Australian Prudential Regulation Authority sets 2025–26 Corporate Plan priorities including cyber resilience, CPS 230 reviews and proportionality consultation

The Australian Prudential Regulation Authority (APRA) published its 2025–26 Corporate Plan, setting strategic priorities for the next four years and outlining policy, supervision and data priorities for the next 12 to 18 months to support the safety and stability of banks, insurers, superannuation trustees and the broader financial system. The plan is structured around four objectives: maintaining financial and operational resilience, responding to significant and emerging risks, getting the regulatory balance right, and improving APRA’s organisational effectiveness. Near-term priorities include strengthening cyber resilience across regulated industries, including monitoring risks linked to artificial intelligence adoption and geopolitical tensions, and assessing compliance with APRA’s new operational risk management prudential standard CPS 230. Planned work also covers updating governance prudential standards, publishing results from APRA’s inaugural System Stress Test focused on interconnectedness between banking and superannuation, intensifying scrutiny of superannuation fund expenditure and reviewing investment governance and member outcomes of major platform providers, and releasing results from the Climate Vulnerability Assessment for the general insurance sector. The plan flags a heightened focus on balancing financial safety with competition, efficiency and productivity, including consulting on formalising a third tier of proportionality in the banking prudential framework, promoting access to more affordable reinsurance for general insurers, and removing duplicative or unnecessary regulatory requirements.