Strengthening ADIs through better governance and strategy

Authorised Deposit-taking Institutions (ADIs) are navigating a complex operating landscape – one shaped by regulatory reform, rising consumer expectations, and rapid digital transformation. 

Boards and executives are encouraged to respond with agility to remain competitive, as the focus shifts on how regulatory expectations are embedded into strategy, resilience, and growth.  

ADIs now face the challenge of turning regulatory requirements into strategic advantage. To help you be prepared, we’ve summarised some key considerations to keep front of mind. 

Governance beyond regulatory compliance 

Regulators continue to emphasise that strong governance is key to organisational resilience. The Australian Prudential Regulation Authority (APRA) and Australian Securities and Investments Commission (ASIC) continue to probe into linkage between weak governance and systemic compliance failures and cultural shortcomings. Boards are being urged to lift their governance maturity or face greater scrutiny. 
 
Recent proposals from APRA aim to raise the bar, with higher expectations around board skills, director tenure, succession planning, and proper fit and proper process on key appointments. These updates are designed to incorporate accountability and strategic oversight at the Board level. 
 
For ADIs, this is an opportunity to move beyond reactive compliance. Boards that actively measure performance, manage conflicts transparently, and align closely with regulatory expectations will be better positioned to lead through complexity and show strength to the market. 

Fraud risks in the evolving payments landscape 

With funds moving in seconds and fewer friction points, scams and fraud risks have grown rapidly – creating reputational, financial, and operational risks for banks. As Australia accelerates its modernisation agenda, regulators are watching how overseas markets are responding. The UK’s experience with its authorised push payment (APP) fraud reimbursement regime shares some lessons, with financial institutions now required to reimburse victims unless gross negligence is proven.  
 
The focus has therefore shifted to prevention, meaning institutions will need to invest in better data sharing, fraud controls, and customer education initiatives. Taking a proactive approach to fraud risk – based on consumer protection and aligned with international best practice – will be key in maintaining public trust and regulatory confidence. 

Australia’s move to real-time payments  

With cheques and Bulk Electronic Clearing System (BECS) being retired by 2030, Australia’s payments system is undergoing its biggest transformation in decades. Real-time payments are becoming the norm, bringing benefits in speed, transparency, and operational efficiency, but also requiring a rethink of legacy systems and processes. 
 
As a result, ADIs and their payments service providers will need to ensure their infrastructure is future-proofed and ready to support high-volume, real-time transaction processing with robust fraud controls and data security.  
 
This is an opportunity to embed innovation, improve customer experience, and strengthen financial resilience. Institutions that invest in scalable, secure, interoperable platforms now will be better positioned to lead in the digital economy. 

Using updated internal audit standards for strategic assurance 

Internal audit is evolving into a more strategic function, one that does more than highlight control gaps. It plays a critical role in providing boards with assurance on risk culture, emerging threats, and the effectiveness of end-to-end risk management. Updated standards reflect this shift, encouraging audit teams to deliver greater impact through integrated assurance and smarter planning. 
 
Boards are being urged to treat internal audit as a strategic partner by leveraging insights and using tools like integrated assurance maps to form a more complete view of the organisation’s performance and resilience. 
 
To that end, technology is key to lifting audit effectiveness. Data analytics should inform planning and testing, enabling better diagnostics of fraud, cyber risk, and control weaknesses. When done well, internal audit not only supports decision-making, but also helps safeguard against future uncertainties. 

Supporting vulnerable customers requires a rethink 

ASIC’s recent review of hardship responses shows real gaps in how institutions identify and support vulnerable customers. With many instances of inconsistent communication, lack of tailored support, and poor data use, ADIs must reassess their hardship policies to meet both regulatory expectations and community standards. 
 
Common issues include poor identification of hardship, confusing communication, and lack of customising the support provided. To address this, ADIs must proactively identify at-risk customers, tailor assistance, and stay engaged throughout the support journey. With consumer duty influencing local regulation, institutions need to shift from reactive responses to proactive, data-driven strategies that promote long-term financial wellbeing. 

AML tranche 2 reforms impacting financial institutions 

Australia’s long-awaited Anti-Money Laundering (AML) tranche 2 reforms will expand the regime to cover high-risk professions and tighten requirements for existing reporting entities. The changes will introduce enhanced due diligence, broader regulatory powers, and a stronger emphasis on governance.  
 
For ADIs, the changes go beyond compliance – they’re a chance to reassess risk frameworks, close control gaps, and strengthen oversight across complex third-party networks. With tighter timelines and broader enforcement powers ahead, the institutions that move early on integrating automation, improving data integrity, and investing in governance will reduce risk and be better prepared for regulatory scrutiny. 

Tax governance and innovation incentives 

The ATO is sharpening its focus on the financial services sector, particularly in relation to GST assurance, R&D tax claims, and broader tax governance. ADIs need to ensure that tax positions are defensible, transparent, and strategically aligned with the business. 
 
In addition, the R&D tax incentive is often underutilised, especially by larger institutions. But with offsets of up to 43.5 per cent, this is an opportunity for ADIs to turn innovation spend into greater strategic value. Strong governance, clear documentation, and alignment with the broader innovation agenda are key to unlocking that benefit. 

Looking ahead 

The regulatory agenda for FY26 is broad, complex, and fast-moving, but also rich with opportunities. Institutions that leverage compliance as a driver of transformation, not just an expense, will be best placed to succeed in an operating landscape where trust, agility, and innovation matter more than ever. 
 
If you’re looking to navigate these challenges and unlock greater value from your risk, governance and compliance functions, we offer practical insights, a tailored approach and a clear focus on outcomes. Please get in touch to explore how we can support your priorities. 

Learn more about our Financial Services team

Visit our Financial Services page