Skip to content

AI & algorithm policy
Code DT-009
Domain Data & Technology
Owner Chief Risk Officer
Status Draft
Applicability Platform
Jurisdiction NZ + AU
Business domain BD09
Review date 2027-03-27

Regulations: CoFI Act 2022 · Privacy Act 2020 · Privacy Act 1988 · ASIC AI Guidance · AU Voluntary AI Safety Standard · AU Mandatory AI Guardrails

Governs the use of AI and algorithmic systems in runtime banking processes — covering analytical inference (ML models embedded in operations) and agentic operations (AI agents that initiate actions). Development-phase AI governance is covered by DT-011.

Scope

Applies to all ML models, scoring algorithms, rules engines, and AI agents operating in the bank's production systems. Includes credit scoring, fraud detection, AML behavioural analysis, transaction categorisation, customer risk scoring, and any future AI-driven automation.

Mode 3: Analytical inference

These rules govern ML models that produce outputs used in banking decisions.

  1. Every model decision is logged. Any model output that influences a customer-facing outcome shall be logged with: input features (non-PII representation), model identifier, model version, output score or classification, confidence level, and timestamp. Log entries are immutable. MOD-048 satisfies this requirement.

  2. Explainability on request. For credit, risk, and conduct decisions, the bank shall be able to produce a plain-language explanation of why a model produced a given output. This explanation must be available to the customer on request and to regulators on demand.

  3. Bias and fairness testing before production. Every new model and every material model change shall be tested for demographic bias before deployment to UAT. Test results and remediation actions are retained as part of the model validation record.

  4. Human override is always available. No model output shall constitute a hard, unoverridable decision. A qualified human must always be able to review and override. This includes credit decisions, fraud flags, and AML alerts.

  5. Model versioning follows artefact promotion rules. Models are versioned, hash-tagged, and promoted through dev → UAT → prod using the same pipeline gates as application code. A model in production must have a corresponding UAT validation record.

  6. Model performance is monitored in production. Each model has defined performance thresholds (accuracy, recall, drift). Breach of a threshold triggers an alert and a review. Degraded models are retrained or rolled back — they are not left running unmonitored.

  7. Credit and risk decisions above a defined threshold require human review. Fully automated adverse decisions (loan decline, account restriction, fraud block) shall be reviewed by a human within the timeframes defined in each product specification. The threshold and review SLA are defined per product.

Mode 4: Agentic operations

These rules govern AI agents — systems that can initiate actions, not merely produce outputs.

  1. Every agent has a defined action boundary. Before any agent is deployed, its permitted actions shall be documented: what it can do autonomously, what requires human approval, and what is explicitly out of scope. An action outside the defined boundary is treated as an unauthorised change under DT-007.

  2. No autonomous financial transactions above threshold. Agents shall not initiate or approve payments, transfers, limit changes, or product changes above a threshold defined per action type. Threshold values are set in the relevant product specification and reviewed annually.

  3. No autonomous modifications to customer data without an audit trail. Any agent action that creates, updates, or deletes customer data generates an immutable log entry attributing the action to the agent, the triggering event, and the authorising policy.

  4. Agent scope is domain-limited. An agent operating in one system domain shall not call into or modify data owned by another domain without an explicit cross-domain contract documented in docs/systems/. Agents do not inherit cross-domain access by default.

  5. A human escalation path always exists. Every agent workflow must have a reachable human escalation path. No workflow may terminate in a dead end that leaves a customer without recourse.

  6. Agent actions are reversible where possible. Agent design shall prefer reversible actions (flag, hold, notify) over irreversible ones (delete, permanently block). Where an irreversible action is necessary, it requires dual confirmation: the agent decision plus a human approval.

  7. Agents are tested for adversarial inputs. Before production deployment, agents shall be tested for prompt injection, unexpected input handling, and boundary violations. These tests are part of the UAT gate.

Regulatory framework

Australia

Australia is developing a mandatory guardrails framework for high-risk AI. Banking AI — particularly credit decisioning, fraud detection, and customer-facing agents — will be in scope. The bank designs to the mandatory framework now to avoid remediation cost at enactment.

Instrument Obligation
Australian Voluntary AI Safety Standard (DISR, 2024) Baseline practices: transparency, human oversight, accountability, safety. Bank adopts all ten guardrails as minimum.
Mandatory AI guardrails (DISR, enactment pending) Binding obligations for high-risk AI expected to include: explainability, human oversight, impact assessment, incident reporting.
ASIC guidance on AI in financial services Covers automated advice, credit, conduct obligations. Compliance required now.
Privacy Act 1988 (AU) Individuals may request an explanation of automated decisions affecting them. Bank must be able to provide this (see requirement 2).

New Zealand

Instrument Obligation
CoFI Act 2022 Fair treatment of customers extends to AI-driven processes. Unfair or opaque AI outcomes are a conduct breach.
Privacy Act 2020 (NZ) Personal information used in automated decisions must be disclosed; individuals have correction rights.
Algorithm Charter for Aotearoa NZ (2020) Voluntary but adopted by bank as minimum: transparency, human oversight, bias testing.
FMA guidance Regulatory expectations for technology-driven financial advice and automated customer interactions.

Both jurisdictions are evolving rapidly. This policy's review date shall be brought forward if material legislation is enacted in either jurisdiction.

Satisfying modules

Module Name Mode Description
MOD-048 System decision log LOG AI/ML decisions are explainable — inputs and model version logged against every automated decision

Part of Data & Technology · Governance overview Compiled 2026-05-22 from source/entities/policies/DT-009.yaml