ASIC has an extensive remit, and AI can make us more effective and efficient. Given the rapid adoption of AI in financial services, our ability to regulate the use of AI in this sector will also be enhanced by gaining expertise in and experience with AI.

ASIC has adopted the definition of AI used in the policy. This definition is broad and potentially includes technologies and systems not commonly considered as AI. We manage AI systems by taking a risk-based approach. For example, we scrutinise more closely and apply tighter controls to AI systems that present the most risk.

As a law-enforcement agency, there may be occasions when we do not disclose the use of AI in connection with surveillance and enforcement activity, and this transparency statement should be read subject to that qualification.

The following tables describe how ASIC is currently using AI, as prescribed by the Digital Transformation Agency:

The table below demonstrates AI usage and patterns at ASIC.

The table below demonstrates ASIC domains where AI is used at ASIC.

ASIC does not use AI in any manner that allows direct interaction with the public or significantly impacts the public, without human oversight or involvement.

ASIC currently has governance structures in place and is developing others. We are also building workforce capability. For example:

ASIC’s AI policy

Our AI policy sets organisational responsibilities and considerations for developing, deploying, and using AI. Our AI policy is aligned with the principles underpinning the Australian AI Ethics Principles and implements the Australian Government’s Policy for the responsible use of AI in government.

Our AI assurance framework

We are participating in whole-of-government initiatives to develop an AI assurance framework comprising AI controls, measurement and assessment, monitoring and reporting, roles and responsibilities.

AI board

An AI board oversees the design, development, deployment and use of AI by ASIC.

Foundational technologies

We are investigating and adopting fit-for purpose technology to support the use of AI. This has involved:

• regular monitoring and evaluation of performance,
• adoption of robust security measures and access control, including monitoring for abnormal security activities, and
• implementation of explainable AI methods to ensure the AI systems are interpretable, explainable and understandable.

People capabilities

We are implementing role-based training programs for AI. We have also developed a series of organisation-wide AI training sessions to address our immediate needs. Data literacy is also a core capability within ASIC’s learning and development syllabus.

For our regulatory and enforcement activities, ASIC uses well-understood systems that have clear and proven benefits. Our risk-based approach is aligned to the Australian Government AI Assurance Framework.

AI systems developed by our data analytics teams and procured from external partners are used within ASIC. These are described under the usage patterns and domains section of this statement. ASIC’s data and AI governance practices include privacy, ethics, and security assessments. In all cases of AI use, human review or oversight is involved before any action is taken.

ASIC’s Senior Executive Leader, Data, Analytics and AI is the accountable official under the policy.

This transparency statement was created on 28 February 2025. It will be updated to reflect significant changes in our approach to AI, and at least every twelve months.

If you have questions or seek more information about this AI transparency statement please submit an online enquiry.