AI Regulation Tracker / Regulation in force
Australia's CPS 230 now covers AI and cloud vendors behind critical operations
APRA's operational-risk standard commenced July 1, 2026, and AI, LLM and cloud vendors behind a critical operation fall within its existing definition of a material service provider. Regulated banks, insurers and super funds must now classify, register, contract for and test around those vendors.
Australia's banks, insurers and superannuation funds crossed a hard line on July 1, 2026. On that date the Australian Prudential Regulation Authority's Prudential Standard CPS 230, Operational Risk Management, came into force, and with it a duty that reaches directly into how these firms buy and rely on artificial intelligence. The standard does not mention "AI" as a special category. It does not need to. By requiring entities to manage the service providers behind their critical operations, CPS 230 turns any material dependence on an AI model, a large language model vendor or a cloud platform into an enforceable prudential obligation.
APRA finalized a set of targeted amendments to the standard on April 30, 2026, and published accompanying guidance under CPG 230. The amendments carved out a narrow exemption from specific contractual requirements for certain non-traditional providers, such as central banks and payment systems, where a formal contract is impractical. APRA was explicit that the relief is limited. In its words, the exemptions "do not reduce the expectation that regulated entities actively manage the operational risks arising from reliance on these service providers." For a bank leaning on a commercial AI vendor, no such relief applies.
What a regulated firm must now do
The core mechanics are concrete. For any AI, LLM or cloud vendor that underpins a critical operation, a regulated entity must classify that vendor as a "material service provider" and record it on a service-provider register. APRA has published a material service provider register template to support this. The firm must then document and test a viable fallback for each AI-dependent critical operation, so that a model outage, a withdrawn service or a degraded output does not by itself take down a payment rail, a claims process or a member-servicing function.
Firms must also map concentration risk, including the fourth-party and foundation-model exposure that sits behind a direct vendor. When many providers ultimately depend on the same handful of foundation models or cloud regions, a single point of failure can propagate across the sector, and APRA expects entities to see it.
The contract is where compliance bites
CPS 230 forces changes into vendor agreements themselves. Contracts for material arrangements must address matters such as audit and access rights, data handling, and continuity. Those updates are required by the earlier of the next renewal or, for pre-existing arrangements, the transition timeline APRA has set. That timing matters. A firm cannot wait for a distant renewal if the standard's transition path arrives first, and AI vendors accustomed to take-it-or-leave-it terms of service will face customers who now have a regulatory reason to negotiate.
What CPS 230 does not do
CPS 230 is not an AI-specific law. It sets no model-accuracy threshold, mandates no bias testing, and does not license or approve AI systems. It is an operational-risk standard that happens to capture AI as a critical-service dependency. That distinction is the point. Australia separately declined to enact standalone mandatory AI guardrails, so the prudential route is doing the work that dedicated AI legislation does elsewhere. The obligation is about resilience and control of the dependency, not about the ethics or performance of the model as such.
For a US reader, the cross-border angle is direct. US banking and insurance groups that operate APRA-regulated entities in Australia are in scope for those entities and must bring their AI vendor arrangements into line. Beyond that, CPS 230 is a template other prudential supervisors are watching, and US bank and insurance regulators have long moved in parallel on third-party and operational-risk expectations. A US compliance officer who wants to see where domestic supervisors may head on AI vendor concentration can read CPS 230 as a preview rather than a foreign curiosity.
The practical message for any regulated firm is unglamorous and immediate. Know which critical operations run on an AI or cloud vendor, prove you can keep running if that vendor fails, and hold a contract that lets you audit, exit and respond to incidents. That is now a supervised obligation in Australia, not a matter of good intentions.
Frequently Asked Questions
What exactly changed on July 1, 2026?
APRA Prudential Standard CPS 230 (Operational Risk Management) came into force, following targeted amendments finalized April 30, 2026. It requires regulated entities to manage the service providers behind their critical operations, which on its terms includes AI, LLM and cloud vendors behind those operations, through classification, registration, tested fallbacks and updated contracts.
Who is affected?
APRA-regulated banks (authorised deposit-taking institutions), insurers and superannuation funds (RSE licensees), and indirectly the AI and cloud vendors serving them. US financial groups are covered through any Australian regulated entities they operate.
Is this an AI law?
No. CPS 230 is an operational-risk standard, not AI-specific legislation. It sets no model-performance or bias rules. It reaches AI because AI vendors often underpin critical operations, which brings them within the "material service provider" definition, subject to registration, fallback testing and contractual controls.
When must vendor contracts be updated?
By the earlier of the next contract renewal or, for pre-existing arrangements, the transition timeline APRA has set. Updated contracts must address matters such as audit and access rights, data handling, and continuity.
Sponsored Training
Browse the full AI Regulation News tracker
Informational analysis for working professionals, not legal advice. Confirm how any rule applies to your situation with qualified counsel.