ASIC and APRA have made the message clear: artificial intelligence is no longer just a technology implementation issue. For financial services firms, AI is now a governance, cyber resilience, privacy, outsourcing and accountability issue. ASIC’s 8 May 2026 open letter to AFS licensees and market participants warned that frontier AI is changing the cyber threat environment by increasing the capability, speed and accessibility of sophisticated attacks. ASIC’s point was not that

AUSTRAC’s AML/CTF reforms are no longer a future-state compliance project. For current reporting entities, the issue is now practical: has the business changed the way it governs, controls and evidences AML/CTF compliance? The reforms commenced for current reporting entities on 31 March 2026, subject to transitional arrangements. AUSTRAC’s 21 May 2026 expectations update confirms that the regulator is focused on implementation, not just awareness. The task is broader than upd

The old complaints model is no longer safe Complaints delays were once too easily treated as operational friction: a backlog, a resourcing issue, or a customer service problem. The Telstra Super IDR decision makes that approach unsafe. Complaints handling now sits squarely within legal risk, licence governance and conduct assurance. In ASIC v Telstra Super Pty Ltd [2026] FCA 527, the Federal Court found that Telstra Super failed to comply with its internal dispute resolution