It’s time for every business to implement a cybersecurity strategy


Cybersecurity is quickly becoming an issue that businesses across all industries are forced to contend with. While most online businesses, financial institutions, tech companies, and large corporations have systems and policies to protect their sensitive data, these often aren’t sufficient to cope with more sophisticated modern cybersecurity threats. Worse yet, many other businesses still don’t take cybersecurity seriously, and don’t take any meaningful steps to prevent potential threats.


Nearly all businesses in the developed world are at some risk of falling victim to cybercrime, and Australia and New Zealand are no exception. This is because virtually all businesses store sensitive information, and do so on improperly secured systems that are connected to the internet.

Understanding the potential cost of a cyberattack

Businesses often under-prepare for cyber threats because they seem ethereal and somehow unreal. They also underestimate the potential damage of a data breach, because they underestimate the value of their data. If they’re properly insured, they may even assume that they’ll simply be reimbursed for any potential damages. This often isn’t how things work out, though, because cyber insurance doesn’t usually cover losses due to mistakes made by the business or its employees.

The global average cost of a data breach is nearly $4 million, but that figure is inflated due to the sheer size of some major breaches. A more useful figure shows that each record stolen comes with an average cost of approximately $150. Larger data breaches involve hundreds of thousands, or millions of such records, while a very small business might only lose a few. Most businesses, though, have far more sensitive data than they realise.

Criminals can profit from any kind of breach, and almost any kind of data

The most obvious goal for a criminal might be to hold a system hostage with ransomware, or to steal credit card data, but cybercrime isn’t limited to simple fraud or extortion. Names, birth dates, contact information, and other personal information can be used for identity theft, or can simply be sold to other parties as part of a larger criminal supply chain. For example, a 21 year-old Australian was arrested on September 17 for using stolen personal data to funnel millions of dollars out of the superannuation and ASX share-trading accounts of multiple victims as part of an international cybercrime syndicate. The data used was purchased from other cybercriminals on the dark web.

At first glance, the idea that an attack might target customers, rather than the business itself, might seem reassuring to some. However, it’s important to consider the long term consequences of being a business that can’t protect its customers’ data.

Good cybersecurity is about building trust

Businesses rely on data. They need customer information to be able to market their products and services effectively, and to store even more sensitive information, such as credit card numbers, in order to manage returns or to process recurring payments. By neglecting the responsibility of protecting that data, businesses also risk losing the customers who supply both it and the revenues they rely on.

Consumers are becoming increasingly aware of the risks associated with sharing any kind of personal data, and are wary of trusting their information to businesses that are considered “unsafe”. According to a study by the Ponemon institute, 36 per cent of the cost of any data breach comes from the loss of trust in the business.

How to take control of your business’ cybersecurity

The first step in creating an effective cybersecurity strategy is to identify all potential vulnerabilities. While large corporations might maintain their own IT security professionals, most businesses will do this with the help of a professional, who will conduct a comprehensive IT security audit for their business, and provide them with recommendations on how to protect themselves going forward.

Often this means adopting both technological and procedural tools to protect data. For example, high quality software might be helpful in keeping out digital intruders, but it won’t work if a cybercriminal can manipulate an employee into giving them access, whether that’s by tricking them into clicking on a dodgy link, or by personally conning them into telling them a password. To secure their data, the business needs to protect themselves from both sophisticated digital attacks, and more traditional scams.

Unfortunately, there is no way to make any business 100 percent secure. However, businesses can make themselves into difficult targets, and they can mitigate the potential damage of any particular breach. For example, a simple way to limit the scope of any potential attack is to simply purge unused data regularly, rather than allowing years of customer data to accumulate over time. By recognising the risks posed by cybercriminals to both themselves and their customers, businesses can better mitigate and head off any potential losses.

  • Mark Edwards – Fifo Capital Business Partner

    “I had spent the best part of 20 years in finance before joining Fifo Capital, but never had any exposure to factoring/debtor finance. So when I chose to move into business ownership in a new area of finance to me, a franchise made sense. You are working with experienced people who have a vested interest in your success.

    The decision to join Fifo Capital has delivered beyond my wildest dreams. On the earnings front, by my sixth month in business I had already exceeded my goals for the first year and I hit the $1million mark in finance written for the month, in my 12th month. The average monthly business I have written for the last 12 months is $2.7M.

    It has absolutely exceeded all expectations. We have changed our lives – the hours we work, a house by the beach. The buy in cost for us has been returned many times over.

    But in saying that you only get out of it what you put into it. The fact that I had to go out and build the business was appealing. That’s the idea of business ownership; being independent and growing your own business. You do have to be a motivated self-starter in the Fifo Capital business, but the support is there when you need. The model, processes and support is fantastic.

    Fifo Capital delivers and the only cap on your earnings is how much effort you want to put in.”

  • Supporting your clients

    We help your clients in two equally important ways: (1) Through the fast (24 to 48 hour) delivery of required funds; and (2) By leading every transaction with one-on-one expert consultancy.

    Fast, flexible product range

    Designed for speed of response and flexibility, and supported by a comprehensive understanding of the security challenges businesses encounter throughout various stages of development and maturity, our finance solutions are designed for finance needs between one and 12 months.

    Invoice Finance
    Suitable for clients requiring assistance for ad hoc cash flow challenges that demand fulfilment within 24 to 48 hours. No fixed term contracts; secured by the value of the invoice/s; and for finance periods between one and three months. Click here for our Invoice Finance Solution Guide.

    Business Loans
    Suitable for clients who have a growth or operational need that requires a capital boost for a period of three to 12 months. Typically, a client has reached their traditional security limit with their bank and is seeking alternative options. Through analysis of business-performance, we identify a complement of security that appropriately services the finance required. Click here for our Business Loan Product Guide.

    Payment Plans
    Suitable for clients who either provide large one-off services or products to clients, or who want to attract new clients through cash-flow-friendly payment options. Fifo Capital payments plans enable a client to offer their customers a payment schedule for between three and 12 months. Click here for our Payments Plan Solution Guide.

    We also provide:

    Foreign Exchange
    Fifo Capital partners with leading international payments specialists HiFX to provide clients with a simple, secure way to send and receive international payments at preferential foreign exchange rates. Services include: Exchange Contracts; Spot and Forward; Multi-Currency Accounts; Market Orders and Currency Options. Click here to find out more.

    Expert consultancy

    With over 10 years supporting businesses, we know the value of expert, one-on-one consultancy. While new technology has spurred the advent of finance-online, we’re committed to pairing clients with a finance expert. Of course, we’ve embraced technology to hasten our processes and response times, and to continually enhance the experience for our clients. But the complexities of business finance, do and will continue to, require one-on-one interaction with an expert to achieve the best result, specific to the client’s needs. The value is in the results.

  • Fifo Capital Partners

    Fifo Capital Partners and their clients are supported by a range of benefits, including complimentary copies of Headway Magazine, and access to Fifo Capital Knowledge Centre assets.

    Headway Magazine

    The Fifo Capital quarterly magazine, which explores a range of relevant business themes at a macro level as well as practical insight for business owners. Accredited Partners are provided the opportunity to co-brand the magazine as a client-value add publication and for new business development marketing.

    Knowledge Centre

    Access the comprehensive knowledge-base of client-facing finance guides, eBooks and other resources. Incorporate, professional, relevant content in your regular client and prospect communications.

  • Working with our partners

    Our finance experts work in concert with professional services partners – accountants, bank managers, business brokers – to identify the most appropriate solution for client needs.

    We consult with you

    To the extent that you wish to and which is appropriate for the client, we work with you to identify the short-term solution that supports longer terms business objectives.

    We’re responsive

    We understand the need for immediacy and fast response. Whether a simple query or a transaction, we are available for your client’s needs on the day they arise.

    We keep you informed

    We respect the relationship you have with your client and support that via open communication throughout.

    We’re an expert sounding board

    If you ever need to review potential solutions, or talk through the tricky detail of a client scenario, we’re an expert sounding board. Our expertise is freely offered, complimentary and with no-obligation attached.

  • About Fifo Capital

    Fifo Capital provides short-term finance for business. Clients use our services to: (1) solve immediate cash flow challenges, and (2) to access capital needed to secure new opportunities or for business operations.  Since 2004, we have established more than 70 offices across New Zealand and Australia, and provided business owners with over $850 million in growth capital.

    The one-on-one difference

    Central to the solutions we provide is one-on-one consultancy. Our network of finance experts, meet with clients and spend time understanding their business in order to deliver a purpose-fit solution; a solution that solves the immediate finance need, and which is suitable for both the short and longer term success of the business. The complexities of business finance demand the one-on-one approach, and we continually see the value of this in the success of our clients.

    Working in partnership with banking facilities

    Clients seek the assistance of Fifo Capital for a short period of time when their bank is unable to help. Often this is due to their finance needs outpacing the traditional security options available; or where their need requires a response time that cannot be met by their bank. As Fifo Capital finance solutions are designed for these immediate short-term requirements, we can ‘solve the gap’ quickly for the window of time that the client falls outside of their bank’s criteria, for the specific finance need. Working in tandem with mainstream facilities ensures that clients can access funds for short-term business needs, without impacting the ongoing relationship with their bank.

    Expert solution solvers

    Very few businesses faced with an immediate finance need are best served by a vanilla solution. Our experience has highlighted that the value of a business finance expert tailoring a solution to a client’s specific needs is immeasurable. Our business finance experts are highly experienced, and have a wealth of knowledge about the mechanics, complexities and unique challenges and opportunities of different industries. This knowledge, coupled with one-on-one consultancy, means our experts are adept at quickly identifying purpose-fit finance solutions for clients.

  • Terms of the website use

    Please read these Terms & Conditions before using this site

    This terms of use (together with the documents referred to in it) tells you the terms of use on which you may make use of our website (our site). Use of our site includes accessing, browsing, or submitting information through our site.

    Please read these terms of use carefully before you start to use our site, as these will apply to your use of our site.

    By using our site, you confirm that you accept these terms of use and that you agree to comply with them. If you do not agree to these terms of use, you must not use our site.

    Other applicable terms
    These terms of use refer to the following additional terms, which also apply to your use of our site.

    Our Privacy Policy which sets out the terms on which we process any personal data we collect from you, or that you provide to us. By using our site, you consent to such processing and you warrant that all data provided by you is accurate.

    Our Cookie Policy which sets out information about the cookies on our site.

    Our Anti-Spam Policy which sets out information about our anti-spam endeavors.

    Information about us is a site operated by Fifo Capital International Ltd (“We”). We are registered in New Zealand under company number 3856796 and have our registered office at 170 Parnell Road, Parnell, Auckland 1151, New Zealand. Our main trading address is 135 Parnell Road, Parnell, Auckland 1151, New Zealand.

    Changes to these terms
    We may revise these terms of use at any time by amending this page. Please check this page from time to time to take notice of any changes we made, as they are binding on you. This terms of use was last updated on 21 July 2014.

    Changes to our site
    We may update our site from time to time, and may change the content at any time. However, please note that any of the content on our site may be out of date at any given time, and we are under no obligation to update it.

    We do not guarantee that our site, or any content on it, will be free from errors or omissions.

    Accessing our site
    Our site is made available free of charge.

    We do not guarantee that our site, or any content on it, will always be available or be uninterrupted. Access to our site is permitted on a temporary basis. We may suspend, withdraw, discontinue or change all or any part of our site without notice. We will not be liable to you if for any reason our site is unavailable at any time or for any period.

    You are responsible for making all arrangements necessary for you to have access to our site.

    You are also responsible for ensuring that all persons who access our site through your internet connection are aware of these terms of use and other applicable terms and conditions, and that they comply with them.

    Intellectual property rights
    We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.

    You may print off one copy, and may download extracts, of any page(s) from our site for your personal use and you may draw the attention of others within your organisation to content posted on our site.

    You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.

    Our status (and that of any identified contributors) as the authors of content on our site must always be acknowledged.

    You must not use any part of the content on our site for commercial purposes without obtaining a license to do so from us or our licensors.

    If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

    No reliance on information
    The content on our site is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.

    Although we make reasonable efforts to update the information on our site, we make no representations, warranties or guarantees, whether express or implied, that the content on our site is accurate, complete or up-to-date.

    Limitation of our liability
    Nothing in these terms of use excludes or limits our liability for death or personal injury arising from our negligence, or our fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited by law.

    To the extent permitted by law, we exclude all conditions, warranties, representations or other terms which may apply to our site or any content on it, whether express or implied.

    We will not be liable to any user for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:

    – use of, or inability to use, our site; or use of or reliance on any content displayed on our site;
    – loss of profits, sales, business, or revenue;
    – business interruption;
    – loss of anticipated savings;
    – loss of business opportunity, goodwill or reputation; or
    – any indirect or consequential loss or damage.

    If you are a consumer user, please note that we only provide our site for domestic and private use. You agree not to use our site for any commercial or business purposes, and we have no liability to you for any loss of profit, loss of business, business interruption, or loss of business opportunity.

    We will not be liable for any loss or damage caused by a virus, distributed denial-of-service attack, or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any content on it, or on any website linked to it.

    We assume no responsibility for the content of websites linked on our site. Such links should not be interpreted as an endorsement by us of those linked websites. We will not be liable for any loss or damage that may arise from your use of them.

    We do not guarantee that our site will be secure or free from bugs or viruses.

    You are responsible for configuring your information technology, computer programs and platform in order to access our site. You should use your own virus protection software.

    You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack. By breaching this provision, you would commit a criminal offense under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

    Linking to our site
    You may not link to our home page without our prior written consent.

    Third party links and resources on our site

    Where our site contains links to other sites and resources provided by third parties, these links are provided for your information only.

    We have no control over the contents of those sites or resources.

    Applicable law
    These terms of use, its subject matter and its formation (and any non-contractual disputes or claims) are governed by English Law. We both agree to the exclusive jurisdiction of the courts of England.

    Contact us
    To contact us, please mail to Fifo Capital Australia PTY Ltd, Level 16, 390 St Kilda Road, Melbourne, VIC 3004 or email [email protected]

    Thank you for visiting our site.

  • Anti-Spa Policy

    What is spam?
    In the context of electronic messaging, spam refers to unsolicited, bulk or indiscriminate messages, typically sent for commercial purposes. “Electronic messaging” covers emails, instant messaging, SMS and other mobile phone messaging, but does not cover normal voice-to-voice communication by telephone.

    An electronic message may constitute spam if it:

    – is commercial in nature – i.e. it could be construed as offering a commercial transaction, such as goods or services for sale, or merely directing the recipient to a location where a commercial transaction could take place – is sent without the prior consent of the recipient;
    – fails to include accurate information about the sender; and
    – does not include a functional unsubscribe facility.

    Fifo Capital will take all necessary and reasonable steps required under relevant current Spam legislation to ensure that any commercial electronic messages sent to you do not constitute spam.

    Fifo Capital will take reasonable steps to ensure that it has obtained your express consent prior to sending you electronic commercial messages about Fifo Capital’s products and services. Express consent may come in various ways, including subscribing to our mailing list, filing in a form, ticking a consent box to receive advertising or messages on our website, or consenting over the phone.
    Where it is impracticable to obtain your consent before sending electronic commercial message to you, we may infer that you have consented to receiving electronic commercial message. Inferred consent can occur:

    – via an existing business or other relationship with Fifo Capital, and where there is reasonable expectation of receiving commercial electronic messages; or
    – via conspicuous publication of a work-related electronic address; and
    – it is accessible to the public, or a section of the public
    – the subject of the message is directly related to the role or function of the recipient; and
    – the address is not accompanied by a statement saying no commercial messages are wanted.

    Any commercial electronic message sent by Fifo Capital will include a clear and accurate identification information about Fifo Capital, the sender of the message and how we can be contacted. Fifo Capital will take reasonable steps to ensure that the identification information about Fifo Capital is accurate for a period of 30 days after the day on which you receive the electronic commercial message.

    Unsubscribing Policy
    Under Spam legislation, every commercial electronic message must contain a functional and legitimate ‘unsubscribe’ facility. This is an electronic address the recipient can use to tell the sender they do not wish to receive messages.

    Fifo Capital will take reasonable steps to ensure that:

    – all commercial electronic messages sent by us will include a functional way for the message’s recipient to indicate that they wish to unsubscribe from any future messages;
    – our unsubscribe links in any electric commercial message remain functional for at least 30 days after the original commercial electronic message was sent;
    – it allows the unsubscribe message to be sent to whoever authorised the sending of the message;
    the unsubscribe instructions are presented in a clear and conspicuous way;
    – a request to unsubscribe is honoured within five-(5)working days;
    unsubscribing is at low or no cost, to the recipient; and

    If you receive a message from Fifo Capital that is not in accordance with the above, contact us and the matter will be promptly investigated and resolved.

    Fifo Capital Unsubscribe Process
    The e-Marketing systems Fifo Capital uses for electronic communication allow recipients the option to automatically unsubscribe from any electronic commercial message.

    All manual unsubscribe requests go through the Marketing Manager or Operations Manager (as a secondary person). The necessary details for unsubscribing from any electronic commercial message sent by Fifo Capital are as follows:

    SMS: Subject Line: ‘Unsubscribe’
    Mail: Subject Line: ‘Remove’
    Post To: The relevant office as listed on the email
    Email: Subject Line: ‘Remove’
    Fax: Subject Line: ‘Remove’

    Fifo Capital Marketing
    Queries that are made with Fifo Capital through our marketing channels are gathered and kept confidentially. Fifo Capital may use some of this information to market its current and new products to customers. All marketing sent by Fifo Capital allows the recipient to opt out (unsubscribe) at no cost. If the recipient chooses to exercise that right they will be removed from any further marketing communication from Fifo Capital. Fifo Capital will not use electronic address harvesting software, or lists which have been generated using software, for the purposes of sending unsolicited commercial electronic messages.

    Contact Fifo Capital
    Please contact our Anti-Spam officer at [email protected] if you have any concerns or complaints about this policy or about our use of personal information or other privacy issues.

  • Information about our use of cookies

    Our site uses cookies to distinguish you from other users of our site. This helps us to provide you with a good experience when you browse our site and also allows us to improve our site. By continuing to browse our site, you are agreeing to our use of cookies.

    A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

    To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

    You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

    If you have any questions or comments regarding this Cookies policy, please email [email protected]

  • Privacy Policy

    Fifo Capital Australia Pty Ltd (ACN 121 427 183) and the other companies referred to below in the definition of “we”.

    This document sets out our policy on the management of personal information which we have about individuals.  Those individuals include suppliers to whom we may provide or may have provided a facility, guarantors of both individual and company suppliers and individuals who may provide a guarantee and individuals who are or become debtors of suppliers.

    Our privacy assurance to you

    Your privacy has always been important to us.  We respect your right to be aware of who has information about you, what they are doing with it and why, and who else they are sharing it with.  We have adopted a privacy compliance culture that cements this relationship with you.  Its foundation is the Privacy Act 1988 (as amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012), the Privacy Regulation 2013 and the Credit Reporting Privacy Code.  This privacy policy is the APP privacy policy which we must have in accordance with Australian Privacy Principle 1.3 and incorporates our credit reporting policy which we must have in accordance with section 21B(3) of the Privacy Act 1988.


    This privacy policy explains how we manage personal information which is not credit information or credit eligibility information.  In particular it explains, in relation to that personal information:

    – the kinds of personal information we collect and hold;
    – how we collect the personal information;
    – the purposes for which we collect, hold, use and disclose the personal information;
    – how an individual may access personal information about the individual that we hold and seek the correction of that information;
    – how an individual may complain about a breach of the Australian Privacy Principles and the Credit Reporting Privacy Code and how we may deal with the complaint; and
    – whether we are likely to disclose the personal information to overseas recipients and the countries where those recipients are likely to be located.

    This privacy policy also explains how we manage credit information and credit eligibility information.  In particular it explains, in relation to that information:

    – the kinds of credit information we collect and hold and how we collect and hold that information;
    – the kinds of credit eligibility information we hold and how we hold that information;
    – the kinds of CP derived information that we usually derive from credit reporting information disclosed to us by a credit reporting body under Division 2 of Part IIIA of the Privacy Act 1988;
    – the purpose for which we collect, hold, use and disclose credit information and credit eligibility information;
    – how an individual may access credit eligibility information about the individual that we hold;
    – how an individual may seek the correction of credit information or credit eligibility information about the individual that we hold;
    – how an individual may complain about our failure to comply with Division 3 of Part IIIA of the Privacy Act 1988 or the Credit Reporting Privacy Code;
    – how we will deal with the complaint; and
    – whether we are likely to disclose credit information or credit eligibility information to entities which do not have an Australian link and the countries where those recipients are likely to be located.

    The kinds of personal information we collect and hold

    We collect and hold credit information about individuals who are suppliers, debtors, guarantors, and associates.  This information includes:

    – identification information, such as the individuals name, address and date of birth;
    – a statement that we have made an information request, that is we have sought information about the individual from a credit reporting body in connection with an application for commercial credit, for a credit guarantee purpose or for a securitisation related purpose;
    – the type of commercial credit and the amount of credit sought in an application that has been made by the individual and in connection with which we have made an information request;
    – court proceedings information about the individual, this is information about a judgment of an Australian court against the individual in proceedings (other than criminal proceedings) that relate to any credit that has been provided to, or applied for by, the individual; and
    – personal insolvency information about the individual, this is information that is entered or recorded in the National Personal Insolvency Index that relates to bankruptcy of the individual, a debt agreement proposal given by the individual, a personal insolvency agreement executed by the individual, a direction given (or an order made) under section 50 of the Bankruptcy Act 1966 that relates to the property of the individual or an authority signed under section 188 of that Act that relates to the property of the individual.

    We obtain credit reporting information about individuals who are suppliers, debtors, guarantors, and associates from credit reporting bodies.  Credit reporting information includes:

    – the credit information outlined above but which relates to the individuals dealings with other credit providers;
    – consumer credit liability information, default information, payment information, new arrangement information and publicly available information concerning consumer credit which the individual has obtained from other credit providers; and
    – credit worthiness information about the individual that credit reporting bodies derive from the above information.  This could include credit scores, risk ratings and other evaluations.

    We only obtain credit reporting information from credit reporting bodies to the extent we are entitled to obtain it under the Privacy Act 1988.  We might, for example, need to obtain the individuals prior authorisation.

    We may disclose credit information (such as identification information) about an individual to a credit reporting body.  The credit reporting body may include that information in the reports it provides to other credit providers.

    We disclose credit information to the following credit reporting body:

    Name:   Equifax Pty Ltd Website: Mail:  PO Box 964 North Sydney, NSW  2059

    That credit reporting body is required to have a policy which explains how it will manage credit-related personal information.  If an individual would like to read the policy of the credit reporting body he or she should visit the credit reporting body’s website and follow the Privacy links, or the individual can contact the credit reporting body direct for further information.

    Our policy about the management of credit related personal information is contained in this privacy policy but if an individual would like to receive it as a separate document he or she can request a copy by contacting our Privacy Contact Officer at the address specified below.

    An individual has the right to request that the credit reporting body exclude his or her credit reporting information from any permissible direct marketing activities we may ask it to perform.

    The individual also has the right to request that the credit reporting body not use or disclose his or her credit reporting information if the individual believes that he or she has been, or is likely to be, the victim of fraud (for example, the individual suspects someone is using his or her identity details to apply for credit).  The individual must contact the credit reporting body direct should this be the case.

    The personal information, other than credit information and credit reporting information, we collect and hold varies depending on the person we are dealing with and the reason why we are dealing with them.  We collect this general personal information from individuals who are suppliers, debtors, guarantors, associates, prospective employees, contractors, persons who provide goods or services to us (such as merchants, agents, professional advisers, mercantile agents, mailing houses, call centre operators and archivers), brokers and introducers.   This information will generally include the individuals name and contact details.  We will only collect sensitive information about an individual with the individuals consent or when permissible under Australian law.

    Under various laws we will be (or may be) authorised or required to collect personal information about an individual.  These laws include the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, Personal Property Securities Act 2009, Corporations Act 2001, Autonomous Sanctions Act 2011, Income Tax Assessment Act 1997, Income Tax Assessment Act 1936, Income Tax Regulations 1936, Tax Administration Act 1953, Tax Administration Regulations 1976, A New Tax System (Goods and Services Tax) Act 1999 and the Australian Securities and Investments Commission Act 2001 as those laws are amended and includes any associated regulations.

    How we collect personal information

    We collect personal information, other than credit eligibility information, about individuals in a variety of ways.  For example, we may obtain the information from the individual or from persons acting on the individuals behalf.  When it is possible and practical we will collect the information direct from the individual.  When it is not practical or reasonable to do so we will collect the information from a third party.  The third party could be an authorised representative (such as a broker, agent, accountant or lawyer), another financial institution, a referee, an employer or a government body.  When the individual is a debtor or an associate we may obtain the information from the supplier.  When the individual is a supplier or an associate we may obtain the information from the debtor.  An entity included in the definition of we can disclose personal information to any other entity included in the definition of we and those other entities can collect it.

    The credit eligibility information is obtained from a credit reporting body.

    How we hold credit information and credit eligibility information

    We take all reasonable steps to ensure that an individuals personal information which we hold is protected from misuse, interference or loss and from unauthorised access, modification or disclosure.

    We do this by having physical, electronic and procedural safeguards which protect the personal information we hold.  For example, the personal information is stored in secure office premises or in secure archiving facilities and logins and passwords are required to access electronic databases. Our staff are required to maintain the confidentiality of personal information and access to personal information is restricted to persons who require access to perform their duties.

    The purposes for which we collect, hold, use and disclose personal information

    We collect, hold, use and disclose credit information and credit eligibility information on individuals for purposes permitted by law which are reasonably necessary for our business activities. Those purposes include:

    – if the individual is a supplier, to determine if we should provide a facility which includes the provision of commercial credit to the individual and, if we decide to provide it, to assist in the provision of the facility.  This includes the assessment of the application, determining whether we will accept an offer to purchase an account owed by a debtor, managing the account which the supplier has with us, recovering money and dealing with security the individual gives;
    – if the individual is a debtor, to assess and verify the account which the supplier offers to sell to us or in which the supplier gives us a security interest, to collect the account and to enforce the account and any security which may be given to secure payment of the account;
    – if the individual is a guarantor, to determine whether we should accept a guarantee from the individual and, if the guarantee is given, to deal with or enforce our rights under the guarantee and any security which may be given to secure it;
    – if the individual is an associate of the supplier or debtor, to determine if we should provide a facility which includes the provision of commercial credit to the supplier and to assist in the provision of that facility;
    – if the individual is an associate of the debtor, to assist us to verify the account owed by the debtor and to collect and enforce the account.  For example, we may record the name and office phone number of a person in the debtors accounts payable department and telephone that person to verify the account owed by the debtor;
    – to assist in the management and enforcement of the facilities we provide, for data analysis and internal management;
    – to provide information to credit reporting bodies to the extent this is permitted by the Privacy Act 1988;
    – to undertake securitisation activities, raise funding, assign debts and other rights, enter into insurance arrangements (for example insurance policies for debts) and provide information to and obtain information from insurers (including under policies which are taken out by us, which are assigned to us or under which we are the loss payee);
    – to deal with complaints and legal proceedings;
    – to meet our legal and regulatory requirements; and
    – to assist other credit providers by giving personal information to them in accordance with an authorisation which the individual has provided to them or us.

    We do not usually derive any CP derived information from credit reporting information disclosed to us by a credit reporting body.

    We collect, hold, use and disclose personal information which is not credit information or credit eligibility information so that we can manage and administer the facilities which we provide.

    To provide our facilities in the most cost effective and efficient way we may decide to utilise the services of others.  If this requires that we disclose personal information we will require those persons to respect your right of privacy.

    Personal information may also be used or disclosed to tell an individual about products or services that may be of interest to that individual.  If the individual does not want his or her personal information used for these direct marketing purposes the individual should tell us.  He or she can opt-out of direct marketing by sending an e-mail to [email protected] or by writing to us at:

    Privacy Contact Officer Fifo Capital Australia Pty Ltd Level 16, 390 St Kilda Road MELBOURNE  VIC  3004

    One entity included in the definition of we may provide personal information to another person included in the definition of we and that recipient may, in turn, collect, hold, use and disclose that personal information as outlined in this privacy policy.  For example, one of those entities (or two or more of those entities) may provide a facility to the supplier and receive offers from the supplier to purchase an account owed by a debtor.  Other entities included in the definition of we may assist by assessing the suppliers or debtors application for a facility, assessing the guarantors offer of a guarantee, assessing the account which is offered for sale and assisting in the administration of the facility and in the enforcement of the facility and any supporting guarantee or security.

    How an individual may access personal information

    An individual may access personal information (including credit eligibility information) about the individual which we hold.  The individual can obtain that access by contacting our privacy contact officer as follows:

    Telephone: 1300 852 556 E-mail:  [email protected] Mail:  Privacy Contact Officer Fifo Capital Australia Pty Ltd Level 16, 390 St Kilda Road Melbourne VIC  3004

    We will need to verify the individuals identity before giving access.  We will usually provide the requested personal information within 30 days of receiving the request.  There is no charge to make a request but we may levy an administration fee for providing access.

    If there is a reason why we do not make the requested personal information available we will provide our reason in writing.

    How an individual may seek the correction of personal information

    If an individual considers that any personal information which we hold about the individual is incorrect in any way the individual may ask us to correct that personal information.  To seek the correction please contact our Privacy Contact Officer on the telephone number or at the e-mail or postal address above. In certain situations we may decide not to agree to a request to correct personal information.  We will tell you in writing why we have not agreed to the correction request.

    How an individual may complain and how we will deal with the complaint

    We have an internal dispute resolution system that covers complaints.  That system complies with ISO 10002-2006 Customer Satisfaction Guidelines for Complaints Handling in Organisations: sections 4, 5.1, 6.4, 8.1 and 8.2.  If an individual considers that we have failed to comply with Division 3 of Part IIIA of the Privacy Act 1988, the Credit Reporting Privacy Code or the Australian Privacy Principles he or she should contact our Privacy Contact Officer on the telephone number or at the email or postal address above.  We will then follow our internal dispute resolution system.  We will acknowledge the complaint within 7 days.  A decision will be made and advised within 30 days or a longer period as may be agreed with the individual. If the individual is not satisfied with the decision he or she may make a complaint to the Office of the Australian Information Commissioner (the OAIC).  The contact details for the OAIC are:

    Telephone: 1300 363 992 Facsimile: (02) 9284 9666 Website: Mail:  The Office of the Australian Information Commissioner GPO Box 2999 CANBERRA ACT  2601

    Disclosure of personal information to overseas recipients

    Generally we do not disclose personal information to overseas recipients or to persons that do not have an Australian link.  However, we may do so.  For example, if the debtor is located overseas we may need to send the suppliers personal information overseas so that we can collect the debt.  We may use service providers located overseas.  The country where the overseas recipients of personal information are likely to be located is New Zealand and any other country where the debtor is located.


    In this privacy policy:

    – “associate” means a person who is or may become an officer or employee of the supplier, the guarantor or debtor;
    – “debtor” means a person who owes, or may owe, an account (also known as a book debt) which the supplier has sold to us or may sell to us or in which the supplier has granted, or may grant, a security interest to us. In a supply chain facility, debtor means a person who owes an account to the supplier, has requested that we provide a supply chain finance facility to the supplier and provides a confirmation that they will pay the account;
    – “guarantor” means a person who has guaranteed, or may guarantee, the obligations which a supplier or debtor has or may have to us; and
    – “supplier” means a person (such as a company, sole trader or partnership) to whom we have provided a factoring, invoice discounting or other facility including the provision of commercial credit and includes a person who has applied for, or may apply for, a facility of that type;
    – “we”, “us” and “our” means all and any one or more of Fifo Capital Australia Pty Ltd (ACN 121 427 183), Fifo Capital SCF Pty Ltd (ACN 620 525 500) and a franchisee.  A franchisee is any person who has entered into a franchise agreement with Fifo Capital Australia Pty Ltd.  The franchisees change from time to time.  If you would like to know the persons who are franchisees at any time and who could be relevant in relation to the collection, holding, use and disclosure of your personal information please contact the Privacy Contact Officer (the telephone number, e-mail address and postal address is above) and the names and contact details will be provided to you.

    Words which are defined in the Privacy Act 1988 have the same meaning in this privacy policy.

  • Melissa Lovf

    Head of Credit Australia

    Text here…

  • Andrew Allen

    Head of Operations Australia

    Text here…

  • Simon Suggett

    Business Expansion, Australia

    Text here…

  • Neil McMillan

    Managing Director, Australia

    Text here…

  • Colin Chisholm

    Managing Director NZ

    Text here…

  • Nigel Thomson

    Founder and Head Thinker

    Text here…

  • Terms and Conditions

    Fifo Capital understands time is critical when it comes to managing your cash flow – so our process is aimed to be as simple as possible.

    A Fifo Capital facility approval typically takes around 24 hours to set-up and depending on the required information supplied by customers, transfer of funds can take place in as little as four hours.

    The following covers the terms and conditions required for a four hour funds transfer to take place;

    1. Fifo Capital will tell the proposed client if the application is successful to receive funding. We can accept or reject the application at our sole and absolute discretion. If we accept the application the cash flow finance services will be provided solely in accordance with the documents we agree with the proposed client.
    2. Fifo Capital’s application consists of a number of forms, however, not limited to fully completed and signed; Application, Receivables Finance Facility Terms and Conditions, Guarantee, Offer to Sell, and Privacy Consent forms
    3. To be eligible for a four hour funds transfer in relation to an approved application, the proposed customer must request or apply to Fifo Capital in writing before 12noon on the same business day. Such a request doesn’t guarantee the transfer will take place or funds cleared in the customer’s bank account within the four hour period.
    4. Should a four hour funding transfer request be approved, such a transfer can only be facilitated on a business day. A transfer request is not available on public or bank holidays, or weekends.
    5. Four hour funding transfers may incur a fee as detailed within the application.
    6. Fifo Capital’s aligned banks or financial institutions have the right to reject a four hour funding transfer request. Fifo Capital and its aligned banks are not liable for any loss or damages resulting from a funding transfer request not taking place or funds being cleared within a four hour period.
    7. Fifo Capital is a franchise business operation. Fifo Capital Australia Pty LTD is the master franchisee and is therefore not responsible for the actions or inactions of its franchisees in relation to any funds transfer timing.
    8. Fifo Capital is not responsible for any loss or damages incurred or to be incurred by the would be or existing customer should a transfer not take place within or cleared funds not be received within a four hour period.
    9. Fifo Capital reserves the right to reject previously approved applications without notice and/or consultation.

    To find out more about the full terms and conditions relating to our 4 hour funds transfer please contact Fifo Capital on 1300 852 556