Training & Competency Policy¶
| Code | PPL-003 |
| Domain | People & Culture |
| Owner | Chief People Officer |
| Status | Draft |
| Applicability | External — Training and competency management for the operating entity's employees. Delivered through external learning management systems and HR processes. |
| Jurisdiction | NZ + AU |
| Business domain | BD11 |
| Review date | 2027-03-25 |
Outside platform boundary
Training and competency management for the operating entity's employees. Delivered through external learning management systems and HR processes.
Regulations: AML/CFT Act 2009 · AML/CTF Act 2006 · CoFI Act 2022¶
Purpose¶
This policy establishes the minimum training and competency requirements for all bank employees, ensuring that staff have the knowledge and skills necessary to perform their roles, meet regulatory obligations, and protect customers from harm. It is required by the NZ AML/CFT Act, the Australian AML/CTF Act, and the Conduct of Financial Institutions Act (NZ).
Scope¶
This policy applies to all employees, contractors, and secondees engaged by the bank. Role-specific requirements are tiered by function: general compliance training applies universally, while specialist requirements apply to AML-designated roles, customer-facing staff, credit assessors, operations personnel, and senior executives. Training delivered through third-party learning management systems is in scope where it satisfies a requirement under this policy.
Policy statements¶
The bank SHALL maintain a training register that records every mandatory training requirement, the population to which it applies, the frequency of completion required, and the minimum passing standard where assessment is used. The training register SHALL be reviewed and updated at least annually by the Chief People Officer in consultation with the Chief Compliance Officer.
All new employees SHALL complete a structured onboarding programme before being permitted to perform customer-facing or regulated activities. The onboarding programme SHALL include, as a minimum: general compliance and conduct obligations, AML/CFT awareness, data privacy and information security, and product and customer obligations relevant to the employee's role.
All employees with AML/CFT responsibilities SHALL complete mandatory AML training upon commencement and at least annually thereafter. The training programme SHALL be approved by the Chief Compliance Officer and SHALL cover the bank's AML/CFT programme obligations, the employee's specific obligations, recognition of suspicious activity, and reporting procedures. Completion of AML training SHALL be a condition of continued access to AML-relevant systems and processes.
Customer-facing employees SHALL demonstrate competency in the products and services they are authorised to discuss or recommend before performing those activities. Competency assessments SHALL be recorded and SHALL be repeated when material product changes are made or when an employee's performance monitoring indicates a gap.
The bank SHALL track training completion rates by team and by individual. Any employee who has not completed mandatory training within the prescribed deadline SHALL be flagged to their manager, and continued non-completion after a defined escalation period SHALL result in restricted system access until the requirement is met.
Training records SHALL be retained for a minimum of seven years and SHALL be available for inspection by regulators on request. Where training is delivered through an external learning management system, the bank SHALL maintain a mechanism to extract and retain completion records independently of the third-party system.
The Chief People Officer SHALL report training completion rates to the Board at least annually. The report SHALL identify any systemic gaps, the remediation plan, and the timeline for resolution. Where AML training completion falls below ninety percent for any quarter, the Chief Compliance Officer SHALL be notified immediately.
The bank SHALL evaluate the effectiveness of its training programme at least annually, using outcomes from quality assurance activities, risk events, and regulatory feedback to identify areas requiring improvement. Evaluation findings SHALL be documented and acted upon.
Satisfying modules¶
| Module | Name | Mode | Description |
|---|---|---|---|
| MOD-054 | Call recording & transcript attachment | AUTO |
Agent training and quality scored automatically from call transcripts — no manual QA sampling required |
Part of People & Culture · Governance overview
Compiled 2026-05-22 from source/entities/policies/PPL-003.yaml