Compliance & security · Australian credit regulations

The boring details that keep you in business.

Min-IT is built to the National Consumer Credit Protection Act 2009 and the Consumer Credit Code. We keep current with legislation so your platform doesn't drift out of compliance between releases.

NCCP 2009 Consumer Credit Code SOC 2 Type II ISO 27001
Regulatory coverage

Every requirement, built into the workflow.

Pre-contractual disclosure

Automatic generation of pre-contract statements compliant with the Code.

Periodic statements

Borrower statements generated and dispatched on schedule, with full audit trail.

Hardship workflow

Built-in hardship application capture, assessment, and outcome documentation.

Default notices

Templated default notices issued in line with statutory requirements.

Responsible lending

Capture and store suitability assessments at origination.

Rate disclosure

Annualised rate and comparison rate computed and displayed.

Statutory regimes

NCCP and AFSL, treated as features.

NCCP

National Consumer Credit Protection Act 2009

NCCP and the National Credit Code are enforced at the engine. Pre-contract disclosures, periodic statements, hardship notice sequencing, default notices, ARHI flags and suitability assessments are generated, sequenced and stored against each loan record — not as a separate compliance system to keep in sync.

Legislative amendments are tracked by the Min-IT team. When the Act or its Regulations change, the platform updates inside the standard release cadence — at no extra cost to existing customers.

AFSL

Australian Financial Services Licence

For Min-IT customers operating under an AFSL, the loan record carries the additional fields required for AFSL reporting and AFCA referrals.

Audit-grade event logs across every loan, every borrower and every action are exportable to ASIC or to AFCA on request. The same record powers IDR and EDR responses, so the data customers see in dispute resolution matches what the regulator sees.

Security architecture

Lender-grade controls, by default.

Single-tenant data isolation, AU-resident hosting, encryption in transit and at rest, role-based access control, MFA, and a full audit trail of every action.

View security details →
  • AU data residency
  • Encryption at rest
  • Encryption in transit
  • Role-based access
  • MFA enforced
  • Audit trail · Immutable
  • Annual penetration testing
  • SOC 2 Type II audited
Documents

For your compliance and procurement teams.

Compliance whitepaper How Min-IT enforces NCCP, NCC, Privacy Act & CDR.
Available on request
Request via email
Security overview Architecture, encryption, access controls, vendor management.
Available on request
Request via email
SOC 2 Type II report Independent audit report. NDA required.
Under NDA
Request via email
Get started

Ready to modernise your lending operation?

See Min-IT in action with a tailored 30-minute walkthrough. No pressure, just answers.