๐Ÿ‡บ๐Ÿ‡ธ US 30-yr mortgage rate: 6.55% โ€” Bankrate, June 10๐Ÿ‡ฏ๐Ÿ‡ต BOJ June rate hike: 80% market probability โ€” CNBC๐Ÿ‡ฎ๐Ÿ‡ณ India opens insurance to 100% FDI under automatic route๐Ÿ‡บ๐Ÿ‡ธ Fed holds rates at 3.50โ€“3.75% โ€” third consecutive hold๐ŸŒ Global cyber insurance market: $33.4B projected for 2026๐Ÿ‡ฌ๐Ÿ‡ง FCA: Insurance premium finance APRs down 4.1% since 2022๐Ÿ‡ฐ๐Ÿ‡ท DB Insurance completes $1.65B Fortegra acquisition๐Ÿ‡บ๐Ÿ‡ธ Medicaid cuts: CBO estimates 11.8M to lose coverage๐Ÿ‡ฆ๐Ÿ‡บ APRA CPS 230 amendments effective July 1, 2026๐Ÿ‡ฉ๐Ÿ‡ช BaFin launches dedicated cyber insurance reporting class๐Ÿ‡บ๐Ÿ‡ธ US 30-yr mortgage rate: 6.55% โ€” Bankrate, June 10๐Ÿ‡ฏ๐Ÿ‡ต BOJ June rate hike: 80% market probability โ€” CNBC๐Ÿ‡ฎ๐Ÿ‡ณ India opens insurance to 100% FDI under automatic route๐Ÿ‡บ๐Ÿ‡ธ Fed holds rates at 3.50โ€“3.75% โ€” third consecutive hold๐ŸŒ Global cyber insurance market: $33.4B projected for 2026๐Ÿ‡ฌ๐Ÿ‡ง FCA: Insurance premium finance APRs down 4.1% since 2022๐Ÿ‡ฐ๐Ÿ‡ท DB Insurance completes $1.65B Fortegra acquisition๐Ÿ‡บ๐Ÿ‡ธ Medicaid cuts: CBO estimates 11.8M to lose coverage๐Ÿ‡ฆ๐Ÿ‡บ APRA CPS 230 amendments effective July 1, 2026๐Ÿ‡ฉ๐Ÿ‡ช BaFin launches dedicated cyber insurance reporting class
PG

PolicyGlobal

Insurance & Finance Intelligence

Sydney Australia financial district and regulatory compliance - illustrative image
Regulation๐Ÿ‡ฆ๐Ÿ‡บAustralia

Australia's APRA CPS 230 Operational Risk Amendments Take Effect July 1, 2026

Editorial Deskยทยท4 min read
Verified Story

The Australian Prudential Regulation Authority's amended CPS 230 Operational Risk Management standard takes full effect on July 1, 2026, introducing limited contractual exemptions for certain non-traditional service providers such as central banks and clearing facilities. Insurers, banks, and superannuation funds must review their material service provider portfolios and update their registers before the deadline as Australia's landmark operational resilience framework reaches full implementation.

Australia's financial sector is reaching a critical compliance milestone as the Australian Prudential Regulation Authority's (APRA) amended Prudential Standard CPS 230 Operational Risk Management takes full effect on July 1, 2026. APRA finalized the targeted amendments on April 30, 2026, in response to industry feedback highlighting practical difficulties in applying certain contractual requirements to arrangements with non-traditional service providers (NTSPs).

The key change is a carefully scoped exemption: APRA-regulated entities โ€” including banks, general insurers, life insurers, and superannuation trustees โ€” will not be required to meet specific CPS 230 contractual obligations for material arrangements with designated categories of NTSPs where bespoke contract terms are not practicable. The exempt categories, listed in an attachment to CPS 230, include government agencies, regulators, central banks, and financial market exchanges such as clearing and settlement facilities. The rationale is that these entities operate under statutory frameworks that effectively substitute for typical commercial contract terms.

To implement the framework, APRA has updated the Material Service Provider (MSP) Register template to allow entities to classify whether arrangements fall under the exemption, and will issue an updated APRA Connect return for the 2026 reporting cycle. For the insurance sector specifically, insurers and superannuation trustees must review their full material service provider portfolios before July 1, identify which arrangements qualify under the new exemptions, and update their MSP registers and internal reporting processes accordingly.

The broader CPS 230 framework, which has been in development since 2023, aims to ensure that all APRA-regulated entities can withstand and rapidly recover from operational disruptions including cyber incidents, system failures, and third-party service provider outages. APRA has indicated it expects the scope of these exemptions to narrow over time as domestic and international operational resilience practices develop and market practice on contract terms continues to evolve. With the July 1 deadline now days away, compliance teams across the Australian financial sector are finalizing their preparations โ€” failure to have updated registers and compliant arrangements by the deadline exposes firms to supervisory action.

Key Points

  • 1APRA's amended CPS 230 Operational Risk Management standard takes full effect on July 1, 2026
  • 2Limited contractual exemptions apply to non-traditional service providers like central banks and clearing facilities
  • 3Insurers, superannuation trustees, and banks must update Material Service Provider registers before July 1
  • 4APRA will issue an updated APRA Connect return for the 2026 reporting cycle
  • 5APRA expects the exemption categories to narrow over time as market practice matures

Why This Matters

CPS 230 is the cornerstone of Australia's approach to operational resilience across banking, insurance, and superannuation. With the July 1 deadline imminent, the standard is not optional โ€” failure to comply exposes firms to supervisory action. The framework reflects a global regulatory trend toward strengthening operational resilience against cyber incidents and third-party disruptions, making it relevant for insurers and financial institutions worldwide that are watching how regulators adapt strict standards to accommodate systemic infrastructure providers.

#APRA#CPS 230#Australia#operational risk#insurance regulation#prudential standards

Original Source

APRA (Australian Prudential Regulation Authority) โ†—
Verified ยท Jun 29, 2026Read Original
Disclaimer: This article is for informational purposes only and does not constitute financial, investment, legal, or insurance advice. Always consult a qualified professional before making financial decisions. PolicyGlobal reports on publicly available information from third-party sources and cannot guarantee the accuracy or completeness of such information.

Related Stories

Cybersecurity data breach and ransomware attack on insurance regulator - illustrative image
Regulation

NAIC Confirms Hackers Published Stolen Insurance Regulatory Data Online After PeopleSoft Breach

June 25, 2026

Legal gavel and litigation finance regulation - illustrative image
Regulation

North Carolina Becomes First US State to Ban Third-Party Litigation Funding

June 22, 2026

Cybersecurity breach and insurance regulatory data protection - illustrative image
Regulation

NAIC Confirms Insurance Regulator Data Stolen in PeopleSoft Hack as ShinyHunters Publishes 3.1TB Online

June 25, 2026

Sydney financial district and Australian prudential regulation compliance - illustrative image
Regulation

Australia's APRA CPS 230 Operational Risk Standard Takes Full Effect July 1

June 28, 2026

Daily Intelligence

The PolicyGlobal Daily Brief

Get the top 5 insurance and finance stories every morning, curated and verified by our editorial desk. No spam. Unsubscribe anytime.

Informational newsletter only. Not financial advice. Disclaimer