Transparency Statement

This section explains how we collect, use and share information when we are carrying out our functions such as evaluating complaints and investigating serious or complex fraud. 

We are required to protect the information and only disclose information in accordance with the law, including information that we consider is necessary to disclose in order to give effect to our legislated responsibilities and to support other government agencies’ law enforcement activities. 

Our legislation empowers us to request or require information we need to perform or exercise our powers, functions and duties. To find out more, go to our What we do page. 

Information may be gathered on a voluntary or a mandatory basis. We collect information from a variety of sources, both physical and digital. These sources include: 

• individuals (e.g. in-person interviews, phone calls and emails); 
• other agencies or entities (e.g. NZ Government agencies, private sector companies, banks, overseas governments and agencies); 

• online sources (e.g. websites, social media and public registers); and 
• physical sources and locations (e.g. paper records and site visits). 

Much of the information we collect is provided directly by individuals or entities. 

As part of the use of our statutory powers and to gather and preserve information and evidence, we may: 

• require an original or copy of a document to be provided to us; 
• record a compulsory or voluntary interview;  
• request the supply of written information in response to questions; 
• clone electronic devices when conducting search warrants or upon request by notice; or 

• take photographs and/or notes while conducting our enquiries. 

We may request the assistance of another agency in relation to the exercise of our statutory powers (e.g. the New Zealand Police). 

We may also receive or request information about an individual or entity from other individuals, entities or agencies. Any such information will be gathered in accordance with our statutory powers or other lawful authority and in compliance with the relevant legislation and any information-sharing agreements, memoranda of understanding (MOUs) or similar. 

We have Memorandums of Understanding with other agencies that set out how we may be assisted by these agencies.  

We have entered into Approved Information Sharing Agreements with the Inland Revenue Department. 

We may also collect publicly available information (e.g. website contents, social media and news reporting). We do this to assist us in carrying out any of our powers, functions or duties. When building our knowledge of an entity or individual using publicly available information, we take it in context of other information we hold about the entity or individual. 

We only use the information we gather to fulfil our statutory functions, including where it is relevant to us initiating or conducting our own inquiries or investigations. We will only do so if required or permitted by law, or with the authorisation of the person or entity that is the subject of the information. 

We may use information we gather to inform our wider prevention strategies. In doing so, we will comply with our obligations under the Privacy Act 2020. 

Information may be shared in accordance with our statutory powers, in compliance with relevant legislation and any information sharing agreements, MOUs or similar, with other agencies.  

We may, for example, share information with: 

• anyone we believe could provide information that is relevant to our statutory functions, including witnesses; 
• the Police or another government agency, if required by law (for example to assist with the investigation of a criminal offence), or to report significant misconduct or breach of duty or where there is a serious threat to health; or  

• the Police if our staff are threatened or abused.  

The SFO is subject to the Official Information Act 1982. This means that information will be made available to a requestor unless there is a good reason to withhold it. There are a number of reasons information may be withheld, including personal privacy and protecting information that has been received in confidence.  

Section 36 of the Serious Fraud Office Act 1990 also requires us to maintain the confidentiality of information and documents received, other than in specified circumstances. 

Information is stored, accessed and retained in accordance with our privacy policies, and internal information policies, protocols and guidelines, and in compliance with the Serious Fraud Office Act 1990, the Privacy Act 2020 and the Public Records Act 2005. 

We hold personal information as long as necessary to achieve the purpose that it was collected for, or as required by law. 

Information we collect may be classified as a public record and is kept according to our record retention and disposal policy, which is subject to the Public Records Act 2005.