Blog
18 Nov
Insights from the Data Protection and Security Summit

Recently our Cloud & Infrastructure Manager, Steve Achilleos, attended the Sydney Data Protection and Security Summit, an event that brought together Australia’s leading security minds to tackle the evolving challenges in data protection, privacy, and compliance.

The Big Issues on Everyone’s Mind

The 2026 Privacy Act Reforms

With Australia’s Privacy Act reforms looming, the room buzzed with questions about compliance. Having operated in lending for over 20 years and already aligning with APRA, ASIC, and the Australian Privacy Act, we’re positioned well for what’s coming. But the summit reinforced an important truth: privacy compliance isn’t about ticking boxes—it’s about building trust. Our clients trust us because we integrate these changes into our roadmap, not because we scramble when deadlines loom.

If Breaches Happen

The session on preparedness for an incident response hit close to home. With over 350 staff in our Manila facilities processing loans documents and our cloud platform handling customer data across multiple channels, we’ve designed our security architecture with built in breach response. Our SOC2 Type 2 accreditation isn’t just a certificate on the wall—it’s proof that our incident response protocols are tested and work. Hearing other organisations share their breach stories remind us why we have invested so heavily in layered security controls.

AI: Friend and Foe

The AI discussion captured everyone’s attention, and for good reason. We’ve built straight-through processing solutions that automate lending workflows, so we understand AI’s power to reduce errors and boost efficiency. But we’re also watching new threats emerge—deepfake fraud in identity verification, AI-powered phishing targeting broker networks. One speaker from a major bank shared how they’d been targeted by an AI-generated voice impersonation. The key takeaway? Implement AI thoughtfully, with humans in the loop at critical decision points.

The Encryption Balancing Act

Here’s the eternal challenge: how do you protect sensitive data while keeping it accessible to the people who need it? Our broker networks and offshore teams need seamless access to loan applications. Yet we’re handling customer financial data, credit assessments, and confidential documents. The sessions on encryption and loss prevention validated our approach—strong encryption standards that protect data without creating friction in the user experience. When you’re competing on customer experience and speed to settlement, security can’t slow you down.

Cloud, On-Premise, or Both?

While we primarily deliver our origination and commissions solutions as cloud-based SaaS, we also offer on-premise options for clients with specific requirements. The summit’s discussions on infrastructure security confirmed: it’s not about which model you choose—it’s about maintaining consistent security controls regardless of where your system sits.

Voices from the Front Lines

The speaker lineup was impressive with experts from NAB, Mission Australia, Suncorp, Cochlear, Mastercard, and others sharing hard-won lessons from the trenches. As partners to premier finance brands including major banks, customer-owned banks and government-backed lenders like HomeStart, Loanworks has familiar challenges: high-volume transactions, strict regulatory requirements, and customers expecting digital-first experiences yesterday, not tomorrow.

One theme kept surfacing across sessions: organisations that embed security and privacy into their DNA—rather than treating them as compliance exercises—adapt faster and win customer trust more easily.

Final thoughts

The summit reinforced that staying ahead in data protection isn’t about attending one event or implementing one solution. It requires continuous learning, collaboration, and genuine engagement with the security community.

For us at Loanworks, data protection runs through everything we do—from our secure cloud infrastructure and automated compliance workflows in our software platforms, to the physical and digital security standards at our offshore facilities.

With our ISO27001:2022 and SOC2 Type 2 accreditations, APP entity status, and specialist legal support for Australian Privacy Law compliance, we don’t just talk about data protection—we demonstrate it through audited, verified practices. Because in finance, trust isn’t just important. It’s everything.

Contact our team to learn about Loanworks’ secure data protection implementation and practices.

  • Share:

Subscribe to the Loanworks blog for valuable insights on making your loans business more efficient and profitable.

Talk to us about how we can help

Software

To discuss a Loanworks software solution, please contact our General Manager of Customer Engagement, Greg Phillips.

Email

Lending

To discuss a white-label or Loanworks-branded loan to offer your customers, please contact our Relationship Manager, Dominic Beig.

+61 2 9278 9709 


Email

Outsourcing

To discuss a Loanworks Outsourcing solution, please contact our Outsourced Services Manager, Michael Peters.

+61 466 603 853

Email