WHO IT'S FOR
Your sector. Your obligations. Your evidence.
Guard is configured per sector. The checks your calls run against and the obligations each record maps to are specific to your industry, not a generic ruleset. Below: what that looks like, and what an auditor actually sees.
Industries Guard covers
Superannuation
Super funds face APRA scrutiny on technology risk and material service providers. Guard produces the audit trail your next RSE review will ask for.
SIS Act §52B covenant: trustees must act in beneficiaries' best interests and maintain records of all significant decisions affecting member data.
Financial services
Banks, non-bank lenders, wealth managers, and AFSL holders face the highest AI compliance obligations in the country. Guard produces the evidence they need.
CPS 234 §15(c): adequate controls must be maintained over third-party information assets, including AI systems accessing customer data.
Insurance
Insurers handle sensitive personal and health data at scale. Guard monitors every AI interaction against your obligations, including the ICA General Insurance Code.
APRA CPS 234 §15 and ICA General Insurance Code s.9: customer data handled by third-party AI must be subject to oversight controls.
Health and aged care
Patient and resident data is among the most sensitive in the country. Guard keeps it inside your compliance boundary and produces evidence per call.
APP 11.1: entities must take reasonable steps to protect sensitive health information from misuse, loss, and unauthorised disclosure.
Government and public sector
PSPF, ISM, and the DTA AI Assurance Framework all need evidence of AI handling at classification boundaries. Guard covers that under Australian law.
ISM Control 0714: agencies must implement controls to monitor and log access to systems processing sensitive information.
Legal and professional services
Client privilege, conflict duties, and trust account rules all extend into AI use. Guard covers them, with per-user and per-matter compliance profiles.
Privacy Act APP 8: cross-border disclosure obligations apply the moment client data passes through an overseas AI provider.