Detailed overview
Australia does not currently have a single comprehensive AI Act equivalent to the EU AI Act. Its AI framework is based on voluntary AI safety standards, government AI policy, existing laws and ongoing work on possible mandatory guardrails for high-risk AI.
Voluntary AI Safety Standard
The Australian Government has published a Voluntary AI Safety Standard. The standard applies across the AI supply chain and is designed to help organisations develop and deploy AI safely and reliably. It is not a new law by itself, but it provides practical guardrails for organisations building, procuring, deploying or using AI systems.
The voluntary guardrails cover governance and operational controls. They include accountability processes, risk management, protection of AI systems and data, testing and monitoring of AI performance, human control or intervention, user information about AI-enabled decisions or content, mechanisms for impacted people to challenge AI use or outcomes, supply-chain transparency, record-keeping and stakeholder engagement on safety, fairness, diversity and inclusion.
Australia has also published guidance for AI adoption. The guidance identifies essential practices such as deciding who is accountable, understanding impacts, planning AI use, measuring and managing risks, sharing information, testing and monitoring systems, and maintaining human control. It is especially relevant for complex or higher-risk AI systems.
Public-sector AI policy
For the public sector, Australia has a mandatory Policy for the responsible use of AI in government. The policy applies to non-corporate Commonwealth entities, subject to specified exceptions. It requires accountable officials, transparency statements, strategic planning, internal AI use-case accountability, AI use-case registers, staff training and AI use-case impact assessments.
Mandatory guardrails (in development)
Australia is also considering mandatory guardrails for AI in high-risk settings. Government consultation materials address whether and how high-risk AI should be subject to mandatory requirements. Until such rules are enacted, these proposals should be treated as policy development rather than binding law for all private-sector AI use.
Penalties
Private-sector AI systems may still be regulated under existing Australian laws, including privacy, consumer protection, anti-discrimination, employment, product safety, copyright, financial services, healthcare, telecommunications and online safety laws. There is no single Australian AI-specific fine table for private-sector AI use under the voluntary standard. Penalties depend on the underlying legal regime that is breached.