Privacy & Responsible AI Policy
How Akrion One protects customer privacy and ensures the responsible use of AI on behalf of APRA-regulated tenant banks.
Version 1.0 · Effective April 2026 · Owner: Akrion One Platform Governance
The authoritative source is
docs/AKRION_ONE_PRIVACY_RAI.md in the open
repository. It is grounded in three frameworks: the Microsoft
Responsible AI Standard, the 13 Australian Privacy Principles
(Privacy Act 1988), and Australia's Voluntary AI Safety Standard,
and aligns with APRA CPS 230, CPS 234, and IRAP.
1. Scope
The policy applies to every AI agent, data pipeline, and supporting Azure service operated by Akrion One on behalf of tenant banks (Acme, Pacific, Coastal Credit Union, and future tenants), across development, staging, and production environments. It does not replace each tenant bank's own privacy policy — every tenant remains an APP entity under the Privacy Act and is accountable for its own obligations.
2. Microsoft Responsible AI principles — at a glance
| Principle | How Akrion One implements it |
|---|---|
| Fairness | Anti-discrimination guardrails in system prompts; responses grounded in tenant policy & banking data — never demographic profiling. Quarterly bias review using the Foundry Evaluations SDK. |
| Reliability & Safety | Six-layer AI safety stack — input sanitisation, threat detection, prompt guardrails, response verification, escalation logic, offline evaluation. Human-in-the-loop for loans > $200k, low confidence (< 0.7), and regulatory-sensitive topics. |
| Privacy & Security | Data sovereignty in Australia East / Australia Southeast, enforced via Azure Policy. Tenant isolation via Cosmos DB partition keys, PostgreSQL row-level security, AI Search filters, per-tenant ADLS containers. AES-256 at rest, TLS 1.3 in transit. No cross-tenant data use, no model training on customer data. |
| Inclusiveness | Natural-language interface — no banking jargon required. Adaptive communication style. Same AI capabilities for every tenant regardless of size. |
| Transparency | AI is disclosed at conversation start. Chain-of-thought logged. Confidence scores recorded. Standard financial disclaimers on every advice-shaped response. |
| Accountability | Shared Responsibility Matrix; full audit trail for every interaction; AI-specific incident playbooks in Sentinel; tenant notification within 24 h; quarterly Responsible AI review. |
3. Customer privacy commitments
- Pull-and-discard. Transactional data (accounts, balances, loans) is queried in real time from the bank's core banking system and discarded after the response is generated — Akrion stores no copies (see ADR-001).
- Data sovereignty. All processing within Australian Azure regions; no cross-border transfers; AI models deployed domestically via Microsoft Foundry.
- Data minimisation. Tool schemas request only what is strictly necessary; conversation logs filter unnecessary PII.
- Retention. Conversation logs and audit trails retained 7 years per APRA record-keeping; transactional data not retained at all.
- Individual rights. DSAR fulfilment across Cosmos DB, PostgreSQL, ADLS, and AI Search with a target 30-day SLA. Correction and deletion supported subject to regulatory retention.
- Notifiable breaches. Tenant notification within 24 h; tenant assesses APRA (72 h, CPS 234) and OAIC obligations.
4. AI-specific safeguards
- Prompt-injection defence: regex pattern detection plus Azure AI Content Safety; Foundry Prompt Shields planned for Phase 2.
- Groundedness scoring on every agent response; low-confidence responses include caveats or trigger escalation.
- No customer conversation data is used to train or fine-tune foundation models.
- All agent reasoning traces (chain-of-thought, tool calls, retrieved context, outputs) are logged for audit.
5. Shared responsibility
Akrion One operates the platform; tenant banks remain the data controller and accountable APP entity. The boundary is documented in the Shared Responsibility Matrix and the Azure Control Matrix.
6. Reporting a privacy or AI safety concern
Customers should contact their bank in the first instance. Tenant bank privacy and risk teams may escalate to Akrion at contact@akrion.one — see the contact section for response SLAs.