Accent Color

Background Color

What you know about your vendors — they told you. What you know about your vendors — they told you. What you know about your vendors — they told you. What you know about your vendors — they told you. What you know about your vendors — they told you. What you know about your vendors — they told you.

Risk does not usually fail.
It drifts.

What you know about your vendors — they told you.

Most operational failures are not sudden events. They are preceded by long periods of quiet deterioration — small availability losses, weakening controls, and accumulating dependencies that remain invisible until failure occurs.

Obsentra issues independent operational risk signals so that insurers and regulated entities can see that deterioration before it becomes a claim or a regulatory event.

In complex systems, the most consequential risks are rarely the most visible ones. They are the slow, compounding behaviours that precede failure, detectable only through disciplined measurement. Obsentra makes those behaviours legible early enough that informed decisions remain possible.

Scroll

Why Obsentra

Making Invisible Risk Visible

Obsentra provides what traditional monitoring cannot: independent, forward-looking visibility into operational risk accumulation across the vendors and service providers that organisations depend on.

Early Detection

Identify operational deterioration months before it surfaces as an incident, a claim, or a regulatory finding. OSI signals measure trajectory — where risk is heading — not just where it is today.

Independent Signals

Obsentra is paid exclusively by the party receiving the intelligence. Subject entities pay nothing and have no commercial relationship with Obsentra. Independence is structural — not claimed.

Quarterly Issuance

Signals are issued quarterly — not annually. Four independently issued packages per year, per subject entity. A baseline package within 72 hours of integration going live.

Data Analytics

What We Issue

What Obsentra Issues

Obsentra is an independent issuer of operational risk signals. We observe how operational risk accumulates, stabilises, or deteriorates across the vendors and service providers that insurers and regulated entities depend on — and issue quarterly signals that make that trajectory visible before it becomes a loss or a compliance failure.

Every signal package is independently issued, methodology-governed, and accompanied by an Evidence Sufficiency and Evidence Score (ESES) that tells the recipient exactly how confident to be in the signal.

Obsentra issues signals to two types of organisations:

Insurers and reinsurers — for portfolio intelligence, underwriting accuracy, and claims prediction
APRA-regulated entities — banks, superannuation funds, and financial institutions requiring independent monitoring of material service providers under CPS 230

The OSI Signal Set

Four Signals. One Methodology.

OSI issues four signals per subject entity, per quarter. Each signal has a defined role. Together they describe operational risk trajectory, service availability, structural fragility, and the confidence level of the underlying evidence.

01

RDI

Risk Drift Index · Lead signal

Hover or click to learn more

Measures change velocity, incident pattern frequency, and control environment deterioration. A rising RDI indicates operational risk is accumulating. Issued quarterly. Trajectory direction available from the first quarterly package.

02

SADI

Service Availability Drift Index · Confirming signal

Hover or click to learn more

Measures service continuity, performance stability, and recovery capability over time. A declining SADI confirms what a rising RDI suggests. Together they form the primary trajectory picture.

03

CFI

Concentration Fragility Index · Structural signal

Hover or click to learn more

Measures the degree to which a subject entity's operational risk is concentrated in single points of failure — vendors, platforms, geographies, or technology stacks. Higher CFI indicates greater fragility if a concentration point fails.

04

ESES

Evidence Sufficiency and Evidence Score · Qualification signal

Hover or click to learn more

Every signal package includes an ESES score that tells the recipient how confident to be in the signals it accompanies. Where ESES falls below a defined threshold, signals are accompanied by a qualification notice. Where ESES falls below a second threshold, signals are withheld and the recipient is notified with the reason.

For Insurers

Portfolio Intelligence for Underwriting and Claims

Your book contains entities whose operational trajectory is deteriorating right now. You cannot see it from a proposal form. You cannot see it from an annual audit. You can see it from OSI.

RDI as a pricing signal

A rising Risk Drift Index in the quarter before renewal is a pricing signal. It tells you the entity's operational environment is deteriorating — before that deterioration becomes a claim. Price with trajectory data, not last year's loss history.

SADI as a claims precursor

A declining Service Availability Drift Index is a claims precursor. It measures service continuity erosion over time — the kind of degradation that precedes a business interruption event. Quarterly SADI data tells you where the exposure is building before it arrives as a notification.

CFI as a concentration exposure tool

The Concentration Fragility Index shows where your portfolio is exposed to correlated loss. If multiple insured entities share a critical vendor or platform, a single operational failure produces correlated claims. CFI makes that exposure visible at the portfolio level before the correlation event occurs.

ESES as signal confidence

Every signal package carries an ESES score. You know exactly how confident to be in the signals you are acting on — and that confidence level is independently determined, not asserted by the subject entity.

Request a conversation →

For Regulated Entities

Independent Monitoring for Banks, Super Funds, and Financial Institutions

You are monitoring your critical vendors through the reports they write about themselves. APRA's CPS 230 requires independent ongoing monitoring of material service providers. OSI provides it.

CPS 230 — what it requires

APRA's CPS 230 operational risk standard, in force from 1 July 2025, requires every APRA-regulated entity to maintain a board-approved framework for ongoing independent monitoring of material service provider operational risk. Point-in-time assessments and vendor self-reporting are not sufficient evidence of independent ongoing monitoring. OSI issues that evidence — independently, quarterly, with a documented methodology.

Independent evidence, not vendor self-reporting

OSI observes directly through integration with the subject entity's operational systems — or through structured declaration where direct integration is not available. The signal is issued by Obsentra, not by the vendor. Independence is structural.

Quarterly packages your board can act on

Four independently issued signal packages per year, per material service provider. Each package includes RDI, SADI, CFI, and ESES — with trajectory direction, sector benchmark context where available, and an escalation notification if a trigger condition activates between quarterly cycles.

Evidence your APRA examination team can examine

Every OSI signal package is methodology-governed and independently issued. The ESES score documents the quality of the underlying evidence. When an APRA examination team asks how you are independently monitoring your material service providers, OSI signal packages are the answer.

Obsentra manages vendor onboarding

You identify your material service providers. Obsentra contacts each one, manages mode selection, and handles all technical integration. You do not manage vendor onboarding. You receive signal packages.

Request a conversation →

Integration

How It Works

Obsentra connects to each subject entity through one of three integration modes. The mode is chosen by the subject entity. The Evidence Sufficiency and Evidence Score reflects the evidence quality of the mode used.

01

Direct API

Read-only API connection to the subject entity's monitoring platform, ITSM, and patch management tool. The highest evidence quality. Integration is set up once. Obsentra observes continuously.

02

Structured Export

Twelve defined operational fields exported quarterly via secure upload or SFTP. No ongoing connection required. Takes approximately 30 to 60 minutes per quarter.

03

Guided Declaration

Eight operational metric questions completed quarterly by the subject entity. No IT access required. Signals are issued with a qualification notice reflecting the declaration-based evidence. Takes approximately 20 minutes per quarter.

The 90-Day Cycle

Day 1

Integration Goes Live

Baseline signal package issued within 72 hours (Mode 1) or five business days (Mode 2 and 3).

Day 60

First Quarterly Package

Trajectory signals. Sector benchmark context where peer group is sufficient.

Day 90

Second Quarterly Package

Full predictive arc. Concentration fragility pattern confirmed.

Ongoing

Four Packages Per Year

Escalation notifications outside the quarterly cycle where a trigger condition activates.

Intentional Constraints

What We Deliberately
Do Not Do

Obsentra is intentionally constrained. This separation is fundamental to trust.

  • × Assess compliance or adequacy
  • × Identify root cause or assign fault
  • × Recommend remediation or controls
  • × Forecast incidents or losses
  • × Price risk or advise on capital adequacy
  • × Customise signals per organisation
Data Dashboard

Interpretation, response, and decision-making remain with the Receiving Party and their appointed advisers.

Why Obsentra Exists

In complex systems, the most consequential risks are rarely the most visible ones.

They are the slow, compounding behaviours that precede failure, detectable only through disciplined measurement. Obsentra makes those behaviours legible early enough that informed decisions remain possible.

Research

Publications

Foundational thinking on risk drift, governance, and institutional visibility.

Risk Drift

Risk Does Not Usually Fail. It Drifts.

A reframing of how failure actually emerges in critical infrastructure
Institutional Risk

Why Institutions Should Measure Risk Without Explaining It

On restraint, independence, and trust in risk intelligence
Governance Gap

The Governance Gap: Why Risk Reaches Institutions Too Late

And what changes when it doesn't

Contact

Get in Touch

Obsentra issues independent operational risk signals for insurers and APRA-regulated entities.

For enquiries relating to signal access, methodology, or institutional partnership:

signals@obsentra.com

Obsentra Pty Ltd
Australia