Australian AI regulatory canon

Six essential practices for safe and responsible AI governance, in two parts (Foundations and Implementation Practices). It updates and simplifies — "evolves" — the Voluntary AI Safety Standard, and is now the primary government guidance for industry and the top-level framing boards and regulators use.

What bites → This is the language your board and your regulator will use. Map your governance to the six practices first.

Ten guardrails. Best read now as the detailed control catalogue beneath AI6, which evolved it — and still referenced in many contracts and risk registers, so retain the AI6 ↔ VAISS crosswalk. (There was no earlier 2023 version; VAISS is a September 2024 document.)

What bites → Still in live contracts and risk registers. Keep the crosswalk to AI6 current.

Mandatory for non-corporate Commonwealth agencies; v2.0 took effect 15 December 2025 (replacing v1.1). Obligations phase in. By the six-month mark — 15 June 2026 — each agency must publish a strategic position on AI adoption and meet the AI transparency-statement standard. By the twelve-month mark, around December 2026, each agency must maintain a register of in-scope AI use cases, designate an accountable owner for each, and complete an AI use-case impact assessment before deployment, with incident handling. Existing/legacy use cases must be assessed by 30 April 2027. Backed by a Standard for accountability, a Standard for AI transparency statements, and mandatory foundational AI training for all APS staff.

What bites → APS agencies: the strategic position + transparency statement fell due 15 June 2026 (now). The use-case register, accountable owners and impact-assessment-before-deployment are the ~December 2026 cliff — and legacy use cases must be assessed by 30 April 2027.

Relies on existing technology-neutral laws plus sector regulators and voluntary standards, with only targeted amendments "if required". It confirms no standalone AI Act and shelves the 2024 proposal for mandatory guardrails in high-risk settings — the deliberate policy posture the rest of this canon assumes.

What bites → Do not wait for an "AI Act". Compliance comes from existing laws applied to AI; the mandatory-guardrails proposal is off the table.

A new Australian government body (a $29.9m commitment) providing independent technical capability to monitor, test and share information on emerging AI capabilities, risks and harms — working with partners including the Australian Signals Directorate and CSIRO. A source of authoritative testing signal rather than an obligation.

Introduced by the Privacy and Other Legislation Amendment Act 2024, a new APP 1 obligation requires entities to disclose in their privacy policy the kinds of personal information used in, and decisions made by, qualifying automated decision-making. It commences 10 December 2026 (24 months after Royal Assent). OAIC guidance is expected around September 2026, following a consultation that closed 15 June 2026.

What bites → If an AI system materially affects a decision about an individual, you owe transparency from 10 Dec 2026. Inventory those systems now.

Passed both Houses on 12 February 2026 and assented 18 February 2026 (Act No. 5 of 2026). It amends the WHS Act 2011 (NSW) to place duties on PCBUs that use a "digital work system" — defined as "an algorithm, artificial intelligence, automation or online platform" — covering work allocation, performance metrics, surveillance and automated decision-making, plus new inspector and entry-permit powers. The substantive duties commence by proclamation (tied to SafeWork guidelines) and are not yet in force. The leading edge of state-level divergence — track it, because other jurisdictions will follow with their own variants.

What bites → State divergence is starting. A national AI control set is no longer sufficient on its own — watch for the NSW commencement proclamation.

On 26 October 2025 the Attorney-General ruled out a text-and-data-mining (TDM) exception to the Copyright Act for AI training, rejecting the Productivity Commission proposal. The Attorney-General’s Department, via the Copyright and AI Reference Group, is instead examining licensing options (statutory or collective). Relevant to anyone training or fine-tuning on third-party content.

What bites → Training on scraped third-party content carries real copyright exposure here. Licence, do not assume fair dealing.

A general prohibition on unfair trading practices, introduced to the House of Representatives on 1 April 2026, expressly aimed at "dark patterns" (pre-selected checkboxes, obfuscated information, manipulative countdown timers) plus drip-pricing and subscription obligations. The prohibition is technology-neutral but squarely catches AI- and algorithm-driven UX manipulation. Still a Bill; proposed commencement 1 July 2027 if passed.

What bites → If AI personalises pricing or nudges UX, design against dark-pattern findings now — a general prohibition is on a 1 July 2027 track.

Govern / Map / Measure / Manage (AI 100-1), with a Playbook. The Generative AI Profile (AI 600-1) landed July 2024; a preliminary draft Cyber AI Profile (IR 8596) in December 2025; and an AI Agent Standards Initiative for autonomous agents in February 2026. Voluntary, but the de facto baseline.

What bites → The common vocabulary your vendors already speak. Useful as the measurement scaffold beneath AI6.

A certifiable AI Management System, on the Harmonized Structure shared with ISO 27001 and 9001 — increasingly a procurement requirement. The natural "how" layer beneath AU guidance.

What bites → Turning up in tenders as a requirement. If you hold 27001, the gap to 42001 is smaller than it looks.

Risk tiers. Prohibited practices and AI-literacy duties have applied since 2 February 2025; GPAI model obligations since 2 August 2025; legacy GPAI has until 2 August 2027. The high-risk obligations were due 2 August 2026 — but under the "Digital Omnibus" (politically agreed 6 May 2026, not yet formally adopted) they are being postponed: stand-alone (Annex III) high-risk systems to 2 December 2027 and product-embedded (Annex I) systems to 2 August 2028, while Article 50 transparency duties are reported to stay on the 2 August 2026 schedule. Until the delay is published in the Official Journal (expected July 2026), 2 August 2026 remains the legal date. Relevant to any AU organisation with EU market exposure.

What bites → EU exposure: the 2 Aug 2026 high-risk deadline is being pushed to 2027–2028 by the Digital Omnibus — but it is not law yet. Plan to both dates and watch the Official Journal.

The major frameworks were not designed for agentic AI. Singapore’s IMDA launched a Model AI Governance Framework for Agentic AI on 22 January 2026 — one of the first national frameworks to address autonomous agents directly — and NIST opened an AI Agent Standards Initiative in February 2026. Still thin, and open, defensible thought-leadership territory for an AU lens.

What bites → If you are deploying agents, you are ahead of most major frameworks. Document your own controls.