In a speech to the RMA CRO Conference 2025, the Australian Prudential Regulation Authority (APRA) set out how its 2025-26 Corporate Plan is aiming to balance a heightened risk environment with a stronger focus on proportionality and reducing unnecessary regulatory burden. The address highlighted APRA’s supervisory priorities across financial and operational resilience, cyber and technology risk, geopolitical preparedness, and measures to lower compliance costs without weakening prudential standards. On resilience, APRA expects to finalise revisions to the bank capital framework to phase out Additional Tier 1 capital instruments over coming years, and to engage with industry on potential revisions to the bank liquidity framework. Operational resilience work will focus on implementation of CPS 230, which came into force in July, alongside continued work on strengthening governance following eight cross-industry proposals consulted on in March, with an interim consultation update planned in the next few months. On emerging risks, APRA underscored that cyber preparedness remains non-negotiable under CPS 234, noting improvement has been slower than expected, and pointed to recent credential stuffing attacks as evidence that some super funds were not meeting expected authentication standards, with APRA assessing responses to its June letter. For artificial intelligence, APRA plans to increase monitoring by reviewing practices at some larger institutions, while maintaining that the existing prudential framework is sufficient and that no new AI-specific regulations are planned. At the system level, APRA is coordinating with peers through a Council of Financial Regulators (CFR) geopolitical risk workplan and is progressing its first system stress test examining banking and superannuation linkages, with initial findings expected this year before a second phase. On regulatory balance, APRA referenced its response to a July request from the Federal Treasurer for measurable compliance cost reductions, including simplifying bank licensing with the aim of halving licensing timeframes, providing greater clarity on capital expectation drivers and mitigants, introducing a third tier in the proportionality framework for banks, reducing capital requirements for annuity products and promoting access to cost-effective reinsurance for general insurers, and removing outdated or duplicative governance rules. APRA also committed to further work with industry to reduce data reporting burden, including addressing overlap between prudential reporting and obligations under the Financial Accountability Regime (FAR) in engagement with Treasury and the Australian Securities and Investment Commission.
Australian Prudential Regulation Authority 2025-09-04
Australian Prudential Regulation Authority flags stepped-up AI risk reviews and compliance cost cuts in 2025-26 supervision agenda
At the RMA CRO Conference 2025, APRA outlined its 2025-26 Corporate Plan, focusing on balancing risks with reducing regulatory burdens. Priorities include revising the bank capital framework, enhancing resilience through CPS 230, and maintaining cyber preparedness under CPS 234. APRA will increase AI monitoring without new regulations and coordinate on geopolitical risks through the Council of Financial Regulators. Efforts to reduce compliance costs include simplifying bank licensing, clarifying capital expectations, and reducing data reporting burdens.