Skip to main content
Media Releases

APRA updates guidance on cloud computing services

Monday 24 September 2018

The Australian Prudential Regulation Authority (APRA) has released updated information on the use of shared computing services, such as cloud, by APRA-regulated entities.

The new Information Paper, Outsourcing involving cloud computing services, updates information on prudential considerations and key principles issued to APRA-regulated entities in July 2015. It has been developed in response to the growing use of the cloud by APRA-regulated entities for higher inherent risk activities, and observed areas of weakness in how entities approach and manage these risks. In addition, many applicants for Restricted ADI licences seek to use the cloud for critical systems.

The new paper acknowledges that advancements in cloud computing service offerings over the past three years have improved the ability of APRA-regulated entities to manage the risks involved. However, it also emphasises the need for entities to be mindful of the differing levels of responsibility for operating and managing these arrangements.

APRA-regulated entities should note that while this information paper does not constitute formal regulation, APRA intends to incorporate the better practices described in the paper into prudential standards and practice guides in the future. Any such changes will be subject to APRA’s normal processes of consultation.

Copies of the publication are available on APRA’s website at:


Media enquiries

Contact APRA Media Unit, on +61 2 9210 3636

All other enquiries

For more information contact APRA on 1300 558 849.

The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the financial services industry. It oversees banks, mutuals, general insurance and reinsurance companies, life insurance, private health insurers, friendly societies, and most members of the superannuation industry. APRA currently supervises institutions holding around $9 trillion in assets for Australian depositors, policyholders and superannuation fund members.