
On 30th April 2026, APRA wrote to every bank, insurer and superannuation fund in the country. The letter was based on a targeted supervisory review of large authorised deposit-taking institutions, insurers and superannuation trustees conducted in late 2025. It did not use the language of pending guidance or future expectations. It described what APRA found, what it considered inadequate and what it expected to be addressed without delay.
Eight days later, ASIC issued its own letter to financial services licensees and market participants, calling for urgent action on AI governance and describing 2026 as its "Year of Accountability." The two letters were not jointly announced. But they pointed in exactly the same direction.
Then 1st July 2026 arrived. The transitional period for existing service provider contracts under CPS 230 expired. From today, every pre-existing arrangement with a material service provider, which now includes many AI vendors, must comply in full with APRA's Prudential Standard for Operational Risk Management. The window that was open is now closed.
What APRA's April Letter Actually Found
The April 30 letter was notable for its specificity. APRA does not typically publish supervisory findings in operational detail. This one did.
Four themes ran through the findings: cybersecurity and information security; AI governance; assurance; and third-party and supply chain risk. APRA said explicitly that the widest gap between current practice and regulatory expectations was in third-party and supply chain risk. Most of that gap was specifically about AI vendor management.
What APRA observed across the entities it reviewed: organisations are overrelying on vendor presentations and summaries without conducting their own independent examination of AI risks. Contractual arrangements with AI providers often lack specific provisions addressing audit rights, model update notification obligations, incident reporting requirements and changes to data handling. Many entities are heavily concentrated in a single AI provider across multiple use cases, with few demonstrating robust contingency planning or tested exit strategies.
The most structurally significant finding was about upstream opacity. AI capabilities are increasingly embedded within software, platforms and developer tools. That means the foundation models, training data sources and fourth-party service providers sitting behind those tools are often invisible to the entities deploying them. APRA expects entities to understand and manage those dependencies. Most cannot tell you who they are.
Here is what makes that finding consequential: when you procure a SaaS platform that uses an AI provider, and that AI provider uses a foundation model from a third party, your organisation now has a fourth-party dependency that APRA expects you to have assessed. For most financial services organisations, that dependency map does not exist.
What ASIC Added
ASIC's 8th May letter was sharper in tone. Its core message: cyber risk has entered a new era, frontier AI materially increases threat complexity and weaknesses that once seemed isolated can now create system-wide effects.
ASIC's governance expectations were stated plainly. Boards and senior executives must be able to understand their organisation's AI and cyber risk position and ask the right questions. The standard of acting "efficiently, honestly and fairly" under the Corporations Act is technology-neutral. It applies to AI systems as directly as it applies to human advisers. ASIC has pursued enforcement actions on this basis before, most notably against FIIG Securities and RI Advice in relation to cyber failures, and it has signalled that AI governance failures will be treated in the same way.
For financial services organisations using AI to generate advice, produce customer-facing communications or assist in any decision that influences dealings with clients around credit or financial products, the compliance risk under ASIC's existing enforcement framework is live without any new AI-specific legislation. The obligations that already exist are sufficient.
What CPS 230 Means for AI Vendors Right Now
This is the immediate operational question for 1st July.
CPS 230's materiality classification is the first step. For every AI system in use, financial services organisations need to assess whether its provider is a material service provider under the standard. The test is not the vendor's size or brand name. It is operational impact: would the failure or sustained disruption of this provider materially affect a critical operation, the entity's financial position or its obligations to beneficiaries?
For AI tools embedded in credit assessment, claims processing, fraud detection, customer service at scale, portfolio risk management or any workflow underpinning a critical operation, the answer is almost certainly yes.
Once classified as material, the entity must ensure the contract with that vendor meets CPS 230's mandatory provisions. The list is specific: clear service scope and service level agreements; risk management obligations; security; contingency and exit planning; audit and APRA access rights; subcontracting restrictions; and data ownership and return provisions.
Standard AI vendor enterprise agreements were not drafted to these specifications. Most allow model updates without notification obligations. Most do not include APRA access rights or tested exit and substitution provisions. Most do not address what happens if the vendor changes the underlying foundation model the entity has been relying on.
The model update issue deserves specific attention. APRA's review found that organisations had limited evidence of provisions addressing model update notification or deviations from expected behaviour. A model update can materially change the risk profile of a deployed AI system. If your AI vendor agreement does not require them to tell you when they update the model, you have a governance gap that an APRA review will find.
The final requirement is the register. CPS 230 requires entities to maintain a material service provider register linked to critical operations and submit it annually to APRA. If your AI use-case register and your material service provider register exist as separate documents with no visible connection, that gap is a finding waiting to happen.
What APRA's Forward Supervision Plan Signals
APRA has confirmed in its forward plan that it will engage directly with AI suppliers as part of its supervision of CPS 230 compliance. That is a notable signal. It means APRA intends to assess AI governance quality by looking through entities to the vendors themselves, not just by reviewing what entities report upward.
For AI vendors supplying to APRA-regulated entities, that is a direct call to ensure their own governance infrastructure is adequate. For regulated entities, it means that deficiencies in their AI vendors' governance arrangements will be visible to the regulator independently of what the entity reports.
The most immediate practical consequence: APRA-regulated entities that have accepted AI vendor representations at face value, without independent verification, are at risk of having those representations tested by a supervisor with direct access to the vendor.
What This Means for Your Organisation
What we observe consistently in working with financial services clients is that AI vendor governance has lagged AI adoption by two to three years. Tools were procured based on capability. Contracts were managed by technology teams focused on service levels and pricing. Governance teams were not involved until after deployment, when the risk profile was already set.
The APRA letter marks the point where that approach is no longer viable. The regulator has described what it found, what it expects and that it intends to look through entities to vendors. The specific findings are not theoretical. They were drawn from review of large, well-resourced organisations. If they exist there, they exist in organisations with less dedicated governance infrastructure.
The organisations that handle the next round of APRA supervisory engagement well are those that can produce, promptly, a material service provider register that includes their AI vendor relationships mapped to critical operations; contracts that satisfy CPS 230's mandatory provisions including model update notification and audit rights; evidence of concentration risk assessment and tested exit strategies; and documented analysis of fourth-party dependencies for their most critical AI systems.
Key Takeaways
- APRA's April 30, 2026 letter identified specific AI governance failures across financial services including inadequate vendor contracts, single-provider concentration risk and opaque fourth-party dependencies
- ASIC's May 8 letter described 2026 as the "Year of Accountability" and confirmed that existing Corporations Act obligations apply to AI systems in the same way they apply to human advisers
- CPS 230's transitional period for pre-existing service provider contracts ended July 1, 2026: AI vendors meeting the material service provider threshold must now be governed under the full standard
- Material service provider classification turns on whether the vendor's failure would affect a critical operation, not on vendor size or category
- APRA has signalled it will engage directly with AI suppliers in its forward supervision plan, meaning governance gaps in vendors will be visible to the regulator independently of what entities report
How Trusenta Can Help
AI Governance captures AI vendor relationships in the use-case register with materiality classification built into the intake process, making it straightforward to identify which AI providers meet the CPS 230 material service provider threshold and what governance provisions are required for each.
Risk Management enables concentration risk assessment and exit strategy documentation for AI vendor dependencies, linking each provider to the critical operations it supports and tracking treatment plans against CPS 230 requirements with the evidence the register requires.
AI Governance Enterprise delivers the structured AI governance programme APRA-regulated entities need to address the specific gaps the April 30 letter identified, including vendor governance frameworks, material service provider classification processes and board-level AI risk reporting.
The Window Has Closed
The APRA and ASIC letters together set a clear standard for 2026: AI governance in financial services must be demonstrable, operational and connected to vendor oversight. Not principled, documented and separate from it.
CPS 230 is the framework. The APRA letter describes the distance between that framework and what large, well-resourced regulated entities were actually doing when a supervisor came to look. Closing that distance is the task. And as of July 1, the obligation to have closed it applies to every pre-existing service provider arrangement in your AI estate.