led response

Governance frameworks, policy reviews, assessments, and advisory engagements are designed to help organizations interpret regulatory expectations.

That work has value but on its own, it does not solve the operational evidence problem APRA is highlighting.

The cybersecurity vendor response

Prompt injection defense, AI agent protection, runtime controls, and supply-chain monitoring.

Those capabilities matter, but they still do not provide the operational governance layer that regulators are increasingly expecting organizations to demonstrate.

‍

Strong governance is becoming a competitive advantage

Picture this. A loan-decisioning model at a mid-tier bank has been quietly declining a protected-class of applicants outside its approved scope. The story breaks in the Australian Financial Review on Monday. By Wednesday morning, APRA has requested a written briefing, and the board has called an emergency meeting.

Neither audience wants the policy document. Both want records:

• which version of the model was running,

• who approved its scope,

• what monitoring fired,

• and what the bank did about it.
  

None exists.

The cost of building proper AI governance — inventory, lifecycle records, monitoring evidence, and board reporting — would have been a fraction of the remediation, enforcement, reputational damage, and operational fallout that follows. This is the part most boards underestimate.

AI governance is not a sunk cost. It compounds. A firm with defensible AI records ships AI faster because legal, risk, and supervisory teams approve it faster. It earns customers’ trust because the evidence is readily available when asked. A firm without it pays for it too, just in the wrong direction.

“The organizations getting the most value from AI are not the ones ignoring governance. They’re the ones building enough operational trust internally that the business can scale AI confidently instead of constantly slowing it down for reviews, approvals, and remediation.”

— Anthony Woodward, CEO, RecordPoint

‍

RecordPoint’s view: records beat screenshots

Records beat screenshots. Continuous beats point-in-time. Evidence beats policy. APRA is not asking for documentation. It is asking for records — captured, classified, retained, and reproducible on demand.

Fifteen years of records management heritage make that defensible, and it is why the regulator itself runs on the platform.

“Governance is not what sits inside a policy document or risk register. Governance is what your AI systems are actually doing in practice — and whether you can prove that to a regulator with operational evidence, monitoring history, and defensible records.”

— Joe Pearce, Head of Product, RecordPoint

In our view, organizations increasingly need:

• AI inventory as a record — every system, owner, risk classification, and lifecycle stage tied to the data and suppliers it touches.

• Lifecycle records for every AI system — approvals, monitoring outcomes, risk acceptances, and decommissioning are captured in the same way organizations already capture lifecycle evidence for other regulated processes.

• A defensible AI supply chain record — model providers, third and fourth parties, data residency, and evidence that each supplier met its obligations.

• Continuous assurance as records — monitoring runs, drift, human-in-the-loop interventions, and exception handling as a time-stamped audit trail.

• Board reporting from those same records — so the AI risk position presented to the board is the same one that can be defended to APRA.

This is the operational gap emerging between traditional governance programs and modern AI environments and it is the layer RecordPoint has been building for over fifteen years.

APRA has now made clear that records , not policies, screenshots, or vendor assurances, are what the regulator will accept as proof.

‍

The window for action is closing

APRA has already signaled that:

• it will engage directly with AI suppliers,
• further policy action may follow,
• and supervisory enforcement remains firmly on the table.

The CPS230 Operational Risk Management standard deadline for material service provider arrangements is approaching rapidly (1 July 2026). Boards are increasingly being asked to demonstrate AI literacy, oversight, and governance maturity in supervisory engagements.

ASIC has now reinforced those expectations across all AFS licensees.

Organizations that respond with another static policy document and a vendor procurement exercise will likely spend the next 12 months explaining governance gaps to regulators.

Organizations that move early to establish defensible, operational governance will be in a much stronger position to continue scaling AI safely — and prove it when asked.

Learn more about RecordPoint AI Governance.