Cisco Live Spotlight: APRA’s CPS 230 & Digital Compliance Research for Business Resilience in Financial Services
Our next Cisco Live Spotlight features an essential research project that’s tackling one of the most pressing challenges in financial services today: digital compliance for business resilience. Led by a distinguished team from Queensland University of Technology (QUT) in partnership with Cisco and Splunk, this initiative is part of the National Industry Innovation Network (NIIN) and is focused on addressing the regulatory demands of the Australian Prudential Regulation Authority’s (APRA) CPS 230 operational risk management standard.
With CPS 230 set to take effect in July 2025, financial institutions must establish robust frameworks for managing operational risk. This project explores how unified observability and security solutions can help financial services meet compliance requirements digitally, promoting resilience, reducing costs, and enhancing overall operational integrity.
Meet the Research Team
This critical project is guided by a team of leading researchers who bring deep expertise in regulatory compliance, digital resilience, and qualitative research methods:
Professor Anna Huggins (QUT Law)
An internationally recognised expert in regulatory and compliance processes, Professor Huggins’ research focuses on innovative responses to digitisation and automation. Her work has contributed to best practices for digital regulatory frameworks, including rules as code and regulatory technology.
Professor Mark Burdon (QUT Law)
Known for his expertise in the legal aspects of digitisation, Professor Burdon’s research covers information privacy law and digital compliance systems. His work addresses the practical implications of compliance and risk management in a digital world, helping bridge the gap between legal requirements and technological solutions.
Professor Lizzie Coles-Kemp (Royal Holloway, University of London)
As an expert advisor, Professor Coles-Kemp contributes her extensive experience in people-centred digital security practices. Her qualitative research methods offer valuable insights into designing compliance solutions that are effective and user-friendly, benefiting both industry professionals and regulatory bodies.
Ms Imogen Forster (QUT Law)
Ms Forster is a PhD student researching compliance in uncertain legal and regulatory environments. She is supervised by Professors Huggins and Burdon. Her research interests include mapping strategies in the context of complex regulatory landscapes.
Supporting the research team are, Reg Johnson, Terry Weber, and Harsha Hewapathirane from Cisco, guiding the projects strategic direction and ensuring its alignment with industry needs. From Splunk, Harry Chichadjian, Marty Przybylak, and Matthew Moore bring invaluable expertise in compliance technology and observability solutions, contributing specialised knowledge in data analytics and monitoring systems. Together, this collaborative team ensures that the project addresses both the technological and regulatory complexities facing today’s financial services sector.
The Challenge: Navigating APRA’s CPS 230 for Operational Resilience
CPS 230 aims to strengthen operational risk management for financial institutions, such as banks and insurers. CPS 230 is prompting financial institutions to rethink their approach to compliance with a greater focus on timely risk reporting and strengthening organisational resilience to minimise operational disruption.
For many in the financial sector, CPS 230 compliance is a complex task due to the challenge of integrating regulatory needs with digital processes. This project is helping financial services explore the potential of observability and security solutions—technologies that offer real-time, unified monitoring of IT infrastructures —to support continuous compliance and operational resilience.
The Approach: Collaborative Research with Industry Expertise
In partnership with Cisco and Splunk, QUT researchers are exploring how observability solutions can be tailored to the needs of financial institutions. The project includes focus groups with professionals in risk management, compliance, and IT, providing first-hand insights into the unique challenges of CPS 230.
These focus groups, conducted with financial services clients identified by Cisco and Splunk, aim to:
- 1. Understand the regulatory uncertainties associated with CPS 230.
- 2. Identify opportunities and challenges for observability and security solutions in promoting digital compliance.
Through this collaborative research, the project aims to create strategies that help institutions streamline compliance and improve resilience.
Expected Outcomes: Practical Insights and Interactive Mapping Strategies
The APRA CPS 230 & Digital Compliance project aims to provide financial services with new frameworks and insights to address their regulatory needs. Expected outcomes include:
- • Interactive Mapping Strategies: Tools to help institutions map information flows and compliance requirements, making it easier to manage regulatory risks.
- • Observability and Security Solutions for Digital Compliance: Practical guidance on using unified observability and security solutions to promote compliance, reduce costs, and improve resilience.
- • Enhanced Business Resilience: Strategies that align compliance with resilience, supporting financial institutions in managing operational risk effectively.
Engage with Us at Cisco Live: Building Resilient Compliance Solutions
We invite you to learn more about this groundbreaking project at Cisco Live Melbourne. Visit the NIIN stand to discover how this research is transforming the approach to digital compliance and operational resilience. Engage with our team to discuss innovative solutions for meeting CPS 230 requirements and building a more resilient future for financial services.
Keep an eye out for more Cisco Live Spotlights, where we’ll showcase research projects, student-driven solutions, and leading-edge developments propelling Australia’s digital evolution.
