Information Management - ACL

This bundle includes an Information Management Policy which sets out a framework to help credit licensees comply with competing regulatory obligations and risk management considerations when collecting, securing, retaining and destroying personal or confidential information relating to employees or third parties. It also includes a tool (a Document Destruction Schedule) which provides a template for the licensee to determine the length of time for which each piece of information should be held, taking into account the purpose for which the information was collected and the licensee’s competing regulatory obligations and risk management considerations.

The bundle considers obligations under the Privacy Act 1988 (including the Privacy (Credit Reporting) Code 2014 (Version 2.3)), the National Consumer Credit Protection Act 2009, and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, as well as obligations regarding information which may be used in a legal proceeding and considerations relating to limitation periods.