The evidence layer for Australian AI

Your team is using AI.
Can you prove it was compliant?

Guard sits between your business and whatever AI model you use. Every call is checked against Australian regulation, signed as tamper-evident evidence, and logged for seven years.

Built for financial services, superannuation, health, insurance, government, and professional services. Covers CPS 234, CPS 230, the Privacy Act, and the ADM transparency obligation commencing December 2026. Live in a day.

$4,500 pilot fee, credited against year one. 60 days. No lock-in. Walk away with your data if it's not for you.

Data stays under Australian law · CPS 234 and CPS 230 evidence · Integrate in < 1 day
Australian workplace with warm afternoon light, showing a team working with AI compliance tools

Compliance obligations already in force

APRA CPS 234 Section 15 has required third-party AI oversight since 2019. CPS 230 operational risk standards commenced 1 July 2025. APP 8 is triggered on every cross-border AI call. The notification clock on a material incident is 72 hours.

10 December 2026

Automated decision-making transparency commences.

From this date, every Australian business using AI for decisions that significantly affect someone's rights must disclose what data was used and how the decision was made. Civil penalties up to $50 million. Guard generates the logs the disclosure describes.

Privacy and Other Legislation Amendment Act 2024 (Cth), Schedule 1, Part 15

See what Guard covers →

THE GAP

Your policy says you control AI.
Can you prove it?

Your business has deployed AI via API, through claims triage, support bots, credit decisioning, RAG assistants, or features inside your own product. Provider logs aren't audit evidence. A syslog entry doesn't tell an auditor which obligation was assessed, which PII crossed a border, or whether controls were active at the moment of each call.

No visibility

Staff and application code hit OpenAI, Anthropic, Azure AI, and Bedrock directly. Network logs capture the destination, not the content. Your SIEM sees a connection, not a compliance event.

A clock, not a deadline

CPS 234 gives 72 hours to notify APRA of a material incident. Privacy Act entities have 30 days under the NDB scheme. Without per-call evidence, neither window is easy to meet.

Risk accumulating

Every week without instrumentation is another week of AI activity you can't retroactively attest. The auditor sees what was evidenced, not what was promised.

40° South is the evidence layer.

40 South Guard dashboard showing compliance activity feed, metric tiles, and audit log

40° SOUTH GUARD

Every prompt.
Every response.
Evidenced by default.

Proof, every call.

Guard is compliance middleware. It sits between your team and whatever AI model they're already using. One API URL change. No infrastructure rebuild. Live in a day. Every call is checked, signed, and logged.

  • Scans every prompt and response for Australian PII: TFN, Medicare, ABN, BSB, credit cards, DOB, addresses, phone, email
  • Detects hidden instructions inside uploaded documents, a threat no hyperscaler gateway catches
  • Per-call cryptographically signed attestation, tamper-evident and audit-ready
  • Works with any OpenAI-compatible endpoint: OpenAI, Anthropic, Azure AI, Bedrock, or your own model
  • ADM transparency logging and export, ready for December 2026
  • 7-year tamper-evident audit trail, exportable as JSON
  • Cross-border flagging on every overseas provider call (APP 8 evidence)
  • Configurable compliance profiles per team and per use case
APRA CPS 234 APRA CPS 230 Privacy Act 1988 APP 8 ADM Transparency AFSL SIS Act

Guard covers AI that's been deployed via API: custom apps, RAG tools, agents, and product-embedded AI. Staff using ChatGPT Plus or Microsoft 365 Copilot on personal subscriptions sit outside the API layer; for those, Microsoft Purview or DLP tools apply. Most regulated businesses use both patterns. Guard covers the integration layer, which is where the real compliance risk sits.

HOW IT WORKS

Two lines of config. Every AI call evidenced.

Step 01

Point your AI calls through Guard

Swap the base URL and API key in your app config. Guard works with any OpenAI-compatible endpoint: OpenAI, Anthropic, Azure AI, Bedrock, Gemini, or your own model. Existing code keeps working. Typical integration is under a day.

Step 02

Every call checked, signed, logged

Guard intercepts the request, scans for PII, checks for prompt injection, flags cross-border disclosure, and generates a signed attestation. The call continues to the provider. The response is scanned on the way back. Detection overhead is typically under 50 milliseconds, plus the upstream call.

Step 03

An audit trail your board and regulators can trust

Every call is logged with timestamp, model, user, PII findings, compliance outcome, and regulatory mapping against CPS 234 S14/S15/S16/S17, APP 8, and ADM T1–T4 controls. Export attestations as JSON. Feed them to your GRC platform. Answer a 72-hour notification with confidence.

Detection overhead is typically under 50 milliseconds. Your team won't notice it's there.

WHAT GUARD DETECTS

The threats your current tools don't see.

Guard scans every prompt and every response. Every AI interaction is checked for sensitive data and manipulation attempts before anything leaves your organisation.

Australian PII detection

Catches sensitive data before it leaves your organisation.

Guard scans for personally identifiable information specific to Australian regulations, not just generic patterns.

Tax File Numbers (TFN)
Medicare numbers
Australian Business Numbers (ABN)
Bank account and BSB numbers

What happens when PII is found:

Configurable per policy: block the request, mask the sensitive data, or flag and log it. Every detection is recorded in the audit trail with the PII type, location, and action taken.

Guard scans prompts and the content of uploaded files (PDF, DOCX). A staff member uploading a customer document for AI summarisation is covered.

Prompt injection detection

Catches hidden instructions before the AI reads them.

Prompt injection is when someone hides instructions inside content that gets fed to an AI. The AI follows those hidden instructions, potentially leaking data or bypassing controls. Guard catches these before they reach the model.

What Guard detects:

Direct instruction overrides in prompt text
Zero-width characters invisible to humans but read by AI models
Attempts to extract system prompts or override safety controls

Why this matters for compliance:

If an AI system can be tricked into bypassing controls, your information security controls are ineffective. Under CPS 234, that's a reportable control weakness. Under APP 8, it could result in an uncontrolled cross-border disclosure of personal information.

THE DIFFERENCE

"AI compliance" software exists.
None of it produces the evidence.

GRC platforms track that a control exists. Hyperscaler gateways check whether outputs are harmful. Microsoft Purview covers Microsoft only. Guard produces per-call proof your controls ran, across every provider.

Feature GRC platforms
6clicks, Protecht, Vanta
Hyperscaler gateways
Cloudflare, Azure, Bedrock
Microsoft Purview 40° South Guard
Sits in the AI request path ~
Australian PII detection (TFN, Medicare, ABN) with checksums
Prompt injection detection inside uploaded documents
Per-call cryptographically signed attestation
CPS 234 Section 15 runtime evidence Register-level
CPS 230 material service provider oversight Register-level
Cross-provider coverage (Microsoft + OpenAI + Anthropic + others) ~ ~
7-year tamper-evident audit trail Register-level ~
ADM transparency logging and export
Market Compliance program management Content safety for developers Microsoft ecosystem Australian regulatory evidence at inference time

✓ = supported  ·  ~ = partial  ·  ✗ = not supported

GRC platforms like 6clicks, Protecht, and Vanta are complementary to Guard, not competitive. Guard produces the per-call evidence that their registers can point to. If you already own a GRC seat, use Guard to make what's in it defensible.

INDUSTRIES

Built for Australia's most regulated sectors.

Guard is configured per industry. The compliance rules your business is checked against are specific to your sector, not a generic one-size-fits-all ruleset.

Financial services

Banks, lenders, wealth managers, and AFSL holders face the highest AI compliance obligations in the country. Guard produces the evidence they need.

APRA CPS 234 APRA CPS 230 AFSL

Health and aged care

Patient and resident data is among the most sensitive in the country. Guard keeps it inside your compliance boundary and produces evidence per call.

Privacy Act My Health Records Act AHPRA (in development)

Government and public sector

PSPF, ISM, and the DTA AI Assurance Framework all need evidence of AI handling at classification boundaries. Guard covers that under Australian law.

APS 8 Privacy Act ISM DTA AI Assurance

Superannuation

Super funds face APRA scrutiny on technology risk and material service providers. Guard produces the audit trail your next RSE review will ask for.

APRA CPS 234 APRA CPS 230 SIS Act

Legal and professional services

Client privilege, conflict duties, and trust account rules all extend into AI use. Guard covers them, with per-user and per-matter compliance profiles.

Privacy Act State Bar Rules

Insurance

Insurers handle sensitive personal and health data at scale. Guard monitors every AI interaction against your obligations, including the ICA General Insurance Code.

Privacy Act ICA Code APRA CPS 234

COMPLIANCE COVERAGE

The Australian regulations your business is already obligated to meet.

Guard is built against Australian regulatory frameworks, not retrofitted from US compliance tools. Regulations in force today lead; upcoming obligations follow.

IN FORCE

Privacy Act 1988

Australian Privacy Principles (APPs 1, 8, 11), Notifiable Data Breaches scheme

IN FORCE

APRA CPS 234

Information security for APRA-regulated entities, Section 15 third-party oversight, Section 35 72-hour notification

IN FORCE

APRA CPS 230

Operational risk management, material service provider oversight (commenced 1 July 2025)

IN FORCE

APS 8

AI use in Australian Government

IN FORCE

ISM

Information Security Manual, government classifications

IN FORCE

AFSL obligations

AI in financial advice and dealing

IN FORCE

SIS Act

Superannuation prudential requirements

IN FORCE

ICA General Insurance Code

Insurer obligations on data and communications

COMMENCING DEC 2026

ADM Transparency

Automated decision-making disclosure (Privacy Act APPs 1.7–1.9)

IN DEVELOPMENT

AHPRA guidelines

AI and clinical decision support in health

Regulatory frameworks are updated quarterly. Custom framework mapping available on request.

PRICING

Two tiers. Annual billing. No surprises.

No per-seat charges. No add-ons. Every compliance capability included in both tiers. Choose based on your call volume.

FOR SMALLER TEAMS

Starter

$2,500

/month · $30,000 /yr

Up to 100,000 AI calls/month


  • Guard proxy and Australian PII detection
  • CPS 234 Section 15 and CPS 230 compliance mapping
  • ADM transparency logging and export
  • 7-year tamper-evident, signed audit trail
  • Real-time jurisdiction enforcement
  • Compliance dashboard and reports

Onboarding support · Australian team · Built on Google Cloud's managed infrastructure · 7-year audit retention

Start a pilot →

FOR MULTI-TEAM ORGANISATIONS

Unlimited

$5,500

/month · $66,000 /yr

Unlimited AI calls


  • Everything in Starter, plus:
  • Unlimited AI calls – no monthly cap
  • Configurable compliance profiles per team
  • Priority onboarding and support

Unlimited teams · Australian team · Built on Google Cloud's managed infrastructure · 7-year audit retention

Start a pilot →

WHAT YOU'RE REPLACING

$80–200k/yr

Big 4 CPS 234 engagement

$120–180k/yr

Compliance FTE (1 person)

up to $50M

OAIC civil penalty for serious or repeated breach

Guard costs less than half a compliance hire. And it never takes annual leave.

START SMALL

Start with a 60-day pilot.

Not sure yet? Start small. We'll deploy Guard on one team or use case for 60 days. If it works, convert to a Starter or Unlimited plan. If it doesn't, walk away with your data and full audit logs. No lock-in.

Full Guard for 60 days

Deployed on one team or use case. Full compliance monitoring, PII detection, prompt injection scanning, and audit trail from day one.

Compliance gap report included

At the end of 60 days, you get a compliance gap report showing your AI exposure, mapped to CPS 234, CPS 230, and the ADM transparency obligation.

No lock-in

At day 60, convert to Starter or Unlimited, or walk away. We'll export your data and audit logs. No questions.

$4,500

Flat fee. 60 days. Includes integration support and policy setup.

Start your pilot →

Priced so your compliance budget can approve it without a capital expenditure process.

The $4,500 fee is credited against your first year if you convert to Starter or Unlimited.

EARLY ACCESS

Guard is live and running in production.

We're onboarding our first compliance teams in financial services and superannuation. If you want to see Guard working against real AI traffic before you commit, book a demo and we'll walk you through the platform.

Hosted in Australia on Google Cloud

Google Cloud australia-southeast1 GCP IRAP PROTECTED assessed infrastructure GCP Assured Workloads, AU data boundary Customer-managed encryption keys (CMEK)

COMMON QUESTIONS

Answers to the questions we hear most.

GET STARTED

See Guard in action.

Book a 30-minute demo, or start your 60-day pilot. We'll show you exactly what Guard covers for your industry and what integration looks like.

We'll respond within one business day. No sales pressure.

Australian company · Your data stays under Australian law · No spam

40° South acknowledges the Traditional Custodians of the lands on which we work and live. We pay our respects to Elders past, present, and emerging, and recognise their continuing connection to land, waters, and culture.