Our latest insights

Artificial intelligence is accelerating and amplifying traditional business risks, from cyber threats to fraud and decision-making integrity. This article outlines five emerging risk patterns and highlights why organisations must rethink risk management approaches to remain effective in an AI-driven environment.

Enterprise Resource Planning systems automate and integrate core business processes across HR, finance, supply chain, inventory and operations and like any major technology, they evolve over time. Sometimes this is through incremental upgrades, and other times it is through large‑scale transformation projects that introduce an entirely new platform.

AI-driven vulnerability discovery is compressing the time between weakness and exploitation. This insight explores what boards, CISOs and regulated entities need to change in their cyber risk assumptions, governance and oversight models.

Artificial intelligence is now firmly embedded across Australian financial services. What was once experimental is becoming operational, customer facing and increasingly central to core decision making.

The Federal Court’s $5.8M ACL decision signals a new era for privacy, cybersecurity, and governance in Australia. It reinforces that privacy and cyber obligations start Day 1 of any acquisition, governance failures will be scrutinised, and accountability cannot be outsourced. Boards must ensure robust oversight, deep cyber due diligence, and forensic incident response. With OAIC escalating regulatory enforcement, organisations face heightened legal, financial, and reputational risks.

It is a challenging time for many; from a cost-of-living crisis and global political uncertainty, to lingering stress post pandemic. Coupled with business control weaknesses or vulnerabilities, these pressures can create the perfect storm for financial crime to occur.

As the CPS 234 Information Security tripartite review program nears its end in June 2024, APRA-regulated entities face a critical moment. The upcoming CPS 230 Operational Risk Management implementation is closely linked to CPS 234, requiring preparation from regulated entities and service providers.

The Australian Cyber Security Centre (ACSC) released an update to the E8MM in November 2023 with several changes to the framework of controls previously recommended. These changes will require organisations who benchmark themselves against the E8 to reassess their existing cybersecurity strategies and control practices to determine if they remain in alignment with the new requirements.

The digital revolution, with its promises of efficiency and connectivity, has inadvertently given rise to cyber fraud – an invisible threat that can infiltrate the core of an organisation.

When Australia is the fifth most hacked country in the world, how do cyber security experts advise people and businesses to protect themselves?

Cyber security is a systemic risk to the prosperity of Australia; the problem is going to get worse before it gets better; it will impact everyone; and everyone has a role to play in addressing the issues.

CFOs have a pivotal role in preventing and mitigating fraud risks within organisations. They should establish a strong governance framework promoting ethical behaviour, transparency, and accountability. Collaborating with technology leaders, CFOs can implement anti-fraud technology, stress-testing measures, and anti-money laundering controls. Maintaining an ethical culture through awareness, education, and reporting mechanisms is crucial.