The Australian Prudential Regulation Authority (APRA) has urged banks, insurers and superannuation trustees to lift how they manage artificial intelligence-related risks, warning that current governance and operational practices are not keeping pace with rapid AI adoption.
In a letter to industry published today, APRA said governance, risk management, assurance and operational resilience practices were lagging behind the “scale, speed, and complexity” of AI deployment. The regulator’s comments follow a targeted supervisory review conducted late last year across APRA-regulated industries to examine how AI is being deployed and governed.
APRA said the expanded use of advanced AI is introducing new financial and operational vulnerabilities, and that information security practices are “struggling to keep up with the pace of change”. The letter also flagged frontier AI models such as Anthropic’s Claude Mythos, warning they could increase the probability, speed and scale of cyberattacks by enabling bad actors to discover vulnerabilities faster.
Among APRA’s observations were that AI use is moving from…
