APRA is the Financial Services arm of the Australian Government - it is a code of practice that all Australian Banks must conform too. Within New Zealand the equivalent is BS11 governed by the Reserve Bank of New Zealand. Now what would happen if this happened, that prosecution for being applyin lax cyber security controls occurred, would the rest of the other industries follow this?