AOFM Privacy Policy

Privacy Intent

AOFM recognises that the protection of the privacy of individuals is balanced with its interests in carrying out its functions and activities and aims for responsible and transparent handling of personal information at all times. This policy describes the (limited) nature of private information held by AOFM and a fit-for-purpose privacy management plan, in accordance with the Australian Privacy Principle Code. AOFM takes appropriate steps to ensure that personal information is used or disclosedin accord with government requirements. Individuals will be informed of the purposes for which personal information is collected and used. The disclosure of personal information under the control of AOFM will only occur in a ‘need-to-know’ basis; this includes where personal information is handled by contractors on behalf of AOFM.

What we do

The AOFM manages the Australian Government’s debt portfolio, the issuance of Australian Government Securities (AGS), the Government’s cash balances and a number of financial assets. These activities are undertaken with the aim of managing risk in a cost-effective manner.

Cash management operations aim to ensure continuity of financing for the Australian Government. Short term borrowings (through Treasury Notes)or the liquidation of short term financial assets are used to managethe mismatches between revenue and expenditure flows.Surplus Official Public Account (OPA) funds are used to reduce the costs associated with the cash portfolio throughshort-term investments timed to mature when thefunds will be required. The portfolio is also managed to account forshort to medium-term variations in revenue and expenditure forecasts.The AOFM can invest in a range of short-term money market securities such as term deposits with the Reserve Bank of Australia (RBA), certificates of deposit with banks and bank-accepted bills.

Financing operations balance the ongoing interest cost and risk profile of the debt portfolio, while considering the impact of operations on the broader development and efficient functioning of Australia’s financial markets. The efficiency and resilience of the AGS market is an important indicator (both domestically and internationally) as to the maturity of Australia’s financial markets generally.

Debt issuance is in the form of Treasury Bonds, Treasury Indexed Bonds and Treasury Notes through competitive tender and syndications.The AOFM also conducts buy-backs AGS from the secondary market to manage bond maturities and enhance market liquidity. It does this through: ‘reverse’ competitive tenders; maturity switches as part of new syndicated issues; and directly from the RBA.

The AOFM also operates a Securities Lending Facility (through the RBA) for Treasury Bonds and Treasury Indexed Bonds.

The AOFM is also required from time-to-time to invest in financial assets to meet a specific government mandate.For example, the AOFM manages a portfolio of Residential Mortgage-Backed Securities (RMBS) under various Government directions.

The AOFM conducts extensive domestic and offshore market liaison with banks, who act as AGS intermediaries, and investors. These programs provide important information as to the nature of AGS demand and provide opportunities to deliver key messages from an AOFM perspective.

Personal information that AOFM collects or holds

The Australian Office of Financial Management holds six types of personal information:

  1. Personnel records;
  2. Financial system information;
  3. Web site subscription lists;
  4. Contact lists;
  5. Procurement related data; and
  6. Debt registers.

All information listed above is held in a combination of paper and electronic forms except for type 3 which is electronic only.

1.Personnel records

Personnel records are created, stored, and disclosed to meet the employer responsibilities of the AOFM. These records maintain details of employment history, payroll, leave, demographic details, and a variety of employment-related administrative matters (e.g. identity, qualifications, security clearance, performance, grievances, staff survey results, training and development). Personal information held in personnel records relates to current and former employees of AOFM. Paper records are stored in secure containers and electronic records are stored on a secure network with access control.

The AOFM payroll[1]is managed by the Department of The Treasury (The Treasury). This includes electronic records for pay, leave, employment history, home contact details, and other related data. Data is hosted on a protected network with backups. During pay processing, banking details of individuals are recorded and used by Treasury and AOFM’s bank (the RBA).

The Treasury also provides work health and safety services under a record of understanding (includes records of accidents, injuries and rehabilitation cases on behalf of AOFM). Treasury’s outsourced employee assistance program (EAP) provider maintains confidential individual counselling case files for matters concerning AOFM staff or their families. The EAP provider maintains de-identified and statistical data on AOFM-relateduseof their services for billing and client feedback.

Information relating to job applicants is collected and held by AOFM. From early 2015 through October 2017, this information was collected and stored in a proprietary database hosted byPageUp People Pty Ltd hosted on their Australian servers. From November 2017, this information is collected and stored in a proprietary database hosted by RecruitAdvantagePty Limited (trading as TurboRecruit) hosted on their Australian servers. This informationis used for employment selection and will, for successful applicants, be passed to vetting agencies for security clearance or background checking purposes.

Personal information contained in these records may be used or disclosed to allow employees to access their entitlements, for audit purposes, to meet external obligations, improve human resource systems, or for other official functions.

Information held in personnel records may be disclosed as required by legislation. This includes disclosures to the Australian Bureau of Statistics, the Australian Taxation Office, the Australian Public Service Commission, the Australian Public Service Commissioner, Fair Work Australia, involved unions, the Merit Protection Commissioner, the Department of Human Services, the National Archives of Australia, superannuation administrators, or a receiving agency following movement or re-engagement of an employee.

2.Financial system information

Personal information held in AOFM’s financial systems enables AOFM to pay its bills and receive payments from identified parties. Banking, contact and historical transactional details are collected and stored.

These records are kept on electronic and paper media. The AOFM utilises the Treasury’s OneGovsystem as its financial management information system. Records relating to AOFM’s financial management are recorded in this system.

AOFM employees access accounts data according to functional need. Treasury employees involved in management of the OneGov system may access relevant personal information as required by their role.

The personal information contained in these records may be disclosed for making payments electronically or manually to the RBA, to Treasury employees involved in OneGov administration and as required to the AOFM’s auditors.

3.Web site subscription lists

AOFM uses subscriber emails to send out operational notices (which include planned tendersand tender results). Records relate to email addresses only and are not disclosed outside of AOFM. Employees involved in the release of information to subscribers have access to this information.

4.Contact lists

These contact details enable communication between AOFM employees and relevant business functioncontacts. Personal information relates to the contact details of individuals (person and organisationnames, contact numbers, email addresses and postal addresses). There are no central files but AOFM employees maintain their own contact list and personal information (not usually disclosed). Records are deleted on request or during periodic updates.

5.Procurement related data

The purpose of these records is to assess potential suppliers for procurement purposes (including labour hire contracts). Personal information will be collected on key staff of a potential provider (may include person and organisation names, contact numbers, email addresses, qualifications, work experience and postal addresses). Relevant AOFM employees will use this information to assess the quality of the potential provider. Personal information in either paper or electronic form contained in these records is not usually disclosed outside of AOFM.

6.Debt registers

Personal information held on the debt registers enables the AOFM to make payments to exchange-traded AGS holders in relation to associated interest and principal redemption. Personal information may include name, date of birth, address details, banking details, Tax File Number or Australian Business Number, payment instructions, and country of holding where relevant.

The AOFM holds records from the inscribed stock register relating to the period between 30 June 1992 and 30 June 2010 for the purposes of answering enquiries from stockholders on previous holdings and transactions. These records are held electronically and are accessed by AOFM employees involved in answering enquiries relating to the registry.

Computershare Investor Services Pty Limited (Computershare) maintains a register of inscribed stockholders on behalf of the Australian Government which includes stockholdings dating from 30 June 2010. These records are a mix of paper and electronic records. Computershare’s privacy statement details how records are held and how to obtain information regarding access to personal information they hold.

Banking details in the registry are recorded and used by Computershare, their bank (the National Australia Bank) and AOFM’s bank (the Reserve Bank of Australia).

The AOFM’s privacy management plan

While the AOFM is neither a large volume user nor holder of private information it does handle sensitive information at various times as part of its business operations. Therefore, a strong culture of limiting the distribution of sensitive information (which includes private information) within the agency on a need-to-know basis and defending the agency’s reputation as a trusted handler of sensitive information are seen as a critical to protecting non-public information. Consistent with this aim, staff are regularly reminded of the need for associated controls and how they are best used.

The AOFM is required to maintain a privacy management plan and this can be found at Attachment 1. The plan is considered to be appropriate for the volume and scope of private information handling undertaken by the AOFM. In summary the plan describes: (1) how the practice of handling and classifying private information is reviewed and updated; (2) how the AOFM monitors compliance with relevant practices and procedures; and (3) the training of relevant staff who handle private information.

Access by individuals

Individuals can seek to access personal information relating to them that is held by AOFM by making a request to the AOFM ‘Privacy Officer’:

Mr Tim Reddan, Senior Advisor - People

Australian Office of Financial Management

Treasury Building

Langton Crescent

PARKES ACT 2600

(02) 6263 1177

Information will only be released where the identity of the requesting individual matches that of the record held by AOFM.

Complaints

Complaints about privacy matters or potential breaches of the Australian Privacy Principles should be addressed to the AOFM ‘Privacy Champion’:

Mr Rob Nicholl, Chief Executive Officer

Australian Office of Financial Management

Treasury Building

Langton Crescent

PARKES ACT 2600

(02) 6263 1111

Disclosure to overseas recipients

The AOFM does not disclose personal information that it holds to overseas recipients.

AOFM Privacy PolicyLast Updated December 2017Page 1 of 5

[1]AOFM previously outsourced its payroll to Aurion Corporation Pty Ltd (Aurion) who managed electronic records associated with pay, leave, employment history, home contact details, emergency contacts, and equal employment opportunity data. This data is being archived and will no longer be accessed on a day to day basis. It is hosted on computers managed by Macquarie Telecom who create and maintain copies of data for backups and other data integrity management purposes. During pay processing, banking details of individuals were recorded and used by Aurion, their bank (the National Australia Bank and Westpac) and AOFM’s bank (the Reserve Bank of Australia).