Clifford Chance

APRA's CPS 230 seeks to enhance operational risk management for financial institutions and safeguard Australian entities' stability by ensuring robust systems to identify, assess, manage, and mitigate operational risks, including artificial intelligence (AI) and cybersecurity related risks.

The Prudential Standard CPS 230 on Operational Risk Management (CPS 230) is a regulatory framework established by the Australian Prudential Regulation Authority (APRA). CPS 230 aims to enhance the operational risk management practices of financial institutions. This standard is a key component of APRA's broader mandate to uphold the stability, efficiency, and integrity of the Australian financial system.

CPS 230 applies to all APRA-regulated entities, including banks, insurers, and superannuation funds, ensuring they have robust systems to identify, assess, manage, and mitigate operational risks.

We previously discussed CPS 230 here and the European Union's analogous regulation, the Digital Operational Resilience for the Financial Sector (DORA) here. DORA established uniform requirements for the security of network and information systems for companies and organisations in the financial sector and critical third parties providing information communication technologies.

CPS 230 comes into effect on 1 July 2025 and replaces CPS 231 (Outsourcing) and CPS 232 (Business Continuity Management).

Key Themes of CPS 230

CPS 230 imposes four key obligations on APRA-regulated entities:

1. Board Responsibility: The Board is accountable for the entity's operational risk management. This includes defining, approving, overseeing, and being continuously accountable for both the entity's and third-party operational risk management. The Board must ensure senior management proactively manages risks, identifies areas of concern, and tests critical operations.

2. Strengthening Operational Risk Management: Entities must have a comprehensive operational risk management framework that includes effective internal controls, monitoring, and remediation processes. This framework should be appropriate to the entity's size, business mix, and complexity, and include clear roles and responsibilities, risk appetite statements, and regular risk assessments.

3. Improving Business Continuity: Entities must develop and maintain a credible business continuity plan (BCP) to ensure the resilience of critical operations during severe disruptions. The BCP should be regularly tested and updated to ensure its effectiveness.

4. Enhancing Third-Party Risk Management: Entities must effectively manage risks associated with service providers by having a comprehensive service provider management policy, formal agreements, and robust monitoring processes. Service providers must meet the same operational risk management standards as the entity, and contingency plans must be in place for service provider failures.

CPS 230 also grants APRA the authority to enforce compliance, including requiring entities to take specific actions to address identified operational risks, conducting reviews and assessments, and imposing penalties for non-compliance.

Ensuring AI and Cybersecurity Resilience

The Australian Securities and Investments Commission (ASIC) released a detailed report in October 2024 on the use of AI by Australian financial services and credit licensees¹. These licensees broadly overlap with APRA-regulated entities. The ASIC report focuses on the internal AI and cybersecurity risks that CPS 230 seeks to address and provides valuable insights for APRA-regulated entities.

These insights include:

1. A shift from long-established and well-understood techniques to complex and opaque AI techniques creates the risk of unexplainable decisions that may include issues of fairness, bias, and discrimination.
2. The need to balance competing risks, such as automated decisions (e.g., credit score predictions and fraud detection) against partly automated (with some human oversight) and non-automated decisions (e.g., income/expense verifications)², business efficiency against consumer risks and harms, and the development and use of in-house and third-party AI models.
3. Amending an entity's risk management arrangements to reflect AI's characteristics, including bespoke AI, data protection and privacy, data quality-related policies, standards or guidance, and a centralised approach to AI use and governance. This includes transparency measures to help consumers understand when they are interacting with AI or receiving an automated decision, measures to address issues of fairness, bias, and discrimination, and strategic, mature, and centralised AI use with board and ethical oversight.

Addressing AI-Generated Threats

AI's proliferation into society has facilitated significant advancements and convenience. However, the use of deepfakes (videos or audio of directors and officers or consumers) and AI to create targeted email communications (which contain ransomware) and fraudulent documents (such as AI-generated crumpled invoices for fake businesses) present unique and evolving challenges to entities.

Sophisticated cyberattacks make it crucial for entities to adopt CPS 230 principles and a proactive approach to operational risk management. This includes enhancing verification processes and communication protocols to prevent unauthorised access and ensure the integrity of communications and organisational awareness of these threats. Entities must also consider whether their AI processes are appropriate to deal with AI-generated threats and when human intervention is necessary.

Managing CPS 230 and AI-Related Risks

APRA's CPS 230 sits within the broader field of Australia's complex and overlapping general legislative, regulatory, and common law obligations that address the use of AI and an entity's governance framework. These include:

(i) the Corporations Act 2001 (Cth)'s directors' duties (including discharging one's duties with a reasonable degree of care and diligence), and a financial or credit services licensee's obligation to provide their services "efficiently, honestly and fairly,";

(ii) the Privacy Act 1988 (Cth)'s obligations when collecting, using, and disclosing personal information;

(iii) the Scam Prevention Framework; and

(iv) anti-discrimination laws.

Entities should assess the impact of CPS 230 (and their other legal and regulatory obligations) on their operations, including where their operations are assisted by or outsourced to third parties, to identify, review, assess, and address their governance frameworks and operational risks.

Conclusion

CPS 230 represents a significant development in APRA's regulation of entities and the requirements to have robust operational risk management frameworks. By addressing AI and cybersecurity risks, enhancing business continuity, and improving third-party risk management, CPS 230 aims to protect consumers and maintain the integrity of the financial system. Entities must proactively adapt their governance frameworks and contractual arrangements to meet these new requirements and ensure they are prepared for the evolving landscape of operational risks.

For assistance with updating internal policies or contracts for compliance with CPS 230 (including outsourcing agreements and AI-related agreements), please contact your Australian or Global Clifford Chance Tech team contact.

-------------------------------------------------------------------------------------------------------------

¹ Australian Securities and Investments Commission, Beware the gap: Governance arrangements in the face of AI innovation (Report 798, October 2024).

² A practical example of this is the Full Court of the Federal Court of Australia's decision in Pintarich v Deputy Commissioner of Taxation (2018) 262 FCR 41; [2018] FCAFC 79 which concerned a decision made by the Deputy Commissioner of the Australian Taxation Office. In this case, the majority found that automated decision purportedly made by the Deputy Commissioner was not a 'valid' decision, as a 'valid' decision requires a mental process to reach the conclusion and the objective manifestation of that conclusion.