AI Vendor Assurances Alone Don’t Cut It: A Risk Management Wake-Up Call

An AI vendor telling you its model is “secure, compliant and tested” is marketing copy, not a risk control.

APRA said as much to Australia’s banks, insurers and superannuation trustees in a letter issued on 30 April 2026 — and the gap it described is sitting inside plenty of businesses that have never had a prudential regulator anywhere near them.


The 30-second take

Vendors often offer generic assurances on privacy, security and compliance. Those claims rarely address your specific organisational context, your regulatory obligations, or what happens when the model changes underneath you.

APRA’s April 2026 letter to industry found exactly this: an “overreliance on vendor presentations and summaries without sufficient examination of key AI risks.”

Effective AI risk management means independently verifying vendor evidence, mapping the supply chain behind every AI tool, and keeping control over model and data changes. Without that, third-party AI risk stays invisible until it becomes a compliance breach, an outage, or a headline.


What the regulators are actually seeing

This isn’t theoretical. Two recent regulatory interventions spell out the same problem in different sectors.

APRA’s letter to industry on AI (30 April 2026). Following a targeted supervisory review of large banks, insurers and superannuation trustees, APRA published its first AI-specific expectations for boards and executives. Of the four areas it examined — cyber security, governance, supply chain risk and assurance — APRA found the widest gap between practice and expectation in third-party and supply-chain risk. Its finding: AI is often embedded in vendor platforms with “opaque upstream dependencies” that stay hidden until something fails, and many entities are still leaning on vendor presentations instead of independent technical assessment. APRA has flagged proportionate prudential reviews and supplier engagement over the next 12 months, with enforcement “in reserve” for entities that don’t lift their game before contracts must comply with CPS 230 by 1 July 2026.

ASIC’s Report 798, “Beware the gap” (29 October 2024). ASIC’s review of AI adoption by licensees warned that governance arrangements were not keeping pace with how quickly AI was being deployed in customer-facing and decision-making processes. The report’s central warning — that boards and risk functions risk rubber-stamping AI use cases without genuinely understanding what they’re approving — is the same failure mode APRA later named in its 2026 letter: governance frameworks that look complete on paper but were never tested against how the AI, or its vendor, actually behaves in production.

“Blind reliance on vendor assurances leaves your organisation vulnerable to surprises that can disrupt services or trigger regulatory scrutiny.”

Bringing risk ownership back in-house

Effective AI risk management starts with clear business ownership. The organisation must define the purpose of the AI use case, understand how it supports strategy and customer outcomes, and accept accountability for the risks as well as the benefits. That means treating vendor assurances as one input — not the final word. Business and risk teams need to independently verify evidence and assess AI risk in the context of their own operational, legal and regulatory environment, not the vendor’s.

Designing practical evidence requirements

Organisations should establish contractual and evidentiary requirements that go beyond a vendor’s standard compliance pack, including:

  • Independent verification of security, privacy and model performance claims
  • Visibility over fourth-party and foundation-model dependencies, not just the direct vendor
  • Change management processes for model updates, with advance notice obligations
  • Incident and breach notification protocols with defined response timeframes

These requirements ensure that vendor evidence aligns with your specific risk appetite and compliance obligations — not the vendor’s generic risk appetite.

Embedding continuous monitoring and escalation

AI risk is not a one-time checkbox. Controls and assumptions must be tested continuously. Organisations need monitoring processes to detect model drift, performance degradation, or unexpected behaviour, with incident management that is clear and swift. When issues arise or vendor changes occur, escalation paths should activate quickly, engaging the right governance forums and enabling informed decisions on pause, remediation or retirement of the AI use case.

Questions to put to your own organisation

  • Can we name every AI vendor we rely on, and do we know which foundation models and fourth parties sit behind them?
  • Have we independently verified any vendor’s security, privacy or performance claims, or have we only read their summary documents?
  • What happens to our risk position if a vendor changes its model, its data handling, or its terms with no warning?
  • Do our contracts give us audit rights, change notification, and a credible exit or substitution path?
  • Does our board have enough AI literacy to challenge a vendor’s assurances, rather than accept them at face value?
  • Who in our organisation owns the risk if the AI tool gets it wrong — and have they actually accepted that accountability?

Third-Party, Vendor and Model Supply Chain Risk

Vendor assurances are a starting point for due diligence, not a substitute for it.

As APRA and ASIC have both now made clear, the organisations most exposed to AI risk are the ones that mistook a vendor’s compliance pack for their own risk assessment.

Want to check how your organisation’s AI vendor oversight actually stacks up? Visit the Innovation of Risk for practical maturity and risk assessment tools.


More from the Reading Room

Using AI Risk Management to Accelerate Innovation

New Diligent Institute / Governance Institute of Australia data shows 61% of Australian boards restrict employee AI use while only 13% have an AI-literate director — proof that restriction and real governance are pulling apart. NIST's expanding AI Risk Management Framework and the EU AI Act's 2 August 2026 third-party accountability deadline show how structured, evidence-based workflows are what actually let AI adoption move faster, safely.

The Qantas privacy finding: a positive lesson in third-party oversight

A serious data breach does not automatically mean governance failed. The more important question is whether an organisation can demonstrate that it understood the risks,...

AI Agents and Non-Human Identity Risk

When a single ungoverned AI tool gave attackers a path from a Vercel employee’s device into Vercel’s internal systems, and a poisoned VS Code extension let attackers pull roughly 3,800 repositories out of GitHub, the common thread wasn’t a coding flaw — it was an unmanaged non-human identity. With AI agents now driving machine identities to roughly 109 per human inside the average enterprise (CyberArk, 2026), most governance frameworks still treat identity as a human-only problem.

AI Risk Management Must Shift from Advisory to Driving Informed Risk Taking

Commonwealth Bank's 2026 AI transparency report, Deloitte's board AI-literacy data and PwC's 2026 AI Performance Study all point the same way: risk teams stuck in a purely advisory role are becoming a competitive liability, not a safeguard. Here's what separates governance that enables from governance that only gates.