CPS 230 – Liberate Consulting
APRA Prudential Standard · Effective 1 July 2025

CPS 230: Operational Risk Management

APRA's CPS 230 is not a compliance checkbox. It is a fundamental restructuring of how banks, insurers, and superannuation trustees must govern operational risk, third-party dependencies, and business continuity — in an era where AI and digital infrastructure make those risks harder to see and faster to crystallise.

What Is CPS 230?

CPS 230 is a prudential standard issued by the Australian Prudential Regulation Authority (APRA) that took effect on 1 July 2025. It consolidates and replaces two prior standards: CPS 231 (Outsourcing) and CPS 232 (Business Continuity Management), bringing them together under a single, more demanding operational risk framework.

It applies to all APRA-regulated entities — Authorised Deposit-taking Institutions (ADIs), general and life insurers, and superannuation licensees. Its scope is deliberately broad: anywhere your operations can fail, be disrupted, or be compromised by a third party, CPS 230 applies.

For Liberate Consulting's clients, CPS 230 is also a direct parallel to the AI governance obligations we address under ASIC's s912A framework. The two regulators are converging on the same message: you must be able to monitor, explain, and recover from the systems you rely on.

The Three Pillars of CPS 230

APRA structures CPS 230 around three interconnected obligations. Understanding each one — and where they are most likely to break down in practice — is essential for any regulated entity operating with modern technology and outsourced service providers.

Pillar 1

Operational Risk Management

Entities must establish a structured, board-approved framework for identifying, assessing, and controlling operational risk — spanning technology failures, cyber incidents, process breakdowns, and human error. This is not a "set and forget" policy requirement. APRA expects active, continuous monitoring with clear ownership at the senior management level. For entities using AI or automated decision-making, this pillar requires you to identify those systems as sources of operational risk and govern them accordingly.

Pillar 2

Business Continuity & Critical Operations

Entities must identify their critical operations — the functions whose disruption would cause material harm to customers, markets, or financial system stability — and define tolerance levels for disruption, data loss, and minimum service thresholds. Business Continuity Plans (BCPs) must be tested annually against severe but plausible scenarios, including the failure of a key technology vendor or cloud provider. For ADIs, this includes payments infrastructure; for insurers, claims processing; for super trustees, member administration and drawdown services.

Pillar 3

Service Provider Oversight

CPS 230 makes third-party risk a first-class governance obligation. Entities must maintain a register of material service providers and ensure formal contracts are in place covering audit rights, APRA access, and termination provisions. Critically, APRA's position is that the duty to manage the risk does not transfer to the vendor — just as ASIC's position under s912A is that your compliance obligations are non-delegable. If your SaaS provider, data platform, or AI vendor fails, you are responsible for the consequences to your customers.

Board Accountability and Senior Management Obligations

CPS 230 is explicit: the Board is responsible for approving the operational risk management framework, the business continuity policy, and the tolerance levels for critical operations. This is not a delegation to a risk committee or an internal audit function. The Board must understand, approve, and be accountable for the framework.

Senior management is then responsible for the day-to-day execution — ensuring that technology dependencies, third-party arrangements, and operational change programs are managed within the Board-approved tolerances. Where AI systems are embedded in critical operations, senior management must be able to demonstrate that those systems are monitored, their outputs are validated, and escalation pathways exist when they behave unexpectedly.

  1. Approving the Framework Is Not Enough

    APRA expects boards to remain actively engaged — not simply rubber-stamp policies at the start of the year. Where material operational risks emerge (a new AI deployment, a critical vendor change, a cyber incident), the Board must be informed and must respond.

  2. Technology Risk Is Now a Governance-Level Issue

    Cloud concentration risk, AI model failures, and SaaS vendor outages are now explicitly within scope. If your core operations run on a single cloud provider or a single AI platform, APRA will ask what happens when that provider has an outage — and whether your BCP has been tested against that scenario.

  3. Incident Notification Is Mandatory and Fast

    Material operational incidents must be reported to APRA within 72 hours. Any disruption that causes operations to fall outside defined tolerances must be reported within 24 hours. There is no grace period for discovery. Your monitoring systems must be capable of detecting breaches in near real-time.

CPS 230 Through an AI Governance Lens

Most entities are approaching CPS 230 as a technology risk and outsourcing exercise. That framing is incomplete. For any APRA-regulated entity that uses AI in a critical operation — whether for credit decisioning, fraud detection, claims triage, underwriting, or investment screening — CPS 230 creates specific obligations that are rarely discussed in vendor briefings.

The key question APRA will ask: If your AI system produces an incorrect output or becomes unavailable, does your Business Continuity Plan address that scenario? Have you tested it? Do you have a human fallback process, and is it documented and operational?

The intersection of CPS 230 and AI governance sits in three specific areas. First, AI models used in critical operations are themselves a source of operational risk — model drift, data quality failures, and adversarial inputs can all cause material harm without any system "going down." Second, AI vendors are material service providers under CPS 230. Your contract with them must include audit rights, APRA access provisions, and viable exit strategies. Third, if an AI system is embedded in a critical operation, your tolerance levels and recovery time objectives must account for the time required to replace or revert that system — not just restore an IT platform.

This is where Liberate Consulting's GRC framework work becomes directly relevant. We help entities map their AI dependencies to their critical operations register, assess their vendor agreements against CPS 230 requirements, and design the Human-in-the-Loop protocols that satisfy both APRA and ASIC's parallel expectations.

Live · Effective 1 July 2025 Where Most Entities Are Right Now

CPS 230 is in force. APRA has signalled that the transition period is over and supervisory scrutiny is increasing, particularly around third-party risk registers, BCP testing documentation, and board-level approval records. Entities that treated the 1 July deadline as a documentation exercise — rather than an operational uplift — are now the ones most exposed to a targeted review.

CPS 230 and ASIC's s912A obligations are converging on the same principle: you cannot outsource accountability. Whether it is a financial adviser, an algorithm, or a third-party platform — if it touches your customer, you own the risk. The entities that will fare best are those that have built governance systems capable of seeing that risk in real time.

— Lead Strategist, Liberate Consulting

Does Your CPS 230 Framework Cover Your AI Dependencies?

Liberate Consulting works with APRA-regulated entities to map AI systems to critical operations, assess vendor agreements, and build GRC frameworks that satisfy both APRA and ASIC expectations. Start with our AI Readiness Scorecard — designed specifically for financial services.

Get Your AI Readiness Scorecard — $97 → Talk to Our Team