TheAICommand: Your Command Centre for AI

TheAICommand Learning Library

GRC Module LM-G07

APRA Prudential Standard CPS 220

Risk Management for APRA-Regulated Institutions

Risk Management Framework, Risk Appetite Statement, Three Lines Model, Chief Risk Officer, Board oversight, and integration with CPS 230, CPS 510 and CPS 511.

Field	Value
Module ID	LM-G07
Domain	Governance, Risk and Compliance (GRC)
Standard	APRA Prudential Standard CPS 220 Risk Management (current as at April 2026)
Audience tier	Practitioner and Leader (Foundation readers should complete LM-G01 and LM-G05 first)
Estimated reading time	22 minutes (4,800 words at 220 words per minute)
Assessment duration	25 to 30 minutes (30 multiple choice questions)
Prerequisites	Working knowledge of Australian financial services regulation; familiarity with the Three Lines Model
Learning outcomes	On completion, the learner will be able to: (1) Explain the structure and content requirements of a CPS 220 compliant Risk Management Framework. (2) Describe the role of the Risk Appetite Statement and design quantitative and qualitative metrics for it. (3) Apply the Three Lines Model to allocate risk responsibilities across an APRA-regulated entity. (4) Evaluate the independence and reporting obligations of the Chief Risk Officer. (5) Operationalise CPS 220 alongside CPS 230, CPS 510 and CPS 511 without duplication. (6) Build a governed AI workflow that drafts, reviews and stress tests RAS metrics and Board risk reports.

Currency note

This module reflects the APRA prudential framework as at April 2026. CPS 220 was last reissued by APRA effective 1 July 2019 and continues in force. Read in conjunction with CPS 230 Operational Risk Management (effective 1 July 2025), CPS 510 Governance, and CPS 511 Remuneration. Where APRA letters or revised guidance are issued after April 2026, treat them as the controlling source.

TheAICommand. Intelligence, At Your Command.

1. Executive Summary

APRA Prudential Standard CPS 220 Risk Management is the cornerstone obligation that requires every authorised deposit-taking institution, general insurer, life insurer, private health insurer and registrable superannuation entity licensee to maintain an enterprise wide Risk Management Framework. The framework must be designed to identify, measure, evaluate, monitor, report and control or mitigate all material risks faced by the institution and the broader group. CPS 220 sets the minimum architecture for a Risk Management Framework, requires a Board approved Risk Appetite Statement, mandates a documented Risk Management Strategy, and creates the role of an independent Chief Risk Officer with direct access to the Board.

Why this matters for an Australian financial services audience. APRA enforcement activity has shifted from procedural breaches to outcomes based intervention. Recent CPS 220 related actions have included additional capital overlays, court enforceable undertakings, and Board level remediation programs. The standard is also the binding interface with CPS 230 operational risk, CPS 510 governance, CPS 511 remuneration, and the Financial Accountability Regime accountability obligations. An institution that runs a weak Risk Management Framework now exposes named senior executives to FAR consequences in addition to entity level penalties.

What you will be able to do after this module:

Articulate the seven required components of a compliant Risk Management Framework.
Draft Risk Appetite Statement metrics that combine quantitative limits with qualitative tolerances.
Allocate accountability across the Three Lines Model in a way that satisfies APRA expectations.
Determine when a CPS 220 declaration to APRA, or a comprehensive review, is triggered.
Stand up an AI assisted workflow for risk reporting that respects de-identification, audit trail, and CPS 230 critical operation requirements.

2. Regulatory and Strategic Context

2.1 Issuer and statutory authority

CPS 220 is a prudential standard made by the Australian Prudential Regulation Authority (APRA) under section 11AF of the Banking Act 1959, section 32 of the Insurance Act 1973, section 230A of the Life Insurance Act 1995, section 92 of the Private Health Insurance (Prudential Supervision) Act 2015, and section 34C of the Superannuation Industry (Supervision) Act 1993. Each enabling statute gives APRA the power to set binding standards and to enforce them through directions, capital adjustments, licence conditions, and ultimately licence revocation.

2.2 Scope of application

CPS 220 applies to authorised deposit-taking institutions (ADIs) including foreign branches, general insurers, life insurers, private health insurers, and Registrable Superannuation Entity (RSE) licensees. It also applies on a Level 2 and Level 3 group basis where APRA has formally constituted the group. Foreign branches are subject to a modified application that recognises the head office Risk Management Framework, provided APRA is satisfied with home jurisdiction supervision. Service providers including outsourced administration are reached indirectly through the obligations imposed on the regulated entity.

2.3 Key dates and transitional periods

CPS 220 was first issued 1 January 2014 and reissued 1 July 2019 with strengthened expectations on Risk Appetite Statement metrics and the role of the Chief Risk Officer.
From 1 July 2025, CPS 230 Operational Risk Management came into effect and reshapes the operational risk content within the Risk Management Framework. The CPS 220 Risk Management Strategy must reference the CPS 230 critical operations register.
From 1 January 2024 (and 1 July 2024 for non-significant entities), CPS 511 Remuneration created Board obligations to align variable remuneration outcomes with non-financial risk performance. The Risk Appetite Statement must surface the non-financial measures that feed CPS 511 consequence management.
The Financial Accountability Regime (FAR) commenced for banking on 15 March 2024 and for insurance and superannuation on 15 March 2025. Accountable persons with risk management responsibilities (typically the CRO and the Chair of the Board Risk Committee) are now individually accountable for CPS 220 outcomes.
APRA letter of October 2023 reinforced the expectation that the comprehensive review of the Risk Management Framework, required at least every three years, must be carried out by operationally independent reviewers. The next review for most ADIs falls due in calendar 2026.

2.4 Interplay with adjacent frameworks

CPS 220 is the umbrella standard. It is read together with at least three other items in this Learning Library and the broader prudential architecture. CPS 230 Operational Risk Management (LM-G09) provides the operational risk taxonomy, business continuity, and service provider obligations that flow up into the CPS 220 framework. CPS 510 Governance (LM-G06) sets the Board, Board Risk Committee and fitness and propriety expectations that govern how the framework is approved and overseen. CPS 511 Remuneration (LM-G08) requires that variable remuneration outcomes reflect non-financial risk and Risk Appetite Statement breaches. The Corporations Act 2001 (LM-G01) directors duties under sections 180 to 184 underpin the personal accountability of Board members for the framework. Chapter 2M financial reporting and the new climate related disclosure regime feed material climate risks back into the Risk Management Framework. The Privacy Act 1988 (LM-G02) and APP compliance set the data handling boundaries that constrain any AI assisted risk workflow built on top of the framework.

2.5 Strategic posture for boards

APRA increasingly evaluates Risk Management Frameworks by their evidence of use, not merely their existence on paper. Boards that can show how the Risk Appetite Statement constrained a real product approval, how a CRO escalation reshaped a strategic acquisition, or how a near miss triggered a framework refresh, score materially better in supervisory reviews. Boards that treat CPS 220 as a compliance artefact tend to attract attention through CPS 220.4 declarations and through case manager queries that escalate to formal review.

3. Core Concepts and Defined Terms

3.1 Defined terms

Defined term	Working meaning under CPS 220
Risk Management Framework (RMF)	The totality of systems, structures, policies, processes and people within an institution that identify, measure, evaluate, monitor, report and control or mitigate all material risks. The RMF is the umbrella deliverable of CPS 220.
Risk Appetite Statement (RAS)	A Board approved articulation of the aggregate level and types of risk that the institution is willing to accept, or to avoid, in pursuit of its strategic objectives. Includes quantitative limits and qualitative tolerances.
Risk Management Strategy (RMS)	A document that describes the strategy adopted to manage material risks arising from the institution's business plan. Lodged with APRA.
Material risk	A risk that, if realised, could materially impact the institution's financial soundness, reputation, capacity to meet obligations, or its ability to operate within its Risk Appetite Statement.
Three Lines Model	The control architecture that distinguishes risk taking and ownership (line one), oversight and challenge (line two), and independent assurance (line three). Replaces the older Three Lines of Defence label.
Chief Risk Officer (CRO)	A senior executive accountable for the operation of the Risk Management Framework, with direct unfettered access to the Board and the Board Risk Committee, and structurally independent from revenue generating units.
Risk culture	The norms, attitudes and behaviours related to risk awareness, risk taking and risk management. CPS 220 requires the Board to form a view on risk culture and identify any desirable changes.
Comprehensive review	A periodic review of the entire Risk Management Framework, conducted at least every three years by an operationally independent party, and reported to the Board.
CPS 220.4 declaration	The annual declaration to APRA, signed by the Chair of the Board, confirming the Risk Management Framework is operating effectively, identifying material deviations, and outlining remediation actions.
Risk taxonomy	The structured classification of risks into categories such as credit, market, liquidity, operational, insurance, strategic, conduct and climate. The taxonomy underpins consistent measurement and reporting.

3.2 The seven required components of an RMF

CPS 220 is structured around a non-negotiable set of components. An institution that is missing any of these is not CPS 220 compliant, regardless of how mature the surviving elements are.

Component	Description
1. Risk appetite	Board approved RAS with quantitative limits, qualitative tolerances, and linkages to strategic objectives.
2. Risk management strategy	A documented RMS lodged with APRA, refreshed at least annually and on any material change to business plan or risk profile.
3. Risk management policies, procedures and controls	Aligned to the risk taxonomy and covering each material risk class. Policies must be version controlled and approved at the appropriate authority level.
4. Clearly defined roles, responsibilities and authorities	Mapped against the Three Lines Model, with documented delegations and segregation of duties.
5. A risk management function	Independent of revenue generating units, headed by the CRO, appropriately resourced for the size and complexity of the institution.
6. Review and assurance arrangements	Including the comprehensive review at least every three years and ongoing internal audit coverage.
7. Risk culture	A documented Board view on risk culture, supported by surveys, behavioural indicators and remediation actions.

3.3 Linkage between the RAS, RMS and business plan

The Risk Appetite Statement, Risk Management Strategy and three to five year business plan must be visibly connected. APRA expects to see a one to one mapping that shows how each strategic objective generates material risks, how those risks are constrained by quantitative or qualitative appetite, how the RMS sets the management response, and how Board reporting picks up breach and trend data. A common deficiency is a Risk Appetite Statement built bottom up from existing limits, rather than top down from the strategy. APRA has called this out in cross industry observations, noting that bottom up RAS documents often fail to reset when strategy changes, leaving the Board with limits that no longer reflect the risks being taken.

4. Practical Application in Australian Financial Services

Each worked example below uses a fictional institution. The trigger event, obligation activated, artefact produced and audit trail expected are deliberately specific so the learner can map them onto a real institution. All names and figures are illustrative.

4.1 Worked example: ADI ([ENTITY_ADI_PLACEHOLDER])

Trigger event. The Treasurer of [ENTITY_ADI_PLACEHOLDER] briefs the Board on a proposed $2.4 billion expansion of the residential investor mortgage book over 18 months. The expansion would lift the share of investor lending in the home loan portfolio from 22 per cent to 30 per cent. Obligation activated. CPS 220 paragraph 32 requires the Board to consider whether the proposal is consistent with the Risk Appetite Statement before approval. The RAS contains a quantitative limit on investor mortgage concentration at 28 per cent of the home loan book and a qualitative tolerance for borrower channel concentration. Artefact produced. The Chief Risk Officer prepares a CPS 220 risk assessment paper that quantifies the breach against the RAS, tests sensitivity to a 200 basis point rate shock and a 20 per cent house price decline, and recommends one of: (a) reject the proposal, (b) approve with a Board-endorsed RAS amendment, or (c) approve with mitigants and a step down plan. Audit trail expected. Board Risk Committee minutes capturing the CRO recommendation, Board minutes recording the decision basis, an updated RAS if amended (with APRA notification under the consultation expectations), and a tagged entry in the breach and waiver register reviewed at the next CPS 220.4 declaration.

4.2 Worked example: General insurer ([ENTITY_GI_PLACEHOLDER])

Trigger event. A severe weather event in northern Queensland produces gross incurred claims of $640 million in a 14 day window for [ENTITY_GI_PLACEHOLDER], approaching the catastrophe reinsurance retention layer. Obligation activated. CPS 220 paragraph 41 requires the institution to monitor and report against its insurance and reinsurance risk metrics, with breaches escalated to the Board Risk Committee. Artefact produced. A within-cycle catastrophe report from the Appointed Actuary, a reinsurance recovery readiness paper, and an RAS metric trigger note from the Chief Risk Officer estimating the residual capital impact. Audit trail expected. Reinsurance broker confirmation, claims bordereaux, accumulation modelling output, the Board Risk Committee paper and minutes, and an explicit linkage from this event into the next comprehensive review of the Risk Management Framework to test catastrophe response readiness.

4.3 Worked example: Superannuation trustee ([ENTITY_RSE_PLACEHOLDER])

Trigger event. The investment committee of [ENTITY_RSE_PLACEHOLDER] proposes increasing the unlisted infrastructure allocation in the MySuper default option from 18 per cent to 26 per cent over 24 months. Obligation activated. CPS 220 requires alignment with the RAS, while SPS 530 and the SIS Act covenants require the trustee to act in members' best financial interests. Artefact produced. A combined CPS 220 and SPS 530 paper that assesses liquidity risk under the Annual Performance Test stress, member switching scenarios, valuation governance, and the interaction with insurance liabilities. Audit trail expected. Investment Committee minutes, trustee Board minutes, the RAS metric tracking dashboard, and an updated Liquidity Management Plan referenced in the Risk Management Strategy. The CPS 220.4 declaration in the following year must record any RAS amendment and the framework changes triggered by this decision.

4.4 Worked example: AFSL holder operating as a friendly society ([ENTITY_FS_PLACEHOLDER])

Trigger event. [ENTITY_FS_PLACEHOLDER], a friendly society regulated by APRA and holding an AFSL from ASIC, identifies a control weakness in the unit pricing of its investment-linked benefit fund following an internal audit finding. Obligation activated. CPS 220 paragraph 28 requires the institution to maintain controls over operational risks, with breaches reported under the policies and procedures of the Risk Management Framework. ASIC Regulatory Guide 94 unit pricing reflects the dual regulatory exposure. Artefact produced. A control deficiency report, a remediation plan signed by the CRO, a unit pricing reissue calculation, and an evaluation of whether the breach is reportable to APRA under CPS 220 and to ASIC under section 912DAA Corporations Act. Audit trail expected. Internal audit working papers, remediation tracker, member compensation register, and a documented entry in the cross regulator notification log.

5. Visual Pack

The visuals below are designed for direct rendering by a designer or drop-in to Lucidchart, Whimsical or Visio. Each visual carries the source data and intent.

Visual 1. Risk Management Framework architecture

Layout: vertical hierarchy with five tiers, colour-coded by accountability. Suggested tooling: Lucidchart hierarchy template.

Tier	Accountability
Tier 1 - Board	Approves RAS, RMS, CPS 220.4 declaration, and the comprehensive review report. Forms a view on risk culture.
Tier 2 - Board Risk Committee	Recommends RAS to Board, oversees CRO, reviews material breaches and emerging risks.
Tier 3 - CEO and Executive Risk Committee	Operates within the RAS, sets internal limits, approves risk policies below Board reserved level.
Tier 4 - Chief Risk Officer and Risk function	Independent challenge, RAS metric monitoring, framework custodianship, regulator engagement.
Tier 5 - First line business units	Risk owners. Identify, measure, control and report risks in line with policies and the RAS.

Visual 2. Risk Appetite Statement structure

Layout: a 4-column matrix mapping risk class to appetite anchor. Suggested tooling: Whimsical card grid or Excel matrix.

Risk class	Quantitative metric (illustrative)	Qualitative tolerance	Escalation trigger
Credit risk	CET1 ratio floor 11.0%, NPL ratio ceiling 1.2%	No tolerance for predatory lending or unsuitable products	Amber at 11.5%, red at 11.0%
Market risk	VaR 99% 1 day ceiling $18m	No proprietary trading outside hedging mandate	Amber at $14m, red at $18m
Liquidity risk	LCR 130% target floor, NSFR 110% target floor	No reliance on short term wholesale > 25% of funding	Amber at 135%, red at 130%
Operational risk	Operational loss budget $40m per year	No tolerance for breaches that disclose customer PII	Single event $5m or aggregate $30m
Insurance risk	1-in-200 year catastrophe retained loss <= $250m	Reinsurance coverage from minimum A- rated panel	Loss > $200m or downgrade of any panel reinsurer
Conduct and culture	Speak-up reports per 1,000 FTE >= 8	No tolerance for retaliatory behaviour	Zero speak-up reports for two consecutive quarters
Climate risk	Financed emissions reduction trajectory aligned to 1.5C	No new thermal coal financing	Variance > 10% from trajectory

Visual 3. Three Lines Model RACI

Layout: RACI matrix mapping CPS 220 activities to lines. R = Responsible, A = Accountable, C = Consulted, I = Informed.

Activity	Line 1 - Business	Line 2 - Risk and Compliance	Line 3 - Internal Audit	Board / BRC
Identify and own day-to-day risk	R/A	C	I	I
Set RAS metric and limits	C	R	C	A
Approve RAS and RMS	I	C	I	R/A
Monitor RAS breaches	R	R/A	I	A
Independent challenge of risk decisions	I	R/A	C	A
Comprehensive review of RMF	C	C	R/A	A
Sign CPS 220.4 declaration	I	C	C	R/A (Chair)
FAR accountable person attestations	R	R	I	A

Visual 4. Comparative obligations: CPS 220, CPS 230, CPS 510, CPS 511

Dimension	CPS 220	CPS 230	CPS 510	CPS 511
Primary purpose	Enterprise-wide RMF	Operational risk and resilience	Governance and Board composition	Variable remuneration alignment
Effective date	1 January 2014, reissued 1 July 2019	1 July 2025	1 July 2019 (current)	1 January 2024 (significant) / 1 July 2024 (others)
Board involvement	Approve RMF, RAS, RMS, comprehensive review	Approve operational risk profile, critical operations register	Approve governance framework, fitness and propriety	Approve remuneration framework, consequence management
Senior officer required	Chief Risk Officer with Board access	No specific role; CRO typically owns	Chair, Board committees	Remuneration Committee Chair
Annual attestation to APRA	CPS 220.4 declaration	Annual statement on operational risk profile	Governance attestation under CPS 510	Remuneration outcome reporting
Independent review cycle	At least every 3 years	At least every 4 years	Periodic Board effectiveness review	Annual remuneration outcome review
Cross reference to RAS	RAS lives here	Operational risk metrics feed RAS	Governance framework approves RAS	Variable remuneration linked to RAS performance
FAR linkage	CRO and Chair of BRC are accountable persons	Senior officer accountable for CPS 230	CEO and Chair are accountable persons	Remuneration Committee Chair accountable
Common deficiency in supervision	RAS not used in decisions	Service provider register incomplete	Skills matrix not refreshed	Risk adjustments not applied

Visual 5. Risk Appetite Statement metric heat map (illustrative)

Layout: status table colour-coded amber and red. Suggested tooling: Excel conditional format, then export to PDF.

Metric	Red threshold	Amber threshold	Current value	Status
CET1 ratio	11.0%	11.5%	12.1%	Green
LCR	130%	135%	146%	Green
Operational loss YTD	$40m	$30m	$33m	Amber
NPL ratio	1.2%	1.0%	1.05%	Amber
Speak-up reports per 1,000 FTE	8	10	6	Red
Financed emissions variance	+/- 10%	+/- 5%	+12%	Red
Single op risk event	$5m	$3m	$2.4m	Green
Cyber resilience self-assessment	85	90	82	Amber

Visual 6. Quantitative trend (illustrative)

Layout: stacked column chart. X axis = financial year (FY22 to FY26). Y axis = number of CPS 220 RAS metric breaches (count). Stack series: Credit, Market, Liquidity, Operational, Insurance, Conduct, Climate. Suggested tooling: Excel stacked column then export.

Period	Credit	Market	Liquidity	Operational	Insurance	Conduct	Climate	Total
FY22	4	1	0	9	2	1	0	17
FY23	5	2	1	11	1	2	1	23
FY24	3	1	1	14	3	3	2	27
FY25	2	0	0	16	2	5	4	29
FY26 YTD	1	0	0	9	1	4	3	18

All figures illustrative. Use to brief a designer.

Visual 7. The 5 things to remember

CPS 220 in five lines 1. The Risk Management Framework is the umbrella; the RAS, RMS and policies sit underneath. 2. The Board owns risk appetite and risk culture, not the CRO. 3. The CRO must have direct, unfettered access to the Board and structural independence. 4. A comprehensive review by an operationally independent reviewer is mandatory at least every 3 years. 5. CPS 220 is enforced through CPS 510 governance, CPS 511 remuneration, FAR and ultimately licence conditions.

6. Operating CPS 220 With AI: Project Space, Prompts and Governance

6.1 Use cases at scale

Drafting RAS metric definitions across the eight standard risk classes, including amber and red thresholds, with the AI proposing options the Board Risk Committee then ranks.
Mapping the institution's strategic objectives to material risks and producing a candidate RAS architecture before human refinement.
Conducting an emerging risk horizon scan that synthesises APRA letters, IMF Financial Stability Reports, BIS papers, Basel Committee guidance and peer regulator material.
Drafting Board Risk Committee paper narratives that translate dashboard data into a strategic story, with sources and limits clearly labelled.
Producing scenario analysis frameworks for reverse stress tests, including the cascading event chain and the recovery options.
Generating CPS 220 gap and maturity assessments that map current artefacts against the seven required components.
Drafting first cut responses to APRA case manager queries, with citations to the underlying RAS, RMS or policy.
Preparing the comprehensive review brief for the operationally independent reviewer, including the document index and interview list.

6.2 Project space setup

ChatGPT (Projects or Custom GPT)

Create a Project named 'CPS 220 Enterprise Risk Workbench'. Set the Project memory to: 'You are a senior enterprise risk advisor for an APRA-regulated entity. You operate under CPS 220, CPS 230, CPS 510, CPS 511 and the Financial Accountability Regime. You always cite the relevant prudential standard paragraph or APRA letter. You never accept live customer, claimant or market sensitive data in inputs.'
Upload to the Project knowledge base: CPS 220 (current), the latest APRA letter on Risk Management Framework expectations, an internal de-identified RAS template, an internal de-identified RMS template, a glossary, and the institution's risk taxonomy.
Use a folder structure: 01_Inputs, 02_Drafts, 03_Approved, 04_Sources. File naming: CPS220-{Artefact}-{YYYYMMDD}-{Owner}-{Version}. Example: CPS220-RAS-20260415-CRO-v0.3.
Where the institution requires it, use ChatGPT Enterprise with data residency and no model training on data. Confirm the contract terms with Procurement and Privacy.

Claude (Projects or Skills)

Create a Claude Project named 'CPS 220 Enterprise Risk Workbench'. Add a system prompt that mirrors the ChatGPT Project description. Upload the same de-identified knowledge base.
Build a Claude Skill named cps220-risk-architect that codifies the prompt library below. Use a SKILL.md that lists all six prompts as triggers, plus references to the institution's de-identification rule and the prohibited inputs list.
Pin a Memory entry: 'Prohibited inputs: live customer PII, market sensitive earnings data ahead of release, sanctions list match data, claimant data, named regulator individuals.'
Configure the project to require human approval before any draft is exported as a Board paper or sent to the regulator.

6.3 Prompt library

Each prompt below uses the same six-part scaffold. Insert your institution's risk taxonomy and RAS skeleton into the Context block before running.

Prompt 1. RAS metric design Role: You are a senior risk advisor designing Risk Appetite Statement metrics for an [ADI / general insurer / life insurer / RSE licensee]. Context: The institution's strategic objectives are [STRATEGY_PLACEHOLDER]. The current RAS metric set is [METRIC_LIST_PLACEHOLDER]. Apply CPS 220 paragraphs 26 to 32. Task: Propose three quantitative metrics and two qualitative tolerances per risk class, with amber and red thresholds, recommended monitoring frequency, and the line one owner. Constraints: No live customer or market sensitive data. Australian English. Do not propose any metric you cannot justify with a CPS 220, CPS 230 or APRA letter reference. Output format: A single table with columns Risk class, Metric, Type, Amber, Red, Frequency, Owner, Source. Followed by a 200 word commentary on the appetite philosophy. Quality bar: Every metric is measurable from the institution's current data warehouse. Every threshold is justified. No duplication across risk classes.

Prompt 2. Emerging risk horizon scan Role: You are a horizon scanner for the Board Risk Committee of an APRA-regulated entity. Context: Scan period is [DATE_RANGE]. Sources: APRA letters, RBA Financial Stability Review, ASIC Corporate Plan, IMF Financial Stability Report, BIS quarterly review. Task: Identify the 8 most material emerging risks for the institution. For each, provide the trigger, the channel of impact, the RAS metric most affected, and a watch indicator. Constraints: Cite every source by full title and date. Flag where evidence is contested or where the institution has limited line of sight. Output format: A ranked list with a one paragraph executive summary, then a 6-column table. Quality bar: Every entry has at least two independent sources. No speculation presented as established fact.

Prompt 3. Board risk dashboard narrative Role: You are drafting the narrative for the monthly Board Risk Committee dashboard. Context: The dashboard data is provided in [INPUT_FILE_PLACEHOLDER], aggregated and de-identified. The institution operates under CPS 220 and CPS 230. Task: Translate the dashboard into a 600 to 800 word narrative covering three pillars: status against RAS, material movements since the prior month, and forward looking watch items. Constraints: No raw figures unless they sit in the appendix. Australian English. Plain language for the non-executive director audience. Output format: Three labelled sections with sub-headings, a callout box for any RAS breach, and a closing paragraph titled 'What we are recommending'. Quality bar: A non-executive director with a non-technical background can understand it on first read.

Prompt 4. Scenario analysis framework Role: You are a stress testing specialist designing a reverse stress test for the institution. Context: The institution is an [INSTITUTION_TYPE]. The CET1 buffer at start point is [CET1_PLACEHOLDER]. The Risk Management Strategy identifies [TOP_RISKS_PLACEHOLDER] as the primary concentrations. Task: Design two reverse stress test scenarios that would breach the institution's viability. For each, articulate the cascading chain of events, the speed of impact, the RAS metrics breached, and the recovery options under the recovery plan. Constraints: Scenarios must be plausible and supported by historical analogues or supervisory guidance. No live trading book positions in inputs. Output format: Scenario name, narrative, event chain table (event, time horizon, RAS metric impact, mitigant), and a 150 word recovery plan summary. Quality bar: Each scenario can be defended in front of an APRA reviewer.

Prompt 5. CPS 220 gap and maturity assessment Role: You are an internal auditor scoping the CPS 220 framework review. Context: The institution's current RMF artefact set is [ARTEFACT_LIST_PLACEHOLDER]. The comprehensive review is due in [REVIEW_DATE_PLACEHOLDER]. Task: Map current artefacts to the seven required components of CPS 220. Score each component on a 1 to 5 maturity scale and identify the top three gaps for remediation. Constraints: Score conservatively where evidence of use is missing. Do not take artefact presence as proof of effectiveness. Output format: A scoring table, a 250 word commentary, and a remediation backlog with owners and indicative effort. Quality bar: Every score includes the evidence that supports it.

Prompt 6. APRA case manager response Role: You are drafting the institution's first cut response to an APRA case manager query. Context: The query is [QUERY_PLACEHOLDER] received on [DATE]. The relevant Board Risk Committee minutes, RAS extracts and RMS sections are loaded into the project. Task: Draft a response that directly answers the question, cites the supporting artefacts, discloses any known limitations, and proposes next steps. Constraints: No defensive language. No commentary about the regulator. Australian English. Output format: Letter format with a maximum of three sections plus an annexure list. Quality bar: The CRO and the Chair of the Board Risk Committee can sign without rewriting.

6.4 Governance, audit, privacy and risk appetite controls

De-identification is non-negotiable. Replace customer names, claimant names, internal staff names, transaction reference numbers, account identifiers and any data that could reidentify a natural person with merge field placeholders before the prompt leaves the institution's boundary. Retain the original input in a controlled artefact store with a hash that allows the AI output to be paired with the source on review.

Human in the loop is required at three checkpoints: (1) prompt design, where the prompt library is curated by the Risk function; (2) draft review, where every AI generated output is marked clearly as a draft and reviewed by a named human owner before it leaves the project space; (3) Board or regulator submission, where the responsible accountable person under FAR approves the final artefact.

Prohibited inputs include personal information governed by APP 6 and APP 11, market sensitive earnings or capital data ahead of public release, sanctions list match data, claimant data, and any record relating to an open APRA or ASIC investigation. Keep a published list of prohibited inputs in the project space and reference it in the SKILL.md.

Retention and logging. The institution's record keeping policy applies to AI generated content. Treat each prompt and response as a business record. Log: prompt, model, version, timestamp, input hash, output hash, reviewer, decision. Retention defaults to seven years for Board level artefacts and the period required by the SIS Act, Banking Act or Insurance Act for regulated records.

Model selection. For RAS, RMS, Board paper and regulator response work, use enterprise grade deployments (Claude for Enterprise, ChatGPT Enterprise, or Microsoft 365 Copilot with the appropriate data protections) that contractually exclude model training on the institution's data. Avoid consumer tier deployments. Where the institution operates a critical operation under CPS 230, the AI tooling that supports it is itself a service provider and must be captured in the CPS 230 service provider register with a substitutability assessment.

APP alignment. Map the workflow against APP 1 (open and transparent management of personal information), APP 5 (notification of collection), APP 6 (use and disclosure), APP 8 (cross-border), and APP 11 (security). Where the model provider hosts data outside Australia, complete the cross-border disclosure assessment and document the safeguards.

6.5 Quality assurance loop

Step	Action
1. Source check	Every factual claim is traceable to a named source. Reject the draft if more than 10 per cent of claims are unsourced.
2. Standard alignment	Cross-check the draft against the relevant CPS 220 paragraph numbers and any APRA letter cited. Flag any drift or omission.
3. Plain language test	Read the draft as a non-executive director. Replace technical jargon or define it on first use.
4. Risk reasonableness	Sanity check thresholds, scenarios and recovery options against industry analogues and the institution's own history.
5. Reviewer attestation	Named human reviewer signs off on the draft and records the decision in the project log.

Red team prompt to stress test your own draft

Red team prompt You are a former APRA supervisor reviewing the attached CPS 220 artefact. Identify the three weakest claims, the two most likely supervisory questions, and any inconsistency between the RAS, the RMS and the artefact. Score the artefact for evidence of use on a 1 to 5 scale and explain the score in 100 words or fewer. Do not be polite.

6.6 Scaling pattern across a team

Operationalise the workflow with five reinforcing controls. First, version control the prompt library in the institution's source of truth (typically SharePoint, Confluence, or a private repository). Second, maintain a change log for prompt edits with a peer reviewer. Third, set a model evaluation cadence: rerun a sample of historical prompts each quarter against the current model and compare outputs against the gold standard reference. Fourth, capture key risk indicators: percentage of drafts requiring substantive rework, percentage of drafts attracting BRC challenge, time saved per artefact, and the number of prompts triggering a prohibited input intercept. Fifth, train all users on the prohibited inputs list and on the QA loop before granting access. Track training completion as a CPS 220 control.

7. Common Pitfalls and Watch-outs

Pitfall: RAS built bottom up from existing limits, with no top down link to strategy.

Corrective action: Run an annual RAS reset workshop that starts from the three to five year strategy.

Pitfall: CRO reports in to the Chief Financial Officer or Chief Operating Officer, undermining independence.

Corrective action: Reset the reporting line to the CEO with a dotted line to the Board Risk Committee Chair.

Pitfall: Comprehensive review carried out by internal audit without operational independence assertion.

Corrective action: Use external reviewers for at least every second three year cycle and document the independence basis.

Pitfall: RAS metric breaches sitting in the dashboard without remediation owners or due dates.

Corrective action: Mandate that every breach generates a tracked remediation entry with an owner and a due date within five business days.

Pitfall: Risk culture assessment limited to a once a year survey with no Board view formed.

Corrective action: Triangulate culture indicators (survey, behavioural, conduct outcomes, speak-up data) and require an annual Board view document.

Pitfall: AI generated drafts going to Board without disclosure that AI was used.

Corrective action: Apply a standard footer disclosure on all AI assisted drafts and reference the QA loop in the cover note.

Pitfall: CPS 230 critical operations not feeding into the CPS 220 risk taxonomy and RAS metrics.

Corrective action: Map every critical operation to at least one RAS metric with a tolerance for disruption.

8. Decision Frameworks and Tools

8.1 Decision tree: 'Should this go to the Board Risk Committee?'

Step	Question	Routing
1	Does the proposal or event move an RAS metric into amber or red?	Yes -> escalate to BRC. No -> step 2.
2	Does the proposal or event affect a CPS 230 critical operation tolerance?	Yes -> escalate to BRC. No -> step 3.
3	Does the proposal create a new exposure not contemplated in the current RMS?	Yes -> escalate to BRC. No -> step 4.
4	Does the proposal change the institution's risk culture posture?	Yes -> escalate to BRC. No -> step 5.
5	Is there cross-regulator interest (APRA, ASIC, AUSTRAC, OAIC)?	Yes -> escalate to BRC. No -> manage in line one with line two oversight.

8.2 RMF maturity ladder

Maturity level	Hallmarks
Level 1 - Initial	RMF is largely undocumented or inconsistently applied. RAS metrics are aspirational.
Level 2 - Developing	Core artefacts exist. RAS metrics are defined but not actively used in decisions.
Level 3 - Established	RAS is referenced in approvals. Three Lines Model is operational. Comprehensive review delivered on cycle.
Level 4 - Integrated	RAS shapes strategy, remuneration outcomes and capital. Risk culture indicators feed Board reporting.
Level 5 - Optimised	RMF informs business model evolution. AI assisted analytics and scenario testing are part of the operating rhythm under documented governance.

8.3 Self-check questionnaire

Q1. Can a non-executive director read the RAS and explain in two minutes what risks the institution has chosen to take?

Q2. Is the CRO present at every Board meeting and does the CRO have a private session with the Board at least annually?

Q3. Has the comprehensive review been carried out within the last 36 months by an operationally independent reviewer?

Q4. Does each RAS metric breach in the last 12 months have a tracked remediation entry with an owner?

Q5. Is the CPS 230 critical operations register cross-referenced into the CPS 220 RAS?

Q6. Is variable remuneration adjusted in response to RAS breaches and conduct outcomes?

Q7. Are AI generated risk artefacts marked as drafts, logged, and reviewed by a named human owner before release?

9. Further Reading and Authoritative Sources

APRA Prudential Standard CPS 220 Risk Management (effective 1 July 2019, current as at April 2026).
APRA Prudential Practice Guide CPG 220 Risk Management (most recent version).
APRA Prudential Standard CPS 230 Operational Risk Management (effective 1 July 2025) and CPG 230.
APRA Prudential Standard CPS 510 Governance and CPS 511 Remuneration.
APRA Information Paper 'Risk Culture' (October 2016) and subsequent supervisory observations.
APRA Insight publications addressing Risk Management Framework deficiencies (most recent editions).
Reserve Bank of Australia Financial Stability Review (current edition).
Australian Securities and Investments Commission Corporate Plan (current cycle) for cross-regulator risk priorities.
Financial Accountability Regime Act 2023 (Cth) and APRA / ASIC joint guidance on accountable persons.
International Institute of Internal Auditors 'The IIA's Three Lines Model' (2020 update).
Basel Committee on Banking Supervision 'Principles for the Sound Management of Operational Risk' (current revision).
Governance Institute of Australia 'Risk Management for Directors' resource library.
Risk Management Institution of Australasia (RMIA) and Australian Institute of Company Directors (AICD) board level resources on risk culture.
International Monetary Fund 'Global Financial Stability Report' (current edition) and Bank for International Settlements quarterly review.

10. Closing Sign-off

This module is part of TheAICommand Learning Library. It is general information and education only. It is not legal, compliance, financial or professional advice. Apply institutional judgement and obtain specialist advice before relying on any element in a regulated decision.

TheAICommand. Intelligence, At Your Command.

APRA CPS 220 — Risk Management