Policy register
All 102 policies, grouped by risk domain. Generated from source/entities/policies/.
| Code |
Title |
Owner |
Status |
Jurisdiction |
| CLQ-001 |
Capital Adequacy Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| CLQ-002 |
Liquidity Risk Management Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| CLQ-003 |
Capital Planning & Stress Testing Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| CLQ-004 |
Interest Rate Risk in the Banking Book (IRRBB) Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| CLQ-005 |
Internal Capital Adequacy Assessment Process (ICAAP) Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| CLQ-006 |
Capital Disclosure & Reporting Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| Code |
Title |
Owner |
Status |
Jurisdiction |
| CRE-001 |
Credit Risk Management Policy |
Head of Credit Risk |
Draft |
NZ + AU |
| CRE-002 |
Responsible Lending Policy |
Head of Credit Risk |
Draft |
NZ + AU |
| CRE-003 |
Credit Decisioning & Scorecard Policy |
Head of Credit Risk |
Draft |
NZ + AU |
| CRE-004 |
Loan Origination Standards |
Head of Credit Risk |
Draft |
NZ + AU |
| CRE-005 |
Concentration Risk Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| CRE-006 |
Impairment & Provisioning Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| CRE-007 |
Collections & Hardship Policy |
Head of Credit Risk |
Draft |
NZ + AU |
| CRE-008 |
Product Design & Distribution Policy |
Head of Product |
Draft |
AU |
| CRE-009 |
Fixed-Rate Component Break-Cost Methodology Policy |
Chief Risk Officer |
Draft |
NZ + AU |
D03 AML / Financial Crime · risk domain ↗
| Code |
Title |
Owner |
Status |
Jurisdiction |
| AML-001 |
AML/CFT Programme Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-002 |
Customer Due Diligence (CDD) Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-003 |
Know Your Customer (KYC) & Identity Verification Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-004 |
Politically Exposed Persons (PEP) Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-005 |
Transaction Monitoring Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-006 |
Suspicious Activity Reporting Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-007 |
Sanctions Screening Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-008 |
Cross-Border Transfer Reporting Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-009 |
Correspondent Banking & Payments Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-010 |
AML Training & Awareness Policy |
Chief People Officer |
Draft |
NZ + AU |
| AML-011 |
Customer Acceptance Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-012 |
Customer Risk Rating Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| AML-013 |
Onboarding Fraud & Identity Integrity Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| Code |
Title |
Owner |
Status |
Jurisdiction |
| CON-001 |
Customer Fairness & Conduct Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| CON-002 |
Complaints & Internal Dispute Resolution Policy |
Head of Customer Experience |
Draft |
NZ + AU |
| CON-003 |
Vulnerable Customer Policy |
Head of Customer Experience |
Draft |
NZ + AU |
| CON-004 |
Product Disclosure & Sales Practice Policy |
Head of Product |
Draft |
NZ + AU |
| CON-005 |
Fee & Pricing Transparency Policy |
Head of Product |
Draft |
NZ + AU |
| CON-006 |
Product suitability and governance |
Chief Risk Officer |
Draft |
NZ + AU |
| CON-007 |
Consumer Data Right (CDR) Policy |
Head of Customer Experience |
Draft |
AU |
| CON-008 |
Financial Hardship Policy |
Head of Customer Experience |
Draft |
NZ + AU |
| CON-009 |
NZ DTA Key Information Summary Disclosure Policy |
Chief Compliance Officer |
Draft |
NZ |
| Code |
Title |
Owner |
Status |
Jurisdiction |
| DT-001 |
Information Security Policy |
Chief Information Security Officer |
Draft |
NZ + AU |
| DT-002 |
Cybersecurity Policy |
Chief Information Security Officer |
Draft |
NZ + AU |
| DT-003 |
Technology Risk Management Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-004 |
Data Governance Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-005 |
Model Risk Management Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| DT-006 |
Cloud & Infrastructure Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-007 |
Change and release management |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-008 |
Third-Party & Outsourcing Risk Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-009 |
AI & algorithm policy |
Chief Risk Officer |
Draft |
NZ + AU |
| DT-010 |
Environments and deployment standards |
Head of Platform Engineering |
Draft |
NZ + AU |
| DT-011 |
AI development guardrails |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-012 |
Ledger Data Contracts & Event Publication Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| DT-013 |
Model Validation & Audit Policy |
Chief Risk Officer |
Draft |
NZ + AU |
D06 Payments & Settlement · risk domain ↗
| Code |
Title |
Owner |
Status |
Jurisdiction |
| PAY-001 |
Payment Operations Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-002 |
Settlement Risk Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-003 |
Card Scheme Compliance Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-004 |
Cross-Border Payments & FX Policy |
Head of Treasury |
Draft |
NZ + AU |
| PAY-005 |
Payment Fraud Prevention Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-006 |
PCI DSS Compliance Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-007 |
Ledger Posting & Account Integrity Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| PAY-008 |
Payment Routing, Sponsor & Card-Scheme Abstraction Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-009 |
Payment Exceptions, Returns & Reversals Policy |
Head of Payments |
Draft |
NZ + AU |
| PAY-010 |
Open Banking & API access |
Chief Technology Officer |
Draft |
NZ + AU |
D07 Regulatory Reporting · risk domain ↗
| Code |
Title |
Owner |
Status |
Jurisdiction |
| REP-001 |
Regulatory Reporting Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| REP-002 |
Prudential Reporting Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| REP-003 |
AML Compliance Reporting Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| REP-004 |
Financial Statements Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| REP-005 |
Data Quality & Assurance Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| REP-006 |
Regulatory Change Management Policy |
Chief Compliance Officer |
Draft |
NZ + AU |
| REP-007 |
DCS & Depositor Reporting Policy |
Chief Financial Officer |
Draft |
NZ |
| REP-008 |
Statistical & survey reporting |
Chief Financial Officer |
Draft |
NZ + AU |
| REP-009 |
Regulatory incident & breach notification |
Chief Compliance Officer |
Draft |
NZ + AU |
| REP-010 |
Credit reporting & bureau submission |
Chief Compliance Officer |
Draft |
NZ + AU |
| REP-011 |
Tax & information reporting (FATCA/CRS/AEOI) |
Chief Financial Officer |
Draft |
NZ + AU |
D08 Governance & Accountability · risk domain ↗
| Code |
Title |
Owner |
Status |
Jurisdiction |
| GOV-001 |
Board Charter |
Company Secretary |
Draft |
NZ + AU |
| GOV-002 |
Risk Appetite Statement Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| GOV-003 |
Three Lines of Defence Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| GOV-004 |
Fit & Proper Policy |
Chief People Officer |
Draft |
NZ + AU |
| GOV-005 |
Financial Accountability Regime (FAR) Policy |
Company Secretary |
Draft |
AU |
| GOV-006 |
Internal Audit Policy |
Chief Internal Auditor |
Draft |
NZ + AU |
| GOV-007 |
Conflicts of Interest Policy |
Company Secretary |
Draft |
NZ + AU |
| GOV-008 |
Whistleblower Protection Policy |
General Counsel |
Draft |
NZ + AU |
| GOV-009 |
Related Party Transactions Policy |
Company Secretary |
Draft |
NZ + AU |
| GOV-010 |
Restricted Activities Policy |
Chief Compliance Officer |
Draft |
NZ |
D09 Operational Resilience · risk domain ↗
| Code |
Title |
Owner |
Status |
Jurisdiction |
| OPS-001 |
Business Continuity Policy |
Chief Operating Officer |
Draft |
NZ + AU |
| OPS-002 |
Disaster Recovery Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| OPS-003 |
Incident Management Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| OPS-004 |
Operational Risk Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| OPS-005 |
Third-Party & Critical Service Provider Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| OPS-006 |
Change Management Policy |
Chief Technology Officer |
Draft |
NZ + AU |
| OPS-007 |
Financial Processing Resilience & Idempotency Policy |
Chief Risk Officer |
Draft |
NZ + AU |
D10 Privacy & Data Rights · risk domain ↗
| Code |
Title |
Owner |
Status |
Jurisdiction |
| PRI-001 |
Privacy Policy |
Privacy Officer |
Draft |
NZ + AU |
| PRI-002 |
Data Breach Response Policy |
Privacy Officer |
Draft |
NZ + AU |
| PRI-003 |
Personal Information Retention & Destruction Policy |
Privacy Officer |
Draft |
NZ + AU |
| PRI-004 |
FATCA & CRS Compliance Policy |
Chief Financial Officer |
Draft |
NZ + AU |
| PRI-005 |
Privacy Impact Assessment Policy |
Privacy Officer |
Draft |
NZ + AU |
| PRI-006 |
Customer Data Access & Correction Policy |
Privacy Officer |
Draft |
NZ + AU |
| Code |
Title |
Owner |
Status |
Jurisdiction |
| PPL-001 |
Code of Conduct Policy |
Chief People Officer |
Draft |
NZ + AU |
| PPL-002 |
Remuneration & Variable Pay Policy |
Chief People Officer |
Draft |
NZ + AU |
| PPL-003 |
Training & Competency Policy |
Chief People Officer |
Draft |
NZ + AU |
| PPL-004 |
Background Screening & Fit and Proper Policy |
Chief People Officer |
Draft |
NZ + AU |
| PPL-005 |
Health, Safety & Wellbeing Policy |
Chief People Officer |
Draft |
NZ + AU |
| PPL-006 |
Whistleblower & Protected Disclosure Policy |
General Counsel |
Draft |
NZ + AU |
| Code |
Title |
Owner |
Status |
Jurisdiction |
| CLQ-007 |
Climate Risk Management Policy |
Chief Risk Officer |
Draft |
NZ + AU |
| REP-012 |
TCFD Climate Disclosure Policy |
Chief Risk Officer |
Draft |
NZ + AU |
Auto-generated 2026-05-22 by scripts/compile.py. Do not edit directly.