Documentation

APRA/ASIC Compliance Brief

How Trutina's AI-powered fraud detection aligns with key APRA and ASIC prudential standards for Australian lenders.

Purpose

This brief demonstrates how Trutina's AI-powered fraud detection system aligns with key APRA and ASIC prudential standards relevant to mortgage lending and operational risk management.

APRA CPS 220 — Risk Management

Requirement

ADIs must maintain a risk management framework that identifies, measures, monitors, and manages material risks.

How Trutina helps

  • Automated fraud risk detection across 100% of applications (vs manual sampling)
  • Quantified risk scoring (0–100) provides measurable risk metrics
  • Continuous broker risk profiling identifies systemic risks
  • Audit trail documents all risk assessments for prudential review
  • Dashboard provides real-time portfolio risk visibility

APRA CPS 234 — Information Security

Requirement

ADIs must maintain information security capabilities commensurate with threats.

How Trutina helps

  • Detects AI-generated documents — a new and rapidly evolving threat vector
  • PDF forensics identifies document manipulation (metadata, font, timestamp analysis)
  • Cross-references against authoritative data sources (ABN Register, BSB Directory)
  • All data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Australian data sovereignty — all processing in Australia
  • See Security & Privacy Whitepaper for full details

APRA CPG 235 — Managing Data Risk

Requirement

Sound data risk management practices including data quality and integrity.

How Trutina helps

  • Validates document data against external authoritative sources
  • Consistency checks ensure internal data integrity (math verification)
  • Flags discrepancies between documents (payslip income vs bank statement credits)
  • Structured data extraction with confidence scoring

ASIC RG 209 — Responsible Lending Conduct

Requirement

Licensees must make reasonable inquiries about a borrower's financial situation and verify information.

How Trutina helps

  • Automated verification of income documentation (payslips, bank statements)
  • Cross-references employer ABN against Australian Business Register
  • Validates salary against ABS occupational benchmarks
  • Detects forged or AI-generated evidence of financial capacity
  • Provides documented verification trail for regulatory audit

ASIC Report 780 — Mortgage Fraud (2024)

Context

ASIC highlighted growing use of technology in mortgage fraud, particularly fabricated income documents.

How Trutina responds

  • Purpose-built to address the exact threat ASIC identified
  • AI content detection specifically trained to identify AI-generated financial documents
  • Broker risk profiling addresses ASIC's concern about fraud networks operating through broker channels
  • Comprehensive audit trail supports ASIC enforcement investigations

Explainability Requirement

Why it matters

APRA and ASIC both require that automated decision-making be explainable and auditable.

How Trutina delivers

  • Every risk score accompanied by plain-English narrative
  • Each fraud flag includes: category (which module detected it), specific evidence (exact values, comparisons, sources), severity rating with rationale, and weight contribution to overall score
  • Reports designed for inclusion in credit assessment documentation
  • No “black box” — every score component is traceable
  • Suitable for presentation to regulators, auditors, and customers

Record Keeping

  • Risk scores and flags retained for 7 years (APRA requirement)
  • Immutable audit log of all actions (who, what, when)
  • Full document analysis history available for regulatory review
  • Export capability for APRA/ASIC information requests

Regulatory Mapping Summary

StandardRequirementTrutina Feature
CPS 220Risk management frameworkAutomated risk scoring, broker profiling
CPS 234Information securityEncryption, Aus data sovereignty, threat detection
CPG 235Data risk managementCross-reference verification, data validation
RG 209Responsible lendingIncome verification, document authenticity
Privacy Act 1988Data protectionDPA available, data minimisation, right to erasure

Conclusion

Trutina provides Australian lenders with a purpose-built fraud detection capability that directly addresses the AI-generated document fraud threat while maintaining full alignment with APRA and ASIC prudential requirements. The system's emphasis on explainability ensures that automated risk assessments can be reviewed, audited, and presented to regulators with confidence.

Contact

Compliance Inquiries

compliance@trutina.com.au

This brief is for informational purposes. It does not constitute legal advice. Organisations should consult their own legal and compliance teams.

Last updated: March 2026

© Trutina — AI Lending Fraud Detection