New guidance for the development and deployment of Artificial Intelligence (AI) has replaced the existing voluntary standard in Australia, casting doubt on previously proposed mandatory regulatory measures.
In late October, the Australian Department of Industry, Science and Resources along with the National AI Centre published the Guidance for AI Adoption (GfAA). This new framework comes just a year after the introduction of the Voluntary AI Safety Standard (VAISS), raising questions about the future of mandatory guidelines for AI deployment, which had been anticipated by stakeholders and industry experts.
The GfAA is framed as a response to the rapid technological advancements and evolving governance landscape observed in the past year, as well as feedback from industry participants. While the VAISS served as a non-binding guideline for AI best practices in Australia, the GfAA condenses its ten principles into six essential practices aimed at both AI developers and deployers.
Unlike the broader, principles-based nature of the VAISS, the GfAA adopts a more prescriptive approach, placing strong emphasis on the entire lifecycle of AI systems—from development and deployment to ongoing assessment. The eight AI Ethics Principles developed by Australia remain integral to this new guidance, continuing to inform public policy concerning the secure and reliable use of AI technologies.
Among the main changes, the GfAA specifies six essential practices: establishing accountability, understanding impacts, measuring and managing risks, ensuring transparency, testing and monitoring systems, and maintaining human oversight. These practices replace the previous ten guardrails of the VAISS while still reflecting their underlying intent. For instance, the GfAA emphasizes accountability throughout the AI lifecycle and the necessity of stakeholder engagement, with a specific focus on fairness and rights.
Two versions of the GfAA have been made available: a “Foundations” version tailored for organizations at the outset of their AI journey, and an “Implementation Practices” version designed for those with more advanced needs. Notably, both versions do not distinguish between small and large businesses, emphasizing AI fluency across the board. However, the more detailed Implementation Practices version may offer greater guidance for larger enterprises, particularly those that have already begun shaping their internal AI policies in accordance with the VAISS and the Ethics Principles.
The GfAA is accompanied by a “crosswalk” document that maps the corresponding provisions between the VAISS and the GfAA, serving as a useful tool for organizations that previously aligned their governance protocols with the earlier standard. Further insight can also be drawn from the AI policies and contractual standards recently published for the Australian Public Service (APS). As a significant player in the market, the APS’s approach is likely to impact AI adoption and contracting practices across the country.
At the time the VAISS was released, the government also presented a proposals paper for introducing mandatory guardrails specifically for high-risk AI applications. This paper aimed to define high-risk AI, propose mandatory guidelines for such systems, and explore options for effective regulation. The mandatory guidelines were essentially a reiteration of the VAISS, with the notable addition of requiring AI deployers to undertake conformity assessments to demonstrate compliance.
With the GfAA now supplanting the VAISS, uncertainty surrounds the future of these mandatory guardrails. As of now, the government has not indicated plans for a mandatory equivalent to the GfAA. This ambiguity aligns with views from some quarters, including the Productivity Commission’s interim report published earlier this year, suggesting that imposing mandatory regulations could potentially stifle innovation and economic growth.
The GfAA is currently accessible for organizations to adopt, although it remains non-binding. The National AI Centre plans to introduce additional complementary tools and resources over the next year. For organizations that have structured their AI governance policies based on the VAISS, the Department of Industry, Science and Resources confirms that the Implementation Practices version of the GfAA builds upon these earlier principles, offering a pathway for continued reliance on existing policies while allowing for future revisions based on new guidance.
As Australia looks toward the future of AI governance, it is unlikely that technology-specific legislation will emerge before 2026. Instead, organizations engaging in AI must continue to navigate the existing largely technology-neutral laws, leveraging the non-binding guidance currently available. For further information on applicable laws and regulations, White & Case’s global regulatory tracker, AI Watch, provides comprehensive insights into the evolving landscape.
See also
Veeva Summit Reveals Agentic AI’s Role in Transforming Pharma Operations and Trust Needs
AI Processing Shifts from Cloud to Local Machines, Enhancing Speed and Security
Iceland Sets New Standard for Green Data Centers, Achieving 50% Energy Savings
Intel’s Dr Ocansey Reveals AI Solutions to Combat Ghana’s Illegal Mining and Road Accidents
Kubernetes Enhances AI Economics with Dynamic Resource Allocation, Boosts Efficiency by 30%
