Which AI Decisions to Prioritise When Three Regulators Are Watching

Between 70% and 85% of AI projects in financial services fail to reach production or deliver measurable business value, according to research from Gartner, FinTellect, and the RAND Corporation. The failure rate is consistent across markets. What differs in ANZ is the consequence. In most markets, a failed AI programme is an investment write-off and a capability gap. In ANZ in 2026, a failed or ungoverned AI programme is also a CPS 230 compliance failure, a potential AUSTRAC exposure, and a SPF liability risk. The institutional cost of getting the programme design wrong has increased materially, and the margin for the kind of errors that kill most AI initiatives — no named sponsor, data not ready, success defined as model accuracy — has narrowed accordingly.

Volume and value are not the same thing

The instinct that drives most AI prioritisation produces the wrong outcome. Teams identify high-volume decisions, calculate the automation saving, and build a business case on cost reduction. The decisions that attract investment first are account administration, STP routing, low-value card authorisation, and other high-frequency, low-consequence processes. These are reasonable automation candidates. They are not where the value sits.

The decisions with the largest value at stake combine high volume with severe financial consequence per error. Payment fraud and AML screening sit squarely in this category. In ANZ, they are also the decisions where all three live regulatory frameworks concentrate their requirements — SPF liability for real-time fraud detection, AUSTRAC monitoring obligations for AML transaction surveillance, and CPS 230 operational resilience requirements for both. The compliance requirement and the commercial opportunity are pointing at the same decisions. Institutions treating NPP fraud detection or AML transaction monitoring as a compliance project rather than a value creation project are misreading their own business case.

Mortgage credit decisioning occupies a distinctive position in the ANZ decision portfolio that has no direct equivalent in North America or EMEA. Australia’s mortgage market is among the largest relative to GDP in the world. Faster, more accurate credit decisions with AI scoring improve broker channel conversion in a market where broker competition is intense and the decision speed gap between digital-first lenders and incumbents is widening. CDR data creates an additional dimension: institutions with credit models capable of incorporating consented Open Banking transaction data at origination are underwriting with meaningfully better signal than those relying solely on bureau data, with direct consequence for approval rates, default prediction accuracy, and the ability to serve the self-employed and thin-file segments that represent significant underserved populations. This is a higher-value opportunity than any straightforward automation case, and it is specific to ANZ.

Regulatory urgency in ANZ functions not as a nudge but as a hard constraint. CPS 230 has already reclassified fraud detection and credit decisioning AI from capability investments into critical operational infrastructure requiring board-level governance. An institution that has not yet built governance-grade AI for these decisions is not behind its peers — it is behind its regulator.

The three reasons AI programmes fail — and why they cost more to fail in ANZ

For institutions that correctly identify the high-value decisions and commit to targeting them, the failure patterns are consistent across every market. They break into three categories in roughly the same proportions every time.

Governance failure accounts for around 42% of failed initiatives. The pattern: technology selected before the problem was defined, the proof of concept proved the model works, and then nobody was assigned to act on it. No defined decision, no named sponsor, no measurable outcome, no production funding pathway established at the start. In ANZ, governance failure carries a specific additional cost: a model that has been through a proof of concept without a named board sponsor and without governance infrastructure built in from the start is almost certainly non-compliant with CPS 230’s board documentation and oversight requirements. In previous years, governance failure meant a wasted investment. Now it means a wasted investment and a regulatory gap.

Sequencing failure accounts for around 31%. Data was not ready. Nobody admitted it until the proof of value was already running. Teams proceeded with insufficient labelled outcome data, fragmented systems, or feature sets that could not be constructed from available inputs, and produced models too weak to deploy. In the ANZ context, sequencing failure has a specific dimension in CDR credit modelling: the data readiness question is not just about whether historical transaction data is available but whether the institution has CDR accreditation, data ingestion pipelines, and the governance documentation required to use consented customer data in production credit models. These are prerequisites that take months to establish, and discovering their absence after a proof of concept has started is the definition of sequencing failure.

Measurement failure accounts for the remaining 27%. The model achieved its technical targets. Nobody had defined what a good business outcome looked like in dollar terms or assigned accountability for achieving it. Under SPF liability, measurement failure has a direct regulatory dimension: an institution that cannot demonstrate the effectiveness of its scam detection controls — not in model accuracy terms but in outcome terms — is poorly positioned to defend itself against SPF liability claims before AFCA. The measurement infrastructure that a well-run AI programme establishes as a matter of good practice is also the evidence base that would be required in a regulatory dispute.

Source: ANZ Banking Practice analysis, consistent with findings across North America, EMEA, and APAC markets.

The structural implication is direct. The governance, sequencing, and measurement disciplines that would make any AI programme succeed — named decision, named sponsor, data readiness assessed before commitment, economic baseline established — are also the disciplines that produce CPS 230 compliance, SPF liability protection, and AUSTRAC programme effectiveness documentation. In ANZ, best practice and regulatory compliance require the same programme design. There is no gap between doing it well and doing it to the standard regulators require.

What this means for the sequencing question

Identifying the right decisions to target is necessary but not sufficient. Most institutions that fail do not fail because they targeted the wrong quadrant — they fail because they ran a programme structurally set up not to deliver, regardless of what it was pointed at. In ANZ, the stakes of that structural failure are higher than in other markets because three live regulatory frameworks are now measuring the same outputs that a well-designed AI programme would naturally produce.

The case for getting the programme design right before selecting technology has never been stronger in Australian banking. The third piece in this series addresses what that design looks like in practice — and why the governance architecture that satisfies APRA, AUSTRAC, and the SPF is the same architecture that produces compounding commercial advantage.

Part 2 of 3.

Sources

Gartner. AI Project Failure Rates. Multiple editions, 2023–2025. FinTellect AI. Why 80% of AI Projects in Finance Fail. 2024. RAND Corporation. AI Project Success and Failure Rates. Referenced in industry literature. ANZ Banking Practice. Decision Portfolio and Failure Mode Analysis. Internal analysis, consistent across North America, EMEA, and APAC markets. Australian Prudential Regulation Authority. Prudential Standard CPS 230 Operational Risk Management. Effective 1 July 2025.